448 files changed, 71655 insertions, 12087 deletions

diff --git a/src/lib/libssl/LICENSE b/src/lib/libssl/LICENSE
new file mode 100644
index 0000000000..40277883a5
--- /dev/null
+++ b/src/lib/libssl/LICENSE
@@ -0,0 +1,127 @@
+
+  LICENSE ISSUES
+  ==============
+
+  The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
+  the OpenSSL License and the original SSLeay license apply to the toolkit.
+  See below for the actual license texts. Actually both licenses are BSD-style
+  Open Source licenses. In case of any license issues related to OpenSSL
+  please contact openssl-core@openssl.org.
+
+  OpenSSL License
+  ---------------
+
+/* ====================================================================
+ * Copyright (c) 1998-2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+ Original SSLeay License
+ -----------------------
+
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
diff --git a/src/lib/libssl/Makefile b/src/lib/libssl/Makefile
new file mode 100644
index 0000000000..f356472977
--- /dev/null
+++ b/src/lib/libssl/Makefile
@@ -0,0 +1,13 @@
+# $OpenBSD: Makefile,v 1.14 2005/04/01 05:31:40 beck Exp $
+
+SUBDIR=crypto ssl man
+
+distribution:
+        ${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 444 \
+           ${.CURDIR}/openssl.cnf ${DESTDIR}/etc/ssl/openssl.cnf && \
+        ${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 444 \
+           ${.CURDIR}/cert.pem ${DESTDIR}/etc/ssl/cert.pem && \
+        ${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 444 \
+           ${.CURDIR}/x509v3.cnf ${DESTDIR}/etc/ssl/x509v3.cnf
+
+.include <bsd.subdir.mk>
diff --git a/src/lib/libssl/bio_ssl.c b/src/lib/libssl/bio_ssl.c
new file mode 100644
index 0000000000..d683ee43e1
--- /dev/null
+++ b/src/lib/libssl/bio_ssl.c
@@ -0,0 +1,598 @@
+/* ssl/bio_ssl.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <openssl/crypto.h>
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/ssl.h>
+
+static int ssl_write(BIO *h, const char *buf, int num);
+static int ssl_read(BIO *h, char *buf, int size);
+static int ssl_puts(BIO *h, const char *str);
+static long ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int ssl_new(BIO *h);
+static int ssl_free(BIO *data);
+static long ssl_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
+typedef struct bio_ssl_st
+        {
+        SSL *ssl; /* The ssl handle :-) */
+        /* re-negotiate every time the total number of bytes is this size */
+        int num_renegotiates;
+        unsigned long renegotiate_count;
+        unsigned long byte_count;
+        unsigned long renegotiate_timeout;
+        unsigned long last_time;
+        } BIO_SSL;
+
+static BIO_METHOD methods_sslp=
+        {
+        BIO_TYPE_SSL,"ssl",
+        ssl_write,
+        ssl_read,
+        ssl_puts,
+        NULL, /* ssl_gets, */
+        ssl_ctrl,
+        ssl_new,
+        ssl_free,
+        ssl_callback_ctrl,
+        };
+
+BIO_METHOD *BIO_f_ssl(void)
+        {
+        return(&methods_sslp);
+        }
+
+static int ssl_new(BIO *bi)
+        {
+        BIO_SSL *bs;
+
+        bs=(BIO_SSL *)OPENSSL_malloc(sizeof(BIO_SSL));
+        if (bs == NULL)
+                {
+                BIOerr(BIO_F_SSL_NEW,ERR_R_MALLOC_FAILURE);
+                return(0);
+                }
+        memset(bs,0,sizeof(BIO_SSL));
+        bi->init=0;
+        bi->ptr=(char *)bs;
+        bi->flags=0;
+        return(1);
+        }
+
+static int ssl_free(BIO *a)
+        {
+        BIO_SSL *bs;
+
+        if (a == NULL) return(0);
+        bs=(BIO_SSL *)a->ptr;
+        if (bs->ssl != NULL) SSL_shutdown(bs->ssl);
+        if (a->shutdown)
+                {
+                if (a->init && (bs->ssl != NULL))
+                        SSL_free(bs->ssl);
+                a->init=0;
+                a->flags=0;
+                }
+        if (a->ptr != NULL)
+                OPENSSL_free(a->ptr);
+        return(1);
+        }
+        
+static int ssl_read(BIO *b, char *out, int outl)
+        {
+        int ret=1;
+        BIO_SSL *sb;
+        SSL *ssl;
+        int retry_reason=0;
+        int r=0;
+
+        if (out == NULL) return(0);
+        sb=(BIO_SSL *)b->ptr;
+        ssl=sb->ssl;
+
+        BIO_clear_retry_flags(b);
+
+#if 0
+        if (!SSL_is_init_finished(ssl))
+                {
+/*              ret=SSL_do_handshake(ssl); */
+                if (ret > 0)
+                        {
+
+                        outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
+                        ret= -1;
+                        goto end;
+                        }
+                }
+#endif
+/*      if (ret > 0) */
+        ret=SSL_read(ssl,out,outl);
+
+        switch (SSL_get_error(ssl,ret))
+                {
+        case SSL_ERROR_NONE:
+                if (ret <= 0) break;
+                if (sb->renegotiate_count > 0)
+                        {
+                        sb->byte_count+=ret;
+                        if (sb->byte_count > sb->renegotiate_count)
+                                {
+                                sb->byte_count=0;
+                                sb->num_renegotiates++;
+                                SSL_renegotiate(ssl);
+                                r=1;
+                                }
+                        }
+                if ((sb->renegotiate_timeout > 0) && (!r))
+                        {
+                        unsigned long tm;
+
+                        tm=(unsigned long)time(NULL);
+                        if (tm > sb->last_time+sb->renegotiate_timeout)
+                                {
+                                sb->last_time=tm;
+                                sb->num_renegotiates++;
+                                SSL_renegotiate(ssl);
+                                }
+                        }
+
+                break;
+        case SSL_ERROR_WANT_READ:
+                BIO_set_retry_read(b);
+                break;
+        case SSL_ERROR_WANT_WRITE:
+                BIO_set_retry_write(b);
+                break;
+        case SSL_ERROR_WANT_X509_LOOKUP:
+                BIO_set_retry_special(b);
+                retry_reason=BIO_RR_SSL_X509_LOOKUP;
+                break;
+        case SSL_ERROR_WANT_ACCEPT:
+                BIO_set_retry_special(b);
+                retry_reason=BIO_RR_ACCEPT;
+                break;
+        case SSL_ERROR_WANT_CONNECT:
+                BIO_set_retry_special(b);
+                retry_reason=BIO_RR_CONNECT;
+                break;
+        case SSL_ERROR_SYSCALL:
+        case SSL_ERROR_SSL:
+        case SSL_ERROR_ZERO_RETURN:
+        default:
+                break;
+                }
+
+        b->retry_reason=retry_reason;
+        return(ret);
+        }
+
+static int ssl_write(BIO *b, const char *out, int outl)
+        {
+        int ret,r=0;
+        int retry_reason=0;
+        SSL *ssl;
+        BIO_SSL *bs;
+
+        if (out == NULL) return(0);
+        bs=(BIO_SSL *)b->ptr;
+        ssl=bs->ssl;
+
+        BIO_clear_retry_flags(b);
+
+/*      ret=SSL_do_handshake(ssl);
+        if (ret > 0) */
+        ret=SSL_write(ssl,out,outl);
+
+        switch (SSL_get_error(ssl,ret))
+                {
+        case SSL_ERROR_NONE:
+                if (ret <= 0) break;
+                if (bs->renegotiate_count > 0)
+                        {
+                        bs->byte_count+=ret;
+                        if (bs->byte_count > bs->renegotiate_count)
+                                {
+                                bs->byte_count=0;
+                                bs->num_renegotiates++;
+                                SSL_renegotiate(ssl);
+                                r=1;
+                                }
+                        }
+                if ((bs->renegotiate_timeout > 0) && (!r))
+                        {
+                        unsigned long tm;
+
+                        tm=(unsigned long)time(NULL);
+                        if (tm > bs->last_time+bs->renegotiate_timeout)
+                                {
+                                bs->last_time=tm;
+                                bs->num_renegotiates++;
+                                SSL_renegotiate(ssl);
+                                }
+                        }
+                break;
+        case SSL_ERROR_WANT_WRITE:
+                BIO_set_retry_write(b);
+                break;
+        case SSL_ERROR_WANT_READ:
+                BIO_set_retry_read(b);
+                break;
+        case SSL_ERROR_WANT_X509_LOOKUP:
+                BIO_set_retry_special(b);
+                retry_reason=BIO_RR_SSL_X509_LOOKUP;
+                break;
+        case SSL_ERROR_WANT_CONNECT:
+                BIO_set_retry_special(b);
+                retry_reason=BIO_RR_CONNECT;
+        case SSL_ERROR_SYSCALL:
+        case SSL_ERROR_SSL:
+        default:
+                break;
+                }
+
+        b->retry_reason=retry_reason;
+        return(ret);
+        }
+
+static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
+        {
+        SSL **sslp,*ssl;
+        BIO_SSL *bs;
+        BIO *dbio,*bio;
+        long ret=1;
+
+        bs=(BIO_SSL *)b->ptr;
+        ssl=bs->ssl;
+        if ((ssl == NULL)  && (cmd != BIO_C_SET_SSL))
+                return(0);
+        switch (cmd)
+                {
+        case BIO_CTRL_RESET:
+                SSL_shutdown(ssl);
+
+                if (ssl->handshake_func == ssl->method->ssl_connect)
+                        SSL_set_connect_state(ssl);
+                else if (ssl->handshake_func == ssl->method->ssl_accept)
+                        SSL_set_accept_state(ssl);
+
+                SSL_clear(ssl);
+
+                if (b->next_bio != NULL)
+                        ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+                else if (ssl->rbio != NULL)
+                        ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
+                else
+                        ret=1;
+                break;
+        case BIO_CTRL_INFO:
+                ret=0;
+                break;
+        case BIO_C_SSL_MODE:
+                if (num) /* client mode */
+                        SSL_set_connect_state(ssl);
+                else
+                        SSL_set_accept_state(ssl);
+                break;
+        case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT:
+                ret=bs->renegotiate_timeout;
+                if (num < 60) num=5;
+                bs->renegotiate_timeout=(unsigned long)num;
+                bs->last_time=(unsigned long)time(NULL);
+                break;
+        case BIO_C_SET_SSL_RENEGOTIATE_BYTES:
+                ret=bs->renegotiate_count;
+                if ((long)num >=512)
+                        bs->renegotiate_count=(unsigned long)num;
+                break;
+        case BIO_C_GET_SSL_NUM_RENEGOTIATES:
+                ret=bs->num_renegotiates;
+                break;
+        case BIO_C_SET_SSL:
+                if (ssl != NULL)
+                        ssl_free(b);
+                b->shutdown=(int)num;
+                ssl=(SSL *)ptr;
+                ((BIO_SSL *)b->ptr)->ssl=ssl;
+                bio=SSL_get_rbio(ssl);
+                if (bio != NULL)
+                        {
+                        if (b->next_bio != NULL)
+                                BIO_push(bio,b->next_bio);
+                        b->next_bio=bio;
+                        CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO);
+                        }
+                b->init=1;
+                break;
+        case BIO_C_GET_SSL:
+                if (ptr != NULL)
+                        {
+                        sslp=(SSL **)ptr;
+                        *sslp=ssl;
+                        }
+                else
+                        ret=0;
+                break;
+        case BIO_CTRL_GET_CLOSE:
+                ret=b->shutdown;
+                break;
+        case BIO_CTRL_SET_CLOSE:
+                b->shutdown=(int)num;
+                break;
+        case BIO_CTRL_WPENDING:
+                ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
+                break;
+        case BIO_CTRL_PENDING:
+                ret=SSL_pending(ssl);
+                if (ret == 0)
+                        ret=BIO_pending(ssl->rbio);
+                break;
+        case BIO_CTRL_FLUSH:
+                BIO_clear_retry_flags(b);
+                ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
+                BIO_copy_next_retry(b);
+                break;
+        case BIO_CTRL_PUSH:
+                if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio))
+                        {
+                        SSL_set_bio(ssl,b->next_bio,b->next_bio);
+                        CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO);
+                        }
+                break;
+        case BIO_CTRL_POP:
+                /* ugly bit of a hack */
+                if (ssl->rbio != ssl->wbio) /* we are in trouble :-( */
+                        {
+                        BIO_free_all(ssl->wbio);
+                        }
+                if (b->next_bio != NULL)
+                        {
+                        CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO);
+                        }
+                ssl->wbio=NULL;
+                ssl->rbio=NULL;
+                break;
+        case BIO_C_DO_STATE_MACHINE:
+                BIO_clear_retry_flags(b);
+
+                b->retry_reason=0;
+                ret=(int)SSL_do_handshake(ssl);
+
+                switch (SSL_get_error(ssl,(int)ret))
+                        {
+                case SSL_ERROR_WANT_READ:
+                        BIO_set_flags(b,
+                                BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
+                        break;
+                case SSL_ERROR_WANT_WRITE:
+                        BIO_set_flags(b,
+                                BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY);
+                        break;
+                case SSL_ERROR_WANT_CONNECT:
+                        BIO_set_flags(b,
+                                BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
+                        b->retry_reason=b->next_bio->retry_reason;
+                        break;
+                default:
+                        break;
+                        }
+                break;
+        case BIO_CTRL_DUP:
+                dbio=(BIO *)ptr;
+                if (((BIO_SSL *)dbio->ptr)->ssl != NULL)
+                        SSL_free(((BIO_SSL *)dbio->ptr)->ssl);
+                ((BIO_SSL *)dbio->ptr)->ssl=SSL_dup(ssl);
+                ((BIO_SSL *)dbio->ptr)->renegotiate_count=
+                        ((BIO_SSL *)b->ptr)->renegotiate_count;
+                ((BIO_SSL *)dbio->ptr)->byte_count=
+                        ((BIO_SSL *)b->ptr)->byte_count;
+                ((BIO_SSL *)dbio->ptr)->renegotiate_timeout=
+                        ((BIO_SSL *)b->ptr)->renegotiate_timeout;
+                ((BIO_SSL *)dbio->ptr)->last_time=
+                        ((BIO_SSL *)b->ptr)->last_time;
+                ret=(((BIO_SSL *)dbio->ptr)->ssl != NULL);
+                break;
+        case BIO_C_GET_FD:
+                ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
+                break;
+        case BIO_CTRL_SET_CALLBACK:
+                {
+#if 0 /* FIXME: Should this be used?  -- Richard Levitte */
+                BIOerr(SSL_F_SSL_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+                ret = -1;
+#else
+                ret=0;
+#endif
+                }
+                break;
+        case BIO_CTRL_GET_CALLBACK:
+                {
+                void (**fptr)();
+
+                fptr=(void (**)())ptr;
+                *fptr=SSL_get_info_callback(ssl);
+                }
+                break;
+        default:
+                ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
+                break;
+                }
+        return(ret);
+        }
+
+static long ssl_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
+        {
+        SSL *ssl;
+        BIO_SSL *bs;
+        long ret=1;
+
+        bs=(BIO_SSL *)b->ptr;
+        ssl=bs->ssl;
+        switch (cmd)
+                {
+        case BIO_CTRL_SET_CALLBACK:
+                {
+                /* FIXME: setting this via a completely different prototype
+                   seems like a crap idea */
+                SSL_set_info_callback(ssl,(void (*)(const SSL *,int,int))fp);
+                }
+                break;
+        default:
+                ret=BIO_callback_ctrl(ssl->rbio,cmd,fp);
+                break;
+                }
+        return(ret);
+        }
+
+static int ssl_puts(BIO *bp, const char *str)
+        {
+        int n,ret;
+
+        n=strlen(str);
+        ret=BIO_write(bp,str,n);
+        return(ret);
+        }
+
+BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx)
+        {
+#ifndef OPENSSL_NO_SOCK
+        BIO *ret=NULL,*buf=NULL,*ssl=NULL;
+
+        if ((buf=BIO_new(BIO_f_buffer())) == NULL)
+                return(NULL);
+        if ((ssl=BIO_new_ssl_connect(ctx)) == NULL)
+                goto err;
+        if ((ret=BIO_push(buf,ssl)) == NULL)
+                goto err;
+        return(ret);
+err:
+        if (buf != NULL) BIO_free(buf);
+        if (ssl != NULL) BIO_free(ssl);
+#endif
+        return(NULL);
+        }
+
+BIO *BIO_new_ssl_connect(SSL_CTX *ctx)
+        {
+        BIO *ret=NULL,*con=NULL,*ssl=NULL;
+
+        if ((con=BIO_new(BIO_s_connect())) == NULL)
+                return(NULL);
+        if ((ssl=BIO_new_ssl(ctx,1)) == NULL)
+                goto err;
+        if ((ret=BIO_push(ssl,con)) == NULL)
+                goto err;
+        return(ret);
+err:
+        if (con != NULL) BIO_free(con);
+        if (ret != NULL) BIO_free(ret);
+        return(NULL);
+        }
+
+BIO *BIO_new_ssl(SSL_CTX *ctx, int client)
+        {
+        BIO *ret;
+        SSL *ssl;
+
+        if ((ret=BIO_new(BIO_f_ssl())) == NULL)
+                return(NULL);
+        if ((ssl=SSL_new(ctx)) == NULL)
+                {
+                BIO_free(ret);
+                return(NULL);
+                }
+        if (client)
+                SSL_set_connect_state(ssl);
+        else
+                SSL_set_accept_state(ssl);
+                
+        BIO_set_ssl(ret,ssl,BIO_CLOSE);
+        return(ret);
+        }
+
+int BIO_ssl_copy_session_id(BIO *t, BIO *f)
+        {
+        t=BIO_find_type(t,BIO_TYPE_SSL);
+        f=BIO_find_type(f,BIO_TYPE_SSL);
+        if ((t == NULL) || (f == NULL))
+                return(0);
+        if (    (((BIO_SSL *)t->ptr)->ssl == NULL) || 
+                (((BIO_SSL *)f->ptr)->ssl == NULL))
+                return(0);
+        SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl,((BIO_SSL *)f->ptr)->ssl);
+        return(1);
+        }
+
+void BIO_ssl_shutdown(BIO *b)
+        {
+        SSL *s;
+
+        while (b != NULL)
+                {
+                if (b->method->type == BIO_TYPE_SSL)
+                        {
+                        s=((BIO_SSL *)b->ptr)->ssl;
+                        SSL_shutdown(s);
+                        break;
+                        }
+                b=b->next_bio;
+                }
+        }
diff --git a/src/lib/libssl/cert.pem b/src/lib/libssl/cert.pem
new file mode 100644
index 0000000000..3f54d30cdd
--- /dev/null
+++ b/src/lib/libssl/cert.pem
@@ -0,0 +1,2821 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            02:00:00:00:00:00:d6:78:b9:d1:af
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
+        Validity
+            Not Before: Jan 28 12:00:00 1999 GMT
+            Not After : Jan 28 12:00:00 2009 GMT
+        Subject: C=BE, O=GlobalSign nv-sa, OU=Partners CA, CN=GlobalSign Partners CA
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (2048 bit)
+                Modulus (2048 bit):
+                    00:d2:2c:f8:32:ac:4a:12:7a:37:c8:29:91:a5:ae:
+                    8c:6e:1e:0e:c0:34:33:88:e5:33:71:16:1c:78:84:
+                    68:c3:18:34:50:2e:16:3e:b1:94:82:4f:b1:9a:9f:
+                    00:f8:c6:11:35:c6:69:7b:98:02:ad:00:06:88:6c:
+                    e7:4c:33:28:00:88:27:46:1f:87:b3:71:75:63:bc:
+                    32:bb:88:de:66:18:0e:50:06:93:b4:f6:bc:14:37:
+                    30:3d:22:df:3d:ff:75:7e:d9:0a:1a:c5:9f:b3:fc:
+                    d0:ac:b3:08:7a:89:d3:01:e8:00:5c:e7:4a:0b:3d:
+                    4d:7b:26:a2:b7:62:06:8b:da:46:dd:93:17:3f:3f:
+                    5b:02:4b:0b:b6:88:20:11:92:00:ad:bb:c7:2e:d4:
+                    e3:45:ae:f5:89:5a:7c:8d:a4:ad:85:64:32:c0:27:
+                    8c:c6:f2:8a:80:92:86:24:56:59:8d:74:68:a2:83:
+                    42:b3:9e:3d:50:41:86:6f:20:6e:f6:fd:ce:d3:19:
+                    e3:32:cc:8f:ed:9a:5e:6d:1f:28:f5:52:ac:6e:18:
+                    5e:f8:3d:d1:92:e5:ba:6c:01:88:4b:0a:f2:2d:de:
+                    65:33:05:42:a0:4c:aa:31:76:be:fd:bf:81:78:f9:
+                    71:1c:46:5e:2d:15:95:2d:30:59:8e:4c:41:d1:62:
+                    ab:3d
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Key Usage: critical
+                Certificate Sign, CRL Sign
+            X509v3 Subject Key Identifier: 
+                43:24:8D:70:15:08:62:55:9C:4F:0C:40:17:5D:86:5E:0F:A2:4C:FB
+            X509v3 Authority Key Identifier: 
+                keyid:60:7B:66:1A:45:0D:97:CA:89:50:2F:7D:04:CD:34:A8:FF:FC:FD:4B
+
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+    Signature Algorithm: md5WithRSAEncryption
+        66:ed:b4:88:69:11:99:82:21:83:ac:a1:6d:8b:9b:84:ad:0f:
+        2d:c8:1e:8c:ca:7b:7e:ad:aa:d4:8e:de:07:d6:9e:45:c7:a5:
+        b8:9c:07:39:60:25:55:1a:c0:4f:19:e5:cf:17:29:49:89:18:
+        35:66:e5:eb:28:40:4e:57:c9:af:b3:e4:b8:20:05:a3:3b:95:
+        50:91:49:94:29:7d:2c:e5:88:41:a5:45:88:5e:9d:82:27:f7:
+        d2:ef:5b:b5:4f:9f:be:fe:35:65:2c:55:64:9f:e1:51:da:22:
+        61:77:ba:58:4e:8f:c6:79:59:59:6e:30:80:a2:4f:90:6e:21:
+        0b:ad:d0:68:39:90:10:9b:ed:22:65:6f:1e:11:38:e6:7f:8c:
+        d2:f3:39:6d:47:d5:21:e8:ea:75:3a:41:d1:ad:f6:16:9d:5d:
+        0b:21:bd:f3:1f:63:06:25:1d:c1:1f:35:71:2c:eb:20:19:d5:
+        c1:b0:ec:3d:e5:6f:ed:02:07:3f:13:7b:66:92:d6:44:c1:98:
+        f7:5f:50:8b:7a:5b:c2:6f:6d:b0:d1:f8:e5:74:a0:40:37:a3:
+        25:0f:e4:3d:ca:64:31:93:90:5c:30:7b:b9:39:31:9a:5e:4c:
+        cd:b9:41:4f:50:e4:3d:38:ae:c8:66:d9:c7:3b:5d:51:47:ac:
+        9b:ab:f2:ad
+SHA1 Fingerprint=84:C4:8F:00:E9:91:EC:DE:DB:B4:18:A9:8B:EF:A1:7A:47:ED:72:98
+-----BEGIN CERTIFICATE-----
+MIIDnjCCAoagAwIBAgILAgAAAAAA1ni50a8wDQYJKoZIhvcNAQEEBQAwVzELMAkG
+A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
+b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05OTAxMjgxMjAw
+MDBaFw0wOTAxMjgxMjAwMDBaMF8xCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
+YWxTaWduIG52LXNhMRQwEgYDVQQLEwtQYXJ0bmVycyBDQTEfMB0GA1UEAxMWR2xv
+YmFsU2lnbiBQYXJ0bmVycyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBANIs+DKsShJ6N8gpkaWujG4eDsA0M4jlM3EWHHiEaMMYNFAuFj6xlIJPsZqf
+APjGETXGaXuYAq0ABohs50wzKACIJ0Yfh7NxdWO8MruI3mYYDlAGk7T2vBQ3MD0i
+3z3/dX7ZChrFn7P80KyzCHqJ0wHoAFznSgs9TXsmordiBovaRt2TFz8/WwJLC7aI
+IBGSAK27xy7U40Wu9YlafI2krYVkMsAnjMbyioCShiRWWY10aKKDQrOePVBBhm8g
+bvb9ztMZ4zLMj+2aXm0fKPVSrG4YXvg90ZLlumwBiEsK8i3eZTMFQqBMqjF2vv2/
+gXj5cRxGXi0VlS0wWY5MQdFiqz0CAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgAGMB0G
+A1UdDgQWBBRDJI1wFQhiVZxPDEAXXYZeD6JM+zAfBgNVHSMEGDAWgBRge2YaRQ2X
+yolQL30EzTSo//z9SzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBAUAA4IB
+AQBm7bSIaRGZgiGDrKFti5uErQ8tyB6Mynt+rarUjt4H1p5Fx6W4nAc5YCVVGsBP
+GeXPFylJiRg1ZuXrKEBOV8mvs+S4IAWjO5VQkUmUKX0s5YhBpUWIXp2CJ/fS71u1
+T5++/jVlLFVkn+FR2iJhd7pYTo/GeVlZbjCAok+QbiELrdBoOZAQm+0iZW8eETjm
+f4zS8zltR9Uh6Op1OkHRrfYWnV0LIb3zH2MGJR3BHzVxLOsgGdXBsOw95W/tAgc/
+E3tmktZEwZj3X1CLelvCb22w0fjldKBAN6MlD+Q9ymQxk5BcMHu5OTGaXkzNuUFP
+UOQ9OK7IZtnHO11RR6ybq/Kt
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 0 (0x0)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting, OU=Certification Services Division, CN=Thawte Personal Basic CA/emailAddress=personal-basic@thawte.com
+        Validity
+            Not Before: Jan  1 00:00:00 1996 GMT
+            Not After : Dec 31 23:59:59 2020 GMT
+        Subject: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting, OU=Certification Services Division, CN=Thawte Personal Basic CA/emailAddress=personal-basic@thawte.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:bc:bc:93:53:6d:c0:50:4f:82:15:e6:48:94:35:
+                    a6:5a:be:6f:42:fa:0f:47:ee:77:75:72:dd:8d:49:
+                    9b:96:57:a0:78:d4:ca:3f:51:b3:69:0b:91:76:17:
+                    22:07:97:6a:c4:51:93:4b:e0:8d:ef:37:95:a1:0c:
+                    4d:da:34:90:1d:17:89:97:e0:35:38:57:4a:c0:f4:
+                    08:70:e9:3c:44:7b:50:7e:61:9a:90:e3:23:d3:88:
+                    11:46:27:f5:0b:07:0e:bb:dd:d1:7f:20:0a:88:b9:
+                    56:0b:2e:1c:80:da:f1:e3:9e:29:ef:14:bd:0a:44:
+                    fb:1b:5b:18:d1:bf:23:93:21
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+    Signature Algorithm: md5WithRSAEncryption
+        2d:e2:99:6b:b0:3d:7a:89:d7:59:a2:94:01:1f:2b:dd:12:4b:
+        53:c2:ad:7f:aa:a7:00:5c:91:40:57:25:4a:38:aa:84:70:b9:
+        d9:80:0f:a5:7b:5c:fb:73:c6:bd:d7:8a:61:5c:03:e3:2d:27:
+        a8:17:e0:84:85:42:dc:5e:9b:c6:b7:b2:6d:bb:74:af:e4:3f:
+        cb:a7:b7:b0:e0:5d:be:78:83:25:94:d2:db:81:0f:79:07:6d:
+        4f:f4:39:15:5a:52:01:7b:de:32:d6:4d:38:f6:12:5c:06:50:
+        df:05:5b:bd:14:4b:a1:df:29:ba:3b:41:8d:f7:63:56:a1:df:
+        22:b1
+SHA1 Fingerprint=40:E7:8C:1D:52:3D:1C:D9:95:4F:AC:1A:1A:B3:BD:3C:BA:A1:5B:FC
+-----BEGIN CERTIFICATE-----
+MIIDITCCAoqgAwIBAgIBADANBgkqhkiG9w0BAQQFADCByzELMAkGA1UEBhMCWkEx
+FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYD
+VQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT
+ZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhhd3RlIFBlcnNvbmFsIEJhc2lj
+IENBMSgwJgYJKoZIhvcNAQkBFhlwZXJzb25hbC1iYXNpY0B0aGF3dGUuY29tMB4X
+DTk2MDEwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgcsxCzAJBgNVBAYTAlpBMRUw
+EwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UE
+ChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
+dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQZXJzb25hbCBCYXNpYyBD
+QTEoMCYGCSqGSIb3DQEJARYZcGVyc29uYWwtYmFzaWNAdGhhd3RlLmNvbTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvLyTU23AUE+CFeZIlDWmWr5vQvoPR+53
+dXLdjUmbllegeNTKP1GzaQuRdhciB5dqxFGTS+CN7zeVoQxN2jSQHReJl+A1OFdK
+wPQIcOk8RHtQfmGakOMj04gRRif1CwcOu93RfyAKiLlWCy4cgNrx454p7xS9CkT7
+G1sY0b8jkyECAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQQF
+AAOBgQAt4plrsD16iddZopQBHyvdEktTwq1/qqcAXJFAVyVKOKqEcLnZgA+le1z7
+c8a914phXAPjLSeoF+CEhULcXpvGt7Jtu3Sv5D/Lp7ew4F2+eIMllNLbgQ95B21P
+9DkVWlIBe94y1k049hJcBlDfBVu9FEuh3ym6O0GN92NWod8isQ==
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number:
+            d0:1e:40:8b:00:00:02:7c:00:00:00:02:00:00:00:01
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=us, ST=Utah, L=Salt Lake City, O=Digital Signature Trust Co., OU=DSTCA X1, CN=DST RootCA X1/emailAddress=ca@digsigtrust.com
+        Validity
+            Not Before: Dec  1 18:18:55 1998 GMT
+            Not After : Nov 28 18:18:55 2008 GMT
+        Subject: C=us, ST=Utah, L=Salt Lake City, O=Digital Signature Trust Co., OU=DSTCA X1, CN=DST RootCA X1/emailAddress=ca@digsigtrust.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (2048 bit)
+                Modulus (2048 bit):
+                    00:d2:c6:26:b6:e7:a5:3d:c1:c4:68:d5:50:6f:53:
+                    c5:6f:49:13:09:b8:af:2c:48:8d:14:6a:a3:17:5f:
+                    5a:f9:d3:2e:75:2f:d8:28:62:d1:93:2f:fc:4d:d4:
+                    ab:87:e5:08:c7:99:e7:92:3f:75:bd:eb:25:b4:15:
+                    c1:9b:19:3d:d2:44:8d:d7:74:20:6d:37:02:8f:69:
+                    93:5b:8a:c4:19:9d:f4:b2:0e:fc:16:6c:b9:b1:05:
+                    92:83:d1:85:2c:60:94:3e:45:55:a0:d9:ab:08:21:
+                    e6:60:e8:3b:74:f2:99:50:51:68:d0:03:2d:b1:80:
+                    be:a3:d8:52:b0:44:cd:43:4a:70:8e:58:85:95:e1:
+                    4e:2c:d6:2d:41:6f:d6:84:e7:c8:98:44:ca:47:db:
+                    2c:24:a5:69:26:cf:6b:b8:27:62:c3:f4:c9:7a:92:
+                    23:ed:13:67:82:ae:45:2e:45:e5:7e:72:3f:85:9d:
+                    94:62:10:e6:3c:91:a1:ad:77:00:e0:15:ec:f3:84:
+                    80:72:7a:8e:6e:60:97:c7:24:59:10:34:83:5b:e1:
+                    a5:a4:69:b6:57:35:1c:78:59:c6:d3:2f:3a:73:67:
+                    ee:94:ca:04:13:05:62:06:70:23:b3:f4:7c:ee:45:
+                    d9:64:0b:5b:49:aa:a4:43:ce:26:c4:44:12:6c:b8:
+                    dd:79
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: sha1WithRSAEncryption
+        a2:37:b2:3f:69:fb:d7:86:79:54:49:31:95:33:2b:f3:d1:09:
+        14:49:62:60:86:a5:b0:11:e2:50:c2:1d:06:57:3e:2d:e8:33:
+        64:be:9b:aa:ad:5f:1b:4d:d4:99:95:a2:8b:9a:c9:62:72:b5:
+        69:ea:d9:58:ab:35:ed:15:a2:43:d6:b6:bc:07:79:65:64:73:
+        7d:d7:79:ca:7b:d5:5a:51:c6:e1:53:04:96:8d:38:cf:a3:17:
+        ac:39:71:6b:01:c3:8b:53:3c:63:e9:ee:79:c0:e4:be:92:32:
+        64:7a:b3:1f:97:94:62:bd:ea:b2:20:15:95:fb:97:f2:78:2f:
+        63:36:40:38:e3:46:0f:1d:dd:ac:95:ca:e7:4b:90:7b:b1:4b:
+        a9:d4:c5:eb:9a:da:aa:d5:a3:94:14:46:8d:2d:1f:f3:3a:d6:
+        93:3a:f6:3e:79:fc:e8:e6:b0:75:ed:ee:3d:c9:70:c7:5d:aa:
+        81:4b:46:25:1c:c7:6c:15:e3:95:4e:0f:aa:32:37:94:0a:17:
+        24:92:13:84:58:d2:63:6f:2b:f7:e6:5b:62:0b:13:17:b0:0d:
+        52:4c:fe:fe:6f:5c:e2:91:6e:1d:fd:a4:62:d7:68:fa:8e:7a:
+        4f:d2:08:da:93:dc:f0:92:11:7a:d0:dc:72:93:0c:73:93:62:
+        85:68:d0:f4
+SHA1 Fingerprint=B7:2F:FF:92:D2:CE:43:DE:0A:8D:4C:54:8C:50:37:26:A8:1E:2B:93
+-----BEGIN CERTIFICATE-----
+MIID2DCCAsACEQDQHkCLAAACfAAAAAIAAAABMA0GCSqGSIb3DQEBBQUAMIGpMQsw
+CQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMOU2FsdCBMYWtlIENp
+dHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjERMA8GA1UE
+CxMIRFNUQ0EgWDExFjAUBgNVBAMTDURTVCBSb290Q0EgWDExITAfBgkqhkiG9w0B
+CQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTAeFw05ODEyMDExODE4NTVaFw0wODExMjgx
+ODE4NTVaMIGpMQswCQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMO
+U2FsdCBMYWtlIENpdHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0
+IENvLjERMA8GA1UECxMIRFNUQ0EgWDExFjAUBgNVBAMTDURTVCBSb290Q0EgWDEx
+ITAfBgkqhkiG9w0BCQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANLGJrbnpT3BxGjVUG9TxW9JEwm4ryxIjRRqoxdf
+WvnTLnUv2Chi0ZMv/E3Uq4flCMeZ55I/db3rJbQVwZsZPdJEjdd0IG03Ao9pk1uK
+xBmd9LIO/BZsubEFkoPRhSxglD5FVaDZqwgh5mDoO3TymVBRaNADLbGAvqPYUrBE
+zUNKcI5YhZXhTizWLUFv1oTnyJhEykfbLCSlaSbPa7gnYsP0yXqSI+0TZ4KuRS5F
+5X5yP4WdlGIQ5jyRoa13AOAV7POEgHJ6jm5gl8ckWRA0g1vhpaRptlc1HHhZxtMv
+OnNn7pTKBBMFYgZwI7P0fO5F2WQLW0mqpEPOJsREEmy43XkCAwEAATANBgkqhkiG
+9w0BAQUFAAOCAQEAojeyP2n714Z5VEkxlTMr89EJFEliYIalsBHiUMIdBlc+Legz
+ZL6bqq1fG03UmZWii5rJYnK1aerZWKs17RWiQ9a2vAd5ZWRzfdd5ynvVWlHG4VME
+lo04z6MXrDlxawHDi1M8Y+nuecDkvpIyZHqzH5eUYr3qsiAVlfuX8ngvYzZAOONG
+Dx3drJXK50uQe7FLqdTF65raqtWjlBRGjS0f8zrWkzr2Pnn86Oawde3uPclwx12q
+gUtGJRzHbBXjlU4PqjI3lAoXJJIThFjSY28r9+ZbYgsTF7ANUkz+/m9c4pFuHf2k
+Ytdo+o56T9II2pPc8JIRetDccpMMc5NihWjQ9A==
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=BE, L=Brussels, O=BelSign NV, OU=BelSign Object Publishing Certificate Authority, CN=BelSign Object Publishing CA/emailAddress=webmaster@belsign.be
+        Validity
+            Not Before: Sep 19 22:03:00 1997 GMT
+            Not After : Sep 19 22:03:00 2007 GMT
+        Subject: C=BE, L=Brussels, O=BelSign NV, OU=BelSign Object Publishing Certificate Authority, CN=BelSign Object Publishing CA/emailAddress=webmaster@belsign.be
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:c4:2e:1f:b6:bf:ee:82:40:dd:f9:b7:2e:41:d5:
+                    9e:05:b1:5a:d0:26:7c:62:55:03:9b:fc:cb:61:de:
+                    4b:ef:fe:e8:99:fe:87:b9:88:cf:90:da:0f:09:3c:
+                    76:df:17:97:b6:cb:3f:25:45:fd:b4:bc:58:00:be:
+                    b0:5a:b6:14:87:8f:ee:67:64:ad:1d:88:83:bb:67:
+                    9f:65:61:00:58:08:80:50:9f:80:c9:31:f6:2a:90:
+                    1c:2d:f7:4a:6c:10:f6:23:43:5d:38:09:60:88:57:
+                    02:cd:16:6c:18:fc:cd:fb:92:2a:77:d0:9e:93:a3:
+                    5d:88:64:d0:c8:f8:5d:54:51
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            Netscape Cert Type: 
+                SSL CA, S/MIME CA, Object Signing CA
+    Signature Algorithm: md5WithRSAEncryption
+        63:76:17:7c:96:f0:53:a5:5d:01:1c:53:ce:29:c2:7e:75:ac:
+        4c:0d:a2:08:73:b4:6a:31:fd:02:06:14:99:dc:54:04:a4:bf:
+        c8:96:86:9f:31:43:32:25:57:f6:85:f6:25:bb:37:be:a1:79:
+        23:c9:57:06:25:71:6b:45:4f:f8:f4:02:40:16:82:22:af:54:
+        ea:32:28:f6:0d:ee:99:ba:4b:08:51:0f:6e:86:23:21:4c:2d:
+        25:88:81:c4:2e:0e:f1:13:2c:38:8a:95:02:24:c3:3a:95:63:
+        e4:93:8e:48:bb:08:47:72:5f:ae:e6:3a:5a:47:d6:71:c6:9e:
+        9a:52
+SHA1 Fingerprint=FB:94:55:18:3D:97:5B:E3:68:60:84:97:6A:A7:2A:81:55:7B:81:29
+-----BEGIN CERTIFICATE-----
+MIIDAzCCAmygAwIBAgIBATANBgkqhkiG9w0BAQQFADCBuzELMAkGA1UEBhMCQkUx
+ETAPBgNVBAcTCEJydXNzZWxzMRMwEQYDVQQKEwpCZWxTaWduIE5WMTgwNgYDVQQL
+Ey9CZWxTaWduIE9iamVjdCBQdWJsaXNoaW5nIENlcnRpZmljYXRlIEF1dGhvcml0
+eTElMCMGA1UEAxMcQmVsU2lnbiBPYmplY3QgUHVibGlzaGluZyBDQTEjMCEGCSqG
+SIb3DQEJARYUd2VibWFzdGVyQGJlbHNpZ24uYmUwHhcNOTcwOTE5MjIwMzAwWhcN
+MDcwOTE5MjIwMzAwWjCBuzELMAkGA1UEBhMCQkUxETAPBgNVBAcTCEJydXNzZWxz
+MRMwEQYDVQQKEwpCZWxTaWduIE5WMTgwNgYDVQQLEy9CZWxTaWduIE9iamVjdCBQ
+dWJsaXNoaW5nIENlcnRpZmljYXRlIEF1dGhvcml0eTElMCMGA1UEAxMcQmVsU2ln
+biBPYmplY3QgUHVibGlzaGluZyBDQTEjMCEGCSqGSIb3DQEJARYUd2VibWFzdGVy
+QGJlbHNpZ24uYmUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMQuH7a/7oJA
+3fm3LkHVngWxWtAmfGJVA5v8y2HeS+/+6Jn+h7mIz5DaDwk8dt8Xl7bLPyVF/bS8
+WAC+sFq2FIeP7mdkrR2Ig7tnn2VhAFgIgFCfgMkx9iqQHC33SmwQ9iNDXTgJYIhX
+As0WbBj8zfuSKnfQnpOjXYhk0Mj4XVRRAgMBAAGjFTATMBEGCWCGSAGG+EIBAQQE
+AwIABzANBgkqhkiG9w0BAQQFAAOBgQBjdhd8lvBTpV0BHFPOKcJ+daxMDaIIc7Rq
+Mf0CBhSZ3FQEpL/IloafMUMyJVf2hfYluze+oXkjyVcGJXFrRU/49AJAFoIir1Tq
+Mij2De6ZuksIUQ9uhiMhTC0liIHELg7xEyw4ipUCJMM6lWPkk45IuwhHcl+u5jpa
+R9Zxxp6aUg==
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 438 (0x1b6)
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Root 5
+        Validity
+            Not Before: Aug 14 14:50:00 1998 GMT
+            Not After : Aug 14 23:59:00 2013 GMT
+        Subject: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Root 5
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (2048 bit)
+                Modulus (2048 bit):
+                    00:bc:12:6e:3f:8a:7c:7a:97:01:ec:1e:bb:39:5a:
+                    02:f4:78:44:a2:48:1b:8e:7b:49:52:7a:b8:7b:47:
+                    b3:af:94:9b:6f:bb:96:fa:2b:6a:65:5c:b8:1c:94:
+                    73:be:bf:89:0a:22:80:ee:57:fc:8c:05:bb:70:9f:
+                    97:39:04:da:a3:87:5c:a8:e5:ca:af:c0:33:9a:d5:
+                    37:5c:4b:ac:e4:80:d0:a6:23:60:fb:fd:72:2e:94:
+                    9d:c7:ce:c2:04:32:ef:78:60:5d:ed:ad:87:0f:45:
+                    65:1e:3c:9a:0a:9a:be:5d:1d:99:ec:e7:f2:d1:c6:
+                    7a:17:d9:ad:9b:54:96:7f:c4:7c:60:bf:85:aa:15:
+                    35:1d:40:da:11:bc:ec:54:21:28:2d:23:a1:a8:f0:
+                    cf:2d:cd:dd:fc:7e:0f:5e:e1:65:07:56:cb:07:b4:
+                    d2:56:e8:5e:31:cc:18:63:c4:86:d2:2d:85:cf:93:
+                    92:ab:6d:fe:68:39:fb:de:73:bd:86:f8:e4:46:7a:
+                    ea:9f:0c:cb:f4:19:fe:63:bc:d1:2c:7b:88:33:36:
+                    f6:e4:e1:9c:0c:53:81:60:1c:da:2e:ab:96:a9:16:
+                    88:13:50:99:b2:bd:55:df:15:30:7e:e8:e5:98:fb:
+                    70:7e:6c:b5:07:fc:fc:46:b7:d0:ed:37:96:7e:32:
+                    fe:21
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: critical
+                CA:TRUE, pathlen:5
+            X509v3 Key Usage: critical
+                Certificate Sign, CRL Sign
+            X509v3 Certificate Policies: 
+                Policy: 1.2.840.113763.1.2.1.3
+
+            X509v3 Subject Key Identifier: 
+                76:0A:49:21:38:4C:9F:DE:F8:C4:49:C7:71:71:91:9D
+    Signature Algorithm: sha1WithRSAEncryption
+        41:3a:d4:18:5b:da:b8:de:21:1c:e1:8e:09:e5:f1:68:34:ff:
+        de:96:f4:07:f5:a7:3c:f3:ac:4a:b1:9b:fa:92:fa:9b:ed:e6:
+        32:21:aa:4a:76:c5:dc:4f:38:e5:df:d5:86:e4:d5:c8:76:7d:
+        98:d7:b1:cd:8f:4d:b5:91:23:6c:8b:8a:eb:ea:7c:ef:14:94:
+        c4:c6:f0:1f:4a:2d:32:71:63:2b:63:91:26:02:09:b6:80:1d:
+        ed:e2:cc:b8:7f:db:87:63:c8:e1:d0:6c:26:b1:35:1d:40:66:
+        10:1b:cd:95:54:18:33:61:ec:13:4f:da:13:f7:99:af:3e:d0:
+        cf:8e:a6:72:a2:b3:c3:05:9a:c9:27:7d:92:cc:7e:52:8d:b3:
+        ab:70:6d:9e:89:9f:4d:eb:1a:75:c2:98:aa:d5:02:16:d7:0c:
+        8a:bf:25:e4:eb:2d:bc:98:e9:58:38:19:7c:b9:37:fe:db:e2:
+        99:08:73:06:c7:97:83:6a:7d:10:01:2f:32:b9:17:05:4a:65:
+        e6:2f:ce:be:5e:53:a6:82:e9:9a:53:0a:84:74:2d:83:ca:c8:
+        94:16:76:5f:94:61:28:f0:85:a7:39:bb:d7:8b:d9:a8:b2:13:
+        1d:54:09:34:24:7d:20:81:7d:66:7e:a2:90:74:5c:10:c6:bd:
+        ec:ab:1b:c2
+SHA1 Fingerprint=47:C5:4C:BC:DA:5D:76:CE:62:88:38:11:AC:11:66:5D:55:F4:2C:00
+-----BEGIN CERTIFICATE-----
+MIIDtjCCAp6gAwIBAgICAbYwDQYJKoZIhvcNAQEFBQAwcDELMAkGA1UEBhMCVVMx
+GDAWBgNVBAoTD0dURSBDb3Jwb3JhdGlvbjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1
+c3QgU29sdXRpb25zLCBJbmMuMR4wHAYDVQQDExVHVEUgQ3liZXJUcnVzdCBSb290
+IDUwHhcNOTgwODE0MTQ1MDAwWhcNMTMwODE0MjM1OTAwWjBwMQswCQYDVQQGEwJV
+UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
+cnVzdCBTb2x1dGlvbnMsIEluYy4xHjAcBgNVBAMTFUdURSBDeWJlclRydXN0IFJv
+b3QgNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALwSbj+KfHqXAewe
+uzlaAvR4RKJIG457SVJ6uHtHs6+Um2+7lvoramVcuByUc76/iQoigO5X/IwFu3Cf
+lzkE2qOHXKjlyq/AM5rVN1xLrOSA0KYjYPv9ci6UncfOwgQy73hgXe2thw9FZR48
+mgqavl0dmezn8tHGehfZrZtUln/EfGC/haoVNR1A2hG87FQhKC0joajwzy3N3fx+
+D17hZQdWywe00lboXjHMGGPEhtIthc+Tkqtt/mg5+95zvYb45EZ66p8My/QZ/mO8
+0Sx7iDM29uThnAxTgWAc2i6rlqkWiBNQmbK9Vd8VMH7o5Zj7cH5stQf8/Ea30O03
+ln4y/iECAwEAAaNaMFgwEgYDVR0TAQH/BAgwBgEB/wIBBTAOBgNVHQ8BAf8EBAMC
+AQYwFwYDVR0gBBAwDjAMBgoqhkiG+GMBAgEDMBkGA1UdDgQSBBB2CkkhOEyf3vjE
+ScdxcZGdMA0GCSqGSIb3DQEBBQUAA4IBAQBBOtQYW9q43iEc4Y4J5fFoNP/elvQH
+9ac886xKsZv6kvqb7eYyIapKdsXcTzjl39WG5NXIdn2Y17HNj021kSNsi4rr6nzv
+FJTExvAfSi0ycWMrY5EmAgm2gB3t4sy4f9uHY8jh0GwmsTUdQGYQG82VVBgzYewT
+T9oT95mvPtDPjqZyorPDBZrJJ32SzH5SjbOrcG2eiZ9N6xp1wpiq1QIW1wyKvyXk
+6y28mOlYOBl8uTf+2+KZCHMGx5eDan0QAS8yuRcFSmXmL86+XlOmgumaUwqEdC2D
+ysiUFnZflGEo8IWnObvXi9moshMdVAk0JH0ggX1mfqKQdFwQxr3sqxvC
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number: 411 (0x19b)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Root 2
+        Validity
+            Not Before: Aug 11 11:35:07 1998 GMT
+            Not After : Aug 11 11:22:16 2008 GMT
+        Subject: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Root 2
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:d9:2c:4c:4e:2f:69:1a:23:e3:56:ba:f3:ce:84:
+                    c0:09:c0:79:f1:44:5f:33:1f:15:91:7f:8a:88:28:
+                    b8:24:45:cc:8f:18:cd:1f:74:d1:b5:8f:71:4c:d6:
+                    31:f6:73:96:84:94:40:c5:a9:83:60:24:7d:af:6f:
+                    34:b7:4b:4c:c2:09:80:3b:45:04:9e:c4:3c:c4:27:
+                    75:7b:00:0c:a1:64:47:b5:14:5d:82:4b:51:3a:58:
+                    bb:44:4c:3d:d3:e5:06:38:e8:61:5c:98:78:bb:80:
+                    b3:9c:da:72:82:62:a0:df:9c:5f:eb:f9:4f:77:c2:
+                    cc:60:18:00:6b:34:82:25:b3
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: md5WithRSAEncryption
+        a3:64:91:6f:10:ed:e7:6e:a2:42:40:94:78:ce:f8:14:08:d1:
+        fa:43:85:eb:46:cd:92:14:d0:ef:2e:2d:36:39:18:d9:ba:c9:
+        27:88:29:e9:48:17:6f:f8:c1:aa:c8:61:6d:2d:fd:40:2d:75:
+        43:30:97:39:f8:14:64:bd:6f:ef:63:a8:2b:42:df:b2:5a:0d:
+        25:ec:7b:37:d8:ce:91:29:82:16:f9:e8:62:a2:e1:76:c4:02:
+        7d:dd:25:8b:98:e1:f6:0d:60:8c:f6:59:90:40:51:44:d1:c2:
+        fb:19:24:1e:17:39:6b:74:21:15:33:d6:55:d7:82:1e:70:2c:
+        27:a8
+SHA1 Fingerprint=D1:AD:6B:1C:1A:0E:B9:3D:16:CE:CF:95:E9:4C:81:8B:BE:32:B4:2E
+-----BEGIN CERTIFICATE-----
+MIICUDCCAbkCAgGbMA0GCSqGSIb3DQEBBAUAMHAxCzAJBgNVBAYTAlVTMRgwFgYD
+VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv
+bHV0aW9ucywgSW5jLjEeMBwGA1UEAxMVR1RFIEN5YmVyVHJ1c3QgUm9vdCAyMB4X
+DTk4MDgxMTExMzUwN1oXDTA4MDgxMTExMjIxNlowcDELMAkGA1UEBhMCVVMxGDAW
+BgNVBAoTD0dURSBDb3Jwb3JhdGlvbjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3Qg
+U29sdXRpb25zLCBJbmMuMR4wHAYDVQQDExVHVEUgQ3liZXJUcnVzdCBSb290IDIw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANksTE4vaRoj41a6886EwAnAefFE
+XzMfFZF/iogouCRFzI8YzR900bWPcUzWMfZzloSUQMWpg2Akfa9vNLdLTMIJgDtF
+BJ7EPMQndXsADKFkR7UUXYJLUTpYu0RMPdPlBjjoYVyYeLuAs5zacoJioN+cX+v5
+T3fCzGAYAGs0giWzAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAo2SRbxDt526iQkCU
+eM74FAjR+kOF60bNkhTQ7y4tNjkY2brJJ4gp6UgXb/jBqshhbS39QC11QzCXOfgU
+ZL1v72OoK0LfsloNJex7N9jOkSmCFvnoYqLhdsQCfd0li5jh9g1gjPZZkEBRRNHC
++xkkHhc5a3QhFTPWVdeCHnAsJ6g=
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1002 (0x3ea)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=DE, ST=Hamburg, L=Hamburg, O=TC TrustCenter for Security in Data Networks GmbH, OU=TC TrustCenter Class 2 CA/emailAddress=certificate@trustcenter.de
+        Validity
+            Not Before: Mar  9 11:59:59 1998 GMT
+            Not After : Jan  1 11:59:59 2011 GMT
+        Subject: C=DE, ST=Hamburg, L=Hamburg, O=TC TrustCenter for Security in Data Networks GmbH, OU=TC TrustCenter Class 2 CA/emailAddress=certificate@trustcenter.de
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:da:38:e8:ed:32:00:29:71:83:01:0d:bf:8c:01:
+                    dc:da:c6:ad:39:a4:a9:8a:2f:d5:8b:5c:68:5f:50:
+                    c6:62:f5:66:bd:ca:91:22:ec:aa:1d:51:d7:3d:b3:
+                    51:b2:83:4e:5d:cb:49:b0:f0:4c:55:e5:6b:2d:c7:
+                    85:0b:30:1c:92:4e:82:d4:ca:02:ed:f7:6f:be:dc:
+                    e0:e3:14:b8:05:53:f2:9a:f4:56:8b:5a:9e:85:93:
+                    d1:b4:82:56:ae:4d:bb:a8:4b:57:16:bc:fe:f8:58:
+                    9e:f8:29:8d:b0:7b:cd:78:c9:4f:ac:8b:67:0c:f1:
+                    9c:fb:fc:57:9b:57:5c:4f:0d
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+            X509v3 Key Usage: critical
+                Digital Signature, Certificate Sign, CRL Sign
+            Netscape CA Policy Url: 
+                http://www.trustcenter.de/guidelines
+            Netscape Cert Type: 
+                SSL CA, S/MIME CA, Object Signing CA
+    Signature Algorithm: md5WithRSAEncryption
+        84:52:fb:28:df:ff:1f:75:01:bc:01:be:04:56:97:6a:74:42:
+        24:31:83:f9:46:b1:06:8a:89:cf:96:2c:33:bf:8c:b5:5f:7a:
+        72:a1:85:06:ce:86:f8:05:8e:e8:f9:25:ca:da:83:8c:06:ac:
+        eb:36:6d:85:91:34:04:36:f4:42:f0:f8:79:2e:0a:48:5c:ab:
+        cc:51:4f:78:76:a0:d9:ac:19:bd:2a:d1:69:04:28:91:ca:36:
+        10:27:80:57:5b:d2:5c:f5:c2:5b:ab:64:81:63:74:51:f4:97:
+        bf:cd:12:28:f7:4d:66:7f:a7:f0:1c:01:26:78:b2:66:47:70:
+        51:64
+SHA1 Fingerprint=83:8E:30:F7:7F:DD:14:AA:38:5E:D1:45:00:9C:0E:22:36:49:4F:AA
+-----BEGIN CERTIFICATE-----
+MIIDXDCCAsWgAwIBAgICA+owDQYJKoZIhvcNAQEEBQAwgbwxCzAJBgNVBAYTAkRF
+MRAwDgYDVQQIEwdIYW1idXJnMRAwDgYDVQQHEwdIYW1idXJnMTowOAYDVQQKEzFU
+QyBUcnVzdENlbnRlciBmb3IgU2VjdXJpdHkgaW4gRGF0YSBOZXR3b3JrcyBHbWJI
+MSIwIAYDVQQLExlUQyBUcnVzdENlbnRlciBDbGFzcyAyIENBMSkwJwYJKoZIhvcN
+AQkBFhpjZXJ0aWZpY2F0ZUB0cnVzdGNlbnRlci5kZTAeFw05ODAzMDkxMTU5NTla
+Fw0xMTAxMDExMTU5NTlaMIG8MQswCQYDVQQGEwJERTEQMA4GA1UECBMHSGFtYnVy
+ZzEQMA4GA1UEBxMHSGFtYnVyZzE6MDgGA1UEChMxVEMgVHJ1c3RDZW50ZXIgZm9y
+IFNlY3VyaXR5IGluIERhdGEgTmV0d29ya3MgR21iSDEiMCAGA1UECxMZVEMgVHJ1
+c3RDZW50ZXIgQ2xhc3MgMiBDQTEpMCcGCSqGSIb3DQEJARYaY2VydGlmaWNhdGVA
+dHJ1c3RjZW50ZXIuZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANo46O0y
+AClxgwENv4wB3NrGrTmkqYov1YtcaF9QxmL1Zr3KkSLsqh1R1z2zUbKDTl3LSbDw
+TFXlay3HhQswHJJOgtTKAu33b77c4OMUuAVT8pr0VotanoWT0bSCVq5Nu6hLVxa8
+/vhYnvgpjbB7zXjJT6yLZwzxnPv8V5tXXE8NAgMBAAGjazBpMA8GA1UdEwEB/wQF
+MAMBAf8wDgYDVR0PAQH/BAQDAgGGMDMGCWCGSAGG+EIBCAQmFiRodHRwOi8vd3d3
+LnRydXN0Y2VudGVyLmRlL2d1aWRlbGluZXMwEQYJYIZIAYb4QgEBBAQDAgAHMA0G
+CSqGSIb3DQEBBAUAA4GBAIRS+yjf/x91AbwBvgRWl2p0QiQxg/lGsQaKic+WLDO/
+jLVfenKhhQbOhvgFjuj5Jcrag4wGrOs2bYWRNAQ29ELw+HkuCkhcq8xRT3h2oNms
+Gb0q0WkEKJHKNhAngFdb0lz1wlurZIFjdFH0l7/NEij3TWZ/p/AcASZ4smZHcFFk
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number: 424 (0x1a8)
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Root 4
+        Validity
+            Not Before: Aug 13 13:51:00 1998 GMT
+            Not After : Aug 13 23:59:00 2013 GMT
+        Subject: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Root 4
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (2048 bit)
+                Modulus (2048 bit):
+                    00:ba:9d:22:6e:7f:da:66:3c:39:42:b1:a3:2a:6f:
+                    d3:f7:bc:ae:ac:31:5a:d7:11:90:47:b9:9d:19:2e:
+                    f9:f3:1b:22:a0:c3:e1:a7:ba:c4:fc:5e:0a:94:4b:
+                    98:5a:4b:26:e4:1f:f4:dc:f3:fe:8e:88:dc:6c:2d:
+                    7c:77:87:26:50:c0:5e:4e:a8:28:a1:ea:17:69:4f:
+                    4d:c6:01:0e:da:9a:0d:06:56:26:15:b6:a4:5d:7a:
+                    35:af:8d:ed:78:52:86:f9:38:ab:b3:01:d3:da:05:
+                    96:b1:b6:50:ab:c0:a1:ae:17:53:fa:43:39:20:71:
+                    65:23:db:6d:c4:b6:ed:98:45:83:d7:d2:f6:e2:a9:
+                    6b:fb:f9:75:cc:ef:c5:ab:71:96:35:e8:df:8e:91:
+                    9b:a8:10:75:1f:b7:ce:13:8e:6b:b3:96:77:97:1a:
+                    91:2f:c7:2c:69:99:f0:0f:2a:68:00:98:76:44:1b:
+                    8c:28:d2:eb:8e:f4:83:b4:7f:a4:25:5e:6c:3b:d9:
+                    c6:68:d5:61:b8:d4:5e:31:07:b5:5b:90:35:52:57:
+                    7b:17:20:ed:2d:b8:1e:8e:88:39:3e:52:cb:df:f0:
+                    5c:b1:65:bb:a5:12:b4:90:63:bf:71:9d:32:c1:da:
+                    bf:50:4a:95:be:06:3a:c4:2b:eb:cd:98:76:44:4d:
+                    0b:e5
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: sha1WithRSAEncryption
+        43:af:1c:87:c9:49:ba:65:89:34:49:3c:ea:07:3b:47:a2:79:
+        d4:a0:3b:90:6c:de:7f:a8:54:c3:e8:4c:40:32:bc:c8:ec:1c:
+        e5:d9:ac:40:ba:fc:8c:3f:c2:73:9c:f4:64:ea:df:a9:ed:4e:
+        5b:c8:01:60:ee:39:6d:43:27:f3:7f:aa:08:d2:fe:4e:6f:14:
+        32:4d:7d:e4:34:80:a5:35:c4:d6:46:50:b4:3b:a0:2d:65:1f:
+        4f:65:7e:34:28:2d:c0:a7:76:7d:31:c9:0d:33:16:f6:20:19:
+        20:11:50:bb:03:cc:70:6d:96:b7:ef:4c:a7:da:36:15:cf:bb:
+        4d:d4:96:dc:88:4d:6c:98:ed:b9:73:fe:28:57:a0:ed:64:f8:
+        0a:81:29:73:f6:f6:97:32:87:39:b4:81:ef:d9:4d:1a:07:34:
+        f7:ba:42:35:de:57:dc:5c:d6:f7:c5:eb:0a:27:0c:81:a6:c2:
+        d0:68:4e:fd:92:5b:48:83:f6:16:8a:8f:36:5b:ed:31:6c:3f:
+        41:7a:71:f7:92:3f:31:a4:0a:40:4c:f3:86:e2:61:c1:3c:49:
+        81:2d:a5:b8:ef:ba:97:0f:bc:2b:1d:9b:89:f2:d2:8e:1e:4d:
+        86:f2:c2:ab:f6:2d:99:c0:1b:2a:0d:a1:b6:4f:f9:2c:58:4d:
+        3d:7d:37:0a
+SHA1 Fingerprint=BB:EB:01:B9:A0:6E:07:9B:00:FF:CB:74:05:F4:A6:4E:01:03:E3:4B
+-----BEGIN CERTIFICATE-----
+MIIDVTCCAj0CAgGoMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNVBAYTAlVTMRgwFgYD
+VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv
+bHV0aW9ucywgSW5jLjEeMBwGA1UEAxMVR1RFIEN5YmVyVHJ1c3QgUm9vdCA0MB4X
+DTk4MDgxMzEzNTEwMFoXDTEzMDgxMzIzNTkwMFowcDELMAkGA1UEBhMCVVMxGDAW
+BgNVBAoTD0dURSBDb3Jwb3JhdGlvbjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3Qg
+U29sdXRpb25zLCBJbmMuMR4wHAYDVQQDExVHVEUgQ3liZXJUcnVzdCBSb290IDQw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6nSJuf9pmPDlCsaMqb9P3
+vK6sMVrXEZBHuZ0ZLvnzGyKgw+GnusT8XgqUS5haSybkH/Tc8/6OiNxsLXx3hyZQ
+wF5OqCih6hdpT03GAQ7amg0GViYVtqRdejWvje14Uob5OKuzAdPaBZaxtlCrwKGu
+F1P6QzkgcWUj223Etu2YRYPX0vbiqWv7+XXM78WrcZY16N+OkZuoEHUft84Tjmuz
+lneXGpEvxyxpmfAPKmgAmHZEG4wo0uuO9IO0f6QlXmw72cZo1WG41F4xB7VbkDVS
+V3sXIO0tuB6OiDk+Usvf8FyxZbulErSQY79xnTLB2r9QSpW+BjrEK+vNmHZETQvl
+AgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAEOvHIfJSbpliTRJPOoHO0eiedSgO5Bs
+3n+oVMPoTEAyvMjsHOXZrEC6/Iw/wnOc9GTq36ntTlvIAWDuOW1DJ/N/qgjS/k5v
+FDJNfeQ0gKU1xNZGULQ7oC1lH09lfjQoLcCndn0xyQ0zFvYgGSARULsDzHBtlrfv
+TKfaNhXPu03UltyITWyY7blz/ihXoO1k+AqBKXP29pcyhzm0ge/ZTRoHNPe6QjXe
+V9xc1vfF6wonDIGmwtBoTv2SW0iD9haKjzZb7TFsP0F6cfeSPzGkCkBM84biYcE8
+SYEtpbjvupcPvCsdm4ny0o4eTYbywqv2LZnAGyoNobZP+SxYTT19Nwo=
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            02:00:00:00:00:00:d6:78:b8:8d:8d
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
+        Validity
+            Not Before: Jan 28 12:00:00 1999 GMT
+            Not After : Jan 28 12:00:00 2009 GMT
+        Subject: C=BE, O=GlobalSign nv-sa, OU=Primary Class 2 CA, CN=GlobalSign Primary Class 2 CA
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (2048 bit)
+                Modulus (2048 bit):
+                    00:92:8c:fe:ef:f4:45:8e:17:41:6e:fc:d8:bf:21:
+                    6f:ab:06:9d:52:c1:2c:00:9d:3f:8e:85:b8:7f:4a:
+                    8f:bd:a0:63:2a:ca:49:27:ae:5a:82:f4:74:e2:55:
+                    92:ff:c2:d1:aa:79:a2:b6:fa:d5:9d:82:04:4f:c6:
+                    b2:c6:5e:63:a7:3a:ba:d8:ee:eb:8a:6f:9f:b6:bb:
+                    28:41:c0:22:fb:4e:48:1a:06:92:d7:bf:d7:cf:b9:
+                    d9:bd:38:4f:3b:0d:44:6e:55:41:fe:fc:09:db:d8:
+                    bf:f3:8e:21:f1:e8:12:b5:f6:13:a5:d3:c6:4c:93:
+                    22:b0:02:ff:ee:1d:0c:c4:a8:6b:4f:75:68:56:e8:
+                    dc:28:12:50:f7:a8:24:9d:2e:24:39:fb:09:05:de:
+                    e5:a3:64:49:21:d0:68:7e:71:30:91:b1:60:e0:39:
+                    f4:50:f8:7a:4d:98:00:6b:7c:79:ba:4e:ce:4a:e2:
+                    ba:36:1d:b7:c5:36:15:95:9c:64:42:ea:5f:c4:ba:
+                    f5:40:05:be:e1:3a:59:bd:84:a7:19:b8:de:4d:53:
+                    50:ce:07:d1:d2:51:d3:ef:0d:81:6c:e6:e7:6d:cb:
+                    5d:7c:3f:7c:cc:ec:4f:83:27:25:ff:70:50:f6:83:
+                    59:75:84:06:66:58:2c:de:89:8d:00:a6:49:f9:a5:
+                    43:77
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Key Usage: critical
+                Certificate Sign, CRL Sign
+            X509v3 Subject Key Identifier: 
+                7C:E7:B2:B1:2C:DE:B1:A7:6B:E9:76:0C:E1:A3:FD:4E:6C:C7:B9:F6
+            X509v3 Authority Key Identifier: 
+                keyid:60:7B:66:1A:45:0D:97:CA:89:50:2F:7D:04:CD:34:A8:FF:FC:FD:4B
+
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+    Signature Algorithm: md5WithRSAEncryption
+        63:dd:59:ce:8a:79:aa:98:9d:4e:c5:89:64:37:7e:8a:93:67:
+        2f:10:ea:6f:27:c3:8d:77:6d:f2:5c:56:94:19:1a:69:60:30:
+        46:5d:8f:f2:6d:45:3c:8e:35:97:7c:2f:b8:51:e2:e8:89:bd:
+        88:cf:27:1c:08:34:5c:88:c1:68:24:db:91:85:e4:cf:fb:fb:
+        43:8d:e8:25:01:1b:c4:0e:f7:00:42:48:86:1f:24:08:58:5a:
+        8c:8d:f2:6b:47:2c:68:91:b1:69:42:fd:0d:8d:c9:26:e6:92:
+        86:a6:64:6e:92:c5:ce:3e:3c:7d:71:e3:23:a4:ab:c7:d5:a8:
+        a9:df:82:a7:3b:e8:86:d5:c3:4f:18:e3:44:d0:e0:dc:f3:c5:
+        68:2e:fe:a5:2f:05:84:c8:7e:47:42:53:6b:87:4a:fe:32:ff:
+        5e:3e:70:8c:b7:a8:15:cc:17:c2:ff:46:ec:d0:ec:2d:b4:6e:
+        12:28:a9:f9:40:e9:eb:d4:66:97:53:a9:69:55:c0:a9:aa:b2:
+        2e:cd:d1:69:f4:be:f8:bb:7c:69:ee:54:a6:db:9e:fb:5a:a6:
+        3e:fe:9a:ef:94:51:4b:75:ee:d8:d4:e1:9a:f1:02:56:13:89:
+        0e:a7:42:8b:96:8b:85:0c:1b:85:be:26:ae:ab:a6:99:bc:22:
+        f1:73:df:42
+SHA1 Fingerprint=83:FE:DE:D5:71:E3:96:CF:C7:64:F7:3B:DF:16:76:87:72:C5:1F:CC
+-----BEGIN CERTIFICATE-----
+MIIDrDCCApSgAwIBAgILAgAAAAAA1ni4jY0wDQYJKoZIhvcNAQEEBQAwVzELMAkG
+A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
+b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05OTAxMjgxMjAw
+MDBaFw0wOTAxMjgxMjAwMDBaMG0xCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
+YWxTaWduIG52LXNhMRswGQYDVQQLExJQcmltYXJ5IENsYXNzIDIgQ0ExJjAkBgNV
+BAMTHUdsb2JhbFNpZ24gUHJpbWFyeSBDbGFzcyAyIENBMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAkoz+7/RFjhdBbvzYvyFvqwadUsEsAJ0/joW4f0qP
+vaBjKspJJ65agvR04lWS/8LRqnmitvrVnYIET8ayxl5jpzq62O7rim+ftrsoQcAi
++05IGgaS17/Xz7nZvThPOw1EblVB/vwJ29i/844h8egStfYTpdPGTJMisAL/7h0M
+xKhrT3VoVujcKBJQ96gknS4kOfsJBd7lo2RJIdBofnEwkbFg4Dn0UPh6TZgAa3x5
+uk7OSuK6Nh23xTYVlZxkQupfxLr1QAW+4TpZvYSnGbjeTVNQzgfR0lHT7w2BbObn
+bctdfD98zOxPgycl/3BQ9oNZdYQGZlgs3omNAKZJ+aVDdwIDAQABo2MwYTAOBgNV
+HQ8BAf8EBAMCAAYwHQYDVR0OBBYEFHznsrEs3rGna+l2DOGj/U5sx7n2MB8GA1Ud
+IwQYMBaAFGB7ZhpFDZfKiVAvfQTNNKj//P1LMA8GA1UdEwEB/wQFMAMBAf8wDQYJ
+KoZIhvcNAQEEBQADggEBAGPdWc6KeaqYnU7FiWQ3foqTZy8Q6m8nw413bfJcVpQZ
+GmlgMEZdj/JtRTyONZd8L7hR4uiJvYjPJxwINFyIwWgk25GF5M/7+0ON6CUBG8QO
+9wBCSIYfJAhYWoyN8mtHLGiRsWlC/Q2NySbmkoamZG6Sxc4+PH1x4yOkq8fVqKnf
+gqc76IbVw08Y40TQ4NzzxWgu/qUvBYTIfkdCU2uHSv4y/14+cIy3qBXMF8L/RuzQ
+7C20bhIoqflA6evUZpdTqWlVwKmqsi7N0Wn0vvi7fGnuVKbbnvtapj7+mu+UUUt1
+7tjU4ZrxAlYTiQ6nQouWi4UMG4W+Jq6rppm8IvFz30I=
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number:
+            cd:ba:7f:56:f0:df:e4:bc:54:fe:22:ac:b3:72:aa:55
+        Signature Algorithm: md2WithRSAEncryption
+        Issuer: C=US, O=VeriSign, Inc., OU=Class 1 Public Primary Certification Authority
+        Validity
+            Not Before: Jan 29 00:00:00 1996 GMT
+            Not After : Aug  1 23:59:59 2028 GMT
+        Subject: C=US, O=VeriSign, Inc., OU=Class 1 Public Primary Certification Authority
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:e5:19:bf:6d:a3:56:61:2d:99:48:71:f6:67:de:
+                    b9:8d:eb:b7:9e:86:80:0a:91:0e:fa:38:25:af:46:
+                    88:82:e5:73:a8:a0:9b:24:5d:0d:1f:cc:65:6e:0c:
+                    b0:d0:56:84:18:87:9a:06:9b:10:a1:73:df:b4:58:
+                    39:6b:6e:c1:f6:15:d5:a8:a8:3f:aa:12:06:8d:31:
+                    ac:7f:b0:34:d7:8f:34:67:88:09:cd:14:11:e2:4e:
+                    45:56:69:1f:78:02:80:da:dc:47:91:29:bb:36:c9:
+                    63:5c:c5:e0:d7:2d:87:7b:a1:b7:32:b0:7b:30:ba:
+                    2a:2f:31:aa:ee:a3:67:da:db
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: md2WithRSAEncryption
+        4c:3f:b8:8b:c6:68:df:ee:43:33:0e:5d:e9:a6:cb:07:84:4d:
+        7a:33:ff:92:1b:f4:36:ad:d8:95:22:36:68:11:6c:7c:42:cc:
+        f3:9c:2e:c4:07:3f:14:b0:0f:4f:ff:90:92:76:f9:e2:bc:4a:
+        e9:8f:cd:a0:80:0a:f7:c5:29:f1:82:22:5d:b8:b1:dd:81:23:
+        a3:7b:25:15:46:30:79:16:f8:ea:05:4b:94:7f:1d:c2:1c:c8:
+        e3:b7:f4:10:40:3c:13:c3:5f:1f:53:e8:48:e4:86:b4:7b:a1:
+        35:b0:7b:25:ba:b8:d3:8e:ab:3f:38:9d:00:34:00:98:f3:d1:
+        71:94
+SHA1 Fingerprint=90:AE:A2:69:85:FF:14:80:4C:43:49:52:EC:E9:60:84:77:AF:55:6F
+-----BEGIN CERTIFICATE-----
+MIICPTCCAaYCEQDNun9W8N/kvFT+IqyzcqpVMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
+c3MgMSBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
+NjAxMjkwMDAwMDBaFw0yODA4MDEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
+VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJp
+bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
+jQAwgYkCgYEA5Rm/baNWYS2ZSHH2Z965jeu3noaACpEO+jglr0aIguVzqKCbJF0N
+H8xlbgyw0FaEGIeaBpsQoXPftFg5a27B9hXVqKg/qhIGjTGsf7A01480Z4gJzRQR
+4k5FVmkfeAKA2txHkSm7NsljXMXg1y2He6G3MrB7MLoqLzGq7qNn2tsCAwEAATAN
+BgkqhkiG9w0BAQIFAAOBgQBMP7iLxmjf7kMzDl3ppssHhE16M/+SG/Q2rdiVIjZo
+EWx8QszznC7EBz8UsA9P/5CSdvnivErpj82ggAr3xSnxgiJduLHdgSOjeyUVRjB5
+FvjqBUuUfx3CHMjjt/QQQDwTw18fU+hI5Ia0e6E1sHslurjTjqs/OJ0ANACY89Fx
+lA==
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 0 (0x0)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting, OU=Certification Services Division, CN=Thawte Personal Premium CA/emailAddress=personal-premium@thawte.com
+        Validity
+            Not Before: Jan  1 00:00:00 1996 GMT
+            Not After : Dec 31 23:59:59 2020 GMT
+        Subject: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting, OU=Certification Services Division, CN=Thawte Personal Premium CA/emailAddress=personal-premium@thawte.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:c9:66:d9:f8:07:44:cf:b9:8c:2e:f0:a1:ef:13:
+                    45:6c:05:df:de:27:16:51:36:41:11:6c:6c:3b:ed:
+                    fe:10:7d:12:9e:e5:9b:42:9a:fe:60:31:c3:66:b7:
+                    73:3a:48:ae:4e:d0:32:37:94:88:b5:0d:b6:d9:f3:
+                    f2:44:d9:d5:88:12:dd:76:4d:f2:1a:fc:6f:23:1e:
+                    7a:f1:d8:98:45:4e:07:10:ef:16:42:d0:43:75:6d:
+                    4a:de:e2:aa:c9:31:ff:1f:00:70:7c:66:cf:10:25:
+                    08:ba:fa:ee:00:e9:46:03:66:27:11:15:3b:aa:5b:
+                    f2:98:dd:36:42:b2:da:88:75
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+    Signature Algorithm: md5WithRSAEncryption
+        69:36:89:f7:34:2a:33:72:2f:6d:3b:d4:22:b2:b8:6f:9a:c5:
+        36:66:0e:1b:3c:a1:b1:75:5a:e6:fd:35:d3:f8:a8:f2:07:6f:
+        85:67:8e:de:2b:b9:e2:17:b0:3a:a0:f0:0e:a2:00:9a:df:f3:
+        14:15:6e:bb:c8:85:5a:98:80:f9:ff:be:74:1d:3d:f3:fe:30:
+        25:d1:37:34:67:fa:a5:71:79:30:61:29:72:c0:e0:2c:4c:fb:
+        56:e4:3a:a8:6f:e5:32:59:52:db:75:28:50:59:0c:f8:0b:19:
+        e4:ac:d9:af:96:8d:2f:50:db:07:c3:ea:1f:ab:33:e0:f5:2b:
+        31:89
+SHA1 Fingerprint=36:86:35:63:FD:51:28:C7:BE:A6:F0:05:CF:E9:B4:36:68:08:6C:CE
+-----BEGIN CERTIFICATE-----
+MIIDKTCCApKgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBzzELMAkGA1UEBhMCWkEx
+FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYD
+VQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT
+ZXJ2aWNlcyBEaXZpc2lvbjEjMCEGA1UEAxMaVGhhd3RlIFBlcnNvbmFsIFByZW1p
+dW0gQ0ExKjAoBgkqhkiG9w0BCQEWG3BlcnNvbmFsLXByZW1pdW1AdGhhd3RlLmNv
+bTAeFw05NjAxMDEwMDAwMDBaFw0yMDEyMzEyMzU5NTlaMIHPMQswCQYDVQQGEwJa
+QTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xGjAY
+BgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9u
+IFNlcnZpY2VzIERpdmlzaW9uMSMwIQYDVQQDExpUaGF3dGUgUGVyc29uYWwgUHJl
+bWl1bSBDQTEqMCgGCSqGSIb3DQEJARYbcGVyc29uYWwtcHJlbWl1bUB0aGF3dGUu
+Y29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJZtn4B0TPuYwu8KHvE0Vs
+Bd/eJxZRNkERbGw77f4QfRKe5ZtCmv5gMcNmt3M6SK5O0DI3lIi1DbbZ8/JE2dWI
+Et12TfIa/G8jHnrx2JhFTgcQ7xZC0EN1bUre4qrJMf8fAHB8Zs8QJQi6+u4A6UYD
+ZicRFTuqW/KY3TZCstqIdQIDAQABoxMwETAPBgNVHRMBAf8EBTADAQH/MA0GCSqG
+SIb3DQEBBAUAA4GBAGk2ifc0KjNyL2071CKyuG+axTZmDhs8obF1Wub9NdP4qPIH
+b4Vnjt4rueIXsDqg8A6iAJrf8xQVbrvIhVqYgPn/vnQdPfP+MCXRNzRn+qVxeTBh
+KXLA4CxM+1bkOqhv5TJZUtt1KFBZDPgLGeSs2a+WjS9Q2wfD6h+rM+D1KzGJ
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number: 141 (0x8d)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=US, O=American Express Company, Inc., OU=American Express Technologies, CN=American Express Certificate Authority
+        Validity
+            Not Before: Aug 14 22:01:00 1998 GMT
+            Not After : Aug 14 23:59:00 2006 GMT
+        Subject: C=US, O=American Express Company, Inc., OU=American Express Technologies, CN=American Express Certificate Authority
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:c9:f2:49:92:85:ca:fd:15:29:b5:06:b6:44:ec:
+                    fc:88:a3:f2:86:ce:ff:14:4f:24:1c:92:f9:c2:23:
+                    c1:ce:43:df:5d:34:c8:b8:14:ec:d5:2a:70:91:49:
+                    95:d7:56:cd:94:f1:a9:93:d0:68:22:dc:4d:7d:a0:
+                    0a:72:2a:47:ea:25:f0:85:00:5f:36:54:61:cf:0b:
+                    f9:37:5a:67:9d:e9:1f:e9:64:3f:70:95:61:a7:d0:
+                    30:02:de:26:28:a4:66:03:04:e9:30:fb:8f:33:07:
+                    f9:6f:61:87:a2:72:db:f3:68:78:63:66:59:a9:c9:
+                    b7:66:e1:15:b2:48:36:2c:f9
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: md5WithRSAEncryption
+        68:17:62:b8:73:8b:4c:6c:eb:4a:a5:3e:ab:e5:9d:2e:d2:cd:
+        8a:07:57:f3:c6:59:97:76:17:17:f8:52:8e:27:93:d8:58:d8:
+        28:6c:f4:a2:04:7a:8a:c2:76:24:b1:02:b4:df:28:f2:f7:f3:
+        a8:a7:7e:23:48:61:88:f4:11:68:ae:26:5d:f6:a1:4b:53:25:
+        6a:d8:2a:14:02:0e:e0:87:20:6e:9e:19:5c:73:90:0b:23:e2:
+        31:97:23:3f:d5:22:a2:d3:06:7b:da:37:f5:d7:b5:41:44:17:
+        7a:45:02:d9:85:45:66:d6:8e:c7:f0:7a:0c:99:62:22:69:5b:
+        ed:d2
+SHA1 Fingerprint=AC:99:8F:80:C4:A0:05:F8:6E:F2:A0:AE:48:18:E4:4F:48:9F:F8:7F
+-----BEGIN CERTIFICATE-----
+MIICkDCCAfkCAgCNMA0GCSqGSIb3DQEBBAUAMIGPMQswCQYDVQQGEwJVUzEnMCUG
+A1UEChMeQW1lcmljYW4gRXhwcmVzcyBDb21wYW55LCBJbmMuMSYwJAYDVQQLEx1B
+bWVyaWNhbiBFeHByZXNzIFRlY2hub2xvZ2llczEvMC0GA1UEAxMmQW1lcmljYW4g
+RXhwcmVzcyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNOTgwODE0MjIwMTAwWhcN
+MDYwODE0MjM1OTAwWjCBjzELMAkGA1UEBhMCVVMxJzAlBgNVBAoTHkFtZXJpY2Fu
+IEV4cHJlc3MgQ29tcGFueSwgSW5jLjEmMCQGA1UECxMdQW1lcmljYW4gRXhwcmVz
+cyBUZWNobm9sb2dpZXMxLzAtBgNVBAMTJkFtZXJpY2FuIEV4cHJlc3MgQ2VydGlm
+aWNhdGUgQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJ8kmS
+hcr9FSm1BrZE7PyIo/KGzv8UTyQckvnCI8HOQ99dNMi4FOzVKnCRSZXXVs2U8amT
+0Ggi3E19oApyKkfqJfCFAF82VGHPC/k3Wmed6R/pZD9wlWGn0DAC3iYopGYDBOkw
++48zB/lvYYeictvzaHhjZlmpybdm4RWySDYs+QIDAQABMA0GCSqGSIb3DQEBBAUA
+A4GBAGgXYrhzi0xs60qlPqvlnS7SzYoHV/PGWZd2Fxf4Uo4nk9hY2Chs9KIEeorC
+diSxArTfKPL386infiNIYYj0EWiuJl32oUtTJWrYKhQCDuCHIG6eGVxzkAsj4jGX
+Iz/VIqLTBnvaN/XXtUFEF3pFAtmFRWbWjsfwegyZYiJpW+3S
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number:
+            d0:1e:40:8b:00:00:77:6d:00:00:00:01:00:00:00:04
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=us, ST=Utah, L=Salt Lake City, O=Digital Signature Trust Co., OU=DSTCA X2, CN=DST RootCA X2/emailAddress=ca@digsigtrust.com
+        Validity
+            Not Before: Nov 30 22:46:16 1998 GMT
+            Not After : Nov 27 22:46:16 2008 GMT
+        Subject: C=us, ST=Utah, L=Salt Lake City, O=Digital Signature Trust Co., OU=DSTCA X2, CN=DST RootCA X2/emailAddress=ca@digsigtrust.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (2048 bit)
+                Modulus (2048 bit):
+                    00:dc:75:f0:8c:c0:75:96:9a:c0:62:1f:26:f7:c4:
+                    e1:9a:ea:e0:56:73:5b:99:cd:01:44:a8:08:b6:d5:
+                    a7:da:1a:04:18:39:92:4a:78:a3:81:c2:f5:77:7a:
+                    50:b4:70:ff:9a:ab:c6:c7:ca:6e:83:4f:42:98:fb:
+                    26:0b:da:dc:6d:d6:a9:99:55:52:67:e9:28:03:92:
+                    dc:e5:b0:05:9a:0f:15:f9:6b:59:72:56:f2:fa:39:
+                    fc:aa:68:ee:0f:1f:10:83:2f:fc:9d:fa:17:96:dd:
+                    82:e3:e6:45:7d:c0:4b:80:44:1f:ed:2c:e0:84:fd:
+                    91:5c:92:54:69:25:e5:62:69:dc:e5:ee:00:52:bd:
+                    33:0b:ad:75:02:85:a7:64:50:2d:c5:19:19:30:c0:
+                    26:db:c9:d3:fd:2e:99:ad:59:b5:0b:4d:d4:41:ae:
+                    85:48:43:59:dc:b7:a8:e2:a2:de:c3:8f:d7:b8:a1:
+                    62:a6:68:50:52:e4:cf:31:a7:94:85:da:9f:46:32:
+                    17:56:e5:f2:eb:66:3d:12:ff:43:db:98:ef:77:cf:
+                    cb:81:8d:34:b1:c6:50:4a:26:d1:e4:3e:41:50:af:
+                    6c:ae:22:34:2e:d5:6b:6e:83:ba:79:b8:76:65:48:
+                    da:09:29:64:63:22:b9:fb:47:76:85:8c:86:44:cb:
+                    09:db
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: sha1WithRSAEncryption
+        b5:36:0e:5d:e1:61:28:5a:11:65:c0:3f:83:03:79:4d:be:28:
+        a6:0b:07:02:52:85:cd:f8:91:d0:10:6c:b5:6a:20:5b:1c:90:
+        d9:30:3c:c6:48:9e:8a:5e:64:f9:a1:71:77:ef:04:27:1f:07:
+        eb:e4:26:f7:73:74:c9:44:18:1a:66:d3:e0:43:af:91:3b:d1:
+        cb:2c:d8:74:54:3a:1c:4d:ca:d4:68:cd:23:7c:1d:10:9e:45:
+        e9:f6:00:6e:a6:cd:19:ff:4f:2c:29:8f:57:4d:c4:77:92:be:
+        e0:4c:09:fb:5d:44:86:66:21:a8:b9:32:a2:56:d5:e9:8c:83:
+        7c:59:3f:c4:f1:0b:e7:9d:ec:9e:bd:9c:18:0e:3e:c2:39:79:
+        28:b7:03:0d:08:cb:c6:e7:d9:01:37:50:10:ec:cc:61:16:40:
+        d4:af:31:74:7b:fc:3f:31:a7:d0:47:73:33:39:1b:cc:4e:6a:
+        d7:49:83:11:06:fe:eb:82:58:33:32:4c:f0:56:ac:1e:9c:2f:
+        56:9a:7b:c1:4a:1c:a5:fd:55:36:ce:fc:96:4d:f4:b0:f0:ec:
+        b7:6c:82:ed:2f:31:99:42:4c:a9:b2:0d:b8:15:5d:f1:df:ba:
+        c9:b5:4a:d4:64:98:b3:26:a9:30:c8:fd:a6:ec:ab:96:21:ad:
+        7f:c2:78:b6
+SHA1 Fingerprint=67:EB:33:7B:68:4C:EB:0E:C2:B0:76:0A:B4:88:27:8C:DD:95:97:DD
+-----BEGIN CERTIFICATE-----
+MIID2DCCAsACEQDQHkCLAAB3bQAAAAEAAAAEMA0GCSqGSIb3DQEBBQUAMIGpMQsw
+CQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMOU2FsdCBMYWtlIENp
+dHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjERMA8GA1UE
+CxMIRFNUQ0EgWDIxFjAUBgNVBAMTDURTVCBSb290Q0EgWDIxITAfBgkqhkiG9w0B
+CQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTAeFw05ODExMzAyMjQ2MTZaFw0wODExMjcy
+MjQ2MTZaMIGpMQswCQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMO
+U2FsdCBMYWtlIENpdHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0
+IENvLjERMA8GA1UECxMIRFNUQ0EgWDIxFjAUBgNVBAMTDURTVCBSb290Q0EgWDIx
+ITAfBgkqhkiG9w0BCQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANx18IzAdZaawGIfJvfE4Zrq4FZzW5nNAUSoCLbV
+p9oaBBg5kkp4o4HC9Xd6ULRw/5qrxsfKboNPQpj7Jgva3G3WqZlVUmfpKAOS3OWw
+BZoPFflrWXJW8vo5/Kpo7g8fEIMv/J36F5bdguPmRX3AS4BEH+0s4IT9kVySVGkl
+5WJp3OXuAFK9MwutdQKFp2RQLcUZGTDAJtvJ0/0uma1ZtQtN1EGuhUhDWdy3qOKi
+3sOP17ihYqZoUFLkzzGnlIXan0YyF1bl8utmPRL/Q9uY73fPy4GNNLHGUEom0eQ+
+QVCvbK4iNC7Va26Dunm4dmVI2gkpZGMiuftHdoWMhkTLCdsCAwEAATANBgkqhkiG
+9w0BAQUFAAOCAQEAtTYOXeFhKFoRZcA/gwN5Tb4opgsHAlKFzfiR0BBstWogWxyQ
+2TA8xkieil5k+aFxd+8EJx8H6+Qm93N0yUQYGmbT4EOvkTvRyyzYdFQ6HE3K1GjN
+I3wdEJ5F6fYAbqbNGf9PLCmPV03Ed5K+4EwJ+11EhmYhqLkyolbV6YyDfFk/xPEL
+553snr2cGA4+wjl5KLcDDQjLxufZATdQEOzMYRZA1K8xdHv8PzGn0EdzMzkbzE5q
+10mDEQb+64JYMzJM8FasHpwvVpp7wUocpf1VNs78lk30sPDst2yC7S8xmUJMqbIN
+uBVd8d+6ybVK1GSYsyapMMj9puyrliGtf8J4tg==
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number: 421 (0x1a5)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
+        Validity
+            Not Before: Aug 13 00:29:00 1998 GMT
+            Not After : Aug 13 23:59:00 2018 GMT
+        Subject: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:95:0f:a0:b6:f0:50:9c:e8:7a:c7:88:cd:dd:17:
+                    0e:2e:b0:94:d0:1b:3d:0e:f6:94:c0:8a:94:c7:06:
+                    c8:90:97:c8:b8:64:1a:7a:7e:6c:3c:53:e1:37:28:
+                    73:60:7f:b2:97:53:07:9f:53:f9:6d:58:94:d2:af:
+                    8d:6d:88:67:80:e6:ed:b2:95:cf:72:31:ca:a5:1c:
+                    72:ba:5c:02:e7:64:42:e7:f9:a9:2c:d6:3a:0d:ac:
+                    8d:42:aa:24:01:39:e6:9c:3f:01:85:57:0d:58:87:
+                    45:f8:d3:85:aa:93:69:26:85:70:48:80:3f:12:15:
+                    c7:79:b4:1f:05:2f:3b:62:99
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: md5WithRSAEncryption
+        6d:eb:1b:09:e9:5e:d9:51:db:67:22:61:a4:2a:3c:48:77:e3:
+        a0:7c:a6:de:73:a2:14:03:85:3d:fb:ab:0e:30:c5:83:16:33:
+        81:13:08:9e:7b:34:4e:df:40:c8:74:d7:b9:7d:dc:f4:76:55:
+        7d:9b:63:54:18:e9:f0:ea:f3:5c:b1:d9:8b:42:1e:b9:c0:95:
+        4e:ba:fa:d5:e2:7c:f5:68:61:bf:8e:ec:05:97:5f:5b:b0:d7:
+        a3:85:34:c4:24:a7:0d:0f:95:93:ef:cb:94:d8:9e:1f:9d:5c:
+        85:6d:c7:aa:ae:4f:1f:22:b5:cd:95:ad:ba:a7:cc:f9:ab:0b:
+        7a:7f
+SHA1 Fingerprint=97:81:79:50:D8:1C:96:70:CC:34:D8:09:CF:79:44:31:36:7E:F4:74
+-----BEGIN CERTIFICATE-----
+MIICWjCCAcMCAgGlMA0GCSqGSIb3DQEBBAUAMHUxCzAJBgNVBAYTAlVTMRgwFgYD
+VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv
+bHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJv
+b3QwHhcNOTgwODEzMDAyOTAwWhcNMTgwODEzMjM1OTAwWjB1MQswCQYDVQQGEwJV
+UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
+cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
+b2JhbCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVD6C28FCc6HrH
+iM3dFw4usJTQGz0O9pTAipTHBsiQl8i4ZBp6fmw8U+E3KHNgf7KXUwefU/ltWJTS
+r41tiGeA5u2ylc9yMcqlHHK6XALnZELn+aks1joNrI1CqiQBOeacPwGFVw1Yh0X4
+04Wqk2kmhXBIgD8SFcd5tB8FLztimQIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAG3r
+GwnpXtlR22ciYaQqPEh346B8pt5zohQDhT37qw4wxYMWM4ETCJ57NE7fQMh017l9
+3PR2VX2bY1QY6fDq81yx2YtCHrnAlU66+tXifPVoYb+O7AWXX1uw16OFNMQkpw0P
+lZPvy5TYnh+dXIVtx6quTx8itc2VrbqnzPmrC3p/
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 913220207 (0x366ea26f)
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, O=Digital Signature Trust Co., OU=DST (ANX Network) CA
+        Validity
+            Not Before: Dec  9 15:46:48 1998 GMT
+            Not After : Dec  9 16:16:48 2018 GMT
+        Subject: C=US, O=Digital Signature Trust Co., OU=DST (ANX Network) CA
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:b4:48:11:80:58:a0:d5:a5:99:0f:f6:37:2c:44:
+                    b6:6e:d1:7c:f3:2a:6b:9e:11:b6:88:23:04:5c:71:
+                    25:9e:6a:12:77:11:6e:bf:68:39:65:a8:f6:b2:f6:
+                    a2:18:b2:89:15:a0:67:b7:7a:8c:22:48:6b:f6:84:
+                    34:1f:b6:ca:f7:1b:72:cb:f2:5b:48:d3:87:1e:22:
+                    76:13:04:b4:ac:6c:96:7f:e7:0e:08:c9:32:51:30:
+                    2d:d5:80:e8:21:67:ba:f3:5e:08:24:2c:07:59:9d:
+                    90:1a:ee:46:c9:b5:a4:1e:96:b4:41:91:d4:7f:d2:
+                    8d:38:26:b0:6f:43:6e:09:7d
+                Exponent: 3 (0x3)
+        X509v3 extensions:
+            Netscape Cert Type: 
+                SSL CA, S/MIME CA, Object Signing CA
+            X509v3 CRL Distribution Points: 
+                DirName:/C=US/O=Digital Signature Trust Co./OU=DST (ANX Network) CA/CN=CRL1
+
+            X509v3 Private Key Usage Period: 
+                Not Before: Dec  9 15:46:48 1998 GMT, Not After: Dec  9 15:46:48 2018 GMT
+            X509v3 Key Usage: 
+                Certificate Sign, CRL Sign
+            X509v3 Authority Key Identifier: 
+                keyid:8C:16:55:70:CC:16:0A:53:64:C2:A5:84:AA:B3:64:17:43:3F:82:36
+
+            X509v3 Subject Key Identifier: 
+                8C:16:55:70:CC:16:0A:53:64:C2:A5:84:AA:B3:64:17:43:3F:82:36
+            X509v3 Basic Constraints: 
+                CA:TRUE
+            1.2.840.113533.7.65.0: 
+                0
+..V4.0....
+    Signature Algorithm: sha1WithRSAEncryption
+        49:25:c9:60:b1:0c:5f:a9:39:10:d3:c5:34:55:7d:cf:79:c3:
+        29:eb:de:f9:c2:40:f9:e8:56:c5:f0:2f:ec:f4:d9:ec:48:51:
+        b8:63:38:5e:93:6e:18:96:85:b9:ca:50:9c:a4:b8:ea:66:26:
+        68:93:85:6f:6f:4c:71:d0:be:7a:0b:3c:31:b9:f7:be:69:9e:
+        10:d7:d1:40:e8:ac:16:71:ab:ae:ab:38:e1:70:b1:ca:92:16:
+        e0:5d:85:a6:18:80:06:00:9c:e1:a6:18:42:51:a7:68:68:59:
+        ef:26:94:5f:ad:31:0c:fe:29:1e:17:01:84:37:5b:e8:12:32:
+        a3:5d
+SHA1 Fingerprint=76:39:C7:18:47:E1:51:B5:C7:EA:01:C7:58:FB:F1:2A:BA:29:8F:7A
+-----BEGIN CERTIFICATE-----
+MIIDTTCCAragAwIBAgIENm6ibzANBgkqhkiG9w0BAQUFADBSMQswCQYDVQQGEwJV
+UzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMR0wGwYDVQQL
+ExREU1QgKEFOWCBOZXR3b3JrKSBDQTAeFw05ODEyMDkxNTQ2NDhaFw0xODEyMDkx
+NjE2NDhaMFIxCzAJBgNVBAYTAlVTMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVy
+ZSBUcnVzdCBDby4xHTAbBgNVBAsTFERTVCAoQU5YIE5ldHdvcmspIENBMIGdMA0G
+CSqGSIb3DQEBAQUAA4GLADCBhwKBgQC0SBGAWKDVpZkP9jcsRLZu0XzzKmueEbaI
+IwRccSWeahJ3EW6/aDllqPay9qIYsokVoGe3eowiSGv2hDQftsr3G3LL8ltI04ce
+InYTBLSsbJZ/5w4IyTJRMC3VgOghZ7rzXggkLAdZnZAa7kbJtaQelrRBkdR/0o04
+JrBvQ24JfQIBA6OCATAwggEsMBEGCWCGSAGG+EIBAQQEAwIABzB0BgNVHR8EbTBr
+MGmgZ6BlpGMwYTELMAkGA1UEBhMCVVMxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0
+dXJlIFRydXN0IENvLjEdMBsGA1UECxMURFNUIChBTlggTmV0d29yaykgQ0ExDTAL
+BgNVBAMTBENSTDEwKwYDVR0QBCQwIoAPMTk5ODEyMDkxNTQ2NDhagQ8yMDE4MTIw
+OTE1NDY0OFowCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFIwWVXDMFgpTZMKlhKqz
+ZBdDP4I2MB0GA1UdDgQWBBSMFlVwzBYKU2TCpYSqs2QXQz+CNjAMBgNVHRMEBTAD
+AQH/MBkGCSqGSIb2fQdBAAQMMAobBFY0LjADAgSQMA0GCSqGSIb3DQEBBQUAA4GB
+AEklyWCxDF+pORDTxTRVfc95wynr3vnCQPnoVsXwL+z02exIUbhjOF6TbhiWhbnK
+UJykuOpmJmiThW9vTHHQvnoLPDG5975pnhDX0UDorBZxq66rOOFwscqSFuBdhaYY
+gAYAnOGmGEJRp2hoWe8mlF+tMQz+KR4XAYQ3W+gSMqNd
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1003 (0x3eb)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=DE, ST=Hamburg, L=Hamburg, O=TC TrustCenter for Security in Data Networks GmbH, OU=TC TrustCenter Class 3 CA/emailAddress=certificate@trustcenter.de
+        Validity
+            Not Before: Mar  9 11:59:59 1998 GMT
+            Not After : Jan  1 11:59:59 2011 GMT
+        Subject: C=DE, ST=Hamburg, L=Hamburg, O=TC TrustCenter for Security in Data Networks GmbH, OU=TC TrustCenter Class 3 CA/emailAddress=certificate@trustcenter.de
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:b6:b4:c1:35:05:2e:0d:8d:ec:a0:40:6a:1c:0e:
+                    27:a6:50:92:6b:50:1b:07:de:2e:e7:76:cc:e0:da:
+                    fc:84:a8:5e:8c:63:6a:2b:4d:d9:4e:02:76:11:c1:
+                    0b:f2:8d:79:ca:00:b6:f1:b0:0e:d7:fb:a4:17:3d:
+                    af:ab:69:7a:96:27:bf:af:33:a1:9a:2a:59:aa:c4:
+                    b5:37:08:f2:12:a5:31:b6:43:f5:32:96:71:28:28:
+                    ab:8d:28:86:df:bb:ee:e3:0c:7d:30:d6:c3:52:ab:
+                    8f:5d:27:9c:6b:c0:a3:e7:05:6b:57:49:44:b3:6e:
+                    ea:64:cf:d2:8e:7a:50:77:77
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+            X509v3 Key Usage: critical
+                Digital Signature, Certificate Sign, CRL Sign
+            Netscape CA Policy Url: 
+                http://www.trustcenter.de/guidelines
+            Netscape Cert Type: 
+                SSL CA, S/MIME CA, Object Signing CA
+    Signature Algorithm: md5WithRSAEncryption
+        16:3d:c6:cd:c1:bb:85:71:85:46:9f:3e:20:8f:51:28:99:ec:
+        2d:45:21:63:23:5b:04:bb:4c:90:b8:88:92:04:4d:bd:7d:01:
+        a3:3f:f6:ec:ce:f1:de:fe:7d:e5:e1:3e:bb:c6:ab:5e:0b:dd:
+        3d:96:c4:cb:a9:d4:f9:26:e6:06:4e:9e:0c:a5:7a:ba:6e:c3:
+        7c:82:19:d1:c7:b1:b1:c3:db:0d:8e:9b:40:7c:37:0b:f1:5d:
+        e8:fd:1f:90:88:a5:0e:4e:37:64:21:a8:4e:8d:b4:9f:f1:de:
+        48:ad:d5:56:18:52:29:8b:47:34:12:09:d4:bb:92:35:ef:0f:
+        db:34
+SHA1 Fingerprint=9F:C7:96:E8:F8:52:4F:86:3A:E1:49:6D:38:12:42:10:5F:1B:78:F5
+-----BEGIN CERTIFICATE-----
+MIIDXDCCAsWgAwIBAgICA+swDQYJKoZIhvcNAQEEBQAwgbwxCzAJBgNVBAYTAkRF
+MRAwDgYDVQQIEwdIYW1idXJnMRAwDgYDVQQHEwdIYW1idXJnMTowOAYDVQQKEzFU
+QyBUcnVzdENlbnRlciBmb3IgU2VjdXJpdHkgaW4gRGF0YSBOZXR3b3JrcyBHbWJI
+MSIwIAYDVQQLExlUQyBUcnVzdENlbnRlciBDbGFzcyAzIENBMSkwJwYJKoZIhvcN
+AQkBFhpjZXJ0aWZpY2F0ZUB0cnVzdGNlbnRlci5kZTAeFw05ODAzMDkxMTU5NTla
+Fw0xMTAxMDExMTU5NTlaMIG8MQswCQYDVQQGEwJERTEQMA4GA1UECBMHSGFtYnVy
+ZzEQMA4GA1UEBxMHSGFtYnVyZzE6MDgGA1UEChMxVEMgVHJ1c3RDZW50ZXIgZm9y
+IFNlY3VyaXR5IGluIERhdGEgTmV0d29ya3MgR21iSDEiMCAGA1UECxMZVEMgVHJ1
+c3RDZW50ZXIgQ2xhc3MgMyBDQTEpMCcGCSqGSIb3DQEJARYaY2VydGlmaWNhdGVA
+dHJ1c3RjZW50ZXIuZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALa0wTUF
+Lg2N7KBAahwOJ6ZQkmtQGwfeLud2zODa/ISoXoxjaitN2U4CdhHBC/KNecoAtvGw
+Dtf7pBc9r6tpepYnv68zoZoqWarEtTcI8hKlMbZD9TKWcSgoq40oht+77uMMfTDW
+w1Krj10nnGvAo+cFa1dJRLNu6mTP0o56UHd3AgMBAAGjazBpMA8GA1UdEwEB/wQF
+MAMBAf8wDgYDVR0PAQH/BAQDAgGGMDMGCWCGSAGG+EIBCAQmFiRodHRwOi8vd3d3
+LnRydXN0Y2VudGVyLmRlL2d1aWRlbGluZXMwEQYJYIZIAYb4QgEBBAQDAgAHMA0G
+CSqGSIb3DQEBBAUAA4GBABY9xs3Bu4VxhUafPiCPUSiZ7C1FIWMjWwS7TJC4iJIE
+Tb19AaM/9uzO8d7+feXhPrvGq14L3T2WxMup1Pkm5gZOngylerpuw3yCGdHHsbHD
+2w2Om0B8NwvxXej9H5CIpQ5ON2QhqE6NtJ/x3kit1VYYUimLRzQSCdS7kjXvD9s0
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 903804111 (0x35def4cf)
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, O=Equifax, OU=Equifax Secure Certificate Authority
+        Validity
+            Not Before: Aug 22 16:41:51 1998 GMT
+            Not After : Aug 22 16:41:51 2018 GMT
+        Subject: C=US, O=Equifax, OU=Equifax Secure Certificate Authority
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:c1:5d:b1:58:67:08:62:ee:a0:9a:2d:1f:08:6d:
+                    91:14:68:98:0a:1e:fe:da:04:6f:13:84:62:21:c3:
+                    d1:7c:ce:9f:05:e0:b8:01:f0:4e:34:ec:e2:8a:95:
+                    04:64:ac:f1:6b:53:5f:05:b3:cb:67:80:bf:42:02:
+                    8e:fe:dd:01:09:ec:e1:00:14:4f:fc:fb:f0:0c:dd:
+                    43:ba:5b:2b:e1:1f:80:70:99:15:57:93:16:f1:0f:
+                    97:6a:b7:c2:68:23:1c:cc:4d:59:30:ac:51:1e:3b:
+                    af:2b:d6:ee:63:45:7b:c5:d9:5f:50:d2:e3:50:0f:
+                    3a:88:e7:bf:14:fd:e0:c7:b9
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 CRL Distribution Points: 
+                DirName:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority/CN=CRL1
+
+            X509v3 Private Key Usage Period: 
+                Not After: Aug 22 16:41:51 2018 GMT
+            X509v3 Key Usage: 
+                Certificate Sign, CRL Sign
+            X509v3 Authority Key Identifier: 
+                keyid:48:E6:68:F9:2B:D2:B2:95:D7:47:D8:23:20:10:4F:33:98:90:9F:D4
+
+            X509v3 Subject Key Identifier: 
+                48:E6:68:F9:2B:D2:B2:95:D7:47:D8:23:20:10:4F:33:98:90:9F:D4
+            X509v3 Basic Constraints: 
+                CA:TRUE
+            1.2.840.113533.7.65.0: 
+                0...V3.0c....
+    Signature Algorithm: sha1WithRSAEncryption
+        58:ce:29:ea:fc:f7:de:b5:ce:02:b9:17:b5:85:d1:b9:e3:e0:
+        95:cc:25:31:0d:00:a6:92:6e:7f:b6:92:63:9e:50:95:d1:9a:
+        6f:e4:11:de:63:85:6e:98:ee:a8:ff:5a:c8:d3:55:b2:66:71:
+        57:de:c0:21:eb:3d:2a:a7:23:49:01:04:86:42:7b:fc:ee:7f:
+        a2:16:52:b5:67:67:d3:40:db:3b:26:58:b2:28:77:3d:ae:14:
+        77:61:d6:fa:2a:66:27:a0:0d:fa:a7:73:5c:ea:70:f1:94:21:
+        65:44:5f:fa:fc:ef:29:68:a9:a2:87:79:ef:79:ef:4f:ac:07:
+        77:38
+SHA1 Fingerprint=D2:32:09:AD:23:D3:14:23:21:74:E4:0D:7F:9D:62:13:97:86:63:3A
+-----BEGIN CERTIFICATE-----
+MIIDIDCCAomgAwIBAgIENd70zzANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJV
+UzEQMA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2Vy
+dGlmaWNhdGUgQXV0aG9yaXR5MB4XDTk4MDgyMjE2NDE1MVoXDTE4MDgyMjE2NDE1
+MVowTjELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0VxdWlmYXgxLTArBgNVBAsTJEVx
+dWlmYXggU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eTCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEAwV2xWGcIYu6gmi0fCG2RFGiYCh7+2gRvE4RiIcPRfM6f
+BeC4AfBONOziipUEZKzxa1NfBbPLZ4C/QgKO/t0BCezhABRP/PvwDN1Dulsr4R+A
+cJkVV5MW8Q+XarfCaCMczE1ZMKxRHjuvK9buY0V7xdlfUNLjUA86iOe/FP3gx7kC
+AwEAAaOCAQkwggEFMHAGA1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2VydGlm
+aWNhdGUgQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIwMTgw
+ODIyMTY0MTUxWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUSOZo+SvSspXXR9gj
+IBBPM5iQn9QwHQYDVR0OBBYEFEjmaPkr0rKV10fYIyAQTzOYkJ/UMAwGA1UdEwQF
+MAMBAf8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUA
+A4GBAFjOKer89961zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y
+7qj/WsjTVbJmcVfewCHrPSqnI0kBBIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2uFHdh
+1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee9570+sB3c4
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 0 (0x0)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=support@cacert.org
+        Validity
+            Not Before: Mar 30 12:29:49 2003 GMT
+            Not After : Mar 29 12:29:49 2033 GMT
+        Subject: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=support@cacert.org
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (4096 bit)
+                Modulus (4096 bit):
+                    00:ce:22:c0:e2:46:7d:ec:36:28:07:50:96:f2:a0:
+                    33:40:8c:4b:f1:3b:66:3f:31:e5:6b:02:36:db:d6:
+                    7c:f6:f1:88:8f:4e:77:36:05:41:95:f9:09:f0:12:
+                    cf:46:86:73:60:b7:6e:7e:e8:c0:58:64:ae:cd:b0:
+                    ad:45:17:0c:63:fa:67:0a:e8:d6:d2:bf:3e:e7:98:
+                    c4:f0:4c:fa:e0:03:bb:35:5d:6c:21:de:9e:20:d9:
+                    ba:cd:66:32:37:72:fa:f7:08:f5:c7:cd:58:c9:8e:
+                    e7:0e:5e:ea:3e:fe:1c:a1:14:0a:15:6c:86:84:5b:
+                    64:66:2a:7a:a9:4b:53:79:f5:88:a2:7b:ee:2f:0a:
+                    61:2b:8d:b2:7e:4d:56:a5:13:ec:ea:da:92:9e:ac:
+                    44:41:1e:58:60:65:05:66:f8:c0:44:bd:cb:94:f7:
+                    42:7e:0b:f7:65:68:98:51:05:f0:f3:05:91:04:1d:
+                    1b:17:82:ec:c8:57:bb:c3:6b:7a:88:f1:b0:72:cc:
+                    25:5b:20:91:ec:16:02:12:8f:32:e9:17:18:48:d0:
+                    c7:05:2e:02:30:42:b8:25:9c:05:6b:3f:aa:3a:a7:
+                    eb:53:48:f7:e8:d2:b6:07:98:dc:1b:c6:34:7f:7f:
+                    c9:1c:82:7a:05:58:2b:08:5b:f3:38:a2:ab:17:5d:
+                    66:c9:98:d7:9e:10:8b:a2:d2:dd:74:9a:f7:71:0c:
+                    72:60:df:cd:6f:98:33:9d:96:34:76:3e:24:7a:92:
+                    b0:0e:95:1e:6f:e6:a0:45:38:47:aa:d7:41:ed:4a:
+                    b7:12:f6:d7:1b:83:8a:0f:2e:d8:09:b6:59:d7:aa:
+                    04:ff:d2:93:7d:68:2e:dd:8b:4b:ab:58:ba:2f:8d:
+                    ea:95:a7:a0:c3:54:89:a5:fb:db:8b:51:22:9d:b2:
+                    c3:be:11:be:2c:91:86:8b:96:78:ad:20:d3:8a:2f:
+                    1a:3f:c6:d0:51:65:87:21:b1:19:01:65:7f:45:1c:
+                    87:f5:7c:d0:41:4c:4f:29:98:21:fd:33:1f:75:0c:
+                    04:51:fa:19:77:db:d4:14:1c:ee:81:c3:1d:f5:98:
+                    b7:69:06:91:22:dd:00:50:cc:81:31:ac:12:07:7b:
+                    38:da:68:5b:e6:2b:d4:7e:c9:5f:ad:e8:eb:72:4c:
+                    f3:01:e5:4b:20:bf:9a:a6:57:ca:91:00:01:8b:a1:
+                    75:21:37:b5:63:0d:67:3e:46:4f:70:20:67:ce:c5:
+                    d6:59:db:02:e0:f0:d2:cb:cd:ba:62:b7:90:41:e8:
+                    dd:20:e4:29:bc:64:29:42:c8:22:dc:78:9a:ff:43:
+                    ec:98:1b:09:51:4b:5a:5a:c2:71:f1:c4:cb:73:a9:
+                    e5:a1:0b
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                16:B5:32:1B:D4:C7:F3:E0:E6:8E:F3:BD:D2:B0:3A:EE:B2:39:18:D1
+            X509v3 Authority Key Identifier: 
+                keyid:16:B5:32:1B:D4:C7:F3:E0:E6:8E:F3:BD:D2:B0:3A:EE:B2:39:18:D1
+                DirName:/O=Root CA/OU=http://www.cacert.org/CN=CA Cert Signing Authority/emailAddress=support@cacert.org
+                serial:00
+
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+            X509v3 CRL Distribution Points: 
+                URI:https://www.cacert.org/revoke.crl
+
+            Netscape CA Revocation Url: 
+                https://www.cacert.org/revoke.crl
+            Netscape CA Policy Url: 
+                http://www.cacert.org/index.php?id=10
+            Netscape Comment: 
+                To get your own certificate for FREE head over to http://www.cacert.org
+    Signature Algorithm: md5WithRSAEncryption
+        28:c7:ee:9c:82:02:ba:5c:80:12:ca:35:0a:1d:81:6f:89:6a:
+        99:cc:f2:68:0f:7f:a7:e1:8d:58:95:3e:bd:f2:06:c3:90:5a:
+        ac:b5:60:f6:99:43:01:a3:88:70:9c:9d:62:9d:a4:87:af:67:
+        58:0d:30:36:3b:e6:ad:48:d3:cb:74:02:86:71:3e:e2:2b:03:
+        68:f1:34:62:40:46:3b:53:ea:28:f4:ac:fb:66:95:53:8a:4d:
+        5d:fd:3b:d9:60:d7:ca:79:69:3b:b1:65:92:a6:c6:81:82:5c:
+        9c:cd:eb:4d:01:8a:a5:df:11:55:aa:15:ca:1f:37:c0:82:98:
+        70:61:db:6a:7c:96:a3:8e:2e:54:3e:4f:21:a9:90:ef:dc:82:
+        bf:dc:e8:45:ad:4d:90:73:08:3c:94:65:b0:04:99:76:7f:e2:
+        bc:c2:6a:15:aa:97:04:37:24:d8:1e:94:4e:6d:0e:51:be:d6:
+        c4:8f:ca:96:6d:f7:43:df:e8:30:65:27:3b:7b:bb:43:43:63:
+        c4:43:f7:b2:ec:68:cc:e1:19:8e:22:fb:98:e1:7b:5a:3e:01:
+        37:3b:8b:08:b0:a2:f3:95:4e:1a:cb:9b:cd:9a:b1:db:b2:70:
+        f0:2d:4a:db:d8:b0:e3:6f:45:48:33:12:ff:fe:3c:32:2a:54:
+        f7:c4:f7:8a:f0:88:23:c2:47:fe:64:7a:71:c0:d1:1e:a6:63:
+        b0:07:7e:a4:2f:d3:01:8f:dc:9f:2b:b6:c6:08:a9:0f:93:48:
+        25:fc:12:fd:9f:42:dc:f3:c4:3e:f6:57:b0:d7:dd:69:d1:06:
+        77:34:0a:4b:d2:ca:a0:ff:1c:c6:8c:c9:16:be:c4:cc:32:37:
+        68:73:5f:08:fb:51:f7:49:53:36:05:0a:95:02:4c:f2:79:1a:
+        10:f6:d8:3a:75:9c:f3:1d:f1:a2:0d:70:67:86:1b:b3:16:f5:
+        2f:e5:a4:eb:79:86:f9:3d:0b:c2:73:0b:a5:99:ac:6f:fc:67:
+        b8:e5:2f:0b:a6:18:24:8d:7b:d1:48:35:29:18:40:ac:93:60:
+        e1:96:86:50:b4:7a:59:d8:8f:21:0b:9f:cf:82:91:c6:3b:bf:
+        6b:dc:07:91:b9:97:56:23:aa:b6:6c:94:c6:48:06:3c:e4:ce:
+        4e:aa:e4:f6:2f:09:dc:53:6f:2e:fc:74:eb:3a:63:99:c2:a6:
+        ac:89:bc:a7:b2:44:a0:0d:8a:10:e3:6c:f2:24:cb:fa:9b:9f:
+        70:47:2e:de:14:8b:d4:b2:20:09:96:a2:64:f1:24:1c:dc:a1:
+        35:9c:15:b2:d4:bc:55:2e:7d:06:f5:9c:0e:55:f4:5a:d6:93:
+        da:76:ad:25:73:4c:c5:43
+SHA1 Fingerprint=13:5C:EC:36:F4:9C:B8:E9:3B:1A:B2:70:CD:80:88:46:76:CE:8F:33
+-----BEGIN CERTIFICATE-----
+MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290
+IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB
+IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA
+Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO
+BgNVBAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEi
+MCAGA1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJ
+ARYSc3VwcG9ydEBjYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
+CgKCAgEAziLA4kZ97DYoB1CW8qAzQIxL8TtmPzHlawI229Z89vGIj053NgVBlfkJ
+8BLPRoZzYLdufujAWGSuzbCtRRcMY/pnCujW0r8+55jE8Ez64AO7NV1sId6eINm6
+zWYyN3L69wj1x81YyY7nDl7qPv4coRQKFWyGhFtkZip6qUtTefWIonvuLwphK42y
+fk1WpRPs6tqSnqxEQR5YYGUFZvjARL3LlPdCfgv3ZWiYUQXw8wWRBB0bF4LsyFe7
+w2t6iPGwcswlWyCR7BYCEo8y6RcYSNDHBS4CMEK4JZwFaz+qOqfrU0j36NK2B5jc
+G8Y0f3/JHIJ6BVgrCFvzOKKrF11myZjXnhCLotLddJr3cQxyYN/Nb5gznZY0dj4k
+epKwDpUeb+agRThHqtdB7Uq3EvbXG4OKDy7YCbZZ16oE/9KTfWgu3YtLq1i6L43q
+laegw1SJpfvbi1EinbLDvhG+LJGGi5Z4rSDTii8aP8bQUWWHIbEZAWV/RRyH9XzQ
+QUxPKZgh/TMfdQwEUfoZd9vUFBzugcMd9Zi3aQaRIt0AUMyBMawSB3s42mhb5ivU
+fslfrejrckzzAeVLIL+aplfKkQABi6F1ITe1Yw1nPkZPcCBnzsXWWdsC4PDSy826
+YreQQejdIOQpvGQpQsgi3Hia/0PsmBsJUUtaWsJx8cTLc6nloQsCAwEAAaOCAc4w
+ggHKMB0GA1UdDgQWBBQWtTIb1Mfz4OaO873SsDrusjkY0TCBowYDVR0jBIGbMIGY
+gBQWtTIb1Mfz4OaO873SsDrusjkY0aF9pHsweTEQMA4GA1UEChMHUm9vdCBDQTEe
+MBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0
+IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2Vy
+dC5vcmeCAQAwDwYDVR0TAQH/BAUwAwEB/zAyBgNVHR8EKzApMCegJaAjhiFodHRw
+czovL3d3dy5jYWNlcnQub3JnL3Jldm9rZS5jcmwwMAYJYIZIAYb4QgEEBCMWIWh0
+dHBzOi8vd3d3LmNhY2VydC5vcmcvcmV2b2tlLmNybDA0BglghkgBhvhCAQgEJxYl
+aHR0cDovL3d3dy5jYWNlcnQub3JnL2luZGV4LnBocD9pZD0xMDBWBglghkgBhvhC
+AQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRlIGZvciBGUkVFIGhlYWQg
+b3ZlciB0byBodHRwOi8vd3d3LmNhY2VydC5vcmcwDQYJKoZIhvcNAQEEBQADggIB
+ACjH7pyCArpcgBLKNQodgW+JapnM8mgPf6fhjViVPr3yBsOQWqy1YPaZQwGjiHCc
+nWKdpIevZ1gNMDY75q1I08t0AoZxPuIrA2jxNGJARjtT6ij0rPtmlVOKTV39O9lg
+18p5aTuxZZKmxoGCXJzN600BiqXfEVWqFcofN8CCmHBh22p8lqOOLlQ+TyGpkO/c
+gr/c6EWtTZBzCDyUZbAEmXZ/4rzCahWqlwQ3JNgelE5tDlG+1sSPypZt90Pf6DBl
+Jzt7u0NDY8RD97LsaMzhGY4i+5jhe1o+ATc7iwiwovOVThrLm82asduycPAtStvY
+sONvRUgzEv/+PDIqVPfE94rwiCPCR/5kenHA0R6mY7AHfqQv0wGP3J8rtsYIqQ+T
+SCX8Ev2fQtzzxD72V7DX3WnRBnc0CkvSyqD/HMaMyRa+xMwyN2hzXwj7UfdJUzYF
+CpUCTPJ5GhD22Dp1nPMd8aINcGeGG7MW9S/lpOt5hvk9C8JzC6WZrG/8Z7jlLwum
+GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk
+zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW
+omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 913163544 (0x366dc518)
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, O=Digital Signature Trust Co., OU=DST-Entrust GTI CA
+        Validity
+            Not Before: Dec  9 00:02:24 1998 GMT
+            Not After : Dec  9 00:32:24 2018 GMT
+        Subject: C=US, O=Digital Signature Trust Co., OU=DST-Entrust GTI CA
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:b6:1d:f7:4b:8d:0f:13:e3:12:f5:09:fe:06:32:
+                    0e:af:4c:41:f5:7d:d4:47:3d:2a:0a:df:83:05:de:
+                    de:7d:e6:03:16:f6:51:3a:cb:47:1a:4a:ad:7e:c4:
+                    fd:1d:b4:be:74:8a:78:dd:0b:83:8e:b4:84:13:c4:
+                    fb:f8:6d:29:ae:a1:e1:0f:0f:43:e3:b5:5e:60:69:
+                    fa:83:94:fc:79:e6:dc:76:ed:d1:44:2b:8e:fd:12:
+                    bb:fe:17:77:17:0c:89:ed:a7:ef:51:7d:c4:ed:38:
+                    c3:3b:a3:7a:fb:e2:4d:a0:60:b5:f2:fd:13:65:d3:
+                    c6:ec:3f:be:35:9c:3d:22:ef
+                Exponent: 3 (0x3)
+        X509v3 extensions:
+            Netscape Cert Type: 
+                SSL CA, S/MIME CA, Object Signing CA
+            X509v3 CRL Distribution Points: 
+                DirName:/C=US/O=Digital Signature Trust Co./OU=DST-Entrust GTI CA/CN=CRL1
+
+            X509v3 Private Key Usage Period: 
+                Not Before: Dec  9 00:02:24 1998 GMT, Not After: Dec  9 00:02:24 2018 GMT
+            X509v3 Key Usage: 
+                Certificate Sign, CRL Sign
+            X509v3 Authority Key Identifier: 
+                keyid:93:9A:44:CA:D0:78:53:80:29:49:04:DF:C7:AF:33:3F:99:75:5F:AE
+
+            X509v3 Subject Key Identifier: 
+                93:9A:44:CA:D0:78:53:80:29:49:04:DF:C7:AF:33:3F:99:75:5F:AE
+            X509v3 Basic Constraints: 
+                CA:TRUE
+            1.2.840.113533.7.65.0: 
+                0
+..V4.0....
+    Signature Algorithm: sha1WithRSAEncryption
+        64:89:cc:03:a7:dc:0a:f2:58:20:e7:fd:17:a0:28:72:cd:87:
+        b0:cd:98:b5:24:47:63:33:31:10:10:b2:ef:8a:57:72:ae:4c:
+        03:e0:67:9f:ac:60:43:84:22:c1:a9:a3:e5:b1:a7:de:09:d4:
+        cf:0d:78:46:23:5b:8f:49:7b:fe:13:22:97:94:ea:72:48:e1:
+        2c:20:78:96:e9:66:45:19:cb:09:65:63:61:3f:d1:49:98:b1:
+        76:10:55:d5:63:4a:66:4b:a4:07:6b:de:7b:7f:b9:e6:93:5b:
+        1a:02:5b:80:0e:dd:8d:18:d4:8a:a3:c2:68:f1:a3:e0:18:d1:
+        4e:4c
+SHA1 Fingerprint=BC:92:19:DD:C9:8E:14:BF:1A:78:1F:6E:28:0B:04:C2:7F:90:27:12
+-----BEGIN CERTIFICATE-----
+MIIDRzCCArCgAwIBAgIENm3FGDANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJV
+UzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRswGQYDVQQL
+ExJEU1QtRW50cnVzdCBHVEkgQ0EwHhcNOTgxMjA5MDAwMjI0WhcNMTgxMjA5MDAz
+MjI0WjBQMQswCQYDVQQGEwJVUzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUg
+VHJ1c3QgQ28uMRswGQYDVQQLExJEU1QtRW50cnVzdCBHVEkgQ0EwgZ0wDQYJKoZI
+hvcNAQEBBQADgYsAMIGHAoGBALYd90uNDxPjEvUJ/gYyDq9MQfV91Ec9KgrfgwXe
+3n3mAxb2UTrLRxpKrX7E/R20vnSKeN0Lg460hBPE+/htKa6h4Q8PQ+O1XmBp+oOU
+/Hnm3Hbt0UQrjv0Su/4XdxcMie2n71F9xO04wzujevviTaBgtfL9E2XTxuw/vjWc
+PSLvAgEDo4IBLjCCASowEQYJYIZIAYb4QgEBBAQDAgAHMHIGA1UdHwRrMGkwZ6Bl
+oGOkYTBfMQswCQYDVQQGEwJVUzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUg
+VHJ1c3QgQ28uMRswGQYDVQQLExJEU1QtRW50cnVzdCBHVEkgQ0ExDTALBgNVBAMT
+BENSTDEwKwYDVR0QBCQwIoAPMTk5ODEyMDkwMDAyMjRagQ8yMDE4MTIwOTAwMDIy
+NFowCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFJOaRMrQeFOAKUkE38evMz+ZdV+u
+MB0GA1UdDgQWBBSTmkTK0HhTgClJBN/HrzM/mXVfrjAMBgNVHRMEBTADAQH/MBkG
+CSqGSIb2fQdBAAQMMAobBFY0LjADAgSQMA0GCSqGSIb3DQEBBQUAA4GBAGSJzAOn
+3AryWCDn/RegKHLNh7DNmLUkR2MzMRAQsu+KV3KuTAPgZ5+sYEOEIsGpo+Wxp94J
+1M8NeEYjW49Je/4TIpeU6nJI4SwgeJbpZkUZywllY2E/0UmYsXYQVdVjSmZLpAdr
+3nt/ueaTWxoCW4AO3Y0Y1Iqjwmjxo+AY0U5M
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            02:00:00:00:00:00:d6:78:b8:d6:c3
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
+        Validity
+            Not Before: Jan 28 12:00:00 1999 GMT
+            Not After : Jan 28 12:00:00 2009 GMT
+        Subject: C=BE, O=GlobalSign nv-sa, OU=Primary Class 3 CA, CN=GlobalSign Primary Class 3 CA
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (2048 bit)
+                Modulus (2048 bit):
+                    00:91:5e:56:65:d6:c0:c0:04:9c:bf:47:c4:5c:7b:
+                    7a:31:01:f9:58:96:99:e3:1c:84:2f:dc:56:8f:ad:
+                    f5:59:81:d5:43:66:5d:5a:93:8c:75:ca:a9:e7:11:
+                    c1:51:10:14:60:c9:2c:d4:7b:af:c6:77:86:ab:7a:
+                    27:ae:6f:95:b9:0b:ca:b6:46:fb:7e:1a:f4:0d:14:
+                    6d:d2:c9:4e:b2:ae:f0:54:f6:5c:40:4c:36:48:74:
+                    e8:54:8c:65:66:10:a7:bd:2b:b7:20:8d:05:49:ad:
+                    78:7d:d2:24:23:50:e3:f0:b4:79:9b:01:39:ff:af:
+                    3b:d3:2d:ee:e1:49:8d:8d:2f:3c:6a:41:45:2f:9b:
+                    e3:3d:e1:12:e4:91:75:9e:cf:a0:3e:3c:92:81:6f:
+                    8a:2e:18:dc:e0:f2:8c:8c:fd:87:d9:07:f4:40:94:
+                    c9:4e:4f:43:df:67:56:6f:bd:03:50:7c:99:67:a4:
+                    b9:3c:91:6c:02:6e:84:d6:fc:46:f7:cc:6f:18:3e:
+                    17:f0:ef:0b:64:16:57:e6:ac:86:f1:48:aa:43:c1:
+                    c9:27:78:73:44:45:e2:85:7d:ba:ff:b3:e1:fb:1b:
+                    05:a4:4b:3b:99:12:25:01:50:14:6a:af:5d:ea:c8:
+                    0c:ee:e4:da:ec:4b:8b:5c:68:13:95:dc:c3:b5:30:
+                    3a:d7
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Key Usage: critical
+                Certificate Sign, CRL Sign
+            X509v3 Subject Key Identifier: 
+                CC:36:CC:17:B4:45:91:2F:ED:CF:3B:30:48:77:FB:B5:14:99:BE:E3
+            X509v3 Authority Key Identifier: 
+                keyid:60:7B:66:1A:45:0D:97:CA:89:50:2F:7D:04:CD:34:A8:FF:FC:FD:4B
+
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+    Signature Algorithm: md5WithRSAEncryption
+        57:b2:54:cc:bd:95:17:64:60:89:b6:53:91:0c:45:92:c3:3d:
+        a8:6c:c3:cc:b2:18:f5:78:41:74:d8:7d:a3:27:af:77:0d:59:
+        3e:94:1d:69:fa:89:d3:0c:bd:1a:01:f4:3f:e8:e0:77:1a:82:
+        28:5a:e6:62:d7:b7:e3:36:c9:0e:9f:7a:e3:c2:d3:cc:59:89:
+        0c:ef:16:8b:f0:36:77:22:ca:a4:b6:b7:c1:42:67:01:40:63:
+        cc:e7:38:64:87:5b:14:96:66:7b:2d:14:ee:bd:49:6d:ff:77:
+        d0:e2:4e:5b:d3:80:c2:4d:0f:ca:b8:9d:81:97:a7:34:6e:c7:
+        e3:9c:48:e5:b4:aa:45:f5:f6:65:4c:48:f2:12:c2:d2:93:8c:
+        c2:15:24:f3:2b:52:ff:e3:08:ae:b8:6e:d6:2c:12:cf:39:cb:
+        12:2a:e7:a9:7b:5f:98:3d:a3:e1:cc:a6:63:89:5c:7d:31:75:
+        f9:d5:d6:5d:f2:d0:d4:3d:df:9e:71:a8:0e:dc:e4:20:97:78:
+        e6:7f:53:a4:0d:51:4f:8e:3b:03:ae:a3:0d:5a:4d:c3:79:e7:
+        35:58:70:42:c9:5e:a1:5e:b4:d9:22:a3:44:53:35:a4:d0:cf:
+        73:80:c5:cf:9f:56:98:76:f9:14:4c:77:87:82:c9:dc:7e:5d:
+        34:d5:36:75
+SHA1 Fingerprint=74:03:C9:33:48:AA:C4:F7:0E:29:F4:D0:15:12:F4:46:49:0F:75:8C
+-----BEGIN CERTIFICATE-----
+MIIDrDCCApSgAwIBAgILAgAAAAAA1ni41sMwDQYJKoZIhvcNAQEEBQAwVzELMAkG
+A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
+b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05OTAxMjgxMjAw
+MDBaFw0wOTAxMjgxMjAwMDBaMG0xCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
+YWxTaWduIG52LXNhMRswGQYDVQQLExJQcmltYXJ5IENsYXNzIDMgQ0ExJjAkBgNV
+BAMTHUdsb2JhbFNpZ24gUHJpbWFyeSBDbGFzcyAzIENBMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAkV5WZdbAwAScv0fEXHt6MQH5WJaZ4xyEL9xWj631
+WYHVQ2ZdWpOMdcqp5xHBURAUYMks1HuvxneGq3onrm+VuQvKtkb7fhr0DRRt0slO
+sq7wVPZcQEw2SHToVIxlZhCnvSu3II0FSa14fdIkI1Dj8LR5mwE5/6870y3u4UmN
+jS88akFFL5vjPeES5JF1ns+gPjySgW+KLhjc4PKMjP2H2Qf0QJTJTk9D32dWb70D
+UHyZZ6S5PJFsAm6E1vxG98xvGD4X8O8LZBZX5qyG8UiqQ8HJJ3hzREXihX26/7Ph
++xsFpEs7mRIlAVAUaq9d6sgM7uTa7EuLXGgTldzDtTA61wIDAQABo2MwYTAOBgNV
+HQ8BAf8EBAMCAAYwHQYDVR0OBBYEFMw2zBe0RZEv7c87MEh3+7UUmb7jMB8GA1Ud
+IwQYMBaAFGB7ZhpFDZfKiVAvfQTNNKj//P1LMA8GA1UdEwEB/wQFMAMBAf8wDQYJ
+KoZIhvcNAQEEBQADggEBAFeyVMy9lRdkYIm2U5EMRZLDPahsw8yyGPV4QXTYfaMn
+r3cNWT6UHWn6idMMvRoB9D/o4Hcagiha5mLXt+M2yQ6feuPC08xZiQzvFovwNnci
+yqS2t8FCZwFAY8znOGSHWxSWZnstFO69SW3/d9DiTlvTgMJND8q4nYGXpzRux+Oc
+SOW0qkX19mVMSPISwtKTjMIVJPMrUv/jCK64btYsEs85yxIq56l7X5g9o+HMpmOJ
+XH0xdfnV1l3y0NQ9355xqA7c5CCXeOZ/U6QNUU+OOwOuow1aTcN55zVYcELJXqFe
+tNkio0RTNaTQz3OAxc+fVph2+RRMd4eCydx+XTTVNnU=
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number:
+            d0:1e:40:8a:00:00:02:7c:00:00:00:03:00:00:00:01
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=us, ST=Utah, L=Salt Lake City, O=Digital Signature Trust Co., OU=National Retail Federation, CN=DST (NRF) RootCA/emailAddress=ca@digsigtrust.com
+        Validity
+            Not Before: Dec 11 16:14:16 1998 GMT
+            Not After : Dec  8 16:14:16 2008 GMT
+        Subject: C=us, ST=Utah, L=Salt Lake City, O=Digital Signature Trust Co., OU=National Retail Federation, CN=DST (NRF) RootCA/emailAddress=ca@digsigtrust.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (2048 bit)
+                Modulus (2048 bit):
+                    00:d9:ac:9b:77:fa:50:d3:cc:dc:b9:40:ac:b9:72:
+                    6a:00:87:23:fc:0f:96:21:d0:26:af:e4:e2:b5:5f:
+                    fa:d3:a6:7d:21:30:2e:cc:17:82:8f:98:74:fc:67:
+                    a4:a6:df:88:97:a2:42:29:f5:a7:db:11:93:fb:5e:
+                    23:30:c2:aa:bc:22:e7:41:1b:e5:ed:25:de:c8:3f:
+                    db:de:57:45:78:40:46:83:b2:d5:1a:3d:df:0f:45:
+                    6d:d5:63:02:75:d8:2f:c6:6e:ab:95:91:74:37:0d:
+                    cb:4d:09:5c:d1:d4:5b:3a:da:dd:0e:c8:6b:99:d8:
+                    d5:39:cc:df:85:55:c4:92:53:02:a3:e1:f7:80:c9:
+                    70:a3:da:dc:33:c4:7f:a2:47:08:1c:35:96:1f:a1:
+                    03:1c:30:83:f4:c4:cc:ff:98:c3:b0:46:44:a2:c0:
+                    bf:ad:db:d2:81:f6:4c:98:2c:a7:5e:24:f3:86:ca:
+                    63:d5:ba:7d:f0:9a:c0:4a:d0:1b:58:ee:ec:a9:67:
+                    cf:69:02:6c:22:c0:60:2c:2c:d1:c8:20:ea:c8:2d:
+                    fb:dd:9c:bb:cb:51:4c:dc:e7:57:04:3b:54:9b:11:
+                    a5:32:74:ec:74:01:f3:90:15:5b:2f:7c:2c:93:65:
+                    b9:66:67:b4:81:88:35:e5:9e:91:18:7f:81:a8:41:
+                    c8:cb
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: sha1WithRSAEncryption
+        84:5e:0b:3b:ec:a0:8d:1c:9b:d0:3c:1d:71:69:e4:1a:7f:64:
+        be:81:65:61:c5:8c:6a:d7:7c:00:74:e0:7a:62:55:ed:24:7c:
+        e0:61:e3:f2:dd:14:e6:11:6e:83:0e:e1:ea:a9:9e:80:ad:9a:
+        20:bf:e0:57:7e:d5:d0:b5:84:63:2d:d9:18:e4:bd:1b:35:2c:
+        5e:ae:61:76:aa:67:85:3b:38:e1:31:81:1f:31:7f:e6:d7:f8:
+        5b:d2:bb:63:79:86:c4:8c:c5:de:0a:ae:d7:d1:fc:01:74:ff:
+        b6:b6:0d:62:81:67:1c:bb:26:f8:24:80:e0:5c:5e:d8:a4:8a:
+        3a:8f:7d:cb:ff:92:a3:fd:7c:a9:32:69:07:58:58:61:42:99:
+        52:03:b1:38:3d:c6:71:6f:6c:f2:e8:7d:06:aa:c1:7c:53:cb:
+        1a:2d:88:4f:c9:a9:a7:ac:69:6f:f7:a4:1f:d8:74:81:f5:4a:
+        bf:b1:55:b7:d3:77:38:a7:6f:c2:4a:c8:e2:73:89:d3:57:72:
+        e1:43:2f:72:3c:f6:1f:b7:f8:04:4a:6e:c1:e9:94:17:e4:97:
+        17:f4:0e:13:86:6f:8d:ab:e8:5f:2d:b4:ff:6c:d6:a2:b4:1f:
+        ec:b9:94:6a:aa:12:4f:1a:dd:f5:77:b5:25:8c:f2:8a:0a:f1:
+        fc:52:5b:58
+SHA1 Fingerprint=CF:DE:FE:10:2F:DA:05:BB:E4:C7:8D:2E:44:23:58:90:05:B2:57:1D
+-----BEGIN CERTIFICATE-----
+MIIEAjCCAuoCEQDQHkCKAAACfAAAAAMAAAABMA0GCSqGSIb3DQEBBQUAMIG+MQsw
+CQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMOU2FsdCBMYWtlIENp
+dHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjEjMCEGA1UE
+CxMaTmF0aW9uYWwgUmV0YWlsIEZlZGVyYXRpb24xGTAXBgNVBAMTEERTVCAoTlJG
+KSBSb290Q0ExITAfBgkqhkiG9w0BCQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTAeFw05
+ODEyMTExNjE0MTZaFw0wODEyMDgxNjE0MTZaMIG+MQswCQYDVQQGEwJ1czENMAsG
+A1UECBMEVXRhaDEXMBUGA1UEBxMOU2FsdCBMYWtlIENpdHkxJDAiBgNVBAoTG0Rp
+Z2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjEjMCEGA1UECxMaTmF0aW9uYWwgUmV0
+YWlsIEZlZGVyYXRpb24xGTAXBgNVBAMTEERTVCAoTlJGKSBSb290Q0ExITAfBgkq
+hkiG9w0BCQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBANmsm3f6UNPM3LlArLlyagCHI/wPliHQJq/k4rVf+tOmfSEw
+LswXgo+YdPxnpKbfiJeiQin1p9sRk/teIzDCqrwi50Eb5e0l3sg/295XRXhARoOy
+1Ro93w9FbdVjAnXYL8Zuq5WRdDcNy00JXNHUWzra3Q7Ia5nY1TnM34VVxJJTAqPh
+94DJcKPa3DPEf6JHCBw1lh+hAxwwg/TEzP+Yw7BGRKLAv63b0oH2TJgsp14k84bK
+Y9W6ffCawErQG1ju7Klnz2kCbCLAYCws0cgg6sgt+92cu8tRTNznVwQ7VJsRpTJ0
+7HQB85AVWy98LJNluWZntIGINeWekRh/gahByMsCAwEAATANBgkqhkiG9w0BAQUF
+AAOCAQEAhF4LO+ygjRyb0DwdcWnkGn9kvoFlYcWMatd8AHTgemJV7SR84GHj8t0U
+5hFugw7h6qmegK2aIL/gV37V0LWEYy3ZGOS9GzUsXq5hdqpnhTs44TGBHzF/5tf4
+W9K7Y3mGxIzF3gqu19H8AXT/trYNYoFnHLsm+CSA4Fxe2KSKOo99y/+So/18qTJp
+B1hYYUKZUgOxOD3GcW9s8uh9BqrBfFPLGi2IT8mpp6xpb/ekH9h0gfVKv7FVt9N3
+OKdvwkrI4nOJ01dy4UMvcjz2H7f4BEpuwemUF+SXF/QOE4ZvjavoXy20/2zWorQf
+7LmUaqoSTxrd9Xe1JYzyigrx/FJbWA==
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=BE, L=Brussels, O=BelSign NV, OU=BelSign Secure Server Certificate Authority, CN=BelSign Secure Server CA/emailAddress=webmaster@belsign.be
+        Validity
+            Not Before: Jul 16 22:00:54 1997 GMT
+            Not After : Jul 16 22:00:54 2007 GMT
+        Subject: C=BE, L=Brussels, O=BelSign NV, OU=BelSign Secure Server Certificate Authority, CN=BelSign Secure Server CA/emailAddress=webmaster@belsign.be
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:d6:01:12:78:92:f8:04:42:7f:c9:c7:22:83:fc:
+                    7c:47:70:30:2b:49:0b:3e:36:40:90:28:da:21:73:
+                    83:53:f2:c4:d1:16:40:c0:53:ff:ae:a6:c6:24:b3:
+                    27:6d:a5:b3:3d:39:77:5d:a8:06:f6:e6:e9:bc:63:
+                    11:4e:06:65:70:0a:9d:93:f9:a2:40:8b:7f:4a:84:
+                    0e:8d:16:b1:d6:cc:08:64:12:0c:e0:28:4b:c8:a5:
+                    84:90:17:fb:11:46:2e:d6:a7:85:18:cb:18:ae:63:
+                    9a:b0:58:06:f4:00:cf:f8:c4:09:1a:35:0c:a1:f9:
+                    ee:4a:fd:6d:de:fe:26:a5:3b
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            Netscape Cert Type: 
+                SSL Client, S/MIME
+    Signature Algorithm: md5WithRSAEncryption
+        6c:3d:99:c3:05:e2:1d:ca:e5:2d:aa:68:85:8b:40:31:20:66:
+        13:68:e6:58:3a:89:d0:8d:75:b2:c5:62:d8:7d:82:8f:f7:d9:
+        32:81:77:f6:35:5b:85:29:ce:67:b2:b9:bc:2b:19:78:cf:f3:
+        87:fd:46:f1:95:75:b2:09:57:03:30:c1:7a:cd:72:47:71:80:
+        ca:7d:9d:c9:65:3c:47:11:22:7d:fa:07:0b:28:78:a1:93:e8:
+        05:45:48:e2:32:32:4a:3d:e8:53:1c:10:b7:c7:73:8c:07:50:
+        e1:f9:c9:2b:53:41:f5:83:8d:e5:09:39:4a:8e:03:62:aa:40:
+        63:8b
+SHA1 Fingerprint=C2:C5:B5:FE:83:64:F8:A3:6E:78:1D:7C:15:08:7C:E8:85:A1:86:98
+-----BEGIN CERTIFICATE-----
+MIIC8zCCAlygAwIBAgIBATANBgkqhkiG9w0BAQQFADCBszELMAkGA1UEBhMCQkUx
+ETAPBgNVBAcTCEJydXNzZWxzMRMwEQYDVQQKEwpCZWxTaWduIE5WMTQwMgYDVQQL
+EytCZWxTaWduIFNlY3VyZSBTZXJ2ZXIgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MSEw
+HwYDVQQDExhCZWxTaWduIFNlY3VyZSBTZXJ2ZXIgQ0ExIzAhBgkqhkiG9w0BCQEW
+FHdlYm1hc3RlckBiZWxzaWduLmJlMB4XDTk3MDcxNjIyMDA1NFoXDTA3MDcxNjIy
+MDA1NFowgbMxCzAJBgNVBAYTAkJFMREwDwYDVQQHEwhCcnVzc2VsczETMBEGA1UE
+ChMKQmVsU2lnbiBOVjE0MDIGA1UECxMrQmVsU2lnbiBTZWN1cmUgU2VydmVyIENl
+cnRpZmljYXRlIEF1dGhvcml0eTEhMB8GA1UEAxMYQmVsU2lnbiBTZWN1cmUgU2Vy
+dmVyIENBMSMwIQYJKoZIhvcNAQkBFhR3ZWJtYXN0ZXJAYmVsc2lnbi5iZTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1gESeJL4BEJ/yccig/x8R3AwK0kLPjZA
+kCjaIXODU/LE0RZAwFP/rqbGJLMnbaWzPTl3XagG9ubpvGMRTgZlcAqdk/miQIt/
+SoQOjRax1swIZBIM4ChLyKWEkBf7EUYu1qeFGMsYrmOasFgG9ADP+MQJGjUMofnu
+Sv1t3v4mpTsCAwEAAaMVMBMwEQYJYIZIAYb4QgEBBAQDAgCgMA0GCSqGSIb3DQEB
+BAUAA4GBAGw9mcMF4h3K5S2qaIWLQDEgZhNo5lg6idCNdbLFYth9go/32TKBd/Y1
+W4UpzmeyubwrGXjP84f9RvGVdbIJVwMwwXrNckdxgMp9ncllPEcRIn36BwsoeKGT
+6AVFSOIyMko96FMcELfHc4wHUOH5yStTQfWDjeUJOUqOA2KqQGOL
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 0 (0x0)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting, OU=Certification Services Division, CN=Thawte Personal Freemail CA/emailAddress=personal-freemail@thawte.com
+        Validity
+            Not Before: Jan  1 00:00:00 1996 GMT
+            Not After : Dec 31 23:59:59 2020 GMT
+        Subject: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting, OU=Certification Services Division, CN=Thawte Personal Freemail CA/emailAddress=personal-freemail@thawte.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:d4:69:d7:d4:b0:94:64:5b:71:e9:47:d8:0c:51:
+                    b6:ea:72:91:b0:84:5e:7d:2d:0d:8f:7b:12:df:85:
+                    25:75:28:74:3a:42:2c:63:27:9f:95:7b:4b:ef:7e:
+                    19:87:1d:86:ea:a3:dd:b9:ce:96:64:1a:c2:14:6e:
+                    44:ac:7c:e6:8f:e8:4d:0f:71:1f:40:38:a6:00:a3:
+                    87:78:f6:f9:94:86:5e:ad:ea:c0:5e:76:eb:d9:14:
+                    a3:5d:6e:7a:7c:0c:a5:4b:55:7f:06:19:29:7f:9e:
+                    9a:26:d5:6a:bb:38:24:08:6a:98:c7:b1:da:a3:98:
+                    91:fd:79:db:e5:5a:c4:1c:b9
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+    Signature Algorithm: md5WithRSAEncryption
+        c7:ec:92:7e:4e:f8:f5:96:a5:67:62:2a:a4:f0:4d:11:60:d0:
+        6f:8d:60:58:61:ac:26:bb:52:35:5c:08:cf:30:fb:a8:4a:96:
+        8a:1f:62:42:23:8c:17:0f:f4:ba:64:9c:17:ac:47:29:df:9d:
+        98:5e:d2:6c:60:71:5c:a2:ac:dc:79:e3:e7:6e:00:47:1f:b5:
+        0d:28:e8:02:9d:e4:9a:fd:13:f4:a6:d9:7c:b1:f8:dc:5f:23:
+        26:09:91:80:73:d0:14:1b:de:43:a9:83:25:f2:e6:9c:2f:15:
+        ca:fe:a6:ab:8a:07:75:8b:0c:dd:51:84:6b:e4:f8:d1:ce:77:
+        a2:81
+SHA1 Fingerprint=20:99:00:B6:3D:95:57:28:14:0C:D1:36:22:D8:C6:87:A4:EB:00:85
+-----BEGIN CERTIFICATE-----
+MIIDLTCCApagAwIBAgIBADANBgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkEx
+FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYD
+VQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT
+ZXJ2aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVt
+YWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUu
+Y29tMB4XDTk2MDEwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgdExCzAJBgNVBAYT
+AlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEa
+MBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRp
+b24gU2VydmljZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBG
+cmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhh
+d3RlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1GnX1LCUZFtx6UfY
+DFG26nKRsIRefS0Nj3sS34UldSh0OkIsYyeflXtL734Zhx2G6qPduc6WZBrCFG5E
+rHzmj+hND3EfQDimAKOHePb5lIZererAXnbr2RSjXW56fAylS1V/Bhkpf56aJtVq
+uzgkCGqYx7Hao5iR/Xnb5VrEHLkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zAN
+BgkqhkiG9w0BAQQFAAOBgQDH7JJ+Tvj1lqVnYiqk8E0RYNBvjWBYYawmu1I1XAjP
+MPuoSpaKH2JCI4wXD/S6ZJwXrEcp352YXtJsYHFcoqzceePnbgBHH7UNKOgCneSa
+/RP0ptl8sfjcXyMmCZGAc9AUG95DqYMl8uacLxXK/qarigd1iwzdUYRr5PjRznei
+gQ==
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number:
+            7d:d9:fe:07:cf:a8:1e:b7:10:79:67:fb:a7:89:34:c6
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
+        Validity
+            Not Before: May 18 00:00:00 1998 GMT
+            Not After : Aug  1 23:59:59 2028 GMT
+        Subject: C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:cc:5e:d1:11:5d:5c:69:d0:ab:d3:b9:6a:4c:99:
+                    1f:59:98:30:8e:16:85:20:46:6d:47:3f:d4:85:20:
+                    84:e1:6d:b3:f8:a4:ed:0c:f1:17:0f:3b:f9:a7:f9:
+                    25:d7:c1:cf:84:63:f2:7c:63:cf:a2:47:f2:c6:5b:
+                    33:8e:64:40:04:68:c1:80:b9:64:1c:45:77:c7:d8:
+                    6e:f5:95:29:3c:50:e8:34:d7:78:1f:a8:ba:6d:43:
+                    91:95:8f:45:57:5e:7e:c5:fb:ca:a4:04:eb:ea:97:
+                    37:54:30:6f:bb:01:47:32:33:cd:dc:57:9b:64:69:
+                    61:f8:9b:1d:1c:89:4f:5c:67
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: sha1WithRSAEncryption
+        51:4d:cd:be:5c:cb:98:19:9c:15:b2:01:39:78:2e:4d:0f:67:
+        70:70:99:c6:10:5a:94:a4:53:4d:54:6d:2b:af:0d:5d:40:8b:
+        64:d3:d7:ee:de:56:61:92:5f:a6:c4:1d:10:61:36:d3:2c:27:
+        3c:e8:29:09:b9:11:64:74:cc:b5:73:9f:1c:48:a9:bc:61:01:
+        ee:e2:17:a6:0c:e3:40:08:3b:0e:e7:eb:44:73:2a:9a:f1:69:
+        92:ef:71:14:c3:39:ac:71:a7:91:09:6f:e4:71:06:b3:ba:59:
+        57:26:79:00:f6:f8:0d:a2:33:30:28:d4:aa:58:a0:9d:9d:69:
+        91:fd
+SHA1 Fingerprint=85:37:1C:A6:E5:50:14:3D:CE:28:03:47:1B:DE:3A:09:E8:F8:77:0F
+-----BEGIN CERTIFICATE-----
+MIIDAjCCAmsCEH3Z/gfPqB63EHln+6eJNMYwDQYJKoZIhvcNAQEFBQAwgcExCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xh
+c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy
+MTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp
+emVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4X
+DTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMyBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEo
+YykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5
+MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQDMXtERXVxp0KvTuWpMmR9ZmDCOFoUgRm1HP9SFIIThbbP4
+pO0M8RcPO/mn+SXXwc+EY/J8Y8+iR/LGWzOOZEAEaMGAuWQcRXfH2G71lSk8UOg0
+13gfqLptQ5GVj0VXXn7F+8qkBOvqlzdUMG+7AUcyM83cV5tkaWH4mx0ciU9cZwID
+AQABMA0GCSqGSIb3DQEBBQUAA4GBAFFNzb5cy5gZnBWyATl4Lk0PZ3BwmcYQWpSk
+U01UbSuvDV1Ai2TT1+7eVmGSX6bEHRBhNtMsJzzoKQm5EWR0zLVznxxIqbxhAe7i
+F6YM40AIOw7n60RzKprxaZLvcRTDOaxxp5EJb+RxBrO6WVcmeQD2+A2iMzAo1KpY
+oJ2daZH9
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number:
+            70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
+        Signature Algorithm: md2WithRSAEncryption
+        Issuer: C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
+        Validity
+            Not Before: Jan 29 00:00:00 1996 GMT
+            Not After : Aug  1 23:59:59 2028 GMT
+        Subject: C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:c9:5c:59:9e:f2:1b:8a:01:14:b4:10:df:04:40:
+                    db:e3:57:af:6a:45:40:8f:84:0c:0b:d1:33:d9:d9:
+                    11:cf:ee:02:58:1f:25:f7:2a:a8:44:05:aa:ec:03:
+                    1f:78:7f:9e:93:b9:9a:00:aa:23:7d:d6:ac:85:a2:
+                    63:45:c7:72:27:cc:f4:4c:c6:75:71:d2:39:ef:4f:
+                    42:f0:75:df:0a:90:c6:8e:20:6f:98:0f:f8:ac:23:
+                    5f:70:29:36:a4:c9:86:e7:b1:9a:20:cb:53:a5:85:
+                    e7:3d:be:7d:9a:fe:24:45:33:dc:76:15:ed:0f:a2:
+                    71:64:4c:65:2e:81:68:45:a7
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: md2WithRSAEncryption
+        bb:4c:12:2b:cf:2c:26:00:4f:14:13:dd:a6:fb:fc:0a:11:84:
+        8c:f3:28:1c:67:92:2f:7c:b6:c5:fa:df:f0:e8:95:bc:1d:8f:
+        6c:2c:a8:51:cc:73:d8:a4:c0:53:f0:4e:d6:26:c0:76:01:57:
+        81:92:5e:21:f1:d1:b1:ff:e7:d0:21:58:cd:69:17:e3:44:1c:
+        9c:19:44:39:89:5c:dc:9c:00:0f:56:8d:02:99:ed:a2:90:45:
+        4c:e4:bb:10:a4:3d:f0:32:03:0e:f1:ce:f8:e8:c9:51:8c:e6:
+        62:9f:e6:9f:c0:7d:b7:72:9c:c9:36:3a:6b:9f:4e:a8:ff:64:
+        0d:64
+SHA1 Fingerprint=74:2C:31:92:E6:07:E4:24:EB:45:49:54:2B:E1:BB:C5:3E:61:74:E2
+-----BEGIN CERTIFICATE-----
+MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
+cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
+MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
+BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt
+YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE
+BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is
+I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G
+CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do
+lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc
+AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 903999262 (0x35e1ef1e)
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, O=Equifax, OU=Equifax Premium Certificate Authority
+        Validity
+            Not Before: Aug 24 22:54:23 1998 GMT
+            Not After : Aug 24 22:54:23 2018 GMT
+        Subject: C=US, O=Equifax, OU=Equifax Premium Certificate Authority
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:ce:a1:06:8e:06:cc:08:0b:c1:86:a8:de:20:d5:
+                    0d:0e:d1:0d:c4:9f:ea:6a:d9:b3:c2:32:47:40:6f:
+                    8a:88:a4:09:bd:38:2c:1d:e6:cb:e6:a4:f3:36:eb:
+                    da:eb:bc:fc:64:b3:07:f6:2d:bc:aa:ce:9f:19:48:
+                    68:4a:fc:f5:a2:45:7e:09:10:f5:8f:b3:49:5c:23:
+                    06:39:ea:13:8b:b8:0b:cd:91:1d:76:5f:d9:37:a1:
+                    44:fb:5f:90:f2:67:b3:cd:18:99:43:1f:76:12:6b:
+                    02:f2:95:83:38:43:c2:f6:62:34:ca:c9:78:5d:5f:
+                    d2:d8:ba:9a:ff:be:10:60:5b
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 CRL Distribution Points: 
+                DirName:/C=US/O=Equifax/OU=Equifax Premium Certificate Authority/CN=CRL1
+
+            X509v3 Private Key Usage Period: 
+                Not After: Aug 24 22:54:23 2018 GMT
+            X509v3 Key Usage: 
+                Certificate Sign, CRL Sign
+            X509v3 Authority Key Identifier: 
+                keyid:15:EE:B2:28:59:AB:6E:E5:F8:CF:8B:81:F4:24:E1:AE:3F:75:1B:98
+
+            X509v3 Subject Key Identifier: 
+                15:EE:B2:28:59:AB:6E:E5:F8:CF:8B:81:F4:24:E1:AE:3F:75:1B:98
+            X509v3 Basic Constraints: 
+                CA:TRUE
+            1.2.840.113533.7.65.0: 
+                0...V3.0c....
+    Signature Algorithm: sha1WithRSAEncryption
+        bd:0b:9c:27:a9:03:db:28:dc:98:a9:4b:d0:d1:8e:a7:a8:1a:
+        5a:91:e0:9c:f1:f7:18:7c:2e:22:9e:36:1f:c9:a8:b5:cd:46:
+        4a:6e:fa:35:07:1b:86:08:eb:9f:e2:a8:f9:9d:41:2d:3a:ae:
+        5c:5c:b6:5f:34:04:eb:fc:2a:60:b0:fb:74:e4:85:e9:65:38:
+        96:ee:15:c7:c6:77:63:12:bd:8a:68:1f:ab:6c:7d:da:ca:5c:
+        13:ce:ea:c9:eb:09:5c:c5:73:e7:12:01:d5:d9:53:07:9e:e0:
+        0f:96:f0:8b:b4:bb:45:48:9f:86:c5:19:55:a0:cb:96:c5:03:
+        fc:48
+SHA1 Fingerprint=9D:11:77:BB:43:DB:BD:A0:07:C8:AA:D1:AB:90:57:10:AE:78:A4:5D
+-----BEGIN CERTIFICATE-----
+MIIDIzCCAoygAwIBAgIENeHvHjANBgkqhkiG9w0BAQUFADBPMQswCQYDVQQGEwJV
+UzEQMA4GA1UEChMHRXF1aWZheDEuMCwGA1UECxMlRXF1aWZheCBQcmVtaXVtIENl
+cnRpZmljYXRlIEF1dGhvcml0eTAeFw05ODA4MjQyMjU0MjNaFw0xODA4MjQyMjU0
+MjNaME8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFcXVpZmF4MS4wLAYDVQQLEyVF
+cXVpZmF4IFByZW1pdW0gQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQDOoQaOBswIC8GGqN4g1Q0O0Q3En+pq2bPCMkdAb4qI
+pAm9OCwd5svmpPM269rrvPxkswf2Lbyqzp8ZSGhK/PWiRX4JEPWPs0lcIwY56hOL
+uAvNkR12X9k3oUT7X5DyZ7PNGJlDH3YSawLylYM4Q8L2YjTKyXhdX9LYupr/vhBg
+WwIDAQABo4IBCjCCAQYwcQYDVR0fBGowaDBmoGSgYqRgMF4xCzAJBgNVBAYTAlVT
+MRAwDgYDVQQKEwdFcXVpZmF4MS4wLAYDVQQLEyVFcXVpZmF4IFByZW1pdW0gQ2Vy
+dGlmaWNhdGUgQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIw
+MTgwODI0MjI1NDIzWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUFe6yKFmrbuX4
+z4uB9CThrj91G5gwHQYDVR0OBBYEFBXusihZq27l+M+LgfQk4a4/dRuYMAwGA1Ud
+EwQFMAMBAf8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEB
+BQUAA4GBAL0LnCepA9so3JipS9DRjqeoGlqR4Jzx9xh8LiKeNh/JqLXNRkpu+jUH
+G4YI65/iqPmdQS06rlxctl80BOv8KmCw+3TkhellOJbuFcfGd2MSvYpoH6tsfdrK
+XBPO6snrCVzFc+cSAdXZUwee4A+W8Iu0u0VIn4bFGVWgy5bFA/xI
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number:
+            d0:1e:40:8b:00:00:02:7c:00:00:00:07:00:00:00:01
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=us, ST=Utah, L=Salt Lake City, O=Digital Signature Trust Co., OU=United Parcel Service, CN=DST (UPS) RootCA/emailAddress=ca@digsigtrust.com
+        Validity
+            Not Before: Dec 10 00:25:46 1998 GMT
+            Not After : Dec  7 00:25:46 2008 GMT
+        Subject: C=us, ST=Utah, L=Salt Lake City, O=Digital Signature Trust Co., OU=United Parcel Service, CN=DST (UPS) RootCA/emailAddress=ca@digsigtrust.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (2048 bit)
+                Modulus (2048 bit):
+                    00:ef:17:ec:af:29:e6:d9:2b:27:c0:db:7b:24:9f:
+                    66:f4:04:a3:c2:ad:0a:ca:b0:cd:84:2b:aa:37:f3:
+                    80:a1:60:ef:42:8f:e5:5d:77:5f:57:42:54:dd:2b:
+                    db:61:b2:71:5e:93:7b:6f:5f:eb:24:2b:e7:a4:f2:
+                    eb:f1:73:b3:0b:8d:f5:59:d7:32:df:ac:90:8e:4e:
+                    31:ba:25:4d:b6:0c:a6:f1:e5:af:0c:e1:e5:6f:52:
+                    03:15:c1:df:be:7e:4a:a6:a6:18:46:70:3f:ef:a7:
+                    4d:a8:dc:f5:74:d9:61:7a:40:3c:a1:94:28:ea:c2:
+                    94:88:cb:37:15:05:19:3c:95:62:ba:1c:2d:fb:28:
+                    8c:d1:c8:9e:92:3c:5b:11:54:3b:78:d9:47:3b:9b:
+                    2d:4a:e6:3e:7b:6b:df:f4:f6:05:cf:28:f6:ba:98:
+                    36:00:9e:3c:37:85:0a:9c:de:b7:a4:85:c5:63:fd:
+                    b7:62:14:6d:17:1e:cc:8a:80:85:42:32:11:b0:21:
+                    e2:9d:77:c9:80:16:41:9e:eb:e5:14:89:7f:b7:c3:
+                    bc:4f:c1:9f:87:9b:96:ec:63:f6:f9:90:56:0e:95:
+                    a3:23:0a:8c:64:da:9b:bb:1c:77:b0:4c:5d:e6:c8:
+                    e8:f5:7d:79:2d:57:24:3f:cc:e3:3d:2c:98:cf:12:
+                    9f:17
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: sha1WithRSAEncryption
+        bb:38:8e:04:22:26:58:0e:21:44:56:cc:bd:59:7c:29:68:cb:
+        5c:0f:c8:86:54:3f:81:78:a7:ad:8f:cc:46:f7:1c:54:b8:79:
+        2d:5b:72:05:6a:e8:21:d0:ec:1d:1d:fe:a4:34:51:be:ee:ed:
+        ce:cc:9c:16:68:e2:5d:75:73:08:43:31:91:6a:10:2b:10:c2:
+        4b:69:f8:c9:ad:98:a8:fd:b8:ef:f6:ab:f0:5f:21:ef:cb:85:
+        6b:09:ed:2f:48:66:b5:60:72:c0:e8:a0:c7:98:db:0e:f7:1b:
+        73:8d:34:08:0a:7b:c5:77:62:aa:30:23:9b:b0:1e:8b:80:98:
+        54:dc:05:87:b3:a9:62:59:fc:8b:b7:15:9a:ac:44:ec:cf:35:
+        1a:f7:0f:2e:5d:92:4b:01:c8:7b:ee:a0:37:ed:e4:1d:82:0d:
+        99:41:43:17:ad:d4:d5:ca:e3:f9:7d:17:a2:01:d0:30:0f:40:
+        b9:dc:b9:04:82:69:83:b6:f9:0f:fa:06:92:f7:a8:f4:d6:17:
+        1c:f0:5e:7f:c4:29:c8:e6:e1:e2:ff:36:68:21:51:ae:ff:a9:
+        ba:84:92:ad:8a:7b:33:d8:90:d2:c1:79:6d:33:33:39:74:ac:
+        1b:38:71:9f:2c:07:90:ea:1d:e0:d3:89:5f:cb:ef:14:8d:27:
+        54:a5:bd:46
+SHA1 Fingerprint=EC:0C:37:16:EA:9E:DF:AD:D3:5D:FB:D5:56:08:E6:0A:05:D3:CB:F3
+-----BEGIN CERTIFICATE-----
+MIID+DCCAuACEQDQHkCLAAACfAAAAAcAAAABMA0GCSqGSIb3DQEBBQUAMIG5MQsw
+CQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMOU2FsdCBMYWtlIENp
+dHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjEeMBwGA1UE
+CxMVVW5pdGVkIFBhcmNlbCBTZXJ2aWNlMRkwFwYDVQQDExBEU1QgKFVQUykgUm9v
+dENBMSEwHwYJKoZIhvcNAQkBFhJjYUBkaWdzaWd0cnVzdC5jb20wHhcNOTgxMjEw
+MDAyNTQ2WhcNMDgxMjA3MDAyNTQ2WjCBuTELMAkGA1UEBhMCdXMxDTALBgNVBAgT
+BFV0YWgxFzAVBgNVBAcTDlNhbHQgTGFrZSBDaXR5MSQwIgYDVQQKExtEaWdpdGFs
+IFNpZ25hdHVyZSBUcnVzdCBDby4xHjAcBgNVBAsTFVVuaXRlZCBQYXJjZWwgU2Vy
+dmljZTEZMBcGA1UEAxMQRFNUIChVUFMpIFJvb3RDQTEhMB8GCSqGSIb3DQEJARYS
+Y2FAZGlnc2lndHJ1c3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEA7xfsrynm2SsnwNt7JJ9m9ASjwq0KyrDNhCuqN/OAoWDvQo/lXXdfV0JU3Svb
+YbJxXpN7b1/rJCvnpPLr8XOzC431Wdcy36yQjk4xuiVNtgym8eWvDOHlb1IDFcHf
+vn5KpqYYRnA/76dNqNz1dNlhekA8oZQo6sKUiMs3FQUZPJViuhwt+yiM0ciekjxb
+EVQ7eNlHO5stSuY+e2vf9PYFzyj2upg2AJ48N4UKnN63pIXFY/23YhRtFx7MioCF
+QjIRsCHinXfJgBZBnuvlFIl/t8O8T8Gfh5uW7GP2+ZBWDpWjIwqMZNqbuxx3sExd
+5sjo9X15LVckP8zjPSyYzxKfFwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQC7OI4E
+IiZYDiFEVsy9WXwpaMtcD8iGVD+BeKetj8xG9xxUuHktW3IFaugh0OwdHf6kNFG+
+7u3OzJwWaOJddXMIQzGRahArEMJLafjJrZio/bjv9qvwXyHvy4VrCe0vSGa1YHLA
+6KDHmNsO9xtzjTQICnvFd2KqMCObsB6LgJhU3AWHs6liWfyLtxWarETszzUa9w8u
+XZJLAch77qA37eQdgg2ZQUMXrdTVyuP5fReiAdAwD0C53LkEgmmDtvkP+gaS96j0
+1hcc8F5/xCnI5uHi/zZoIVGu/6m6hJKtinsz2JDSwXltMzM5dKwbOHGfLAeQ6h3g
+04lfy+8UjSdUpb1G
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number: 419 (0x1a3)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=US, O=GTE Corporation, CN=GTE CyberTrust Root
+        Validity
+            Not Before: Feb 23 23:01:00 1996 GMT
+            Not After : Feb 23 23:59:00 2006 GMT
+        Subject: C=US, O=GTE Corporation, CN=GTE CyberTrust Root
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:b8:e6:4f:ba:db:98:7c:71:7c:af:44:b7:d3:0f:
+                    46:d9:64:e5:93:c1:42:8e:c7:ba:49:8d:35:2d:7a:
+                    e7:8b:bd:e5:05:31:59:c6:b1:2f:0a:0c:fb:9f:a7:
+                    3f:a2:09:66:84:56:1e:37:29:1b:87:e9:7e:0c:ca:
+                    9a:9f:a5:7f:f5:15:94:a3:d5:a2:46:82:d8:68:4c:
+                    d1:37:15:06:68:af:bd:f8:b0:b3:f0:29:f5:95:5a:
+                    09:16:61:77:0a:22:25:d4:4f:45:aa:c7:bd:e5:96:
+                    df:f9:d4:a8:8e:42:cc:24:c0:1e:91:27:4a:b5:6d:
+                    06:80:63:39:c4:a2:5e:38:03
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: md5WithRSAEncryption
+        12:b3:75:c6:5f:1d:e1:61:55:80:00:d4:81:4b:7b:31:0f:23:
+        63:e7:3d:f3:03:f9:f4:36:a8:bb:d9:e3:a5:97:4d:ea:2b:29:
+        e0:d6:6a:73:81:e6:c0:89:a3:d3:f1:e0:a5:a5:22:37:9a:63:
+        c2:48:20:b4:db:72:e3:c8:f6:d9:7c:be:b1:af:53:da:14:b4:
+        21:b8:d6:d5:96:e3:fe:4e:0c:59:62:b6:9a:4a:f9:42:dd:8c:
+        6f:81:a9:71:ff:f4:0a:72:6d:6d:44:0e:9d:f3:74:74:a8:d5:
+        34:49:e9:5e:9e:e9:b4:7a:e1:e5:5a:1f:84:30:9c:d3:9f:a5:
+        25:d8
+SHA1 Fingerprint=90:DE:DE:9E:4C:4E:9F:6F:D8:86:17:57:9D:D3:91:BC:65:A6:89:64
+-----BEGIN CERTIFICATE-----
+MIIB+jCCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
+VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
+b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
+UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
+cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC45k+625h8cXyv
+RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
+ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
+1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
+dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
+IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
+bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 913232846 (0x366ed3ce)
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, O=Digital Signature Trust Co., OU=DSTCA E2
+        Validity
+            Not Before: Dec  9 19:17:26 1998 GMT
+            Not After : Dec  9 19:47:26 2018 GMT
+        Subject: C=US, O=Digital Signature Trust Co., OU=DSTCA E2
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:bf:93:8f:17:92:ef:33:13:18:eb:10:7f:4e:16:
+                    bf:ff:06:8f:2a:85:bc:5e:f9:24:a6:24:88:b6:03:
+                    b7:c1:c3:5f:03:5b:d1:6f:ae:7e:42:ea:66:23:b8:
+                    63:83:56:fb:28:2d:e1:38:8b:b4:ee:a8:01:e1:ce:
+                    1c:b6:88:2a:22:46:85:fb:9f:a7:70:a9:47:14:3f:
+                    ce:de:65:f0:a8:71:f7:4f:26:6c:8c:bc:c6:b5:ef:
+                    de:49:27:ff:48:2a:7d:e8:4d:03:cc:c7:b2:52:c6:
+                    17:31:13:3b:b5:4d:db:c8:c4:f6:c3:0f:24:2a:da:
+                    0c:9d:e7:91:5b:80:cd:94:9d
+                Exponent: 3 (0x3)
+        X509v3 extensions:
+            Netscape Cert Type: 
+                SSL CA, S/MIME CA, Object Signing CA
+            X509v3 CRL Distribution Points: 
+                DirName:/C=US/O=Digital Signature Trust Co./OU=DSTCA E2/CN=CRL1
+
+            X509v3 Private Key Usage Period: 
+                Not Before: Dec  9 19:17:26 1998 GMT, Not After: Dec  9 19:17:26 2018 GMT
+            X509v3 Key Usage: 
+                Certificate Sign, CRL Sign
+            X509v3 Authority Key Identifier: 
+                keyid:1E:82:4D:28:65:80:3C:C9:41:6E:AC:35:2E:5A:CB:DE:EE:F8:39:5B
+
+            X509v3 Subject Key Identifier: 
+                1E:82:4D:28:65:80:3C:C9:41:6E:AC:35:2E:5A:CB:DE:EE:F8:39:5B
+            X509v3 Basic Constraints: 
+                CA:TRUE
+            1.2.840.113533.7.65.0: 
+                0
+..V4.0....
+    Signature Algorithm: sha1WithRSAEncryption
+        47:8d:83:ad:62:f2:db:b0:9e:45:22:05:b9:a2:d6:03:0e:38:
+        72:e7:9e:fc:7b:e6:93:b6:9a:a5:a2:94:c8:34:1d:91:d1:c5:
+        d7:f4:0a:25:0f:3d:78:81:9e:0f:b1:67:c4:90:4c:63:dd:5e:
+        a7:e2:ba:9f:f5:f7:4d:a5:31:7b:9c:29:2d:4c:fe:64:3e:ec:
+        b6:53:fe:ea:9b:ed:82:db:74:75:4b:07:79:6e:1e:d8:19:83:
+        73:de:f5:3e:d0:b5:de:e7:4b:68:7d:43:2e:2a:20:e1:7e:a0:
+        78:44:9e:08:f5:98:f9:c7:7f:1b:1b:d6:06:20:02:58:a1:c3:
+        a2:03
+SHA1 Fingerprint=AB:48:F3:33:DB:04:AB:B9:C0:72:DA:5B:0C:C1:D0:57:F0:36:9B:46
+-----BEGIN CERTIFICATE-----
+MIIDKTCCApKgAwIBAgIENm7TzjANBgkqhkiG9w0BAQUFADBGMQswCQYDVQQGEwJV
+UzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMREwDwYDVQQL
+EwhEU1RDQSBFMjAeFw05ODEyMDkxOTE3MjZaFw0xODEyMDkxOTQ3MjZaMEYxCzAJ
+BgNVBAYTAlVTMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4x
+ETAPBgNVBAsTCERTVENBIEUyMIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQC/
+k48Xku8zExjrEH9OFr//Bo8qhbxe+SSmJIi2A7fBw18DW9Fvrn5C6mYjuGODVvso
+LeE4i7TuqAHhzhy2iCoiRoX7n6dwqUcUP87eZfCocfdPJmyMvMa1795JJ/9IKn3o
+TQPMx7JSxhcxEzu1TdvIxPbDDyQq2gyd55FbgM2UnQIBA6OCASQwggEgMBEGCWCG
+SAGG+EIBAQQEAwIABzBoBgNVHR8EYTBfMF2gW6BZpFcwVTELMAkGA1UEBhMCVVMx
+JDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjERMA8GA1UECxMI
+RFNUQ0EgRTIxDTALBgNVBAMTBENSTDEwKwYDVR0QBCQwIoAPMTk5ODEyMDkxOTE3
+MjZagQ8yMDE4MTIwOTE5MTcyNlowCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFB6C
+TShlgDzJQW6sNS5ay97u+DlbMB0GA1UdDgQWBBQegk0oZYA8yUFurDUuWsve7vg5
+WzAMBgNVHRMEBTADAQH/MBkGCSqGSIb2fQdBAAQMMAobBFY0LjADAgSQMA0GCSqG
+SIb3DQEBBQUAA4GBAEeNg61i8tuwnkUiBbmi1gMOOHLnnvx75pO2mqWilMg0HZHR
+xdf0CiUPPXiBng+xZ8SQTGPdXqfiup/1902lMXucKS1M/mQ+7LZT/uqb7YLbdHVL
+B3luHtgZg3Pe9T7Qtd7nS2h9Qy4qIOF+oHhEngj1mPnHfxsb1gYgAlihw6ID
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            02:00:00:00:00:00:d6:78:b7:94:05
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
+        Validity
+            Not Before: Sep  1 12:00:00 1998 GMT
+            Not After : Jan 28 12:00:00 2014 GMT
+        Subject: C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (2048 bit)
+                Modulus (2048 bit):
+                    00:da:0e:e6:99:8d:ce:a3:e3:4f:8a:7e:fb:f1:8b:
+                    83:25:6b:ea:48:1f:f1:2a:b0:b9:95:11:04:bd:f0:
+                    63:d1:e2:67:66:cf:1c:dd:cf:1b:48:2b:ee:8d:89:
+                    8e:9a:af:29:80:65:ab:e9:c7:2d:12:cb:ab:1c:4c:
+                    70:07:a1:3d:0a:30:cd:15:8d:4f:f8:dd:d4:8c:50:
+                    15:1c:ef:50:ee:c4:2e:f7:fc:e9:52:f2:91:7d:e0:
+                    6d:d5:35:30:8e:5e:43:73:f2:41:e9:d5:6a:e3:b2:
+                    89:3a:56:39:38:6f:06:3c:88:69:5b:2a:4d:c5:a7:
+                    54:b8:6c:89:cc:9b:f9:3c:ca:e5:fd:89:f5:12:3c:
+                    92:78:96:d6:dc:74:6e:93:44:61:d1:8d:c7:46:b2:
+                    75:0e:86:e8:19:8a:d5:6d:6c:d5:78:16:95:a2:e9:
+                    c8:0a:38:eb:f2:24:13:4f:73:54:93:13:85:3a:1b:
+                    bc:1e:34:b5:8b:05:8c:b9:77:8b:b1:db:1f:20:91:
+                    ab:09:53:6e:90:ce:7b:37:74:b9:70:47:91:22:51:
+                    63:16:79:ae:b1:ae:41:26:08:c8:19:2b:d1:46:aa:
+                    48:d6:64:2a:d7:83:34:ff:2c:2a:c1:6c:19:43:4a:
+                    07:85:e7:d3:7c:f6:21:68:ef:ea:f2:52:9f:7f:93:
+                    90:cf
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Key Usage: critical
+                Certificate Sign, CRL Sign
+            X509v3 Subject Key Identifier: 
+                60:7B:66:1A:45:0D:97:CA:89:50:2F:7D:04:CD:34:A8:FF:FC:FD:4B
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+    Signature Algorithm: md5WithRSAEncryption
+        ae:aa:9f:fc:b7:d2:cb:1f:5f:39:29:28:18:9e:34:c9:6c:4f:
+        6f:1a:f0:64:a2:70:4a:4f:13:86:9b:60:28:9e:e8:81:49:98:
+        7d:0a:bb:e5:b0:9d:3d:36:db:8f:05:51:ff:09:31:2a:1f:dd:
+        89:77:9e:0f:2e:6c:95:04:ed:86:cb:b4:00:3f:84:02:4d:80:
+        6a:2a:2d:78:0b:ae:6f:2b:a2:83:44:83:1f:cd:50:82:4c:24:
+        af:bd:f7:a5:b4:c8:5a:0f:f4:e7:47:5e:49:8e:37:96:fe:9a:
+        88:05:3a:d9:c0:db:29:87:e6:19:96:47:a7:3a:a6:8c:8b:3c:
+        77:fe:46:63:a7:53:da:21:d1:ac:7e:49:a2:4b:e6:c3:67:59:
+        2f:b3:8a:0e:bb:2c:bd:a9:aa:42:7c:35:c1:d8:7f:d5:a7:31:
+        3a:4e:63:43:39:af:08:b0:61:34:8c:d3:98:a9:43:34:f6:0f:
+        87:29:3b:9d:c2:56:58:98:77:c3:f7:1b:ac:f6:9d:f8:3e:aa:
+        a7:54:45:f0:f5:f9:d5:31:65:fe:6b:58:9c:71:b3:1e:d7:52:
+        ea:32:17:fc:40:60:1d:c9:79:24:b2:f6:6c:fd:a8:66:0e:82:
+        dd:98:cb:da:c2:44:4f:2e:a0:7b:f2:f7:6b:2c:76:11:84:46:
+        8a:78:a3:e3
+SHA1 Fingerprint=2F:17:3F:7D:E9:96:67:AF:A5:7A:F8:0A:A2:D1:B1:2F:AC:83:03:38
+-----BEGIN CERTIFICATE-----
+MIIDdTCCAl2gAwIBAgILAgAAAAAA1ni3lAUwDQYJKoZIhvcNAQEEBQAwVzELMAkG
+A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
+b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw
+MDBaFw0xNDAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
+YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
+aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ
+jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp
+xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp
+1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG
+snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ
+U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8
+9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIABjAdBgNVHQ4EFgQU
+YHtmGkUNl8qJUC99BM00qP/8/UswDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0B
+AQQFAAOCAQEArqqf/LfSyx9fOSkoGJ40yWxPbxrwZKJwSk8ThptgKJ7ogUmYfQq7
+5bCdPTbbjwVR/wkxKh/diXeeDy5slQTthsu0AD+EAk2AaioteAuubyuig0SDH81Q
+gkwkr733pbTIWg/050deSY43lv6aiAU62cDbKYfmGZZHpzqmjIs8d/5GY6dT2iHR
+rH5Jokvmw2dZL7OKDrssvamqQnw1wdh/1acxOk5jQzmvCLBhNIzTmKlDNPYPhyk7
+ncJWWJh3w/cbrPad+D6qp1RF8PX51TFl/mtYnHGzHtdS6jIX/EBgHcl5JLL2bP2o
+Zg6C3ZjL2sJETy6ge/L3ayx2EYRGinij4w==
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number:
+            2d:1b:fc:4a:17:8d:a3:91:eb:e7:ff:f5:8b:45:be:0b
+        Signature Algorithm: md2WithRSAEncryption
+        Issuer: C=US, O=VeriSign, Inc., OU=Class 2 Public Primary Certification Authority
+        Validity
+            Not Before: Jan 29 00:00:00 1996 GMT
+            Not After : Aug  1 23:59:59 2028 GMT
+        Subject: C=US, O=VeriSign, Inc., OU=Class 2 Public Primary Certification Authority
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:b6:5a:8b:a3:0d:6a:23:83:80:6b:cf:39:87:f4:
+                    21:13:33:06:4c:25:a2:ed:55:12:97:c5:a7:80:b9:
+                    fa:83:c1:20:a0:fa:2f:15:0d:7c:a1:60:6b:7e:79:
+                    2c:fa:06:0f:3a:ae:f6:1b:6f:b1:d2:ff:2f:28:52:
+                    5f:83:7d:4b:c4:7a:b7:f8:66:1f:80:54:fc:b7:c2:
+                    8e:59:4a:14:57:46:d1:9a:93:be:41:91:03:bb:15:
+                    80:93:5c:eb:e7:cc:08:6c:3f:3e:b3:4a:fc:ff:4b:
+                    6c:23:d5:50:82:26:44:19:8e:23:c3:71:ea:19:24:
+                    47:04:9e:75:bf:c8:a6:00:1f
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: md2WithRSAEncryption
+        8a:1b:2b:fa:39:c1:74:d7:5e:d8:19:64:a2:58:4a:2d:37:e0:
+        33:47:0f:ac:ed:f7:aa:db:1e:e4:8b:06:5c:60:27:ca:45:52:
+        ce:16:ef:3f:06:64:e7:94:68:7c:60:33:15:11:69:af:9d:62:
+        8d:a3:03:54:6b:a6:be:e5:ee:05:18:60:04:bf:42:80:fd:d0:
+        a8:a8:1e:01:3b:f7:a3:5c:af:a3:dc:e6:26:80:23:3c:b8:44:
+        74:f7:0a:ae:49:8b:61:78:cc:24:bf:88:8a:a7:0e:ea:73:19:
+        41:fd:4d:03:f0:88:d1:e5:78:8d:a5:2a:4f:f6:97:0d:17:77:
+        ca:d8
+SHA1 Fingerprint=67:82:AA:E0:ED:EE:E2:1A:58:39:D3:C0:CD:14:68:0A:4F:60:14:2A
+-----BEGIN CERTIFICATE-----
+MIICPDCCAaUCEC0b/EoXjaOR6+f/9YtFvgswDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
+cyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
+MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
+BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAyIFB1YmxpYyBQcmlt
+YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQC2WoujDWojg4BrzzmH9CETMwZMJaLtVRKXxaeAufqDwSCg+i8VDXyh
+YGt+eSz6Bg86rvYbb7HS/y8oUl+DfUvEerf4Zh+AVPy3wo5ZShRXRtGak75BkQO7
+FYCTXOvnzAhsPz6zSvz/S2wj1VCCJkQZjiPDceoZJEcEnnW/yKYAHwIDAQABMA0G
+CSqGSIb3DQEBAgUAA4GBAIobK/o5wXTXXtgZZKJYSi034DNHD6zt96rbHuSLBlxg
+J8pFUs4W7z8GZOeUaHxgMxURaa+dYo2jA1Rrpr7l7gUYYAS/QoD90KioHgE796Nc
+r6Pc5iaAIzy4RHT3Cq5Ji2F4zCS/iIqnDupzGUH9TQPwiNHleI2lKk/2lw0Xd8rY
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number:
+            4c:c7:ea:aa:98:3e:71:d3:93:10:f8:3d:3a:89:91:92
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, O=VeriSign, Inc., OU=Class 1 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
+        Validity
+            Not Before: May 18 00:00:00 1998 GMT
+            Not After : Aug  1 23:59:59 2028 GMT
+        Subject: C=US, O=VeriSign, Inc., OU=Class 1 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:aa:d0:ba:be:16:2d:b8:83:d4:ca:d2:0f:bc:76:
+                    31:ca:94:d8:1d:93:8c:56:02:bc:d9:6f:1a:6f:52:
+                    36:6e:75:56:0a:55:d3:df:43:87:21:11:65:8a:7e:
+                    8f:bd:21:de:6b:32:3f:1b:84:34:95:05:9d:41:35:
+                    eb:92:eb:96:dd:aa:59:3f:01:53:6d:99:4f:ed:e5:
+                    e2:2a:5a:90:c1:b9:c4:a6:15:cf:c8:45:eb:a6:5d:
+                    8e:9c:3e:f0:64:24:76:a5:cd:ab:1a:6f:b6:d8:7b:
+                    51:61:6e:a6:7f:87:c8:e2:b7:e5:34:dc:41:88:ea:
+                    09:40:be:73:92:3d:6b:e7:75
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: sha1WithRSAEncryption
+        a9:4f:c3:0d:c7:67:be:2c:cb:d9:a8:cd:2d:75:e7:7e:15:9e:
+        3b:72:eb:7e:eb:5c:2d:09:87:d6:6b:6d:60:7c:e5:ae:c5:90:
+        23:0c:5c:4a:d0:af:b1:5d:f3:c7:b6:0a:db:e0:15:93:0d:dd:
+        03:bc:c7:76:8a:b5:dd:4f:c3:9b:13:75:b8:01:c0:e6:c9:5b:
+        6b:a5:b8:89:dc:ac:a4:dd:72:ed:4e:a1:f7:4f:bc:06:d3:ea:
+        c8:64:74:7b:c2:95:41:9c:65:73:58:f1:90:9a:3c:6a:b1:98:
+        c9:c4:87:bc:cf:45:6d:45:e2:6e:22:3f:fe:bc:0f:31:5c:e8:
+        f2:d9
+SHA1 Fingerprint=27:3E:E1:24:57:FD:C4:F9:0C:55:E8:2B:56:16:7F:62:F5:32:E5:47
+-----BEGIN CERTIFICATE-----
+MIIDAjCCAmsCEEzH6qqYPnHTkxD4PTqJkZIwDQYJKoZIhvcNAQEFBQAwgcExCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xh
+c3MgMSBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy
+MTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp
+emVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4X
+DTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMSBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEo
+YykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5
+MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQCq0Lq+Fi24g9TK0g+8djHKlNgdk4xWArzZbxpvUjZudVYK
+VdPfQ4chEWWKfo+9Id5rMj8bhDSVBZ1BNeuS65bdqlk/AVNtmU/t5eIqWpDBucSm
+Fc/IReumXY6cPvBkJHalzasab7bYe1FhbqZ/h8jit+U03EGI6glAvnOSPWvndQID
+AQABMA0GCSqGSIb3DQEBBQUAA4GBAKlPww3HZ74sy9mozS11534Vnjty637rXC0J
+h9ZrbWB85a7FkCMMXErQr7Fd88e2CtvgFZMN3QO8x3aKtd1Pw5sTdbgBwObJW2ul
+uIncrKTdcu1OofdPvAbT6shkdHvClUGcZXNY8ZCaPGqxmMnEh7zPRW1F4m4iP/68
+DzFc6PLZ
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 913315222 (0x36701596)
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, O=Digital Signature Trust Co., OU=DSTCA E1
+        Validity
+            Not Before: Dec 10 18:10:23 1998 GMT
+            Not After : Dec 10 18:40:23 2018 GMT
+        Subject: C=US, O=Digital Signature Trust Co., OU=DSTCA E1
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:a0:6c:81:a9:cf:34:1e:24:dd:fe:86:28:cc:de:
+                    83:2f:f9:5e:d4:42:d2:e8:74:60:66:13:98:06:1c:
+                    a9:51:12:69:6f:31:55:b9:49:72:00:08:7e:d3:a5:
+                    62:44:37:24:99:8f:d9:83:48:8f:99:6d:95:13:bb:
+                    43:3b:2e:49:4e:88:37:c1:bb:58:7f:fe:e1:bd:f8:
+                    bb:61:cd:f3:47:c0:99:a6:f1:f3:91:e8:78:7c:00:
+                    cb:61:c9:44:27:71:69:55:4a:7e:49:4d:ed:a2:a3:
+                    be:02:4c:00:ca:02:a8:ee:01:02:31:64:0f:52:2d:
+                    13:74:76:36:b5:7a:b4:2d:71
+                Exponent: 3 (0x3)
+        X509v3 extensions:
+            Netscape Cert Type: 
+                SSL CA, S/MIME CA, Object Signing CA
+            X509v3 CRL Distribution Points: 
+                DirName:/C=US/O=Digital Signature Trust Co./OU=DSTCA E1/CN=CRL1
+
+            X509v3 Private Key Usage Period: 
+                Not Before: Dec 10 18:10:23 1998 GMT, Not After: Dec 10 18:10:23 2018 GMT
+            X509v3 Key Usage: 
+                Certificate Sign, CRL Sign
+            X509v3 Authority Key Identifier: 
+                keyid:6A:79:7E:91:69:46:18:13:0A:02:77:A5:59:5B:60:98:25:0E:A2:F8
+
+            X509v3 Subject Key Identifier: 
+                6A:79:7E:91:69:46:18:13:0A:02:77:A5:59:5B:60:98:25:0E:A2:F8
+            X509v3 Basic Constraints: 
+                CA:TRUE
+            1.2.840.113533.7.65.0: 
+                0
+..V4.0....
+    Signature Algorithm: sha1WithRSAEncryption
+        22:12:d8:7a:1d:dc:81:06:b6:09:65:b2:87:c8:1f:5e:b4:2f:
+        e9:c4:1e:f2:3c:c1:bb:04:90:11:4a:83:4e:7e:93:b9:4d:42:
+        c7:92:26:a0:5c:34:9a:38:72:f8:fd:6b:16:3e:20:ee:82:8b:
+        31:2a:93:36:85:23:88:8a:3c:03:68:d3:c9:09:0f:4d:fc:6c:
+        a4:da:28:72:93:0e:89:80:b0:7d:fe:80:6f:65:6d:18:33:97:
+        8b:c2:6b:89:ee:60:3d:c8:9b:ef:7f:2b:32:62:73:93:cb:3c:
+        e3:7b:e2:76:78:45:bc:a1:93:04:bb:86:9f:3a:5b:43:7a:c3:
+        8a:65
+SHA1 Fingerprint=81:96:8B:3A:EF:1C:DC:70:F5:FA:32:69:C2:92:A3:63:5B:D1:23:D3
+-----BEGIN CERTIFICATE-----
+MIIDKTCCApKgAwIBAgIENnAVljANBgkqhkiG9w0BAQUFADBGMQswCQYDVQQGEwJV
+UzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMREwDwYDVQQL
+EwhEU1RDQSBFMTAeFw05ODEyMTAxODEwMjNaFw0xODEyMTAxODQwMjNaMEYxCzAJ
+BgNVBAYTAlVTMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4x
+ETAPBgNVBAsTCERTVENBIEUxMIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQCg
+bIGpzzQeJN3+hijM3oMv+V7UQtLodGBmE5gGHKlREmlvMVW5SXIACH7TpWJENySZ
+j9mDSI+ZbZUTu0M7LklOiDfBu1h//uG9+LthzfNHwJmm8fOR6Hh8AMthyUQncWlV
+Sn5JTe2io74CTADKAqjuAQIxZA9SLRN0dja1erQtcQIBA6OCASQwggEgMBEGCWCG
+SAGG+EIBAQQEAwIABzBoBgNVHR8EYTBfMF2gW6BZpFcwVTELMAkGA1UEBhMCVVMx
+JDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjERMA8GA1UECxMI
+RFNUQ0EgRTExDTALBgNVBAMTBENSTDEwKwYDVR0QBCQwIoAPMTk5ODEyMTAxODEw
+MjNagQ8yMDE4MTIxMDE4MTAyM1owCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFGp5
+fpFpRhgTCgJ3pVlbYJglDqL4MB0GA1UdDgQWBBRqeX6RaUYYEwoCd6VZW2CYJQ6i
++DAMBgNVHRMEBTADAQH/MBkGCSqGSIb2fQdBAAQMMAobBFY0LjADAgSQMA0GCSqG
+SIb3DQEBBQUAA4GBACIS2Hod3IEGtgllsofIH160L+nEHvI8wbsEkBFKg05+k7lN
+QseSJqBcNJo4cvj9axY+IO6CizEqkzaFI4iKPANo08kJD038bKTaKHKTDomAsH3+
+gG9lbRgzl4vCa4nuYD3Im+9/KzJic5PLPON74nZ4RbyhkwS7hp86W0N6w4pl
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA/emailAddress=premium-server@thawte.com
+        Validity
+            Not Before: Aug  1 00:00:00 1996 GMT
+            Not After : Dec 31 23:59:59 2020 GMT
+        Subject: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA/emailAddress=premium-server@thawte.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:d2:36:36:6a:8b:d7:c2:5b:9e:da:81:41:62:8f:
+                    38:ee:49:04:55:d6:d0:ef:1c:1b:95:16:47:ef:18:
+                    48:35:3a:52:f4:2b:6a:06:8f:3b:2f:ea:56:e3:af:
+                    86:8d:9e:17:f7:9e:b4:65:75:02:4d:ef:cb:09:a2:
+                    21:51:d8:9b:d0:67:d0:ba:0d:92:06:14:73:d4:93:
+                    cb:97:2a:00:9c:5c:4e:0c:bc:fa:15:52:fc:f2:44:
+                    6e:da:11:4a:6e:08:9f:2f:2d:e3:f9:aa:3a:86:73:
+                    b6:46:53:58:c8:89:05:bd:83:11:b8:73:3f:aa:07:
+                    8d:f4:42:4d:e7:40:9d:1c:37
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+    Signature Algorithm: md5WithRSAEncryption
+        26:48:2c:16:c2:58:fa:e8:16:74:0c:aa:aa:5f:54:3f:f2:d7:
+        c9:78:60:5e:5e:6e:37:63:22:77:36:7e:b2:17:c4:34:b9:f5:
+        08:85:fc:c9:01:38:ff:4d:be:f2:16:42:43:e7:bb:5a:46:fb:
+        c1:c6:11:1f:f1:4a:b0:28:46:c9:c3:c4:42:7d:bc:fa:ab:59:
+        6e:d5:b7:51:88:11:e3:a4:85:19:6b:82:4c:a4:0c:12:ad:e9:
+        a4:ae:3f:f1:c3:49:65:9a:8c:c5:c8:3e:25:b7:94:99:bb:92:
+        32:71:07:f0:86:5e:ed:50:27:a6:0d:a6:23:f9:bb:cb:a6:07:
+        14:42
+SHA1 Fingerprint=62:7F:8D:78:27:65:63:99:D2:7D:7F:90:44:C9:FE:B3:F3:3E:FA:9A
+-----BEGIN CERTIFICATE-----
+MIIDJzCCApCgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBzjELMAkGA1UEBhMCWkEx
+FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
+VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
+biBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhhd3RlIFByZW1pdW0gU2Vy
+dmVyIENBMSgwJgYJKoZIhvcNAQkBFhlwcmVtaXVtLXNlcnZlckB0aGF3dGUuY29t
+MB4XDTk2MDgwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgc4xCzAJBgNVBAYTAlpB
+MRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsG
+A1UEChMUVGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRp
+b24gU2VydmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNl
+cnZlciBDQTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNv
+bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0jY2aovXwlue2oFBYo847kkE
+VdbQ7xwblRZH7xhINTpS9CtqBo87L+pW46+GjZ4X9560ZXUCTe/LCaIhUdib0GfQ
+ug2SBhRz1JPLlyoAnFxODLz6FVL88kRu2hFKbgifLy3j+ao6hnO2RlNYyIkFvYMR
+uHM/qgeN9EJN50CdHDcCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
+9w0BAQQFAAOBgQAmSCwWwlj66BZ0DKqqX1Q/8tfJeGBeXm43YyJ3Nn6yF8Q0ufUI
+hfzJATj/Tb7yFkJD57taRvvBxhEf8UqwKEbJw8RCfbz6q1lu1bdRiBHjpIUZa4JM
+pAwSremkrj/xw0llmozFyD4lt5SZu5IycQfwhl7tUCemDaYj+bvLpgcUQg==
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 133 (0x85)
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, O=American Express Company, Inc., OU=American Express Technologies, CN=American Express Global Certificate Authority
+        Validity
+            Not Before: Aug 14 19:06:00 1998 GMT
+            Not After : Aug 14 23:59:00 2013 GMT
+        Subject: C=US, O=American Express Company, Inc., OU=American Express Technologies, CN=American Express Global Certificate Authority
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (2048 bit)
+                Modulus (2048 bit):
+                    00:f0:24:26:66:2e:fb:eb:4a:73:71:53:89:47:cb:
+                    26:3c:53:92:94:4c:ca:c2:85:b5:0d:f8:c3:57:bd:
+                    2f:2a:1f:6a:18:b7:57:af:0c:00:16:fa:a0:b6:90:
+                    a6:f7:1a:a1:2e:66:26:c7:68:a3:8a:93:69:66:b5:
+                    46:56:2d:1d:82:ea:90:0c:0a:22:c2:89:50:8d:05:
+                    f3:d4:ab:73:41:f0:cf:12:ac:28:b4:6f:14:94:96:
+                    59:4b:9e:90:75:86:df:e2:47:eb:e1:e9:4f:43:7e:
+                    87:ca:27:18:66:9e:b5:c1:40:65:7d:fc:61:6f:ad:
+                    9b:72:cf:a9:5e:d8:f3:f9:da:6e:91:10:fa:4c:b5:
+                    ea:7e:20:de:a9:39:2f:f5:88:e4:8a:6f:35:c6:20:
+                    9c:2b:86:46:33:0a:fc:31:55:a5:6b:ac:16:40:e9:
+                    cd:35:59:6f:32:04:c3:7b:b5:0f:7b:77:70:f3:48:
+                    bb:2a:52:82:ce:af:29:6d:f1:11:6f:6d:e6:07:00:
+                    01:ef:9a:f3:26:0d:a6:79:13:67:af:f8:ab:1c:75:
+                    ac:91:b5:6b:be:40:b0:de:9c:0c:b1:69:85:19:71:
+                    91:13:45:ca:df:d1:fd:e6:b2:ca:96:83:79:db:c5:
+                    b8:aa:5b:7a:90:0b:78:56:3e:c6:d7:9f:94:48:11:
+                    f5:ad
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: critical
+                CA:TRUE, pathlen:5
+            X509v3 Key Usage: critical
+                Certificate Sign, CRL Sign
+            X509v3 Certificate Policies: 
+                Policy: 1.2.840.113807.10.1.5.1
+
+            X509v3 Subject Key Identifier: 
+                57:47:35:7B:36:27:11:A8:08:FC:2F:46:25:EB:24:69
+    Signature Algorithm: sha1WithRSAEncryption
+        c7:61:45:a8:8a:71:b9:be:34:e9:21:7b:21:cd:56:13:98:d5:
+        30:63:e9:18:aa:4b:92:15:bf:0b:1d:bb:ec:92:69:c5:2e:c3:
+        61:8b:e8:30:45:cb:10:46:c1:73:38:5c:8b:19:d2:2b:f3:40:
+        eb:7c:72:b3:2e:1e:27:e3:75:95:8a:1c:9b:2e:c4:95:05:86:
+        72:d0:55:f4:a1:92:52:79:5c:db:f4:f8:dc:e5:d7:12:b1:40:
+        c7:3c:86:e4:31:65:4a:ca:37:c6:de:76:57:19:69:4c:46:69:
+        fc:2a:ad:16:37:7a:93:ac:f7:21:4b:2d:fb:eb:a9:50:cb:c1:
+        d1:40:08:da:03:69:87:a7:37:5e:55:c1:c5:ed:c4:e3:8e:0c:
+        26:97:9b:5c:57:4b:72:e3:f2:03:05:d0:02:3b:26:03:40:90:
+        9e:be:0b:5b:49:0c:78:f1:d5:4c:55:29:e0:f6:fd:4c:03:a9:
+        54:02:32:d1:57:5a:85:ac:43:ed:5b:3b:16:5f:a0:bf:35:db:
+        4b:9e:7b:e8:ff:e7:0d:3c:3b:a8:9b:49:41:46:f5:73:4e:ff:
+        92:65:21:83:13:55:71:eb:49:3c:7f:88:1a:c2:12:28:25:a1:
+        46:4b:41:37:97:7f:ec:8e:f1:d4:a1:96:c2:20:b6:5e:ad:a9:
+        1c:1e:11:a0
+SHA1 Fingerprint=05:15:83:35:7C:B7:B7:BE:E4:0E:BB:91:FF:6B:3B:BC:F1:54:DD:56
+-----BEGIN CERTIFICATE-----
+MIIEBDCCAuygAwIBAgICAIUwDQYJKoZIhvcNAQEFBQAwgZYxCzAJBgNVBAYTAlVT
+MScwJQYDVQQKEx5BbWVyaWNhbiBFeHByZXNzIENvbXBhbnksIEluYy4xJjAkBgNV
+BAsTHUFtZXJpY2FuIEV4cHJlc3MgVGVjaG5vbG9naWVzMTYwNAYDVQQDEy1BbWVy
+aWNhbiBFeHByZXNzIEdsb2JhbCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNOTgw
+ODE0MTkwNjAwWhcNMTMwODE0MjM1OTAwWjCBljELMAkGA1UEBhMCVVMxJzAlBgNV
+BAoTHkFtZXJpY2FuIEV4cHJlc3MgQ29tcGFueSwgSW5jLjEmMCQGA1UECxMdQW1l
+cmljYW4gRXhwcmVzcyBUZWNobm9sb2dpZXMxNjA0BgNVBAMTLUFtZXJpY2FuIEV4
+cHJlc3MgR2xvYmFsIENlcnRpZmljYXRlIEF1dGhvcml0eTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAPAkJmYu++tKc3FTiUfLJjxTkpRMysKFtQ34w1e9
+Lyofahi3V68MABb6oLaQpvcaoS5mJsdoo4qTaWa1RlYtHYLqkAwKIsKJUI0F89Sr
+c0HwzxKsKLRvFJSWWUuekHWG3+JH6+HpT0N+h8onGGaetcFAZX38YW+tm3LPqV7Y
+8/nabpEQ+ky16n4g3qk5L/WI5IpvNcYgnCuGRjMK/DFVpWusFkDpzTVZbzIEw3u1
+D3t3cPNIuypSgs6vKW3xEW9t5gcAAe+a8yYNpnkTZ6/4qxx1rJG1a75AsN6cDLFp
+hRlxkRNFyt/R/eayypaDedvFuKpbepALeFY+xteflEgR9a0CAwEAAaNaMFgwEgYD
+VR0TAQH/BAgwBgEB/wIBBTAOBgNVHQ8BAf8EBAMCAQYwFwYDVR0gBBAwDjAMBgoq
+hkiG+Q8KAQUBMBkGA1UdDgQSBBBXRzV7NicRqAj8L0Yl6yRpMA0GCSqGSIb3DQEB
+BQUAA4IBAQDHYUWoinG5vjTpIXshzVYTmNUwY+kYqkuSFb8LHbvskmnFLsNhi+gw
+RcsQRsFzOFyLGdIr80DrfHKzLh4n43WVihybLsSVBYZy0FX0oZJSeVzb9Pjc5dcS
+sUDHPIbkMWVKyjfG3nZXGWlMRmn8Kq0WN3qTrPchSy3766lQy8HRQAjaA2mHpzde
+VcHF7cTjjgwml5tcV0ty4/IDBdACOyYDQJCevgtbSQx48dVMVSng9v1MA6lUAjLR
+V1qFrEPtWzsWX6C/NdtLnnvo/+cNPDuom0lBRvVzTv+SZSGDE1Vx60k8f4gawhIo
+JaFGS0E3l3/sjvHUoZbCILZerakcHhGg
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA/emailAddress=server-certs@thawte.com
+        Validity
+            Not Before: Aug  1 00:00:00 1996 GMT
+            Not After : Dec 31 23:59:59 2020 GMT
+        Subject: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA/emailAddress=server-certs@thawte.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:d3:a4:50:6e:c8:ff:56:6b:e6:cf:5d:b6:ea:0c:
+                    68:75:47:a2:aa:c2:da:84:25:fc:a8:f4:47:51:da:
+                    85:b5:20:74:94:86:1e:0f:75:c9:e9:08:61:f5:06:
+                    6d:30:6e:15:19:02:e9:52:c0:62:db:4d:99:9e:e2:
+                    6a:0c:44:38:cd:fe:be:e3:64:09:70:c5:fe:b1:6b:
+                    29:b6:2f:49:c8:3b:d4:27:04:25:10:97:2f:e7:90:
+                    6d:c0:28:42:99:d7:4c:43:de:c3:f5:21:6d:54:9f:
+                    5d:c3:58:e1:c0:e4:d9:5b:b0:b8:dc:b4:7b:df:36:
+                    3a:c2:b5:66:22:12:d6:87:0d
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+    Signature Algorithm: md5WithRSAEncryption
+        07:fa:4c:69:5c:fb:95:cc:46:ee:85:83:4d:21:30:8e:ca:d9:
+        a8:6f:49:1a:e6:da:51:e3:60:70:6c:84:61:11:a1:1a:c8:48:
+        3e:59:43:7d:4f:95:3d:a1:8b:b7:0b:62:98:7a:75:8a:dd:88:
+        4e:4e:9e:40:db:a8:cc:32:74:b9:6f:0d:c6:e3:b3:44:0b:d9:
+        8a:6f:9a:29:9b:99:18:28:3b:d1:e3:40:28:9a:5a:3c:d5:b5:
+        e7:20:1b:8b:ca:a4:ab:8d:e9:51:d9:e2:4c:2c:59:a9:da:b9:
+        b2:75:1b:f6:42:f2:ef:c7:f2:18:f9:89:bc:a3:ff:8a:23:2e:
+        70:47
+SHA1 Fingerprint=23:E5:94:94:51:95:F2:41:48:03:B4:D5:64:D2:A3:A3:F5:D8:8B:8C
+-----BEGIN CERTIFICATE-----
+MIIDEzCCAnygAwIBAgIBATANBgkqhkiG9w0BAQQFADCBxDELMAkGA1UEBhMCWkEx
+FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
+VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
+biBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEm
+MCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wHhcNOTYwODAx
+MDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCBxDELMAkGA1UEBhMCWkExFTATBgNVBAgT
+DFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYDVQQKExRUaGF3
+dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNl
+cyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEmMCQGCSqGSIb3
+DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQAD
+gY0AMIGJAoGBANOkUG7I/1Zr5s9dtuoMaHVHoqrC2oQl/Kj0R1HahbUgdJSGHg91
+yekIYfUGbTBuFRkC6VLAYttNmZ7iagxEOM3+vuNkCXDF/rFrKbYvScg71CcEJRCX
+L+eQbcAoQpnXTEPew/UhbVSfXcNY4cDk2VuwuNy0e982OsK1ZiIS1ocNAgMBAAGj
+EzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAB/pMaVz7lcxG
+7oWDTSEwjsrZqG9JGubaUeNgcGyEYRGhGshIPllDfU+VPaGLtwtimHp1it2ITk6e
+QNuozDJ0uW8NxuOzRAvZim+aKZuZGCg70eNAKJpaPNW15yAbi8qkq43pUdniTCxZ
+qdq5snUb9kLy78fyGPmJvKP/iiMucEc=
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            02:00:00:00:00:00:d6:78:b8:37:cf
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
+        Validity
+            Not Before: Sep 15 12:00:00 1998 GMT
+            Not After : Jan 28 12:00:00 2009 GMT
+        Subject: C=BE, O=GlobalSign nv-sa, OU=Primary Class 1 CA, CN=GlobalSign Primary Class 1 CA
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (2048 bit)
+                Modulus (2048 bit):
+                    00:bd:20:35:47:d1:28:d6:08:a3:12:39:23:47:0d:
+                    bd:70:21:52:0e:57:31:95:a6:34:57:6b:ec:7e:43:
+                    79:c3:06:52:48:cd:bc:b5:a1:99:bd:d8:1f:32:bc:
+                    cf:d7:6e:72:6d:2e:77:22:90:82:4e:4b:8f:9a:0c:
+                    01:42:9a:d9:70:59:b6:9d:1f:e6:63:d1:0c:ad:1d:
+                    4e:f8:85:81:f9:ae:ef:9f:a6:52:61:44:79:1a:75:
+                    45:e0:61:56:45:6d:42:8c:3d:72:cb:a6:a4:12:b7:
+                    9a:f5:d6:60:d0:60:50:b3:8e:a6:a6:ec:b4:f4:12:
+                    cd:7f:a8:ce:ef:b3:e1:85:30:fe:72:c4:e6:e7:77:
+                    b3:9e:58:41:d6:51:83:88:07:c6:b6:69:4f:36:de:
+                    d1:0b:48:3f:bd:d6:9f:21:74:64:6f:27:06:3e:4b:
+                    fd:0e:a6:9b:bf:a4:48:57:8c:90:ee:89:18:0b:02:
+                    81:18:be:67:fe:53:60:88:27:ba:a3:73:34:4b:5a:
+                    56:b4:de:73:05:ed:98:96:5d:ec:4a:e7:40:fc:4b:
+                    09:62:eb:d0:e3:31:4f:85:d1:7a:ab:59:67:2b:fb:
+                    88:0f:eb:aa:83:bd:35:fd:61:27:ec:66:0e:42:57:
+                    f7:69:c2:0c:ef:fc:6a:c2:6e:49:da:8f:41:38:ae:
+                    48:a9
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Key Usage: critical
+                Certificate Sign, CRL Sign
+            X509v3 Subject Key Identifier: 
+                FC:E0:66:F6:5A:35:99:EB:40:1E:D2:B8:1E:43:BC:98:8E:1F:8A:C3
+            X509v3 Authority Key Identifier: 
+                keyid:60:7B:66:1A:45:0D:97:CA:89:50:2F:7D:04:CD:34:A8:FF:FC:FD:4B
+
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+    Signature Algorithm: md5WithRSAEncryption
+        9b:a3:08:44:ce:f2:90:9d:71:f3:32:b3:05:6a:b5:ea:cf:29:
+        98:de:55:3e:a0:16:7d:06:7a:44:d6:af:d2:fa:13:58:8c:f8:
+        1c:c7:ab:1d:b4:1b:ef:69:68:98:5c:08:39:8f:e0:f7:fb:48:
+        cc:21:e7:b8:33:db:05:aa:34:24:6c:4a:e5:e9:7b:60:de:83:
+        b3:1f:0a:be:41:75:fc:cc:30:48:b7:c1:26:1d:04:33:aa:b6:
+        78:ed:2a:cb:ba:56:97:32:6e:f7:31:95:2e:46:f2:14:ee:27:
+        c7:f7:62:89:b9:5c:5a:d3:38:8a:64:f5:37:b4:f1:b3:34:72:
+        d5:d5:21:3d:4b:d7:78:93:d7:31:66:35:1e:a3:d8:47:49:6f:
+        1c:ad:e1:80:7f:f8:98:24:6c:73:ac:0e:c2:1a:77:02:a3:26:
+        07:b7:c7:6b:5d:bc:82:d5:2a:48:1d:63:cf:50:32:a6:fb:1c:
+        18:47:15:0a:5b:0c:5c:38:24:9a:04:98:a8:08:48:5f:7c:34:
+        87:63:ab:2d:8d:4c:00:77:94:1b:76:ba:f5:16:18:a3:15:af:
+        2f:94:f6:29:00:76:c1:15:17:d3:e9:37:4d:76:d4:cb:4b:29:
+        59:24:ac:da:4a:a0:ea:63:de:5f:54:b1:fa:f3:d1:45:cb:c5:
+        64:b4:73:21
+SHA1 Fingerprint=EB:31:54:CD:21:96:F3:55:12:2B:89:67:B7:73:02:42:ED:D1:DE:4B
+-----BEGIN CERTIFICATE-----
+MIIDrDCCApSgAwIBAgILAgAAAAAA1ni4N88wDQYJKoZIhvcNAQEEBQAwVzELMAkG
+A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
+b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MTUxMjAw
+MDBaFw0wOTAxMjgxMjAwMDBaMG0xCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
+YWxTaWduIG52LXNhMRswGQYDVQQLExJQcmltYXJ5IENsYXNzIDEgQ0ExJjAkBgNV
+BAMTHUdsb2JhbFNpZ24gUHJpbWFyeSBDbGFzcyAxIENBMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAvSA1R9Eo1gijEjkjRw29cCFSDlcxlaY0V2vsfkN5
+wwZSSM28taGZvdgfMrzP125ybS53IpCCTkuPmgwBQprZcFm2nR/mY9EMrR1O+IWB
++a7vn6ZSYUR5GnVF4GFWRW1CjD1yy6akErea9dZg0GBQs46mpuy09BLNf6jO77Ph
+hTD+csTm53eznlhB1lGDiAfGtmlPNt7RC0g/vdafIXRkbycGPkv9Dqabv6RIV4yQ
+7okYCwKBGL5n/lNgiCe6o3M0S1pWtN5zBe2Yll3sSudA/EsJYuvQ4zFPhdF6q1ln
+K/uID+uqg701/WEn7GYOQlf3acIM7/xqwm5J2o9BOK5IqQIDAQABo2MwYTAOBgNV
+HQ8BAf8EBAMCAAYwHQYDVR0OBBYEFPzgZvZaNZnrQB7SuB5DvJiOH4rDMB8GA1Ud
+IwQYMBaAFGB7ZhpFDZfKiVAvfQTNNKj//P1LMA8GA1UdEwEB/wQFMAMBAf8wDQYJ
+KoZIhvcNAQEEBQADggEBAJujCETO8pCdcfMyswVqterPKZjeVT6gFn0GekTWr9L6
+E1iM+BzHqx20G+9paJhcCDmP4Pf7SMwh57gz2wWqNCRsSuXpe2Deg7MfCr5BdfzM
+MEi3wSYdBDOqtnjtKsu6VpcybvcxlS5G8hTuJ8f3Yom5XFrTOIpk9Te08bM0ctXV
+IT1L13iT1zFmNR6j2EdJbxyt4YB/+JgkbHOsDsIadwKjJge3x2tdvILVKkgdY89Q
+Mqb7HBhHFQpbDFw4JJoEmKgISF98NIdjqy2NTAB3lBt2uvUWGKMVry+U9ikAdsEV
+F9PpN0121MtLKVkkrNpKoOpj3l9Usfrz0UXLxWS0cyE=
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=support@cacert.org
+        Validity
+            Not Before: Oct 14 07:36:55 2005 GMT
+            Not After : Mar 28 07:36:55 2033 GMT
+        Subject: O=CAcert Inc., OU=http://www.CAcert.org, CN=CAcert Class 3 Root
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (4096 bit)
+                Modulus (4096 bit):
+                    00:ab:49:35:11:48:7c:d2:26:7e:53:94:cf:43:a9:
+                    dd:28:d7:42:2a:8b:f3:87:78:19:58:7c:0f:9e:da:
+                    89:7d:e1:fb:eb:72:90:0d:74:a1:96:64:ab:9f:a0:
+                    24:99:73:da:e2:55:76:c7:17:7b:f5:04:ac:46:b8:
+                    c3:be:7f:64:8d:10:6c:24:f3:61:9c:c0:f2:90:fa:
+                    51:e6:f5:69:01:63:c3:0f:56:e2:4a:42:cf:e2:44:
+                    8c:25:28:a8:c5:79:09:7d:46:b9:8a:f3:e9:f3:34:
+                    29:08:45:e4:1c:9f:cb:94:04:1c:81:a8:14:b3:98:
+                    65:c4:43:ec:4e:82:8d:09:d1:bd:aa:5b:8d:92:d0:
+                    ec:de:90:c5:7f:0a:c2:e3:eb:e6:31:5a:5e:74:3e:
+                    97:33:59:e8:c3:03:3d:60:33:bf:f7:d1:6f:47:c4:
+                    cd:ee:62:83:52:6e:2e:08:9a:a4:d9:15:18:91:a6:
+                    85:92:47:b0:ae:48:eb:6d:b7:21:ec:85:1a:68:72:
+                    35:ab:ff:f0:10:5d:c0:f4:94:a7:6a:d5:3b:92:7e:
+                    4c:90:05:7e:93:c1:2c:8b:a4:8e:62:74:15:71:6e:
+                    0b:71:03:ea:af:15:38:9a:d4:d2:05:72:6f:8c:f9:
+                    2b:eb:5a:72:25:f9:39:46:e3:72:1b:3e:04:c3:64:
+                    27:22:10:2a:8a:4f:58:a7:03:ad:be:b4:2e:13:ed:
+                    5d:aa:48:d7:d5:7d:d4:2a:7b:5c:fa:46:04:50:e4:
+                    cc:0e:42:5b:8c:ed:db:f2:cf:fc:96:93:e0:db:11:
+                    36:54:62:34:38:8f:0c:60:9b:3b:97:56:38:ad:f3:
+                    d2:5b:8b:a0:5b:ea:4e:96:b8:7c:d7:d5:a0:86:70:
+                    40:d3:91:29:b7:a2:3c:ad:f5:8c:bb:cf:1a:92:8a:
+                    e4:34:7b:c0:d8:6c:5f:e9:0a:c2:c3:a7:20:9a:5a:
+                    df:2c:5d:52:5c:ba:47:d5:9b:ef:24:28:70:38:20:
+                    2f:d5:7f:29:c0:b2:41:03:68:92:cc:e0:9c:cc:97:
+                    4b:45:ef:3a:10:0a:ab:70:3a:98:95:70:ad:35:b1:
+                    ea:85:2b:a4:1c:80:21:31:a9:ae:60:7a:80:26:48:
+                    00:b8:01:c0:93:63:55:22:91:3c:56:e7:af:db:3a:
+                    25:f3:8f:31:54:ea:26:8b:81:59:f9:a1:d1:53:11:
+                    c5:7b:9d:03:f6:74:11:e0:6d:b1:2c:3f:2c:86:91:
+                    99:71:9a:a6:77:8b:34:60:d1:14:b4:2c:ac:9d:af:
+                    8c:10:d3:9f:c4:6a:f8:6f:13:fc:73:59:f7:66:42:
+                    74:1e:8a:e3:f8:dc:d2:6f:98:9c:cb:47:98:95:40:
+                    05:fb:e9
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+            Authority Information Access: 
+                OCSP - URI:http://ocsp.CAcert.org/
+                CA Issuers - URI:http://www.CAcert.org/ca.crt
+
+            X509v3 Certificate Policies: 
+                Policy: 1.3.6.1.4.1.18506
+                  CPS: http://www.CAcert.org/index.php?id=10
+
+    Signature Algorithm: md5WithRSAEncryption
+        7f:08:88:a1:da:1a:50:49:da:89:fb:a1:08:72:f3:8a:f7:1e:
+        c4:3a:b4:79:5b:20:30:b1:45:de:c2:5d:d3:65:69:f1:c2:5d:
+        54:54:3c:85:5f:b9:7b:42:91:c2:99:fd:1b:51:9b:ab:46:a5:
+        a1:10:53:9e:6d:88:ac:73:6e:2c:33:a6:f0:f4:9e:e0:75:c1:
+        3e:88:45:a9:e1:66:43:fe:56:5a:d1:7a:41:78:f7:40:da:4a:
+        3a:f1:0b:5b:a5:bb:16:06:e6:c2:e7:93:b9:85:4d:97:4f:b1:
+        1e:38:43:80:ef:9b:0d:8c:ef:b8:a7:60:00:87:57:7d:1e:44:
+        1c:cb:23:ef:9b:3c:99:9d:af:b5:29:1c:45:79:16:96:4d:27:
+        6d:f1:1c:6c:c3:c2:55:64:b3:bc:14:e2:f3:a4:1f:1e:32:fc:
+        27:15:05:cf:dd:2e:ae:3e:82:61:7b:f0:21:10:18:f6:44:ea:
+        53:39:f9:dc:d0:9a:20:e0:c6:bb:e0:bb:5a:4f:c4:99:c8:07:
+        bd:b5:bd:a2:db:2e:62:0d:42:34:41:bc:ff:8b:8a:f5:51:22:
+        aa:88:30:00:e2:b0:d4:bc:be:65:ba:d5:03:57:79:9b:e8:dc:
+        c8:4d:f8:50:ed:91:a5:52:28:a2:ac:fb:36:58:3e:e9:94:2b:
+        91:50:87:1b:d6:5e:d6:8c:cc:f7:0f:10:0c:52:4e:d0:16:61:
+        e5:e5:0a:6c:bf:17:c7:72:46:57:9c:98:f5:6c:60:63:7a:6f:
+        5e:b9:4e:2f:c8:b9:b9:bb:6a:85:bc:98:0d:ed:f9:3e:97:84:
+        34:94:ae:00:af:a1:e5:e7:92:6e:4e:bd:f3:e2:d9:14:8b:5c:
+        d2:eb:01:6c:a0:17:a5:2d:10:eb:9c:7a:4a:bd:bd:ee:ce:fd:
+        ed:22:40:ab:70:38:88:f5:0a:87:6a:c2:ab:05:60:c9:48:05:
+        da:53:c1:de:44:77:6a:b3:f3:3c:3c:ed:80:bc:a6:38:4a:29:
+        24:5f:fe:59:3b:9b:25:7a:56:63:00:64:b9:5d:a4:62:7d:57:
+        36:4f:ad:83:ef:1f:92:53:a0:8e:77:57:dd:e5:61:11:3d:23:
+        00:90:4c:3c:fa:a3:60:93:04:a3:af:35:f6:0e:6a:8f:4f:4a:
+        60:a7:85:05:6c:46:a1:8f:f4:c7:76:e3:a1:59:57:f7:71:b2:
+        c4:6e:14:5c:6d:6d:41:66:df:1b:93:b1:d4:00:c3:ee:cb:cf:
+        3c:3d:21:80:a9:5f:63:65:fc:dd:e0:5f:a4:f4:2b:f0:85:71:
+        41:d4:67:25:fb:1a:b1:97:ae:d6:99:82:13:41:d2:6e:a5:1b:
+        99:27:80:e7:0b:a9:a8:00
+SHA1 Fingerprint=DB:4C:42:69:07:3F:E9:C2:A3:7D:89:0A:5C:1B:18:C4:18:4E:2A:2D
+-----BEGIN CERTIFICATE-----
+MIIGCDCCA/CgAwIBAgIBATANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290
+IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB
+IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA
+Y2FjZXJ0Lm9yZzAeFw0wNTEwMTQwNzM2NTVaFw0zMzAzMjgwNzM2NTVaMFQxFDAS
+BgNVBAoTC0NBY2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5v
+cmcxHDAaBgNVBAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQCrSTURSHzSJn5TlM9Dqd0o10Iqi/OHeBlYfA+e2ol9
+4fvrcpANdKGWZKufoCSZc9riVXbHF3v1BKxGuMO+f2SNEGwk82GcwPKQ+lHm9WkB
+Y8MPVuJKQs/iRIwlKKjFeQl9RrmK8+nzNCkIReQcn8uUBByBqBSzmGXEQ+xOgo0J
+0b2qW42S0OzekMV/CsLj6+YxWl50PpczWejDAz1gM7/30W9HxM3uYoNSbi4ImqTZ
+FRiRpoWSR7CuSOtttyHshRpocjWr//AQXcD0lKdq1TuSfkyQBX6TwSyLpI5idBVx
+bgtxA+qvFTia1NIFcm+M+SvrWnIl+TlG43IbPgTDZCciECqKT1inA62+tC4T7V2q
+SNfVfdQqe1z6RgRQ5MwOQluM7dvyz/yWk+DbETZUYjQ4jwxgmzuXVjit89Jbi6Bb
+6k6WuHzX1aCGcEDTkSm3ojyt9Yy7zxqSiuQ0e8DYbF/pCsLDpyCaWt8sXVJcukfV
+m+8kKHA4IC/VfynAskEDaJLM4JzMl0tF7zoQCqtwOpiVcK01seqFK6QcgCExqa5g
+eoAmSAC4AcCTY1UikTxW56/bOiXzjzFU6iaLgVn5odFTEcV7nQP2dBHgbbEsPyyG
+kZlxmqZ3izRg0RS0LKydr4wQ05/EavhvE/xzWfdmQnQeiuP43NJvmJzLR5iVQAX7
+6QIDAQABo4G/MIG8MA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUHAQEEUTBPMCMG
+CCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggrBgEFBQcwAoYc
+aHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBKBgNVHSAEQzBBMD8GCCsGAQQB
+gZBKMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZy9pbmRleC5w
+aHA/aWQ9MTAwDQYJKoZIhvcNAQEEBQADggIBAH8IiKHaGlBJ2on7oQhy84r3HsQ6
+tHlbIDCxRd7CXdNlafHCXVRUPIVfuXtCkcKZ/RtRm6tGpaEQU55tiKxzbiwzpvD0
+nuB1wT6IRanhZkP+VlrRekF490DaSjrxC1uluxYG5sLnk7mFTZdPsR44Q4Dvmw2M
+77inYACHV30eRBzLI++bPJmdr7UpHEV5FpZNJ23xHGzDwlVks7wU4vOkHx4y/CcV
+Bc/dLq4+gmF78CEQGPZE6lM5+dzQmiDgxrvgu1pPxJnIB721vaLbLmINQjRBvP+L
+ivVRIqqIMADisNS8vmW61QNXeZvo3MhN+FDtkaVSKKKs+zZYPumUK5FQhxvWXtaM
+zPcPEAxSTtAWYeXlCmy/F8dyRlecmPVsYGN6b165Ti/Iubm7aoW8mA3t+T6XhDSU
+rgCvoeXnkm5OvfPi2RSLXNLrAWygF6UtEOucekq9ve7O/e0iQKtwOIj1CodqwqsF
+YMlIBdpTwd5Ed2qz8zw87YC8pjhKKSRf/lk7myV6VmMAZLldpGJ9VzZPrYPvH5JT
+oI53V93lYRE9IwCQTDz6o2CTBKOvNfYOao9PSmCnhQVsRqGP9Md246FZV/dxssRu
+FFxtbUFm3xuTsdQAw+7Lzzw9IYCpX2Nl/N3gX6T0K/CFcUHUZyX7GrGXrtaZghNB
+0m6lG5kngOcLqagA
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number:
+            32:88:8e:9a:d2:f5:eb:13:47:f8:7f:c4:20:37:25:f8
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, O=VeriSign, Inc., OU=Class 4 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
+        Validity
+            Not Before: May 18 00:00:00 1998 GMT
+            Not After : Aug  1 23:59:59 2028 GMT
+        Subject: C=US, O=VeriSign, Inc., OU=Class 4 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:ba:f0:e4:cf:f9:c4:ae:85:54:b9:07:57:f9:8f:
+                    c5:7f:68:11:f8:c4:17:b0:44:dc:e3:30:73:d5:2a:
+                    62:2a:b8:d0:cc:1c:ed:28:5b:7e:bd:6a:dc:b3:91:
+                    24:ca:41:62:3c:fc:02:01:bf:1c:16:31:94:05:97:
+                    76:6e:a2:ad:bd:61:17:6c:4e:30:86:f0:51:37:2a:
+                    50:c7:a8:62:81:dc:5b:4a:aa:c1:a0:b4:6e:eb:2f:
+                    e5:57:c5:b1:2b:40:70:db:5a:4d:a1:8e:1f:bd:03:
+                    1f:d8:03:d4:8f:4c:99:71:bc:e2:82:cc:58:e8:98:
+                    3a:86:d3:86:38:f3:00:29:1f
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: sha1WithRSAEncryption
+        85:8c:12:c1:a7:b9:50:15:7a:cb:3e:ac:b8:43:8a:dc:aa:dd:
+        14:ba:89:81:7e:01:3c:23:71:21:88:2f:82:dc:63:fa:02:45:
+        ac:45:59:d7:2a:58:44:5b:b7:9f:81:3b:92:68:3d:e2:37:24:
+        f5:7b:6c:8f:76:35:96:09:a8:59:9d:b9:ce:23:ab:74:d6:83:
+        fd:32:73:27:d8:69:3e:43:74:f6:ae:c5:89:9a:e7:53:7c:e9:
+        7b:f6:4b:f3:c1:65:83:de:8d:8a:9c:3c:88:8d:39:59:fc:aa:
+        3f:22:8d:a1:c1:66:50:81:72:4c:ed:22:64:4f:4f:ca:80:91:
+        b6:29
+SHA1 Fingerprint=0B:77:BE:BB:CB:7A:A2:47:05:DE:CC:0F:BD:6A:02:FC:7A:BD:9B:52
+-----BEGIN CERTIFICATE-----
+MIIDAjCCAmsCEDKIjprS9esTR/h/xCA3JfgwDQYJKoZIhvcNAQEFBQAwgcExCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xh
+c3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy
+MTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp
+emVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4X
+DTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgNCBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEo
+YykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5
+MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQC68OTP+cSuhVS5B1f5j8V/aBH4xBewRNzjMHPVKmIquNDM
+HO0oW369atyzkSTKQWI8/AIBvxwWMZQFl3Zuoq29YRdsTjCG8FE3KlDHqGKB3FtK
+qsGgtG7rL+VXxbErQHDbWk2hjh+9Ax/YA9SPTJlxvOKCzFjomDqG04Y48wApHwID
+AQABMA0GCSqGSIb3DQEBBQUAA4GBAIWMEsGnuVAVess+rLhDityq3RS6iYF+ATwj
+cSGIL4LcY/oCRaxFWdcqWERbt5+BO5JoPeI3JPV7bI92NZYJqFmduc4jq3TWg/0y
+cyfYaT5DdPauxYma51N86Xv2S/PBZYPejYqcPIiNOVn8qj8ijaHBZlCBckztImRP
+T8qAkbYp
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number:
+            b9:2f:60:cc:88:9f:a1:7a:46:09:b8:5b:70:6c:8a:af
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, O=VeriSign, Inc., OU=Class 2 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
+        Validity
+            Not Before: May 18 00:00:00 1998 GMT
+            Not After : Aug  1 23:59:59 2028 GMT
+        Subject: C=US, O=VeriSign, Inc., OU=Class 2 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:a7:88:01:21:74:2c:e7:1a:03:f0:98:e1:97:3c:
+                    0f:21:08:f1:9c:db:97:e9:9a:fc:c2:04:06:13:be:
+                    5f:52:c8:cc:1e:2c:12:56:2c:b8:01:69:2c:cc:99:
+                    1f:ad:b0:96:ae:79:04:f2:13:39:c1:7b:98:ba:08:
+                    2c:e8:c2:84:13:2c:aa:69:e9:09:f4:c7:a9:02:a4:
+                    42:c2:23:4f:4a:d8:f0:0e:a2:fb:31:6c:c9:e6:6f:
+                    99:27:07:f5:e6:f4:4c:78:9e:6d:eb:46:86:fa:b9:
+                    86:c9:54:f2:b2:c4:af:d4:46:1c:5a:c9:15:30:ff:
+                    0d:6c:f5:2d:0e:6d:ce:7f:77
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: sha1WithRSAEncryption
+        72:2e:f9:7f:d1:f1:71:fb:c4:9e:f6:c5:5e:51:8a:40:98:b8:
+        68:f8:9b:1c:83:d8:e2:9d:bd:ff:ed:a1:e6:66:ea:2f:09:f4:
+        ca:d7:ea:a5:2b:95:f6:24:60:86:4d:44:2e:83:a5:c4:2d:a0:
+        d3:ae:78:69:6f:72:da:6c:ae:08:f0:63:92:37:e6:bb:c4:30:
+        17:ad:77:cc:49:35:aa:cf:d8:8f:d1:be:b7:18:96:47:73:6a:
+        54:22:34:64:2d:b6:16:9b:59:5b:b4:51:59:3a:b3:0b:14:f4:
+        12:df:67:a0:f4:ad:32:64:5e:b1:46:72:27:8c:12:7b:c5:44:
+        b4:ae
+SHA1 Fingerprint=B3:EA:C4:47:76:C9:C8:1C:EA:F2:9D:95:B6:CC:A0:08:1B:67:EC:9D
+-----BEGIN CERTIFICATE-----
+MIIDAzCCAmwCEQC5L2DMiJ+hekYJuFtwbIqvMA0GCSqGSIb3DQEBBQUAMIHBMQsw
+CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0Ns
+YXNzIDIgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBH
+MjE6MDgGA1UECxMxKGMpIDE5OTggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9y
+aXplZCB1c2Ugb25seTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazAe
+Fw05ODA1MTgwMDAwMDBaFw0yODA4MDEyMzU5NTlaMIHBMQswCQYDVQQGEwJVUzEX
+MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0NsYXNzIDIgUHVibGlj
+IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjE6MDgGA1UECxMx
+KGMpIDE5OTggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s
+eTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEAp4gBIXQs5xoD8JjhlzwPIQjxnNuX6Zr8wgQGE75fUsjM
+HiwSViy4AWkszJkfrbCWrnkE8hM5wXuYuggs6MKEEyyqaekJ9MepAqRCwiNPStjw
+DqL7MWzJ5m+ZJwf15vRMeJ5t60aG+rmGyVTyssSv1EYcWskVMP8NbPUtDm3Of3cC
+AwEAATANBgkqhkiG9w0BAQUFAAOBgQByLvl/0fFx+8Se9sVeUYpAmLho+Jscg9ji
+nb3/7aHmZuovCfTK1+qlK5X2JGCGTUQug6XELaDTrnhpb3LabK4I8GOSN+a7xDAX
+rXfMSTWqz9iP0b63GJZHc2pUIjRkLbYWm1lbtFFZOrMLFPQS32eg9K0yZF6xRnIn
+jBJ7xUS0rg==
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number: 407 (0x197)
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Root 3
+        Validity
+            Not Before: Aug 10 19:59:08 1998 GMT
+            Not After : Aug 10 19:36:39 2008 GMT
+        Subject: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Root 3
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:e1:f3:b1:2b:0b:ce:dc:14:d9:34:97:62:50:12:
+                    56:63:84:4c:53:fa:c0:85:cf:fa:c1:dd:0f:de:79:
+                    13:7f:53:fb:aa:0e:60:dd:e2:62:bf:c6:ee:4e:99:
+                    34:aa:68:43:35:99:f8:a3:fd:f3:63:bd:01:54:6a:
+                    9e:b2:3a:96:2c:7b:78:28:c6:5a:b5:8d:1a:15:18:
+                    fd:e3:8c:2e:a2:50:09:5b:71:d6:0d:b5:18:1f:19:
+                    8e:04:29:93:93:78:ab:5f:14:e7:73:42:f2:03:0c:
+                    57:a2:1b:50:3b:0b:bb:59:e0:a0:3a:03:ee:27:1b:
+                    5a:4c:b9:b0:08:ca:b9:1a:89
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: sha1WithRSAEncryption
+        85:eb:ad:94:20:06:e9:b2:a2:6b:3b:f2:66:eb:e3:4b:b8:12:
+        26:05:e5:f4:91:a8:dc:87:dc:98:f4:94:c1:f4:61:bd:d5:9c:
+        6c:51:73:95:5e:d0:bd:d7:e6:45:dc:3c:cf:46:84:d5:e7:b9:
+        ec:e4:67:63:6e:00:28:77:71:5d:4a:05:e9:b9:7c:86:cc:c2:
+        44:bb:de:29:48:da:ea:dd:bd:17:9f:1d:51:01:a8:e8:14:5e:
+        b1:57:f7:ff:da:8f:ce:95:fe:2d:ed:32:12:77:ff:7c:6a:61:
+        95:ae:31:72:06:08:f0:f9:f3:0d:8e:e2:ef:a8:53:5d:91:03:
+        83:de
+SHA1 Fingerprint=B3:4E:6F:61:FE:70:6B:BE:4C:0A:29:C7:B3:EB:97:A9:9F:AB:2F:86
+-----BEGIN CERTIFICATE-----
+MIICUDCCAbkCAgGXMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNVBAYTAlVTMRgwFgYD
+VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv
+bHV0aW9ucywgSW5jLjEeMBwGA1UEAxMVR1RFIEN5YmVyVHJ1c3QgUm9vdCAzMB4X
+DTk4MDgxMDE5NTkwOFoXDTA4MDgxMDE5MzYzOVowcDELMAkGA1UEBhMCVVMxGDAW
+BgNVBAoTD0dURSBDb3Jwb3JhdGlvbjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3Qg
+U29sdXRpb25zLCBJbmMuMR4wHAYDVQQDExVHVEUgQ3liZXJUcnVzdCBSb290IDMw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOHzsSsLztwU2TSXYlASVmOETFP6
+wIXP+sHdD955E39T+6oOYN3iYr/G7k6ZNKpoQzWZ+KP982O9AVRqnrI6lix7eCjG
+WrWNGhUY/eOMLqJQCVtx1g21GB8ZjgQpk5N4q18U53NC8gMMV6IbUDsLu1ngoDoD
+7icbWky5sAjKuRqJAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAheutlCAG6bKiazvy
+ZuvjS7gSJgXl9JGo3IfcmPSUwfRhvdWcbFFzlV7QvdfmRdw8z0aE1ee57ORnY24A
+KHdxXUoF6bl8hszCRLveKUja6t29F58dUQGo6BResVf3/9qPzpX+Le0yEnf/fGph
+la4xcgYI8PnzDY7i76hTXZEDg94=
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number:
+            02:ad:66:7e:4e:45:fe:5e:57:6f:3c:98:19:5e:dd:c0
+        Signature Algorithm: md2WithRSAEncryption
+        Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
+        Validity
+            Not Before: Nov  9 00:00:00 1994 GMT
+            Not After : Jan  7 23:59:59 2010 GMT
+        Subject: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1000 bit)
+                Modulus (1000 bit):
+                    00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25:
+                    01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03:
+                    e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86:
+                    37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9:
+                    4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07:
+                    65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48:
+                    b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49:
+                    54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5:
+                    dd:2d:d6:c8:1e:7b
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: md2WithRSAEncryption
+        65:dd:7e:e1:b2:ec:b0:e2:3a:e0:ec:71:46:9a:19:11:b8:d3:
+        c7:a0:b4:03:40:26:02:3e:09:9c:e1:12:b3:d1:5a:f6:37:a5:
+        b7:61:03:b6:5b:16:69:3b:c6:44:08:0c:88:53:0c:6b:97:49:
+        c7:3e:35:dc:6c:b9:bb:aa:df:5c:bb:3a:2f:93:60:b6:a9:4b:
+        4d:f2:20:f7:cd:5f:7f:64:7b:8e:dc:00:5c:d7:fa:77:ca:39:
+        16:59:6f:0e:ea:d3:b5:83:7f:4d:4d:42:56:76:b4:c9:5f:04:
+        f8:38:f8:eb:d2:5f:75:5f:cd:7b:fc:e5:8e:80:7c:fc:50
+SHA1 Fingerprint=44:63:C5:31:D7:CC:C1:00:67:94:61:2B:B6:56:D3:BF:82:57:84:6F
+-----BEGIN CERTIFICATE-----
+MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
+VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
+MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
+BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
+dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
+ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
+0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
+uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
+hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
+YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
+1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/crypto/Makefile b/src/lib/libssl/crypto/Makefile
new file mode 100644
index 0000000000..66cc55c93b
--- /dev/null
+++ b/src/lib/libssl/crypto/Makefile
@@ -0,0 +1,327 @@
+# $OpenBSD: Makefile,v 1.44 2005/11/24 20:49:21 deraadt Exp $
+
+LIB=    crypto
+WANTLINT=
+
+SSLEAYDIST=     src
+SSL_SRC=        ${.CURDIR}/../${SSLEAYDIST}
+LCRYPTO_SRC=    ${SSL_SRC}/crypto
+FIPS_SRC=       ${SSL_SRC}/fips
+
+.if ${MACHINE_ARCH} == "i386" || ${MACHINE_ARCH} == "arm" || \
+    ${MACHINE_ARCH} == "vax" || ${MACHINE_ARCH} == "amd64" || \
+    ${MACHINE_ARCH} == "alpha"
+CFLAGS+= -DL_ENDIAN
+.else
+CFLAGS+= -DB_ENDIAN
+.endif 
+
+.include <bsd.own.mk>           # for 'NOPIC' definition
+.if !defined(NOPIC)
+CFLAGS+= -DDSO_DLFCN -DHAVE_DLFCN_H
+.endif
+
+CFLAGS+= -DOPENSSL_NO_IDEA -DTERMIOS -DANSI_SOURCE -DNO_ERR -DOPENSSL_NO_ASM
+CFLAGS+= -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5
+CFLAGS+= -DOPENSSL_NO_MDC2
+CFLAGS+= -DNO_WINDOWS_BRAINDEATH
+CFLAGS+= -DOPENSSL_NO_HW_CSWIFT -DOPENSSL_NO_HW_NCIPHER -DOPENSSL_NO_HW_ATALLA
+CFLAGS+= -DOPENSSL_NO_HW_NURON -DOPENSSL_NO_HW_UBSEC -DOPENSSL_NO_HW_AEP
+CFLAGS+= -DOPENSSL_NO_HW_SUREWARE -DOPENSSL_NO_HW_4758_CCA
+CFLAGS+= -I${.CURDIR}/../${SSLEAYDIST}
+CFLAGS+= -I${LCRYPTO_SRC}
+SRCS+= o_time.c
+SRCS+=  cryptlib.c ex_data.c cpt_err.c mem.c mem_dbg.c mem_clr.c
+SRCS+=  tmdiff.c cversion.c uid.c
+SRCS+=  md2_dgst.c md2_one.c                                    
+SRCS+=  md5_dgst.c md5_one.c                                    
+SRCS+=  sha_dgst.c sha1dgst.c sha_one.c sha1_one.c      
+#SRCS+= mdc2dgst.c mdc2_one.c                                   
+SRCS+=  hmac.c                                                  
+SRCS+=  rmd_dgst.c rmd_one.c                            
+SRCS+=  acss_skey.c acss_enc.c
+SRCS+= aes_cbc.c aes_cfb.c aes_ctr.c aes_ecb.c aes_ofb.c aes_misc.c
+SRCS+=  cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c \
+        ecb3_enc.c ecb_enc.c enc_read.c enc_writ.c \
+        ofb64enc.c ofb_enc.c pcbc_enc.c \
+        qud_cksm.c rand_key.c rpc_enc.c set_key.c \
+        des_enc.c des_old2.c fcrypt_b.c \
+        fcrypt.c xcbc_enc.c ede_cbcm_enc.c \
+        str2key.c cfb64ede.c ofb64ede.c \
+        des_old.c read2pwd.c
+SRCS+=  rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c
+SRCS+=  rc2ofb64.c                                                      
+SRCS+=  rc4_skey.c
+#SRCS+= rc5_skey.c rc5_ecb.c rc5cfb64.c rc5cfb64.c      
+#SRCS+= rc5ofb64.c rc5_enc.c
+#SRCS+= i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c             
+#SRCS+= i_skey.c                                                        
+SRCS+=  bf_skey.c bf_ecb.c bf_cfb64.c bf_ofb64.c
+SRCS+=  c_skey.c c_ecb.c c_cfb64.c c_ofb64.c c_enc.c    
+SRCS+=  bn_add.c bn_div.c bn_exp.c bn_lib.c
+SRCS+=  bn_mul.c bn_print.c bn_rand.c bn_shift.c
+SRCS+=  bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c
+SRCS+=  bn_sqr.c bn_recp.c bn_mont.c bn_mpi.c bn_mod.c
+SRCS+=  bn_exp2.c bn_ctx.c
+SRCS+=  bn_sqrt.c bn_kron.c
+SRCS+=  rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c
+SRCS+=  rsa_saos.c rsa_err.c rsa_pk1.c rsa_ssl.c
+SRCS+=  rsa_none.c rsa_chk.c rsa_oaep.c rsa_null.c rsa_asn1.c
+SRCS+=  dsa_gen.c dsa_key.c dsa_lib.c dsa_vrf.c         
+SRCS+=  dsa_sign.c dsa_err.c dsa_asn1.c dsa_ossl.c
+SRCS+=  dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c dh_asn1.c
+SRCS+=  buffer.c buf_err.c                              
+SRCS+=  bio_lib.c bio_cb.c bio_err.c bss_mem.c          
+SRCS+=  bss_null.c bss_fd.c bss_file.c bss_sock.c       
+SRCS+=  bss_conn.c bf_null.c bf_buff.c 
+SRCS+=  b_print.c b_dump.c b_sock.c bss_acpt.c          
+SRCS+=  bf_nbio.c bss_bio.c bss_log.c
+SRCS+=  stack.c                                                 
+SRCS+=  lhash.c lh_stats.c                                      
+SRCS+=  md_rand.c randfile.c rand_lib.c rand_egd.c rand_err.c rand_unix.c
+SRCS+=  err.c err_all.c err_prn.c                               
+SRCS+=  obj_dat.c obj_lib.c obj_err.c o_names.c
+SRCS+= bio_b64.c e_bf.c m_sha.c p_open.c
+SRCS+= bio_enc.c e_cast.c e_xcbc_d.c m_dss.c m_sha1.c p_seal.c
+SRCS+= bio_md.c e_des.c encode.c m_dss1.c names.c p_sign.c
+SRCS+= bio_ok.c e_des3.c evp_enc.c m_md2.c p_verify.c
+SRCS+= c_all.c evp_err.c evp_acnf.c m_md4.c p5_crpt.c e_old.c
+SRCS+= c_allc.c evp_key.c m_md5.c p5_crpt2.c
+SRCS+= c_alld.c e_null.c evp_lib.c p_dec.c
+SRCS+= digest.c e_rc2.c evp_pbe.c m_null.c p_enc.c
+SRCS+= e_acss.c e_aes.c e_rc4.c evp_pkey.c m_ripemd.c p_lib.c
+SRCS+= md4_dgst.c md4_one.c
+SRCS+=  pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_pkey.c   
+SRCS+=  pem_all.c pem_err.c pem_x509.c pem_pk8.c pem_oth.c pem_xaux.c
+SRCS+=  ui_err.c ui_lib.c ui_openssl.c ui_compat.c ui_util.c
+SRCS+= a_bitstr.c a_mbstr.c a_utctm.c f_enum.c t_bitst.c x_name.c
+SRCS+= a_bool.c a_meth.c a_utf8.c f_int.c t_crl.c tasn_typ.c x_pkey.c
+SRCS+= a_bytes.c a_object.c a_verify.c f_string.c t_pkey.c tasn_utl.c x_pubkey.c
+SRCS+= a_d2i_fp.c a_octet.c asn1_err.c i2d_pr.c t_req.c x_algor.c x_req.c
+SRCS+= a_digest.c a_print.c asn1_lib.c i2d_pu.c t_spki.c x_attrib.c x_sig.c
+SRCS+= a_dup.c a_set.c asn1_par.c n_pkey.c t_x509.c x_bignum.c x_spki.c
+SRCS+= a_enum.c a_sign.c asn_pack.c nsseq.c t_x509a.c x_val.c
+SRCS+= a_gentm.c a_strex.c d2i_pr.c p5_pbe.c tasn_dec.c x_crl.c x_x509.c
+SRCS+= a_hdr.c a_strnid.c d2i_pu.c p5_pbev2.c tasn_enc.c x_exten.c x_x509a.c
+SRCS+= a_i2d_fp.c a_time.c evp_asn1.c tasn_fre.c x_info.c
+SRCS+=a_int.c a_type.c p8_pkey.c tasn_new.c x_long.c asn_moid.c
+SRCS+= x509_d2.c x509_lu.c x509_set.c x509_vfy.c x509spki.c by_dir.c
+SRCS+= x509_def.c x509_obj.c x509_trs.c x509cset.c x509type.c by_file.c
+SRCS+= x509_att.c x509_err.c x509_r2x.c x509_txt.c x509name.c x_all.c
+SRCS+= x509_cmp.c x509_ext.c x509_req.c x509_v3.c x509rset.c
+SRCS+=  v3_akey.c v3_alt.c v3_bcons.c v3_bitst.c v3_conf.c v3_cpols.c
+SRCS+=  v3_crld.c v3_enum.c v3_extku.c v3_genn.c v3_ia5.c v3_int.c
+SRCS+=  v3_lib.c v3_pku.c v3_prn.c v3_skey.c v3_sxnet.c v3_utl.c
+SRCS+=  v3err.c v3_info.c v3_purp.c v3_ocsp.c v3_akeya.c v3_pci.c v3_pcia.c
+SRCS+=  conf_err.c conf_lib.c conf_def.c conf_api.c conf_mod.c conf_mall.c
+SRCS+=  conf_sap.c
+SRCS+=  txt_db.c                                                        
+SRCS+= pk7_lib.c pkcs7err.c
+SRCS+= pk7_asn1.c pk7_doit.c pk7_mime.c 
+SRCS+= pk7_attr.c pk7_smime.c
+SRCS+=  c_rle.c c_zlib.c comp_lib.c comp_err.c
+SRCS+=  p12_add.c p12_crpt.c p12_init.c p12_mutl.c p12_p8e.c
+SRCS+=  p12_asn.c p12_crt.c p12_key.c p12_npas.c p12_utl.c
+SRCS+=  p12_attr.c p12_decr.c p12_kiss.c p12_p8d.c pk12err.c
+SRCS+= eng_all.c eng_openssl.c eng_ctrl.c eng_pkey.c
+SRCS+= eng_dyn.c eng_table.c tb_cipher.c eng_err.c tb_rsa.c
+SRCS+= hw_cryptodev.c eng_cnf.c
+SRCS+= tb_dh.c eng_fat.c tb_digest.c eng_init.c
+SRCS+= tb_dsa.c eng_lib.c tb_rand.c eng_list.c
+SRCS+= dso_dl.c dso_dlfcn.c dso_err.c dso_lib.c dso_null.c
+SRCS+= dso_openssl.c dso_win32.c dso_vms.c
+SRCS+= ocsp_asn.c ocsp_err.c ocsp_ht.c ocsp_prn.c ocsp_vfy.c
+SRCS+= ocsp_cl.c ocsp_ext.c ocsp_lib.c ocsp_srv.c
+SRCS+= ec_cvt.c ec_lib.c ecp_mont.c ecp_recp.c
+SRCS+= ec_err.c ec_mult.c ecp_nist.c ecp_smpl.c
+
+# Only used when -DOPENSSL_FIPS is set
+#SRCS+= fips.c fips_err_wrapper.c
+#SRCS+= fips_aes_core.c fips_aes_selftest.c
+#SRCS+= fips_des_enc.c fips_des_selftest.c fips_set_key.c
+#SRCS+= fips_dh_check.c fips_dh_gen.c fips_dh_key.c
+#SRCS+= fips_dsa_ossl.c fips_dsa_gen.c fips_dsa_selftest.c
+#SRCS+= fips_rand.c
+#SRCS+= fips_rsa_eay.c fips_rsa_gen.c fips_rsa_selftest.c
+#SRCS+= fips_sha1dgst.c fips_sha1_selftest.c
+
+.PATH:  ${LCRYPTO_SRC}/md2 ${LCRYPTO_SRC}/md5 ${LCRYPTO_SRC}/sha \
+        ${LCRYPTO_SRC}/mdc2 ${LCRYPTO_SRC}/hmac ${LCRYPTO_SRC}/ripemd \
+        ${LCRYPTO_SRC}/des ${LCRYPTO_SRC}/rc2 ${LCRYPTO_SRC}/rc4 \
+        ${LCRYPTO_SRC}/rc5 ${LCRYPTO_SRC}/idea ${LCRYPTO_SRC}/bf \
+        ${LCRYPTO_SRC}/cast ${LCRYPTO_SRC}/bn ${LCRYPTO_SRC}/rsa \
+        ${LCRYPTO_SRC}/dsa ${LCRYPTO_SRC}/dh ${LCRYPTO_SRC}/buffer \
+        ${LCRYPTO_SRC}/bio ${LCRYPTO_SRC}/stack ${LCRYPTO_SRC}/lhash \
+        ${LCRYPTO_SRC}/rand ${LCRYPTO_SRC}/err ${LCRYPTO_SRC}/objects \
+        ${LCRYPTO_SRC}/evp ${LCRYPTO_SRC}/pem ${LCRYPTO_SRC}/asn1 \
+        ${LCRYPTO_SRC}/asn1 ${LCRYPTO_SRC}/x509 ${LCRYPTO_SRC}/conf \
+        ${LCRYPTO_SRC}/pkcs7 ${LCRYPTO_SRC}/x509v3 ${LCRYPTO_SRC}/pkcs12 \
+        ${LCRYPTO_SRC}/comp ${LCRYPTO_SRC}/txt_db ${LCRYPTO_SRC}/md4 \
+        ${LCRYPTO_SRC}/engine ${LCRYPTO_SRC}/dso ${LCRYPTO_SRC}/ui \
+        ${LCRYPTO_SRC}/ocsp ${LCRYPTO_SRC}/ec ${LCRYPTO_SRC}/aes \
+        ${LCRYPTO_SRC} \
+        ${LCRYPTO_SRC}/acss ${.CURDIR}/arch/${MACHINE_ARCH} \
+        ${LCRYPTO_SRC}/bn/asm \
+        ${FIPS_SRC}/ ${FIPS_SRC}/aes ${FIPS_SRC}/des ${FIPS_SRC}/dh \
+        ${FIPS_SRC}/dsa ${FIPS_SRC}/rand ${FIPS_SRC}/rsa ${FIPS_SRC}/sha1
+
+HDRS=\
+        crypto/acss/acss.h \
+        crypto/aes/aes.h \
+        crypto/asn1/asn1.h \
+        crypto/asn1/asn1_mac.h \
+        crypto/asn1/asn1t.h \
+        crypto/bf/blowfish.h \
+        crypto/bio/bio.h \
+        crypto/bn/bn.h \
+        crypto/buffer/buffer.h \
+        crypto/cast/cast.h \
+        crypto/comp/comp.h \
+        crypto/conf/conf.h \
+        crypto/conf/conf_api.h \
+        crypto/crypto.h \
+        crypto/des/des.h \
+        crypto/des/des_old.h \
+        crypto/dh/dh.h \
+        crypto/dsa/dsa.h \
+        crypto/dso/dso.h \
+        crypto/ebcdic.h \
+        crypto/ec/ec.h \
+        crypto/engine/engine.h \
+        crypto/err/err.h \
+        crypto/evp/evp.h \
+        crypto/hmac/hmac.h \
+        crypto/idea/idea.h \
+        crypto/lhash/lhash.h \
+        crypto/md2/md2.h \
+        crypto/md4/md4.h \
+        crypto/md5/md5.h \
+        crypto/mdc2/mdc2.h \
+        crypto/objects/objects.h \
+        crypto/ocsp/ocsp.h \
+        crypto/opensslv.h \
+        crypto/ossl_typ.h \
+        crypto/pem/pem.h \
+        crypto/pem/pem2.h \
+        crypto/pkcs12/pkcs12.h \
+        crypto/pkcs7/pkcs7.h \
+        crypto/rand/rand.h \
+        crypto/rc2/rc2.h \
+        crypto/rc4/rc4.h \
+        crypto/rc5/rc5.h \
+        crypto/ripemd/ripemd.h \
+        crypto/rsa/rsa.h \
+        crypto/sha/sha.h \
+        crypto/stack/safestack.h \
+        crypto/stack/stack.h \
+        crypto/symhacks.h \
+        crypto/tmdiff.h \
+        crypto/txt_db/txt_db.h \
+        crypto/ui/ui.h \
+        crypto/ui/ui_compat.h \
+        crypto/x509/x509.h \
+        crypto/x509/x509_vfy.h \
+        crypto/x509v3/x509v3.h \
+        e_os2.h \
+        fips/fips.h \
+        fips/rand/fips_rand.h 
+
+HDRS_GEN=\
+        ${.CURDIR}/arch/${MACHINE_ARCH}/opensslconf.h \
+        ${.OBJDIR}/obj_mac.h
+
+includes: obj_mac.h
+        @test -d ${DESTDIR}/usr/include/openssl || \
+            mkdir ${DESTDIR}/usr/include/openssl
+        @cd ${SSL_SRC}; \
+        for i in $(HDRS); do \
+            j="cmp -s $$i ${DESTDIR}/usr/include/openssl/`basename $$i` || \
+            ${INSTALL} ${INSTALL_COPY} -o ${BINOWN} -g ${BINGRP} -m 444 $$i\
+                ${DESTDIR}/usr/include/openssl"; \
+            echo $$j; \
+            eval "$$j"; \
+        done; \
+        for i in $(HDRS_GEN); do \
+            j="cmp -s $$i ${DESTDIR}/usr/include/openssl/`basename $$i` || \
+            ${INSTALL} ${INSTALL_COPY} -o ${BINOWN} -g ${BINGRP} -m 444 $$i\
+                ${DESTDIR}/usr/include/openssl"; \
+            echo $$j; \
+            eval "$$j"; \
+        done;
+
+# generated
+CFLAGS+= -I${.OBJDIR}
+
+GENERATED=obj_mac.h obj_dat.h
+CLEANFILES=${GENERATED} obj_mac.num.tmp
+SSL_OBJECTS=${SSL_SRC}/crypto/objects
+
+obj_mac.h: ${SSL_OBJECTS}/objects.h ${SSL_OBJECTS}/obj_mac.num ${SSL_OBJECTS}/objects.txt
+        cat ${SSL_OBJECTS}/obj_mac.num > obj_mac.num.tmp
+        /usr/bin/perl ${SSL_OBJECTS}/objects.pl ${SSL_OBJECTS}/objects.txt obj_mac.num.tmp obj_mac.h
+
+obj_dat.h: obj_mac.h
+        /usr/bin/perl ${SSL_OBJECTS}/obj_dat.pl obj_mac.h obj_dat.h
+
+.if (${MACHINE_ARCH} == "vax")
+# egcs bombs optimising this file on vax
+a_strnid.o:
+        ${CC} ${CFLAGS} -O0 ${CPPFLAGS} -c ${.IMPSRC}
+a_strnid.po:           
+        ${CC} ${CFLAGS} -O0 ${CPPFLAGS} -c ${.IMPSRC} -o $@
+des_enc.o:             
+        ${CC} ${CFLAGS} -O1 ${CPPFLAGS} -c ${.IMPSRC}
+des_enc.po:            
+        ${CC} ${CFLAGS} -O1 ${CPPFLAGS} -c ${.IMPSRC} -o $@
+.endif  
+
+.if (${MACHINE_ARCH} == "i386")
+CFLAGS+= -DAES_ASM
+CFLAGS+= -DMD5_ASM
+CFLAGS+= -DSHA1_ASM
+CFLAGS+= -DRMD160_ASM
+CFLAGS+= -DOPENBSD_CAST_ASM
+CFLAGS+= -DOPENBSD_DES_ASM
+SSLASM=\
+        aes aes-586 \
+        bf bf-586 \
+        bn bn-586 \
+        bn co-586 \
+        cast cast-586 \
+        des des-586 \
+        md5 md5-586 \
+        rc4 rc4-586 \
+        ripemd rmd-586 \
+        sha sha1-586
+.for dir f in ${SSLASM}
+SRCS+=  ${f}.S
+GENERATED+=${f}.S
+${f}.S: ${LCRYPTO_SRC}/${dir}/asm/${f}.pl ${LCRYPTO_SRC}/perlasm/x86unix.pl
+        /usr/bin/perl -I${LCRYPTO_SRC}/perlasm -I${LCRYPTO_SRC}/${dir}/asm \
+                ${LCRYPTO_SRC}/${dir}/asm/${f}.pl openbsd-elf 386 > ${.TARGET}
+.endfor
+SRCS+= bf_cbc.c 
+.else
+.if (${MACHINE_ARCH} == "vax")
+SRCS+= aes_core.c
+SRCS+= bf_enc.c
+SRCS+= bn_asm_vax.S
+SRCS+= rc4_enc.c        
+.else
+.if (${MACHINE_ARCH} == "amd64")
+SRCS+= aes_core.c
+SRCS+= bf_enc.c
+SRCS+= x86_64-gcc.c
+SRCS+= rc4_enc.c        
+.else
+SRCS+= aes_core.c
+SRCS+= bf_enc.c 
+SRCS+= bn_asm.c
+SRCS+= rc4_enc.c        
+.endif
+.endif
+.endif
+
+all beforedepend: ${GENERATED}
+
+.include <bsd.lib.mk>
diff --git a/src/lib/libssl/crypto/arch/alpha/opensslconf.h b/src/lib/libssl/crypto/arch/alpha/opensslconf.h
new file mode 100644
index 0000000000..c33ccc8a0f
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/alpha/opensslconf.h
@@ -0,0 +1,180 @@
+/* opensslconf.h */
+/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
+
+/* OpenSSL was configured with the following options: */
+#ifndef OPENSSL_DOING_MAKEDEPEND
+
+#ifndef OPENSSL_NO_KRB5
+# define OPENSSL_NO_KRB5
+#endif
+
+#endif /* OPENSSL_DOING_MAKEDEPEND */
+
+/* The OPENSSL_NO_* macros are also defined as NO_* if the application
+   asks for it.  This is a transient feature that is provided for those
+   who haven't had the time to do the appropriate changes in their
+   applications.  */
+#ifdef OPENSSL_ALGORITHM_DEFINES
+# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
+#  define NO_KRB5
+# endif
+#endif
+
+/* crypto/opensslconf.h.in */
+
+/* Generate 80386 code? */
+#undef I386_ONLY
+
+#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+#define OPENSSLDIR "/etc/ssl"
+#endif
+#endif
+
+#undef OPENSSL_UNISTD
+#define OPENSSL_UNISTD <unistd.h>
+
+#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
+#define IDEA_INT unsigned int
+#endif
+
+#if defined(HEADER_MD2_H) && !defined(MD2_INT)
+#define MD2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC2_H) && !defined(RC2_INT)
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC4_H)
+#if !defined(RC4_INT)
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+/*
+ * I don't know what does "most" mean, but declaring "int" is a must on:
+ * - Intel P6 because partial register stalls are very expensive;
+ * - elder Alpha because it lacks byte load/store instructions;
+ */
+#define RC4_INT unsigned int
+#endif
+#if !defined(RC4_CHUNK)
+/*
+ * This enables code handling data aligned at natural CPU word
+ * boundary. See crypto/rc4/rc4_enc.c for further details.
+ */
+#undef RC4_CHUNK
+#endif
+#endif
+
+#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned int
+#endif
+#endif
+
+#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+#define CONFIG_HEADER_BN_H
+#undef BN_LLONG
+
+/* Should we define BN_DIV2W here? */
+
+/* Only one for the following should be defined */
+/* The prime number generation stuff may not work when
+ * EIGHT_BIT but I don't care since I've only used this mode
+ * for debuging the bignum libraries */
+#define SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#undef THIRTY_TWO_BIT
+#undef SIXTEEN_BIT
+#undef EIGHT_BIT
+#endif
+
+#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
+#define CONFIG_HEADER_RC4_LOCL_H
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#undef RC4_INDEX
+#endif
+
+#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+#define CONFIG_HEADER_BF_LOCL_H
+#undef BF_PTR
+#endif /* HEADER_BF_LOCL_H */
+
+#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+#define CONFIG_HEADER_DES_LOCL_H
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#define DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units.  It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#undef DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#define DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#undef DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+   even newer MIPS CPU's, but at the moment one size fits all for
+   optimization options.  Older Sparc's work better with only UNROLL, but
+   there's no way to tell at compile time what it is you're running on */
+ 
+#if defined( sun )              /* Newer Sparc's */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#elif defined( __ultrix )       /* Older MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined( __osf1__ )       /* Alpha */
+#  define DES_PTR
+#  define DES_RISC2
+#elif defined ( _AIX )          /* RS6000 */
+  /* Unknown */
+#elif defined( __hpux )         /* HP-PA */
+  /* Unknown */
+#elif defined( __aux )          /* 68K */
+  /* Unknown */
+#elif defined( __dgux )         /* 88K (but P6 in latest boxes) */
+#  define DES_UNROLL
+#elif defined( __sgi )          /* Newer MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined(i386) || defined(__i386__)        /* x86 boxes, should be gcc */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libssl/crypto/arch/amd64/opensslconf.h b/src/lib/libssl/crypto/arch/amd64/opensslconf.h
new file mode 100644
index 0000000000..c33ccc8a0f
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/amd64/opensslconf.h
@@ -0,0 +1,180 @@
+/* opensslconf.h */
+/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
+
+/* OpenSSL was configured with the following options: */
+#ifndef OPENSSL_DOING_MAKEDEPEND
+
+#ifndef OPENSSL_NO_KRB5
+# define OPENSSL_NO_KRB5
+#endif
+
+#endif /* OPENSSL_DOING_MAKEDEPEND */
+
+/* The OPENSSL_NO_* macros are also defined as NO_* if the application
+   asks for it.  This is a transient feature that is provided for those
+   who haven't had the time to do the appropriate changes in their
+   applications.  */
+#ifdef OPENSSL_ALGORITHM_DEFINES
+# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
+#  define NO_KRB5
+# endif
+#endif
+
+/* crypto/opensslconf.h.in */
+
+/* Generate 80386 code? */
+#undef I386_ONLY
+
+#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+#define OPENSSLDIR "/etc/ssl"
+#endif
+#endif
+
+#undef OPENSSL_UNISTD
+#define OPENSSL_UNISTD <unistd.h>
+
+#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
+#define IDEA_INT unsigned int
+#endif
+
+#if defined(HEADER_MD2_H) && !defined(MD2_INT)
+#define MD2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC2_H) && !defined(RC2_INT)
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC4_H)
+#if !defined(RC4_INT)
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+/*
+ * I don't know what does "most" mean, but declaring "int" is a must on:
+ * - Intel P6 because partial register stalls are very expensive;
+ * - elder Alpha because it lacks byte load/store instructions;
+ */
+#define RC4_INT unsigned int
+#endif
+#if !defined(RC4_CHUNK)
+/*
+ * This enables code handling data aligned at natural CPU word
+ * boundary. See crypto/rc4/rc4_enc.c for further details.
+ */
+#undef RC4_CHUNK
+#endif
+#endif
+
+#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned int
+#endif
+#endif
+
+#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+#define CONFIG_HEADER_BN_H
+#undef BN_LLONG
+
+/* Should we define BN_DIV2W here? */
+
+/* Only one for the following should be defined */
+/* The prime number generation stuff may not work when
+ * EIGHT_BIT but I don't care since I've only used this mode
+ * for debuging the bignum libraries */
+#define SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#undef THIRTY_TWO_BIT
+#undef SIXTEEN_BIT
+#undef EIGHT_BIT
+#endif
+
+#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
+#define CONFIG_HEADER_RC4_LOCL_H
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#undef RC4_INDEX
+#endif
+
+#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+#define CONFIG_HEADER_BF_LOCL_H
+#undef BF_PTR
+#endif /* HEADER_BF_LOCL_H */
+
+#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+#define CONFIG_HEADER_DES_LOCL_H
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#define DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units.  It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#undef DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#define DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#undef DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+   even newer MIPS CPU's, but at the moment one size fits all for
+   optimization options.  Older Sparc's work better with only UNROLL, but
+   there's no way to tell at compile time what it is you're running on */
+ 
+#if defined( sun )              /* Newer Sparc's */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#elif defined( __ultrix )       /* Older MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined( __osf1__ )       /* Alpha */
+#  define DES_PTR
+#  define DES_RISC2
+#elif defined ( _AIX )          /* RS6000 */
+  /* Unknown */
+#elif defined( __hpux )         /* HP-PA */
+  /* Unknown */
+#elif defined( __aux )          /* 68K */
+  /* Unknown */
+#elif defined( __dgux )         /* 88K (but P6 in latest boxes) */
+#  define DES_UNROLL
+#elif defined( __sgi )          /* Newer MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined(i386) || defined(__i386__)        /* x86 boxes, should be gcc */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libssl/crypto/arch/arm/opensslconf.h b/src/lib/libssl/crypto/arch/arm/opensslconf.h
new file mode 100644
index 0000000000..47a6dd8596
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/arm/opensslconf.h
@@ -0,0 +1,180 @@
+/* opensslconf.h */
+/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
+
+/* OpenSSL was configured with the following options: */
+#ifndef OPENSSL_DOING_MAKEDEPEND
+
+#ifndef OPENSSL_NO_KRB5
+# define OPENSSL_NO_KRB5
+#endif
+
+#endif /* OPENSSL_DOING_MAKEDEPEND */
+
+/* The OPENSSL_NO_* macros are also defined as NO_* if the application
+   asks for it.  This is a transient feature that is provided for those
+   who haven't had the time to do the appropriate changes in their
+   applications.  */
+#ifdef OPENSSL_ALGORITHM_DEFINES
+# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
+#  define NO_KRB5
+# endif
+#endif
+
+/* crypto/opensslconf.h.in */
+
+/* Generate 80386 code? */
+#undef I386_ONLY
+
+#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+#define OPENSSLDIR "/etc/ssl"
+#endif
+#endif
+
+#undef OPENSSL_UNISTD
+#define OPENSSL_UNISTD <unistd.h>
+
+#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
+#define IDEA_INT unsigned int
+#endif
+
+#if defined(HEADER_MD2_H) && !defined(MD2_INT)
+#define MD2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC2_H) && !defined(RC2_INT)
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC4_H)
+#if !defined(RC4_INT)
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+/*
+ * I don't know what does "most" mean, but declaring "int" is a must on:
+ * - Intel P6 because partial register stalls are very expensive;
+ * - elder Alpha because it lacks byte load/store instructions;
+ */
+#define RC4_INT unsigned int
+#endif
+#if !defined(RC4_CHUNK)
+/*
+ * This enables code handling data aligned at natural CPU word
+ * boundary. See crypto/rc4/rc4_enc.c for further details.
+ */
+#undef RC4_CHUNK
+#endif
+#endif
+
+#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned int
+#endif
+#endif
+
+#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+#define CONFIG_HEADER_BN_H
+#define BN_LLONG
+
+/* Should we define BN_DIV2W here? */
+
+/* Only one for the following should be defined */
+/* The prime number generation stuff may not work when
+ * EIGHT_BIT but I don't care since I've only used this mode
+ * for debuging the bignum libraries */
+#undef SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#define THIRTY_TWO_BIT
+#undef SIXTEEN_BIT
+#undef EIGHT_BIT
+#endif
+
+#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
+#define CONFIG_HEADER_RC4_LOCL_H
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#define RC4_INDEX
+#endif
+
+#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+#define CONFIG_HEADER_BF_LOCL_H
+#undef BF_PTR
+#endif /* HEADER_BF_LOCL_H */
+
+#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+#define CONFIG_HEADER_DES_LOCL_H
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#undef DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units.  It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#undef DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#undef DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#define DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+   even newer MIPS CPU's, but at the moment one size fits all for
+   optimization options.  Older Sparc's work better with only UNROLL, but
+   there's no way to tell at compile time what it is you're running on */
+ 
+#if defined( sun )              /* Newer Sparc's */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#elif defined( __ultrix )       /* Older MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined( __osf1__ )       /* Alpha */
+#  define DES_PTR
+#  define DES_RISC2
+#elif defined ( _AIX )          /* RS6000 */
+  /* Unknown */
+#elif defined( __hpux )         /* HP-PA */
+  /* Unknown */
+#elif defined( __aux )          /* 68K */
+  /* Unknown */
+#elif defined( __dgux )         /* 88K (but P6 in latest boxes) */
+#  define DES_UNROLL
+#elif defined( __sgi )          /* Newer MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined(i386) || defined(__i386__)        /* x86 boxes, should be gcc */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libssl/src/crypto/opensslconf.h b/src/lib/libssl/crypto/arch/hppa/opensslconf.h
index 492041bc7c..0334dbdfc6 100644
--- a/src/lib/libssl/src/crypto/opensslconf.h
+++ b/src/lib/libssl/crypto/arch/hppa/opensslconf.h
@@ -27,7 +27,7 @@
 
 #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
 #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
-#define OPENSSLDIR "/usr/local/ssl"
+#define OPENSSLDIR "/etc/ssl"
 #endif
 #endif
 
@@ -69,7 +69,7 @@
 #endif
 #endif
 
-#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
+#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
 /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
  * %20 speed up (longs are 8 bytes, int's are 4). */
 #ifndef DES_LONG
@@ -79,7 +79,7 @@
 
 #if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
 #define CONFIG_HEADER_BN_H
-#undef BN_LLONG
+#define BN_LLONG
 
 /* Should we define BN_DIV2W here? */
 
@@ -98,7 +98,7 @@
 #define CONFIG_HEADER_RC4_LOCL_H
 /* if this is defined data[i] is used instead of *data, this is a %20
  * speedup on x86 */
-#undef RC4_INDEX
+#define RC4_INDEX
 #endif
 
 #if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
@@ -133,7 +133,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
 /* Unroll the inner loop, this sometimes helps, sometimes hinders.
  * Very mucy CPU dependant */
 #ifndef DES_UNROLL
-#undef DES_UNROLL
+#define DES_UNROLL
 #endif
 
 /* These default values were supplied by
diff --git a/src/lib/libssl/crypto/arch/i386/opensslconf.h b/src/lib/libssl/crypto/arch/i386/opensslconf.h
new file mode 100644
index 0000000000..7361ac56a1
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/i386/opensslconf.h
@@ -0,0 +1,180 @@
+/* opensslconf.h */
+/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
+
+/* OpenSSL was configured with the following options: */
+#ifndef OPENSSL_DOING_MAKEDEPEND
+
+#ifndef OPENSSL_NO_KRB5
+# define OPENSSL_NO_KRB5
+#endif
+
+#endif /* OPENSSL_DOING_MAKEDEPEND */
+
+/* The OPENSSL_NO_* macros are also defined as NO_* if the application
+   asks for it.  This is a transient feature that is provided for those
+   who haven't had the time to do the appropriate changes in their
+   applications.  */
+#ifdef OPENSSL_ALGORITHM_DEFINES
+# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
+#  define NO_KRB5
+# endif
+#endif
+
+/* crypto/opensslconf.h.in */
+
+/* Generate 80386 code? */
+#undef I386_ONLY
+
+#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+#define OPENSSLDIR "/etc/ssl"
+#endif
+#endif
+
+#undef OPENSSL_UNISTD
+#define OPENSSL_UNISTD <unistd.h>
+
+#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
+#define IDEA_INT unsigned int
+#endif
+
+#if defined(HEADER_MD2_H) && !defined(MD2_INT)
+#define MD2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC2_H) && !defined(RC2_INT)
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC4_H)
+#if !defined(RC4_INT)
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+/*
+ * I don't know what does "most" mean, but declaring "int" is a must on:
+ * - Intel P6 because partial register stalls are very expensive;
+ * - elder Alpha because it lacks byte load/store instructions;
+ */
+#define RC4_INT unsigned int
+#endif
+#if !defined(RC4_CHUNK)
+/*
+ * This enables code handling data aligned at natural CPU word
+ * boundary. See crypto/rc4/rc4_enc.c for further details.
+ */
+#undef RC4_CHUNK
+#endif
+#endif
+
+#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned long
+#endif
+#endif
+
+#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+#define CONFIG_HEADER_BN_H
+#define BN_LLONG
+
+/* Should we define BN_DIV2W here? */
+
+/* Only one for the following should be defined */
+/* The prime number generation stuff may not work when
+ * EIGHT_BIT but I don't care since I've only used this mode
+ * for debuging the bignum libraries */
+#undef SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#define THIRTY_TWO_BIT
+#undef SIXTEEN_BIT
+#undef EIGHT_BIT
+#endif
+
+#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
+#define CONFIG_HEADER_RC4_LOCL_H
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#define RC4_INDEX
+#endif
+
+#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+#define CONFIG_HEADER_BF_LOCL_H
+#undef BF_PTR
+#endif /* HEADER_BF_LOCL_H */
+
+#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+#define CONFIG_HEADER_DES_LOCL_H
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#define DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units.  It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#define DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#undef DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#define DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+   even newer MIPS CPU's, but at the moment one size fits all for
+   optimization options.  Older Sparc's work better with only UNROLL, but
+   there's no way to tell at compile time what it is you're running on */
+ 
+#if defined( sun )              /* Newer Sparc's */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#elif defined( __ultrix )       /* Older MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined( __osf1__ )       /* Alpha */
+#  define DES_PTR
+#  define DES_RISC2
+#elif defined ( _AIX )          /* RS6000 */
+  /* Unknown */
+#elif defined( __hpux )         /* HP-PA */
+  /* Unknown */
+#elif defined( __aux )          /* 68K */
+  /* Unknown */
+#elif defined( __dgux )         /* 88K (but P6 in latest boxes) */
+#  define DES_UNROLL
+#elif defined( __sgi )          /* Newer MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined(i386) || defined(__i386__)        /* x86 boxes, should be gcc */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libssl/crypto/arch/m68k/opensslconf.h b/src/lib/libssl/crypto/arch/m68k/opensslconf.h
new file mode 100644
index 0000000000..47a6dd8596
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/m68k/opensslconf.h
@@ -0,0 +1,180 @@
+/* opensslconf.h */
+/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
+
+/* OpenSSL was configured with the following options: */
+#ifndef OPENSSL_DOING_MAKEDEPEND
+
+#ifndef OPENSSL_NO_KRB5
+# define OPENSSL_NO_KRB5
+#endif
+
+#endif /* OPENSSL_DOING_MAKEDEPEND */
+
+/* The OPENSSL_NO_* macros are also defined as NO_* if the application
+   asks for it.  This is a transient feature that is provided for those
+   who haven't had the time to do the appropriate changes in their
+   applications.  */
+#ifdef OPENSSL_ALGORITHM_DEFINES
+# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
+#  define NO_KRB5
+# endif
+#endif
+
+/* crypto/opensslconf.h.in */
+
+/* Generate 80386 code? */
+#undef I386_ONLY
+
+#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+#define OPENSSLDIR "/etc/ssl"
+#endif
+#endif
+
+#undef OPENSSL_UNISTD
+#define OPENSSL_UNISTD <unistd.h>
+
+#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
+#define IDEA_INT unsigned int
+#endif
+
+#if defined(HEADER_MD2_H) && !defined(MD2_INT)
+#define MD2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC2_H) && !defined(RC2_INT)
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC4_H)
+#if !defined(RC4_INT)
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+/*
+ * I don't know what does "most" mean, but declaring "int" is a must on:
+ * - Intel P6 because partial register stalls are very expensive;
+ * - elder Alpha because it lacks byte load/store instructions;
+ */
+#define RC4_INT unsigned int
+#endif
+#if !defined(RC4_CHUNK)
+/*
+ * This enables code handling data aligned at natural CPU word
+ * boundary. See crypto/rc4/rc4_enc.c for further details.
+ */
+#undef RC4_CHUNK
+#endif
+#endif
+
+#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned int
+#endif
+#endif
+
+#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+#define CONFIG_HEADER_BN_H
+#define BN_LLONG
+
+/* Should we define BN_DIV2W here? */
+
+/* Only one for the following should be defined */
+/* The prime number generation stuff may not work when
+ * EIGHT_BIT but I don't care since I've only used this mode
+ * for debuging the bignum libraries */
+#undef SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#define THIRTY_TWO_BIT
+#undef SIXTEEN_BIT
+#undef EIGHT_BIT
+#endif
+
+#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
+#define CONFIG_HEADER_RC4_LOCL_H
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#define RC4_INDEX
+#endif
+
+#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+#define CONFIG_HEADER_BF_LOCL_H
+#undef BF_PTR
+#endif /* HEADER_BF_LOCL_H */
+
+#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+#define CONFIG_HEADER_DES_LOCL_H
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#undef DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units.  It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#undef DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#undef DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#define DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+   even newer MIPS CPU's, but at the moment one size fits all for
+   optimization options.  Older Sparc's work better with only UNROLL, but
+   there's no way to tell at compile time what it is you're running on */
+ 
+#if defined( sun )              /* Newer Sparc's */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#elif defined( __ultrix )       /* Older MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined( __osf1__ )       /* Alpha */
+#  define DES_PTR
+#  define DES_RISC2
+#elif defined ( _AIX )          /* RS6000 */
+  /* Unknown */
+#elif defined( __hpux )         /* HP-PA */
+  /* Unknown */
+#elif defined( __aux )          /* 68K */
+  /* Unknown */
+#elif defined( __dgux )         /* 88K (but P6 in latest boxes) */
+#  define DES_UNROLL
+#elif defined( __sgi )          /* Newer MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined(i386) || defined(__i386__)        /* x86 boxes, should be gcc */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libssl/crypto/arch/m88k/opensslconf.h b/src/lib/libssl/crypto/arch/m88k/opensslconf.h
new file mode 100644
index 0000000000..47a6dd8596
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/m88k/opensslconf.h
@@ -0,0 +1,180 @@
+/* opensslconf.h */
+/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
+
+/* OpenSSL was configured with the following options: */
+#ifndef OPENSSL_DOING_MAKEDEPEND
+
+#ifndef OPENSSL_NO_KRB5
+# define OPENSSL_NO_KRB5
+#endif
+
+#endif /* OPENSSL_DOING_MAKEDEPEND */
+
+/* The OPENSSL_NO_* macros are also defined as NO_* if the application
+   asks for it.  This is a transient feature that is provided for those
+   who haven't had the time to do the appropriate changes in their
+   applications.  */
+#ifdef OPENSSL_ALGORITHM_DEFINES
+# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
+#  define NO_KRB5
+# endif
+#endif
+
+/* crypto/opensslconf.h.in */
+
+/* Generate 80386 code? */
+#undef I386_ONLY
+
+#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+#define OPENSSLDIR "/etc/ssl"
+#endif
+#endif
+
+#undef OPENSSL_UNISTD
+#define OPENSSL_UNISTD <unistd.h>
+
+#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
+#define IDEA_INT unsigned int
+#endif
+
+#if defined(HEADER_MD2_H) && !defined(MD2_INT)
+#define MD2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC2_H) && !defined(RC2_INT)
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC4_H)
+#if !defined(RC4_INT)
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+/*
+ * I don't know what does "most" mean, but declaring "int" is a must on:
+ * - Intel P6 because partial register stalls are very expensive;
+ * - elder Alpha because it lacks byte load/store instructions;
+ */
+#define RC4_INT unsigned int
+#endif
+#if !defined(RC4_CHUNK)
+/*
+ * This enables code handling data aligned at natural CPU word
+ * boundary. See crypto/rc4/rc4_enc.c for further details.
+ */
+#undef RC4_CHUNK
+#endif
+#endif
+
+#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned int
+#endif
+#endif
+
+#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+#define CONFIG_HEADER_BN_H
+#define BN_LLONG
+
+/* Should we define BN_DIV2W here? */
+
+/* Only one for the following should be defined */
+/* The prime number generation stuff may not work when
+ * EIGHT_BIT but I don't care since I've only used this mode
+ * for debuging the bignum libraries */
+#undef SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#define THIRTY_TWO_BIT
+#undef SIXTEEN_BIT
+#undef EIGHT_BIT
+#endif
+
+#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
+#define CONFIG_HEADER_RC4_LOCL_H
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#define RC4_INDEX
+#endif
+
+#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+#define CONFIG_HEADER_BF_LOCL_H
+#undef BF_PTR
+#endif /* HEADER_BF_LOCL_H */
+
+#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+#define CONFIG_HEADER_DES_LOCL_H
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#undef DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units.  It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#undef DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#undef DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#define DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+   even newer MIPS CPU's, but at the moment one size fits all for
+   optimization options.  Older Sparc's work better with only UNROLL, but
+   there's no way to tell at compile time what it is you're running on */
+ 
+#if defined( sun )              /* Newer Sparc's */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#elif defined( __ultrix )       /* Older MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined( __osf1__ )       /* Alpha */
+#  define DES_PTR
+#  define DES_RISC2
+#elif defined ( _AIX )          /* RS6000 */
+  /* Unknown */
+#elif defined( __hpux )         /* HP-PA */
+  /* Unknown */
+#elif defined( __aux )          /* 68K */
+  /* Unknown */
+#elif defined( __dgux )         /* 88K (but P6 in latest boxes) */
+#  define DES_UNROLL
+#elif defined( __sgi )          /* Newer MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined(i386) || defined(__i386__)        /* x86 boxes, should be gcc */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libssl/crypto/arch/mips64/opensslconf.h b/src/lib/libssl/crypto/arch/mips64/opensslconf.h
new file mode 100644
index 0000000000..c33ccc8a0f
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/mips64/opensslconf.h
@@ -0,0 +1,180 @@
+/* opensslconf.h */
+/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
+
+/* OpenSSL was configured with the following options: */
+#ifndef OPENSSL_DOING_MAKEDEPEND
+
+#ifndef OPENSSL_NO_KRB5
+# define OPENSSL_NO_KRB5
+#endif
+
+#endif /* OPENSSL_DOING_MAKEDEPEND */
+
+/* The OPENSSL_NO_* macros are also defined as NO_* if the application
+   asks for it.  This is a transient feature that is provided for those
+   who haven't had the time to do the appropriate changes in their
+   applications.  */
+#ifdef OPENSSL_ALGORITHM_DEFINES
+# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
+#  define NO_KRB5
+# endif
+#endif
+
+/* crypto/opensslconf.h.in */
+
+/* Generate 80386 code? */
+#undef I386_ONLY
+
+#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+#define OPENSSLDIR "/etc/ssl"
+#endif
+#endif
+
+#undef OPENSSL_UNISTD
+#define OPENSSL_UNISTD <unistd.h>
+
+#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
+#define IDEA_INT unsigned int
+#endif
+
+#if defined(HEADER_MD2_H) && !defined(MD2_INT)
+#define MD2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC2_H) && !defined(RC2_INT)
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC4_H)
+#if !defined(RC4_INT)
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+/*
+ * I don't know what does "most" mean, but declaring "int" is a must on:
+ * - Intel P6 because partial register stalls are very expensive;
+ * - elder Alpha because it lacks byte load/store instructions;
+ */
+#define RC4_INT unsigned int
+#endif
+#if !defined(RC4_CHUNK)
+/*
+ * This enables code handling data aligned at natural CPU word
+ * boundary. See crypto/rc4/rc4_enc.c for further details.
+ */
+#undef RC4_CHUNK
+#endif
+#endif
+
+#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned int
+#endif
+#endif
+
+#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+#define CONFIG_HEADER_BN_H
+#undef BN_LLONG
+
+/* Should we define BN_DIV2W here? */
+
+/* Only one for the following should be defined */
+/* The prime number generation stuff may not work when
+ * EIGHT_BIT but I don't care since I've only used this mode
+ * for debuging the bignum libraries */
+#define SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#undef THIRTY_TWO_BIT
+#undef SIXTEEN_BIT
+#undef EIGHT_BIT
+#endif
+
+#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
+#define CONFIG_HEADER_RC4_LOCL_H
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#undef RC4_INDEX
+#endif
+
+#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+#define CONFIG_HEADER_BF_LOCL_H
+#undef BF_PTR
+#endif /* HEADER_BF_LOCL_H */
+
+#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+#define CONFIG_HEADER_DES_LOCL_H
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#define DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units.  It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#undef DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#define DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#undef DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+   even newer MIPS CPU's, but at the moment one size fits all for
+   optimization options.  Older Sparc's work better with only UNROLL, but
+   there's no way to tell at compile time what it is you're running on */
+ 
+#if defined( sun )              /* Newer Sparc's */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#elif defined( __ultrix )       /* Older MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined( __osf1__ )       /* Alpha */
+#  define DES_PTR
+#  define DES_RISC2
+#elif defined ( _AIX )          /* RS6000 */
+  /* Unknown */
+#elif defined( __hpux )         /* HP-PA */
+  /* Unknown */
+#elif defined( __aux )          /* 68K */
+  /* Unknown */
+#elif defined( __dgux )         /* 88K (but P6 in latest boxes) */
+#  define DES_UNROLL
+#elif defined( __sgi )          /* Newer MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined(i386) || defined(__i386__)        /* x86 boxes, should be gcc */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libssl/crypto/arch/powerpc/opensslconf.h b/src/lib/libssl/crypto/arch/powerpc/opensslconf.h
new file mode 100644
index 0000000000..47a6dd8596
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/powerpc/opensslconf.h
@@ -0,0 +1,180 @@
+/* opensslconf.h */
+/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
+
+/* OpenSSL was configured with the following options: */
+#ifndef OPENSSL_DOING_MAKEDEPEND
+
+#ifndef OPENSSL_NO_KRB5
+# define OPENSSL_NO_KRB5
+#endif
+
+#endif /* OPENSSL_DOING_MAKEDEPEND */
+
+/* The OPENSSL_NO_* macros are also defined as NO_* if the application
+   asks for it.  This is a transient feature that is provided for those
+   who haven't had the time to do the appropriate changes in their
+   applications.  */
+#ifdef OPENSSL_ALGORITHM_DEFINES
+# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
+#  define NO_KRB5
+# endif
+#endif
+
+/* crypto/opensslconf.h.in */
+
+/* Generate 80386 code? */
+#undef I386_ONLY
+
+#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+#define OPENSSLDIR "/etc/ssl"
+#endif
+#endif
+
+#undef OPENSSL_UNISTD
+#define OPENSSL_UNISTD <unistd.h>
+
+#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
+#define IDEA_INT unsigned int
+#endif
+
+#if defined(HEADER_MD2_H) && !defined(MD2_INT)
+#define MD2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC2_H) && !defined(RC2_INT)
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC4_H)
+#if !defined(RC4_INT)
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+/*
+ * I don't know what does "most" mean, but declaring "int" is a must on:
+ * - Intel P6 because partial register stalls are very expensive;
+ * - elder Alpha because it lacks byte load/store instructions;
+ */
+#define RC4_INT unsigned int
+#endif
+#if !defined(RC4_CHUNK)
+/*
+ * This enables code handling data aligned at natural CPU word
+ * boundary. See crypto/rc4/rc4_enc.c for further details.
+ */
+#undef RC4_CHUNK
+#endif
+#endif
+
+#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned int
+#endif
+#endif
+
+#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+#define CONFIG_HEADER_BN_H
+#define BN_LLONG
+
+/* Should we define BN_DIV2W here? */
+
+/* Only one for the following should be defined */
+/* The prime number generation stuff may not work when
+ * EIGHT_BIT but I don't care since I've only used this mode
+ * for debuging the bignum libraries */
+#undef SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#define THIRTY_TWO_BIT
+#undef SIXTEEN_BIT
+#undef EIGHT_BIT
+#endif
+
+#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
+#define CONFIG_HEADER_RC4_LOCL_H
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#define RC4_INDEX
+#endif
+
+#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+#define CONFIG_HEADER_BF_LOCL_H
+#undef BF_PTR
+#endif /* HEADER_BF_LOCL_H */
+
+#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+#define CONFIG_HEADER_DES_LOCL_H
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#undef DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units.  It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#undef DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#undef DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#define DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+   even newer MIPS CPU's, but at the moment one size fits all for
+   optimization options.  Older Sparc's work better with only UNROLL, but
+   there's no way to tell at compile time what it is you're running on */
+ 
+#if defined( sun )              /* Newer Sparc's */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#elif defined( __ultrix )       /* Older MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined( __osf1__ )       /* Alpha */
+#  define DES_PTR
+#  define DES_RISC2
+#elif defined ( _AIX )          /* RS6000 */
+  /* Unknown */
+#elif defined( __hpux )         /* HP-PA */
+  /* Unknown */
+#elif defined( __aux )          /* 68K */
+  /* Unknown */
+#elif defined( __dgux )         /* 88K (but P6 in latest boxes) */
+#  define DES_UNROLL
+#elif defined( __sgi )          /* Newer MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined(i386) || defined(__i386__)        /* x86 boxes, should be gcc */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libssl/crypto/arch/sparc/opensslconf.h b/src/lib/libssl/crypto/arch/sparc/opensslconf.h
new file mode 100644
index 0000000000..47a6dd8596
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/sparc/opensslconf.h
@@ -0,0 +1,180 @@
+/* opensslconf.h */
+/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
+
+/* OpenSSL was configured with the following options: */
+#ifndef OPENSSL_DOING_MAKEDEPEND
+
+#ifndef OPENSSL_NO_KRB5
+# define OPENSSL_NO_KRB5
+#endif
+
+#endif /* OPENSSL_DOING_MAKEDEPEND */
+
+/* The OPENSSL_NO_* macros are also defined as NO_* if the application
+   asks for it.  This is a transient feature that is provided for those
+   who haven't had the time to do the appropriate changes in their
+   applications.  */
+#ifdef OPENSSL_ALGORITHM_DEFINES
+# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
+#  define NO_KRB5
+# endif
+#endif
+
+/* crypto/opensslconf.h.in */
+
+/* Generate 80386 code? */
+#undef I386_ONLY
+
+#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+#define OPENSSLDIR "/etc/ssl"
+#endif
+#endif
+
+#undef OPENSSL_UNISTD
+#define OPENSSL_UNISTD <unistd.h>
+
+#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
+#define IDEA_INT unsigned int
+#endif
+
+#if defined(HEADER_MD2_H) && !defined(MD2_INT)
+#define MD2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC2_H) && !defined(RC2_INT)
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC4_H)
+#if !defined(RC4_INT)
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+/*
+ * I don't know what does "most" mean, but declaring "int" is a must on:
+ * - Intel P6 because partial register stalls are very expensive;
+ * - elder Alpha because it lacks byte load/store instructions;
+ */
+#define RC4_INT unsigned int
+#endif
+#if !defined(RC4_CHUNK)
+/*
+ * This enables code handling data aligned at natural CPU word
+ * boundary. See crypto/rc4/rc4_enc.c for further details.
+ */
+#undef RC4_CHUNK
+#endif
+#endif
+
+#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned int
+#endif
+#endif
+
+#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+#define CONFIG_HEADER_BN_H
+#define BN_LLONG
+
+/* Should we define BN_DIV2W here? */
+
+/* Only one for the following should be defined */
+/* The prime number generation stuff may not work when
+ * EIGHT_BIT but I don't care since I've only used this mode
+ * for debuging the bignum libraries */
+#undef SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#define THIRTY_TWO_BIT
+#undef SIXTEEN_BIT
+#undef EIGHT_BIT
+#endif
+
+#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
+#define CONFIG_HEADER_RC4_LOCL_H
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#define RC4_INDEX
+#endif
+
+#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+#define CONFIG_HEADER_BF_LOCL_H
+#undef BF_PTR
+#endif /* HEADER_BF_LOCL_H */
+
+#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+#define CONFIG_HEADER_DES_LOCL_H
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#undef DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units.  It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#undef DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#undef DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#define DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+   even newer MIPS CPU's, but at the moment one size fits all for
+   optimization options.  Older Sparc's work better with only UNROLL, but
+   there's no way to tell at compile time what it is you're running on */
+ 
+#if defined( sun )              /* Newer Sparc's */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#elif defined( __ultrix )       /* Older MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined( __osf1__ )       /* Alpha */
+#  define DES_PTR
+#  define DES_RISC2
+#elif defined ( _AIX )          /* RS6000 */
+  /* Unknown */
+#elif defined( __hpux )         /* HP-PA */
+  /* Unknown */
+#elif defined( __aux )          /* 68K */
+  /* Unknown */
+#elif defined( __dgux )         /* 88K (but P6 in latest boxes) */
+#  define DES_UNROLL
+#elif defined( __sgi )          /* Newer MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined(i386) || defined(__i386__)        /* x86 boxes, should be gcc */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libssl/crypto/arch/sparc64/opensslconf.h b/src/lib/libssl/crypto/arch/sparc64/opensslconf.h
new file mode 100644
index 0000000000..053308653b
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/sparc64/opensslconf.h
@@ -0,0 +1,180 @@
+/* opensslconf.h */
+/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
+
+/* OpenSSL was configured with the following options: */
+#ifndef OPENSSL_DOING_MAKEDEPEND
+
+#ifndef OPENSSL_NO_KRB5
+# define OPENSSL_NO_KRB5
+#endif
+
+#endif /* OPENSSL_DOING_MAKEDEPEND */
+
+/* The OPENSSL_NO_* macros are also defined as NO_* if the application
+   asks for it.  This is a transient feature that is provided for those
+   who haven't had the time to do the appropriate changes in their
+   applications.  */
+#ifdef OPENSSL_ALGORITHM_DEFINES
+# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
+#  define NO_KRB5
+# endif
+#endif
+
+/* crypto/opensslconf.h.in */
+
+/* Generate 80386 code? */
+#undef I386_ONLY
+
+#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+#define OPENSSLDIR "/etc/ssl"
+#endif
+#endif
+
+#undef OPENSSL_UNISTD
+#define OPENSSL_UNISTD <unistd.h>
+
+#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
+#define IDEA_INT unsigned int
+#endif
+
+#if defined(HEADER_MD2_H) && !defined(MD2_INT)
+#define MD2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC2_H) && !defined(RC2_INT)
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC4_H)
+#if !defined(RC4_INT)
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+/*
+ * I don't know what does "most" mean, but declaring "int" is a must on:
+ * - Intel P6 because partial register stalls are very expensive;
+ * - elder Alpha because it lacks byte load/store instructions;
+ */
+#define RC4_INT unsigned int
+#endif
+#if !defined(RC4_CHUNK)
+/*
+ * This enables code handling data aligned at natural CPU word
+ * boundary. See crypto/rc4/rc4_enc.c for further details.
+ */
+#undef RC4_CHUNK
+#endif
+#endif
+
+#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned int
+#endif
+#endif
+
+#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+#define CONFIG_HEADER_BN_H
+#undef BN_LLONG
+
+/* Should we define BN_DIV2W here? */
+
+/* Only one for the following should be defined */
+/* The prime number generation stuff may not work when
+ * EIGHT_BIT but I don't care since I've only used this mode
+ * for debuging the bignum libraries */
+#define SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#undef THIRTY_TWO_BIT
+#undef SIXTEEN_BIT
+#undef EIGHT_BIT
+#endif
+
+#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
+#define CONFIG_HEADER_RC4_LOCL_H
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#undef RC4_INDEX
+#endif
+
+#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+#define CONFIG_HEADER_BF_LOCL_H
+#define BF_PTR
+#endif /* HEADER_BF_LOCL_H */
+
+#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+#define CONFIG_HEADER_DES_LOCL_H
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#define DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units.  It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#undef DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#define DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#undef DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+   even newer MIPS CPU's, but at the moment one size fits all for
+   optimization options.  Older Sparc's work better with only UNROLL, but
+   there's no way to tell at compile time what it is you're running on */
+ 
+#if defined( sun )              /* Newer Sparc's */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#elif defined( __ultrix )       /* Older MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined( __osf1__ )       /* Alpha */
+#  define DES_PTR
+#  define DES_RISC2
+#elif defined ( _AIX )          /* RS6000 */
+  /* Unknown */
+#elif defined( __hpux )         /* HP-PA */
+  /* Unknown */
+#elif defined( __aux )          /* 68K */
+  /* Unknown */
+#elif defined( __dgux )         /* 88K (but P6 in latest boxes) */
+#  define DES_UNROLL
+#elif defined( __sgi )          /* Newer MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined(i386) || defined(__i386__)        /* x86 boxes, should be gcc */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libssl/crypto/arch/vax/bn_asm_vax.S b/src/lib/libssl/crypto/arch/vax/bn_asm_vax.S
new file mode 100644
index 0000000000..bd067a55d3
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/vax/bn_asm_vax.S
@@ -0,0 +1,436 @@
+#       $OpenBSD: bn_asm_vax.S,v 1.1 2003/11/18 12:39:05 markus Exp $
+#       $NetBSD: bn_asm_vax.S,v 1.1 2003/11/03 10:22:28 ragge Exp $
+
+#include <machine/asm.h>
+
+# w.j.m. 15-jan-1999
+#
+# it's magic ...
+#
+# ULONG bn_mul_add_words(ULONG r[],ULONG a[],int n,ULONG w) {
+#       ULONG c = 0;
+#       int i;
+#       for(i = 0; i < n; i++) <c,r[i]> := r[i] + c + a[i] * w ;
+#       return c;
+# }
+
+ENTRY(bn_mul_add_words,R6)
+        movl    4(ap),r2                # *r
+        movl    8(ap),r3                # *a
+        movl    12(ap),r4               # n
+        movl    16(ap),r5               # w
+        clrl    r6                      # return value ("carry")
+
+0:      emul    r5,(r3),(r2),r0 # w * a[0] + r[0] -> r0
+
+        # fixup for "negative" r[]
+        tstl    (r2)
+        bgeq    1f
+        incl    r1                      # add 1 to highword
+
+1:      # add saved carry to result
+        addl2   r6,r0
+        adwc    $0,r1
+
+        # combined fixup for "negative" w, a[]
+        tstl    r5              # if w is negative...
+        bgeq    1f
+        addl2   (r3),r1         # ...add a[0] again to highword
+1:      tstl    (r3)            # if a[0] is negative...
+        bgeq    1f
+        addl2   r5,r1           # ...add w again to highword
+1:
+        movl    r0,(r2)+        # save low word in dest & advance *r
+        addl2   $4,r3           # advance *a
+        movl    r1,r6           # high word in r6 for return value
+
+        sobgtr  r4,0b           # loop?
+
+        movl    r6,r0
+        ret
+
+#       .title  vax_bn_mul_words  unsigned multiply & add, 32*32+32=>64
+#;
+#; w.j.m. 15-jan-1999
+#;
+#; it's magic ...
+#;
+#; ULONG bn_mul_words(ULONG r[],ULONG a[],int n,ULONG w) {
+#;      ULONG c = 0;
+#;      int i;
+#;      for(i = 0; i < num; i++) <c,r[i]> := a[i] * w + c ;
+#;      return(c);
+#; }
+#
+
+ENTRY(bn_mul_words,R6)
+        movl    4(ap),r2                # *r
+        movl    8(ap),r3                # *a
+        movl    12(ap),r4               # n
+        movl    16(ap),r5               # w
+        clrl    r6                      # carry
+
+0:      emul    r5,(r3),r6,r0           # w * a[0] + carry -> r0
+
+        # fixup for "negative" carry
+        tstl    r6
+        bgeq    1f
+        incl    r1
+
+1:      # combined fixup for "negative" w, a[]
+        tstl    r5
+        bgeq    1f
+        addl2   (r3),r1
+1:      tstl    (r3)
+        bgeq    1f
+        addl2   r5,r1
+
+1:      movl    r0,(r2)+
+        addl2   $4,r3
+        movl    r1,r6
+
+        sobgtr  r4,0b
+
+        movl    r6,r0
+        ret
+
+
+
+#       .title  vax_bn_sqr_words  unsigned square, 32*32=>64
+#;
+#; w.j.m. 15-jan-1999
+#;
+#; it's magic ...
+#;
+#; void bn_sqr_words(ULONG r[],ULONG a[],int n) {
+#;      int i;
+#;      for(i = 0; i < n; i++) <r[2*i+1],r[2*i]> := a[i] * a[i] ;
+#; }
+#
+
+ENTRY(bn_sqr_words,0)
+        movl    4(ap),r2                # r
+        movl    8(ap),r3                # a
+        movl    12(ap),r4               # n
+
+0:      movl    (r3)+,r5                # r5 = a[] & advance
+
+        emul    r5,r5,$0,r0             # a[0] * a[0] + 0 -> r0
+
+        # fixup for "negative" a[]
+        tstl    r5
+        bgeq    1f
+        addl2   r5,r1
+        addl2   r5,r1
+
+1:      movq    r0,(r2)+                # store 64-bit result
+
+        sobgtr  r4,0b                   # loop
+
+        ret
+
+
+#       .title  vax_bn_div_words  unsigned divide
+#;
+#; Richard Levitte 20-Nov-2000
+#;
+#; ULONG bn_div_words(ULONG h, ULONG l, ULONG d)
+#; {
+#;      return ((ULONG)((((ULLONG)h)<<32)|l) / (ULLONG)d);
+#; }
+#;
+#; Using EDIV would be very easy, if it didn't do signed calculations.
+#; Any time any of the input numbers are signed, there are problems,
+#; usually with integer overflow, at which point it returns useless
+#; data (the quotient gets the value of l, and the remainder becomes 0).
+#;
+#; If it was just for the dividend, it would be very easy, just divide
+#; it by 2 (unsigned), do the division, multiply the resulting quotient
+#; and remainder by 2, add the bit that was dropped when dividing by 2
+#; to the remainder, and do some adjustment so the remainder doesn't
+#; end up larger than the divisor.  For some cases when the divisor is
+#; negative (from EDIV's point of view, i.e. when the highest bit is set),
+#; dividing the dividend by 2 isn't enough, and since some operations
+#; might generate integer overflows even when the dividend is divided by
+#; 4 (when the high part of the shifted down dividend ends up being exactly
+#; half of the divisor, the result is the quotient 0x80000000, which is
+#; negative...) it needs to be divided by 8.  Furthermore, the divisor needs
+#; to be divided by 2 (unsigned) as well, to avoid more problems with the sign.
+#; In this case, a little extra fiddling with the remainder is required.
+#;
+#; So, the simplest way to handle this is always to divide the dividend
+#; by 8, and to divide the divisor by 2 if it's highest bit is set.
+#; After EDIV has been used, the quotient gets multiplied by 8 if the
+#; original divisor was positive, otherwise 4.  The remainder, oddly
+#; enough, is *always* multiplied by 8.
+#; NOTE: in the case mentioned above, where the high part of the shifted
+#; down dividend ends up being exactly half the shifted down divisor, we
+#; end up with a 33 bit quotient.  That's no problem however, it usually
+#; means we have ended up with a too large remainder as well, and the
+#; problem is fixed by the last part of the algorithm (next paragraph).
+#;
+#; The routine ends with comparing the resulting remainder with the
+#; original divisor and if the remainder is larger, subtract the
+#; original divisor from it, and increase the quotient by 1.  This is
+#; done until the remainder is smaller than the divisor.
+#;
+#; The complete algorithm looks like this:
+#;
+#; d'    = d
+#; l'    = l & 7
+#; [h,l] = [h,l] >> 3
+#; [q,r] = floor([h,l] / d)     # This is the EDIV operation
+#; if (q < 0) q = -q            # I doubt this is necessary any more
+#;
+#; r'    = r >> 29
+#; if (d' >= 0)
+#;   q'  = q >> 29
+#;   q   = q << 3
+#; else
+#;   q'  = q >> 30
+#;   q   = q << 2
+#; r     = (r << 3) + l'
+#;
+#; if (d' < 0)
+#;   {
+#;     [r',r] = [r',r] - q
+#;     while ([r',r] < 0)
+#;       {
+#;         [r',r] = [r',r] + d
+#;         [q',q] = [q',q] - 1
+#;       }
+#;   }
+#;
+#; while ([r',r] >= d')
+#;   {
+#;     [r',r] = [r',r] - d'
+#;     [q',q] = [q',q] + 1
+#;   }
+#;
+#; return q
+#
+#;r2 = l, q
+#;r3 = h, r
+#;r4 = d
+#;r5 = l'
+#;r6 = r'
+#;r7 = d'
+#;r8 = q'
+#
+
+ENTRY(bn_div_words,R6|R7|R8)
+        movl    4(ap),r3                # h
+        movl    8(ap),r2                # l
+        movl    12(ap),r4               # d
+
+        bicl3   $-8,r2,r5               # l' = l & 7
+        bicl3   $7,r2,r2
+
+        bicl3   $-8,r3,r6
+        bicl3   $7,r3,r3
+
+        addl2   r6,r2
+
+        rotl    $-3,r2,r2               # l = l >> 3
+        rotl    $-3,r3,r3               # h = h >> 3
+
+        movl    r4,r7                   # d' = d
+
+        clrl    r6                      # r' = 0
+        clrl    r8                      # q' = 0
+
+        tstl    r4
+        beql    0f                      # Uh-oh, the divisor is 0...
+        bgtr    1f
+        rotl    $-1,r4,r4       # If d is negative, shift it right.
+        bicl2   $0x80000000,r4  # Since d is then a large number, the
+                                # lowest bit is insignificant
+                                # (contradict that, and I'll fix the problem!)
+1:
+        ediv    r4,r2,r2,r3             # Do the actual division
+
+        tstl    r2
+        bgeq    1f
+        mnegl   r2,r2           # if q < 0, negate it
+1:
+        tstl    r7
+        blss    1f
+        rotl    $3,r2,r2        #   q = q << 3
+        bicl3   $-8,r2,r8       #   q' gets the high bits from q
+        bicl3   $7,r2,r2
+        brb     2f
+
+1:                              # else
+        rotl    $2,r2,r2        #   q = q << 2
+        bicl3   $-4,r2,r8       #   q' gets the high bits from q
+        bicl3   $3,r2,r2
+2:
+        rotl    $3,r3,r3        # r = r << 3
+        bicl3   $-8,r3,r6       # r' gets the high bits from r
+        bicl3   $7,r3,r3
+        addl2   r5,r3           # r = r + l'
+
+        tstl    r7
+        bgeq    5f
+        bitl    $1,r7
+        beql    5f              # if d' < 0 && d' & 1
+        subl2   r2,r3           #   [r',r] = [r',r] - [q',q]
+        sbwc    r8,r6
+3:
+        bgeq    5f              #   while r < 0
+        decl    r2              #     [q',q] = [q',q] - 1
+        sbwc    $0,r8
+        addl2   r7,r3           #     [r',r] = [r',r] + d'
+        adwc    $0,r6
+        brb     3b
+
+# The return points are placed in the middle to keep a short distance from
+# all the branch points
+1:
+#       movl    r3,r1
+        movl    r2,r0
+        ret
+0:
+        movl    $-1,r0
+        ret
+5:
+        tstl    r6
+        bneq    6f
+        cmpl    r3,r7
+        blssu   1b              # while [r',r] >= d'
+6:
+        subl2   r7,r3           #   [r',r] = [r',r] - d'
+        sbwc    $0,r6
+        incl    r2              #   [q',q] = [q',q] + 1
+        adwc    $0,r8
+        brb     5b
+
+
+
+#       .title  vax_bn_add_words  unsigned add of two arrays
+#;
+#; Richard Levitte 20-Nov-2000
+#;
+#; ULONG bn_add_words(ULONG r[], ULONG a[], ULONG b[], int n) {
+#;      ULONG c = 0;
+#;      int i;
+#;      for (i = 0; i < n; i++) <c,r[i]> = a[i] + b[i] + c;
+#;      return(c);
+#; }
+#
+
+ENTRY(bn_add_words,0)
+        movl    4(ap),r2        # r
+        movl    8(ap),r3        # a
+        movl    12(ap),r4       # b
+        movl    16(ap),r5       # n
+        clrl    r0
+
+        tstl    r5
+        bleq    1f
+
+0:      movl    (r3)+,r1        # carry untouched
+        adwc    (r4)+,r1        # carry used and touched
+        movl    r1,(r2)+        # carry untouched
+        sobgtr  r5,0b           # carry untouched
+
+        adwc    $0,r0
+1:      ret
+
+#;
+#; Richard Levitte 20-Nov-2000
+#;
+#; ULONG bn_sub_words(ULONG r[], ULONG a[], ULONG b[], int n) {
+#;      ULONG c = 0;
+#;      int i;
+#;      for (i = 0; i < n; i++) <c,r[i]> = a[i] - b[i] - c;
+#;      return(c);
+#; }
+#
+
+ENTRY(bn_sub_words,R6)
+        movl    4(ap),r2        # r
+        movl    8(ap),r3        # a
+        movl    12(ap),r4       # b
+        movl    16(ap),r5       # n
+        clrl    r0
+
+        tstl    r5
+        bleq    1f
+
+0:      movl    (r3)+,r6        # carry untouched
+        sbwc    (r4)+,r6        # carry used and touched
+        movl    r6,(r2)+        # carry untouched
+        sobgtr  r5,0b           # carry untouched
+
+1:      adwc    $0,r0
+        ret
+
+#
+#       Ragge 20-Sep-2003
+#
+#       Multiply a vector of 4/8 longword by another.
+#       Uses two loops and 16/64 emuls.
+#
+
+ENTRY(bn_mul_comba4,R6|R7|R8|R9)
+        movl    $4,r9           # 4*4
+        brb     6f
+
+ENTRY(bn_mul_comba8,R6|R7|R8|R9)
+        movl    $8,r9           # 8*8
+
+6:      movl    8(ap),r3        # a[]
+        movl    12(ap),r7       # b[]
+        brb     5f
+
+ENTRY(bn_sqr_comba4,R6|R7|R8|R9)
+        movl    $4,r9           # 4*4
+        brb 0f
+
+ENTRY(bn_sqr_comba8,R6|R7|R8|R9)
+        movl    $8,r9           # 8*8
+
+0:
+        movl    8(ap),r3        # a[]
+        movl    r3,r7           # a[]
+
+5:      movl    4(ap),r5        # r[]
+        movl    r9,r8
+
+        clrq    (r5)            # clear destinatino, for add.
+        clrq    8(r5)
+        clrq    16(r5)          # these only needed for comba8
+        clrq    24(r5)
+
+2:      clrl    r4              # carry
+        movl    r9,r6           # inner loop count
+        movl    (r7)+,r2        # value to multiply with
+
+1:      emul    r2,(r3),r4,r0
+        tstl    r4
+        bgeq    3f
+        incl    r1
+3:      tstl    r2
+        bgeq    3f
+        addl2   (r3),r1
+3:      tstl    (r3)
+        bgeq    3f
+        addl2   r2,r1
+
+3:      addl2   r0,(r5)+        # add to destination
+        adwc    $0,r1           # remember carry
+        movl    r1,r4           # add carry in next emul
+        addl2   $4,r3
+        sobgtr  r6,1b
+
+        movl    r4,(r5)         # save highest add result
+
+        ashl    $2,r9,r4
+        subl2   r4,r3
+        subl2   $4,r4
+        subl2   r4,r5
+
+        sobgtr  r8,2b
+
+        ret
diff --git a/src/lib/libssl/crypto/arch/vax/opensslconf.h b/src/lib/libssl/crypto/arch/vax/opensslconf.h
new file mode 100644
index 0000000000..47a6dd8596
--- /dev/null
+++ b/src/lib/libssl/crypto/arch/vax/opensslconf.h
@@ -0,0 +1,180 @@
+/* opensslconf.h */
+/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
+
+/* OpenSSL was configured with the following options: */
+#ifndef OPENSSL_DOING_MAKEDEPEND
+
+#ifndef OPENSSL_NO_KRB5
+# define OPENSSL_NO_KRB5
+#endif
+
+#endif /* OPENSSL_DOING_MAKEDEPEND */
+
+/* The OPENSSL_NO_* macros are also defined as NO_* if the application
+   asks for it.  This is a transient feature that is provided for those
+   who haven't had the time to do the appropriate changes in their
+   applications.  */
+#ifdef OPENSSL_ALGORITHM_DEFINES
+# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
+#  define NO_KRB5
+# endif
+#endif
+
+/* crypto/opensslconf.h.in */
+
+/* Generate 80386 code? */
+#undef I386_ONLY
+
+#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+#define OPENSSLDIR "/etc/ssl"
+#endif
+#endif
+
+#undef OPENSSL_UNISTD
+#define OPENSSL_UNISTD <unistd.h>
+
+#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
+#define IDEA_INT unsigned int
+#endif
+
+#if defined(HEADER_MD2_H) && !defined(MD2_INT)
+#define MD2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC2_H) && !defined(RC2_INT)
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC4_H)
+#if !defined(RC4_INT)
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+/*
+ * I don't know what does "most" mean, but declaring "int" is a must on:
+ * - Intel P6 because partial register stalls are very expensive;
+ * - elder Alpha because it lacks byte load/store instructions;
+ */
+#define RC4_INT unsigned int
+#endif
+#if !defined(RC4_CHUNK)
+/*
+ * This enables code handling data aligned at natural CPU word
+ * boundary. See crypto/rc4/rc4_enc.c for further details.
+ */
+#undef RC4_CHUNK
+#endif
+#endif
+
+#if (defined(HEADER_DES_H) || defined(HEADER_DES_OLD_H)) && !defined(DES_LONG)
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned int
+#endif
+#endif
+
+#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+#define CONFIG_HEADER_BN_H
+#define BN_LLONG
+
+/* Should we define BN_DIV2W here? */
+
+/* Only one for the following should be defined */
+/* The prime number generation stuff may not work when
+ * EIGHT_BIT but I don't care since I've only used this mode
+ * for debuging the bignum libraries */
+#undef SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#define THIRTY_TWO_BIT
+#undef SIXTEEN_BIT
+#undef EIGHT_BIT
+#endif
+
+#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
+#define CONFIG_HEADER_RC4_LOCL_H
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#define RC4_INDEX
+#endif
+
+#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+#define CONFIG_HEADER_BF_LOCL_H
+#undef BF_PTR
+#endif /* HEADER_BF_LOCL_H */
+
+#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+#define CONFIG_HEADER_DES_LOCL_H
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#undef DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units.  It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#undef DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#undef DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#define DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+   even newer MIPS CPU's, but at the moment one size fits all for
+   optimization options.  Older Sparc's work better with only UNROLL, but
+   there's no way to tell at compile time what it is you're running on */
+ 
+#if defined( sun )              /* Newer Sparc's */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#elif defined( __ultrix )       /* Older MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined( __osf1__ )       /* Alpha */
+#  define DES_PTR
+#  define DES_RISC2
+#elif defined ( _AIX )          /* RS6000 */
+  /* Unknown */
+#elif defined( __hpux )         /* HP-PA */
+  /* Unknown */
+#elif defined( __aux )          /* 68K */
+  /* Unknown */
+#elif defined( __dgux )         /* 88K (but P6 in latest boxes) */
+#  define DES_UNROLL
+#elif defined( __sgi )          /* Newer MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined(i386) || defined(__i386__)        /* x86 boxes, should be gcc */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libssl/crypto/shlib_version b/src/lib/libssl/crypto/shlib_version
new file mode 100644
index 0000000000..eb2c603aec
--- /dev/null
+++ b/src/lib/libssl/crypto/shlib_version
@@ -0,0 +1,2 @@
+major=12
+minor=1
diff --git a/src/lib/libssl/doc/openssl.cnf b/src/lib/libssl/doc/openssl.cnf
new file mode 100644
index 0000000000..4c1d595b0a
--- /dev/null
+++ b/src/lib/libssl/doc/openssl.cnf
@@ -0,0 +1,313 @@
+#
+# OpenSSL example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+# This definition stops the following lines choking if HOME isn't
+# defined.
+HOME                    = .
+RANDFILE                = $ENV::HOME/.rnd
+
+# Extra OBJECT IDENTIFIER info:
+#oid_file               = $ENV::HOME/.oid
+oid_section             = new_oids
+
+# To use this configuration file with the "-extfile" option of the
+# "openssl x509" utility, name here the section containing the
+# X.509v3 extensions to use:
+# extensions            = 
+# (Alternatively, use a configuration file that has only
+# X.509v3 extensions in its main [= default] section.)
+
+[ new_oids ]
+
+# We can add new OIDs in here for use by 'ca' and 'req'.
+# Add a simple OID like this:
+# testoid1=1.2.3.4
+# Or use config file substitution like this:
+# testoid2=${testoid1}.5.6
+
+####################################################################
+[ ca ]
+default_ca      = CA_default            # The default ca section
+
+####################################################################
+[ CA_default ]
+
+dir             = ./demoCA              # Where everything is kept
+certs           = $dir/certs            # Where the issued certs are kept
+crl_dir         = $dir/crl              # Where the issued crl are kept
+database        = $dir/index.txt        # database index file.
+#unique_subject = no                    # Set to 'no' to allow creation of
+                                        # several ctificates with same subject.
+new_certs_dir   = $dir/newcerts         # default place for new certs.
+
+certificate     = $dir/cacert.pem       # The CA certificate
+serial          = $dir/serial           # The current serial number
+#crlnumber      = $dir/crlnumber        # the current crl number must be
+                                        # commented out to leave a V1 CRL
+crl             = $dir/crl.pem          # The current CRL
+private_key     = $dir/private/cakey.pem# The private key
+RANDFILE        = $dir/private/.rand    # private random number file
+
+x509_extensions = usr_cert              # The extentions to add to the cert
+
+# Comment out the following two lines for the "traditional"
+# (and highly broken) format.
+name_opt        = ca_default            # Subject Name options
+cert_opt        = ca_default            # Certificate field options
+
+# Extension copying option: use with caution.
+# copy_extensions = copy
+
+# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
+# so this is commented out by default to leave a V1 CRL.
+# crlnumber must also be commented out to leave a V1 CRL.
+# crl_extensions        = crl_ext
+
+default_days    = 365                   # how long to certify for
+default_crl_days= 30                    # how long before next CRL
+default_md      = md5                   # which md to use.
+preserve        = no                    # keep passed DN ordering
+
+# A few difference way of specifying how similar the request should look
+# For type CA, the listed attributes must be the same, and the optional
+# and supplied fields are just that :-)
+policy          = policy_match
+
+# For the CA policy
+[ policy_match ]
+countryName             = match
+stateOrProvinceName     = match
+organizationName        = match
+organizationalUnitName  = optional
+commonName              = supplied
+emailAddress            = optional
+
+# For the 'anything' policy
+# At this point in time, you must list all acceptable 'object'
+# types.
+[ policy_anything ]
+countryName             = optional
+stateOrProvinceName     = optional
+localityName            = optional
+organizationName        = optional
+organizationalUnitName  = optional
+commonName              = supplied
+emailAddress            = optional
+
+####################################################################
+[ req ]
+default_bits            = 1024
+default_keyfile         = privkey.pem
+distinguished_name      = req_distinguished_name
+attributes              = req_attributes
+x509_extensions = v3_ca # The extentions to add to the self signed cert
+
+# Passwords for private keys if not present they will be prompted for
+# input_password = secret
+# output_password = secret
+
+# This sets a mask for permitted string types. There are several options. 
+# default: PrintableString, T61String, BMPString.
+# pkix   : PrintableString, BMPString.
+# utf8only: only UTF8Strings.
+# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
+# MASK:XXXX a literal mask value.
+# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
+# so use this option with caution!
+string_mask = nombstr
+
+# req_extensions = v3_req # The extensions to add to a certificate request
+
+[ req_distinguished_name ]
+countryName                     = Country Name (2 letter code)
+countryName_default             = AU
+countryName_min                 = 2
+countryName_max                 = 2
+
+stateOrProvinceName             = State or Province Name (full name)
+stateOrProvinceName_default     = Some-State
+
+localityName                    = Locality Name (eg, city)
+
+0.organizationName              = Organization Name (eg, company)
+0.organizationName_default      = Internet Widgits Pty Ltd
+
+# we can do this but it is not needed normally :-)
+#1.organizationName             = Second Organization Name (eg, company)
+#1.organizationName_default     = World Wide Web Pty Ltd
+
+organizationalUnitName          = Organizational Unit Name (eg, section)
+#organizationalUnitName_default =
+
+commonName                      = Common Name (eg, YOUR name)
+commonName_max                  = 64
+
+emailAddress                    = Email Address
+emailAddress_max                = 64
+
+# SET-ex3                       = SET extension number 3
+
+[ req_attributes ]
+challengePassword               = A challenge password
+challengePassword_min           = 4
+challengePassword_max           = 20
+
+unstructuredName                = An optional company name
+
+[ usr_cert ]
+
+# These extensions are added when 'ca' signs a request.
+
+# This goes against PKIX guidelines but some CAs do it and some software
+# requires this to avoid interpreting an end user certificate as a CA.
+
+basicConstraints=CA:FALSE
+
+# Here are some examples of the usage of nsCertType. If it is omitted
+# the certificate can be used for anything *except* object signing.
+
+# This is OK for an SSL server.
+# nsCertType                    = server
+
+# For an object signing certificate this would be used.
+# nsCertType = objsign
+
+# For normal client use this is typical
+# nsCertType = client, email
+
+# and for everything including object signing:
+# nsCertType = client, email, objsign
+
+# This is typical in keyUsage for a client certificate.
+# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+# This will be displayed in Netscape's comment listbox.
+nsComment                       = "OpenSSL Generated Certificate"
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer:always
+
+# This stuff is for subjectAltName and issuerAltname.
+# Import the email address.
+# subjectAltName=email:copy
+# An alternative to produce certificates that aren't
+# deprecated according to PKIX.
+# subjectAltName=email:move
+
+# Copy subject details
+# issuerAltName=issuer:copy
+
+#nsCaRevocationUrl              = http://www.domain.dom/ca-crl.pem
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+
+[ v3_req ]
+
+# Extensions to add to a certificate request
+
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+[ v3_ca ]
+
+
+# Extensions for a typical CA
+
+
+# PKIX recommendation.
+
+subjectKeyIdentifier=hash
+
+authorityKeyIdentifier=keyid:always,issuer:always
+
+# This is what PKIX recommends but some broken software chokes on critical
+# extensions.
+#basicConstraints = critical,CA:true
+# So we do this instead.
+basicConstraints = CA:true
+
+# Key usage: this is typical for a CA certificate. However since it will
+# prevent it being used as an test self-signed certificate it is best
+# left out by default.
+# keyUsage = cRLSign, keyCertSign
+
+# Some might want this also
+# nsCertType = sslCA, emailCA
+
+# Include email address in subject alt name: another PKIX recommendation
+# subjectAltName=email:copy
+# Copy issuer details
+# issuerAltName=issuer:copy
+
+# DER hex encoding of an extension: beware experts only!
+# obj=DER:02:03
+# Where 'obj' is a standard or added object
+# You can even override a supported extension:
+# basicConstraints= critical, DER:30:03:01:01:FF
+
+[ crl_ext ]
+
+# CRL extensions.
+# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
+
+# issuerAltName=issuer:copy
+authorityKeyIdentifier=keyid:always,issuer:always
+
+[ proxy_cert_ext ]
+# These extensions should be added when creating a proxy certificate
+
+# This goes against PKIX guidelines but some CAs do it and some software
+# requires this to avoid interpreting an end user certificate as a CA.
+
+basicConstraints=CA:FALSE
+
+# Here are some examples of the usage of nsCertType. If it is omitted
+# the certificate can be used for anything *except* object signing.
+
+# This is OK for an SSL server.
+# nsCertType                    = server
+
+# For an object signing certificate this would be used.
+# nsCertType = objsign
+
+# For normal client use this is typical
+# nsCertType = client, email
+
+# and for everything including object signing:
+# nsCertType = client, email, objsign
+
+# This is typical in keyUsage for a client certificate.
+# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+# This will be displayed in Netscape's comment listbox.
+nsComment                       = "OpenSSL Generated Certificate"
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer:always
+
+# This stuff is for subjectAltName and issuerAltname.
+# Import the email address.
+# subjectAltName=email:copy
+# An alternative to produce certificates that aren't
+# deprecated according to PKIX.
+# subjectAltName=email:move
+
+# Copy subject details
+# issuerAltName=issuer:copy
+
+#nsCaRevocationUrl              = http://www.domain.dom/ca-crl.pem
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+
+# This really needs to be in place for it to be a proxy certificate.
+proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
diff --git a/src/lib/libssl/doc/openssl.txt b/src/lib/libssl/doc/openssl.txt
new file mode 100644
index 0000000000..432a17b66c
--- /dev/null
+++ b/src/lib/libssl/doc/openssl.txt
@@ -0,0 +1,1235 @@
+
+This is some preliminary documentation for OpenSSL.
+
+Contents:
+
+ OpenSSL X509V3 extension configuration
+ X509V3 Extension code: programmers guide
+ PKCS#12 Library
+
+
+==============================================================================
+               OpenSSL X509V3 extension configuration
+==============================================================================
+
+OpenSSL X509V3 extension configuration: preliminary documentation.
+
+INTRODUCTION.
+
+For OpenSSL 0.9.2 the extension code has be considerably enhanced. It is now
+possible to add and print out common X509 V3 certificate and CRL extensions.
+
+BEGINNERS NOTE
+
+For most simple applications you don't need to know too much about extensions:
+the default openssl.cnf values will usually do sensible things.
+
+If you want to know more you can initially quickly look through the sections
+describing how the standard OpenSSL utilities display and add extensions and
+then the list of supported extensions.
+
+For more technical information about the meaning of extensions see:
+
+http://www.imc.org/ietf-pkix/
+http://home.netscape.com/eng/security/certs.html
+
+PRINTING EXTENSIONS.
+
+Extension values are automatically printed out for supported extensions.
+
+openssl x509 -in cert.pem -text
+openssl crl -in crl.pem -text
+
+will give information in the extension printout, for example:
+
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:TRUE
+            X509v3 Subject Key Identifier: 
+                73:FE:F7:59:A7:E1:26:84:44:D6:44:36:EE:79:1A:95:7C:B1:4B:15
+            X509v3 Authority Key Identifier: 
+                keyid:73:FE:F7:59:A7:E1:26:84:44:D6:44:36:EE:79:1A:95:7C:B1:4B:15, DirName:/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/Email=email@1.address/Email=email@2.address, serial:00
+            X509v3 Key Usage: 
+                Certificate Sign, CRL Sign
+            X509v3 Subject Alternative Name: 
+                email:email@1.address, email:email@2.address
+
+CONFIGURATION FILES.
+
+The OpenSSL utilities 'ca' and 'req' can now have extension sections listing
+which certificate extensions to include. In each case a line:
+
+x509_extensions = extension_section
+
+indicates which section contains the extensions. In the case of 'req' the
+extension section is used when the -x509 option is present to create a
+self signed root certificate.
+
+The 'x509' utility also supports extensions when it signs a certificate.
+The -extfile option is used to set the configuration file containing the
+extensions. In this case a line with:
+
+extensions = extension_section
+
+in the nameless (default) section is used. If no such line is included then
+it uses the default section.
+
+You can also add extensions to CRLs: a line
+
+crl_extensions = crl_extension_section
+
+will include extensions when the -gencrl option is used with the 'ca' utility.
+You can add any extension to a CRL but of the supported extensions only
+issuerAltName and authorityKeyIdentifier make any real sense. Note: these are
+CRL extensions NOT CRL *entry* extensions which cannot currently be generated.
+CRL entry extensions can be displayed.
+
+NB. At this time Netscape Communicator rejects V2 CRLs: to get an old V1 CRL
+you should not include a crl_extensions line in the configuration file.
+
+As with all configuration files you can use the inbuilt environment expansion
+to allow the values to be passed in the environment. Therefore if you have
+several extension sections used for different purposes you can have a line:
+
+x509_extensions = $ENV::ENV_EXT
+
+and set the ENV_EXT environment variable before calling the relevant utility.
+
+EXTENSION SYNTAX.
+
+Extensions have the basic form:
+
+extension_name=[critical,] extension_options
+
+the use of the critical option makes the extension critical. Extreme caution
+should be made when using the critical flag. If an extension is marked
+as critical then any client that does not understand the extension should
+reject it as invalid. Some broken software will reject certificates which
+have *any* critical extensions (these violates PKIX but we have to live
+with it).
+
+There are three main types of extension: string extensions, multi-valued
+extensions, and raw extensions.
+
+String extensions simply have a string which contains either the value itself
+or how it is obtained.
+
+For example:
+
+nsComment="This is a Comment"
+
+Multi-valued extensions have a short form and a long form. The short form
+is a list of names and values:
+
+basicConstraints=critical,CA:true,pathlen:1
+
+The long form allows the values to be placed in a separate section:
+
+basicConstraints=critical,@bs_section
+
+[bs_section]
+
+CA=true
+pathlen=1
+
+Both forms are equivalent. However it should be noted that in some cases the
+same name can appear multiple times, for example,
+
+subjectAltName=email:steve@here,email:steve@there
+
+in this case an equivalent long form is:
+
+subjectAltName=@alt_section
+
+[alt_section]
+
+email.1=steve@here
+email.2=steve@there
+
+This is because the configuration file code cannot handle the same name
+occurring twice in the same section.
+
+The syntax of raw extensions is governed by the extension code: it can
+for example contain data in multiple sections. The correct syntax to
+use is defined by the extension code itself: check out the certificate
+policies extension for an example.
+
+In addition it is also possible to use the word DER to include arbitrary
+data in any extension.
+
+1.2.3.4=critical,DER:01:02:03:04
+1.2.3.4=DER:01020304
+
+The value following DER is a hex dump of the DER encoding of the extension
+Any extension can be placed in this form to override the default behaviour.
+For example:
+
+basicConstraints=critical,DER:00:01:02:03
+
+WARNING: DER should be used with caution. It is possible to create totally
+invalid extensions unless care is taken.
+
+CURRENTLY SUPPORTED EXTENSIONS.
+
+If you aren't sure about extensions then they can be largely ignored: its only
+when you want to do things like restrict certificate usage when you need to
+worry about them. 
+
+The only extension that a beginner might want to look at is Basic Constraints.
+If in addition you want to try Netscape object signing the you should also
+look at Netscape Certificate Type.
+
+Literal String extensions.
+
+In each case the 'value' of the extension is placed directly in the
+extension. Currently supported extensions in this category are: nsBaseUrl,
+nsRevocationUrl, nsCaRevocationUrl, nsRenewalUrl, nsCaPolicyUrl,
+nsSslServerName and nsComment.
+
+For example:
+
+nsComment="This is a test comment"
+
+Bit Strings.
+
+Bit string extensions just consist of a list of supported bits, currently
+two extensions are in this category: PKIX keyUsage and the Netscape specific
+nsCertType.
+
+nsCertType (netscape certificate type) takes the flags: client, server, email,
+objsign, reserved, sslCA, emailCA, objCA.
+
+keyUsage (PKIX key usage) takes the flags: digitalSignature, nonRepudiation,
+keyEncipherment, dataEncipherment, keyAgreement, keyCertSign, cRLSign,
+encipherOnly, decipherOnly.
+
+For example:
+
+nsCertType=server
+
+keyUsage=digitalSignature, nonRepudiation
+
+Hints on Netscape Certificate Type.
+
+Other than Basic Constraints this is the only extension a beginner might
+want to use, if you want to try Netscape object signing, otherwise it can
+be ignored.
+
+If you want a certificate that can be used just for object signing then:
+
+nsCertType=objsign
+
+will do the job. If you want to use it as a normal end user and server
+certificate as well then
+
+nsCertType=objsign,email,server
+
+is more appropriate. You cannot use a self signed certificate for object
+signing (well Netscape signtool can but it cheats!) so you need to create
+a CA certificate and sign an end user certificate with it.
+
+Side note: If you want to conform to the Netscape specifications then you
+should really also set:
+
+nsCertType=objCA
+
+in the *CA* certificate for just an object signing CA and
+
+nsCertType=objCA,emailCA,sslCA
+
+for everything. Current Netscape software doesn't enforce this so it can
+be omitted.
+
+Basic Constraints.
+
+This is generally the only extension you need to worry about for simple
+applications. If you want your certificate to be usable as a CA certificate
+(in addition to an end user certificate) then you set this to:
+
+basicConstraints=CA:TRUE
+
+if you want to be certain the certificate cannot be used as a CA then do:
+
+basicConstraints=CA:FALSE
+
+The rest of this section describes more advanced usage.
+
+Basic constraints is a multi-valued extension that supports a CA and an
+optional pathlen option. The CA option takes the values true and false and
+pathlen takes an integer. Note if the CA option is false the pathlen option
+should be omitted. 
+
+The pathlen parameter indicates the maximum number of CAs that can appear
+below this one in a chain. So if you have a CA with a pathlen of zero it can
+only be used to sign end user certificates and not further CAs. This all
+assumes that the software correctly interprets this extension of course.
+
+Examples:
+
+basicConstraints=CA:TRUE
+basicConstraints=critical,CA:TRUE, pathlen:0
+
+NOTE: for a CA to be considered valid it must have the CA option set to
+TRUE. An end user certificate MUST NOT have the CA value set to true.
+According to PKIX recommendations it should exclude the extension entirely,
+however some software may require CA set to FALSE for end entity certificates.
+
+Extended Key Usage.
+
+This extensions consists of a list of usages.
+
+These can either be object short names of the dotted numerical form of OIDs.
+While any OID can be used only certain values make sense. In particular the
+following PKIX, NS and MS values are meaningful:
+
+Value                   Meaning
+-----                   -------
+serverAuth              SSL/TLS Web Server Authentication.
+clientAuth              SSL/TLS Web Client Authentication.
+codeSigning             Code signing.
+emailProtection         E-mail Protection (S/MIME).
+timeStamping            Trusted Timestamping
+msCodeInd               Microsoft Individual Code Signing (authenticode)
+msCodeCom               Microsoft Commercial Code Signing (authenticode)
+msCTLSign               Microsoft Trust List Signing
+msSGC                   Microsoft Server Gated Crypto
+msEFS                   Microsoft Encrypted File System
+nsSGC                   Netscape Server Gated Crypto
+
+For example, under IE5 a CA can be used for any purpose: by including a list
+of the above usages the CA can be restricted to only authorised uses.
+
+Note: software packages may place additional interpretations on certificate 
+use, in particular some usages may only work for selected CAs. Don't for example
+expect just including msSGC or nsSGC will automatically mean that a certificate
+can be used for SGC ("step up" encryption) otherwise anyone could use it.
+
+Examples:
+
+extendedKeyUsage=critical,codeSigning,1.2.3.4
+extendedKeyUsage=nsSGC,msSGC
+
+Subject Key Identifier.
+
+This is really a string extension and can take two possible values. Either
+a hex string giving details of the extension value to include or the word
+'hash' which then automatically follow PKIX guidelines in selecting and
+appropriate key identifier. The use of the hex string is strongly discouraged.
+
+Example: subjectKeyIdentifier=hash
+
+Authority Key Identifier.
+
+The authority key identifier extension permits two options. keyid and issuer:
+both can take the optional value "always".
+
+If the keyid option is present an attempt is made to copy the subject key
+identifier from the parent certificate. If the value "always" is present
+then an error is returned if the option fails.
+
+The issuer option copies the issuer and serial number from the issuer
+certificate. Normally this will only be done if the keyid option fails or
+is not included: the "always" flag will always include the value.
+
+Subject Alternative Name.
+
+The subject alternative name extension allows various literal values to be
+included in the configuration file. These include "email" (an email address)
+"URI" a uniform resource indicator, "DNS" (a DNS domain name), RID (a
+registered ID: OBJECT IDENTIFIER) and IP (and IP address).
+
+Also the email option include a special 'copy' value. This will automatically
+include and email addresses contained in the certificate subject name in
+the extension.
+
+Examples:
+
+subjectAltName=email:copy,email:my@other.address,URI:http://my.url.here/
+subjectAltName=email:my@other.address,RID:1.2.3.4
+
+Issuer Alternative Name.
+
+The issuer alternative name option supports all the literal options of
+subject alternative name. It does *not* support the email:copy option because
+that would not make sense. It does support an additional issuer:copy option
+that will copy all the subject alternative name values from the issuer 
+certificate (if possible).
+
+Example:
+
+issuserAltName = issuer:copy
+
+Authority Info Access.
+
+The authority information access extension gives details about how to access
+certain information relating to the CA. Its syntax is accessOID;location
+where 'location' has the same syntax as subject alternative name (except
+that email:copy is not supported). accessOID can be any valid OID but only
+certain values are meaningful for example OCSP and caIssuers. OCSP gives the
+location of an OCSP responder: this is used by Netscape PSM and other software.
+
+Example:
+
+authorityInfoAccess = OCSP;URI:http://ocsp.my.host/
+authorityInfoAccess = caIssuers;URI:http://my.ca/ca.html
+
+CRL distribution points.
+
+This is a multi-valued extension that supports all the literal options of
+subject alternative name. Of the few software packages that currently interpret
+this extension most only interpret the URI option.
+
+Currently each option will set a new DistributionPoint with the fullName
+field set to the given value.
+
+Other fields like cRLissuer and reasons cannot currently be set or displayed:
+at this time no examples were available that used these fields.
+
+If you see this extension with <UNSUPPORTED> when you attempt to print it out
+or it doesn't appear to display correctly then let me know, including the
+certificate (mail me at steve@openssl.org) .
+
+Examples:
+
+crlDistributionPoints=URI:http://www.myhost.com/myca.crl
+crlDistributionPoints=URI:http://www.my.com/my.crl,URI:http://www.oth.com/my.crl
+
+Certificate Policies.
+
+This is a RAW extension. It attempts to display the contents of this extension:
+unfortunately this extension is often improperly encoded.
+
+The certificate policies extension will rarely be used in practice: few
+software packages interpret it correctly or at all. IE5 does partially
+support this extension: but it needs the 'ia5org' option because it will
+only correctly support a broken encoding. Of the options below only the
+policy OID, explicitText and CPS options are displayed with IE5.
+
+All the fields of this extension can be set by using the appropriate syntax.
+
+If you follow the PKIX recommendations of not including any qualifiers and just
+using only one OID then you just include the value of that OID. Multiple OIDs
+can be set separated by commas, for example:
+
+certificatePolicies= 1.2.4.5, 1.1.3.4
+
+If you wish to include qualifiers then the policy OID and qualifiers need to
+be specified in a separate section: this is done by using the @section syntax
+instead of a literal OID value.
+
+The section referred to must include the policy OID using the name
+policyIdentifier, cPSuri qualifiers can be included using the syntax:
+
+CPS.nnn=value
+
+userNotice qualifiers can be set using the syntax:
+
+userNotice.nnn=@notice
+
+The value of the userNotice qualifier is specified in the relevant section.
+This section can include explicitText, organization and noticeNumbers
+options. explicitText and organization are text strings, noticeNumbers is a
+comma separated list of numbers. The organization and noticeNumbers options
+(if included) must BOTH be present. If you use the userNotice option with IE5
+then you need the 'ia5org' option at the top level to modify the encoding:
+otherwise it will not be interpreted properly.
+
+Example:
+
+certificatePolicies=ia5org,1.2.3.4,1.5.6.7.8,@polsect
+
+[polsect]
+
+policyIdentifier = 1.3.5.8
+CPS.1="http://my.host.name/"
+CPS.2="http://my.your.name/"
+userNotice.1=@notice
+
+[notice]
+
+explicitText="Explicit Text Here"
+organization="Organisation Name"
+noticeNumbers=1,2,3,4
+
+TECHNICAL NOTE: the ia5org option changes the type of the 'organization' field,
+according to PKIX it should be of type DisplayText but Verisign uses an 
+IA5STRING and IE5 needs this too.
+
+Display only extensions.
+
+Some extensions are only partially supported and currently are only displayed
+but cannot be set. These include private key usage period, CRL number, and
+CRL reason.
+
+==============================================================================
+                X509V3 Extension code: programmers guide
+==============================================================================
+
+The purpose of the extension code is twofold. It allows an extension to be
+created from a string or structure describing its contents and it prints out an
+extension in a human or machine readable form.
+
+1. Initialisation and cleanup.
+
+No special initialisation is needed before calling the extension functions.
+You used to have to call X509V3_add_standard_extensions(); but this is no longer
+required and this function no longer does anything.
+
+void X509V3_EXT_cleanup(void);
+
+This function should be called to cleanup the extension code if any custom
+extensions have been added. If no custom extensions have been added then this
+call does nothing. After this call all custom extension code is freed up but
+you can still use the standard extensions.
+
+2. Printing and parsing extensions.
+
+The simplest way to print out extensions is via the standard X509 printing
+routines: if you use the standard X509_print() function, the supported
+extensions will be printed out automatically.
+
+The following functions allow finer control over extension display:
+
+int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent);
+int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
+
+These two functions print out an individual extension to a BIO or FILE pointer.
+Currently the flag argument is unused and should be set to 0. The 'indent'
+argument is the number of spaces to indent each line.
+
+void *X509V3_EXT_d2i(X509_EXTENSION *ext);
+
+This function parses an extension and returns its internal structure. The
+precise structure you get back depends on the extension being parsed. If the
+extension if basicConstraints you will get back a pointer to a
+BASIC_CONSTRAINTS structure. Check out the source in crypto/x509v3 for more
+details about the structures returned. The returned structure should be freed
+after use using the relevant free function, BASIC_CONSTRAINTS_free() for 
+example.
+
+void    *       X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
+void    *       X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx);
+void    *       X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx);
+void    *       X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx);
+
+These functions combine the operations of searching for extensions and
+parsing them. They search a certificate, a CRL a CRL entry or a stack
+of extensions respectively for extension whose NID is 'nid' and return
+the parsed result of NULL if an error occurred. For example:
+
+BASIC_CONSTRAINTS *bs;
+bs = X509_get_ext_d2i(cert, NID_basic_constraints, NULL, NULL);
+
+This will search for the basicConstraints extension and either return
+it value or NULL. NULL can mean either the extension was not found, it
+occurred more than once or it could not be parsed.
+
+If 'idx' is NULL then an extension is only parsed if it occurs precisely
+once. This is standard behaviour because extensions normally cannot occur
+more than once. If however more than one extension of the same type can
+occur it can be used to parse successive extensions for example:
+
+int i;
+void *ext;
+
+i = -1;
+for(;;) {
+        ext = X509_get_ext_d2i(x, nid, crit, &idx);
+        if(ext == NULL) break;
+         /* Do something with ext */
+}
+
+If 'crit' is not NULL and the extension was found then the int it points to
+is set to 1 for critical extensions and 0 for non critical. Therefore if the
+function returns NULL but 'crit' is set to 0 or 1 then the extension was
+found but it could not be parsed.
+
+The int pointed to by crit will be set to -1 if the extension was not found
+and -2 if the extension occurred more than once (this will only happen if
+idx is NULL). In both cases the function will return NULL.
+
+3. Generating extensions.
+
+An extension will typically be generated from a configuration file, or some
+other kind of configuration database.
+
+int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
+                                                                 X509 *cert);
+int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
+                                                                 X509_CRL *crl);
+
+These functions add all the extensions in the given section to the given
+certificate or CRL. They will normally be called just before the certificate
+or CRL is due to be signed. Both return 0 on error on non zero for success.
+
+In each case 'conf' is the LHASH pointer of the configuration file to use
+and 'section' is the section containing the extension details.
+
+See the 'context functions' section for a description of the ctx parameter.
+
+
+X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name,
+                                                                 char *value);
+
+This function returns an extension based on a name and value pair, if the
+pair will not need to access other sections in a config file (or there is no
+config file) then the 'conf' parameter can be set to NULL.
+
+X509_EXTENSION *X509V3_EXT_conf_nid(char *conf, X509V3_CTX *ctx, int nid,
+                                                                 char *value);
+
+This function creates an extension in the same way as X509V3_EXT_conf() but
+takes the NID of the extension rather than its name.
+
+For example to produce basicConstraints with the CA flag and a path length of
+10:
+
+x = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints,"CA:TRUE,pathlen:10");
+
+
+X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
+
+This function sets up an extension from its internal structure. The ext_nid
+parameter is the NID of the extension and 'crit' is the critical flag.
+
+4. Context functions.
+
+The following functions set and manipulate an extension context structure.
+The purpose of the extension context is to allow the extension code to
+access various structures relating to the "environment" of the certificate:
+for example the issuers certificate or the certificate request.
+
+void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
+                                 X509_REQ *req, X509_CRL *crl, int flags);
+
+This function sets up an X509V3_CTX structure with details of the certificate
+environment: specifically the issuers certificate, the subject certificate,
+the certificate request and the CRL: if these are not relevant or not
+available then they can be set to NULL. The 'flags' parameter should be set
+to zero.
+
+X509V3_set_ctx_test(ctx)
+
+This macro is used to set the 'ctx' structure to a 'test' value: this is to
+allow the syntax of an extension (or configuration file) to be tested.
+
+X509V3_set_ctx_nodb(ctx)
+
+This macro is used when no configuration database is present.
+
+void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash);
+
+This function is used to set the configuration database when it is an LHASH
+structure: typically a configuration file.
+
+The following functions are used to access a configuration database: they
+should only be used in RAW extensions.
+
+char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
+
+This function returns the value of the parameter "name" in "section", or NULL
+if there has been an error.
+
+void X509V3_string_free(X509V3_CTX *ctx, char *str);
+
+This function frees up the string returned by the above function.
+
+STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section);
+
+This function returns a whole section as a STACK_OF(CONF_VALUE) .
+
+void X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
+
+This function frees up the STACK returned by the above function.
+
+Note: it is possible to use the extension code with a custom configuration
+database. To do this the "db_meth" element of the X509V3_CTX structure should
+be set to an X509V3_CTX_METHOD structure. This structure contains the following
+function pointers:
+
+char * (*get_string)(void *db, char *section, char *value);
+STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section);
+void (*free_string)(void *db, char * string);
+void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section);
+
+these will be called and passed the 'db' element in the X509V3_CTX structure
+to access the database. If a given function is not implemented or not required
+it can be set to NULL.
+
+5. String helper functions.
+
+There are several "i2s" and "s2i" functions that convert structures to and
+from ASCII strings. In all the "i2s" cases the returned string should be
+freed using Free() after use. Since some of these are part of other extension
+code they may take a 'method' parameter. Unless otherwise stated it can be
+safely set to NULL.
+
+char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *oct);
+
+This returns a hex string from an ASN1_OCTET_STRING.
+
+char * i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
+char * i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
+
+These return a string decimal representations of an ASN1_INTEGER and an
+ASN1_ENUMERATED type, respectively.
+
+ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
+                                                   X509V3_CTX *ctx, char *str);
+
+This converts an ASCII hex string to an ASN1_OCTET_STRING.
+
+ASN1_INTEGER * s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value);
+
+This converts a decimal ASCII string into an ASN1_INTEGER.
+
+6. Multi valued extension helper functions.
+
+The following functions can be used to manipulate STACKs of CONF_VALUE
+structures, as used by multi valued extensions.
+
+int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
+
+This function expects a boolean value in 'value' and sets 'asn1_bool' to
+it. That is it sets it to 0 for FALSE or 0xff for TRUE. The following
+strings are acceptable: "TRUE", "true", "Y", "y", "YES", "yes", "FALSE"
+"false", "N", "n", "NO" or "no".
+
+int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
+
+This accepts a decimal integer of arbitrary length and sets an ASN1_INTEGER.
+
+int X509V3_add_value(const char *name, const char *value,
+                                                STACK_OF(CONF_VALUE) **extlist);
+
+This simply adds a string name and value pair.
+
+int X509V3_add_value_uchar(const char *name, const unsigned char *value,
+                                                STACK_OF(CONF_VALUE) **extlist);
+
+The same as above but for an unsigned character value.
+
+int X509V3_add_value_bool(const char *name, int asn1_bool,
+                                                STACK_OF(CONF_VALUE) **extlist);
+
+This adds either "TRUE" or "FALSE" depending on the value of 'asn1_bool'
+
+int X509V3_add_value_bool_nf(char *name, int asn1_bool,
+                                                STACK_OF(CONF_VALUE) **extlist);
+
+This is the same as above except it adds nothing if asn1_bool is FALSE.
+
+int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
+                                                STACK_OF(CONF_VALUE) **extlist);
+
+This function adds the value of the ASN1_INTEGER in decimal form.
+
+7. Other helper functions.
+
+<to be added>
+
+ADDING CUSTOM EXTENSIONS.
+
+Currently there are three types of supported extensions. 
+
+String extensions are simple strings where the value is placed directly in the
+extensions, and the string returned is printed out.
+
+Multi value extensions are passed a STACK_OF(CONF_VALUE) name and value pairs
+or return a STACK_OF(CONF_VALUE).
+
+Raw extensions are just passed a BIO or a value and it is the extensions
+responsibility to handle all the necessary printing.
+
+There are two ways to add an extension. One is simply as an alias to an already
+existing extension. An alias is an extension that is identical in ASN1 structure
+to an existing extension but has a different OBJECT IDENTIFIER. This can be
+done by calling:
+
+int X509V3_EXT_add_alias(int nid_to, int nid_from);
+
+'nid_to' is the new extension NID and 'nid_from' is the already existing
+extension NID.
+
+Alternatively an extension can be written from scratch. This involves writing
+the ASN1 code to encode and decode the extension and functions to print out and
+generate the extension from strings. The relevant functions are then placed in
+a X509V3_EXT_METHOD structure and int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
+called.
+
+The X509V3_EXT_METHOD structure is described below.
+
+strut {
+int ext_nid;
+int ext_flags;
+X509V3_EXT_NEW ext_new;
+X509V3_EXT_FREE ext_free;
+X509V3_EXT_D2I d2i;
+X509V3_EXT_I2D i2d;
+X509V3_EXT_I2S i2s;
+X509V3_EXT_S2I s2i;
+X509V3_EXT_I2V i2v;
+X509V3_EXT_V2I v2i;
+X509V3_EXT_R2I r2i;
+X509V3_EXT_I2R i2r;
+
+void *usr_data;
+};
+
+The elements have the following meanings.
+
+ext_nid         is the NID of the object identifier of the extension.
+
+ext_flags       is set of flags. Currently the only external flag is
+                X509V3_EXT_MULTILINE which means a multi valued extensions
+                should be printed on separate lines.
+
+usr_data        is an extension specific pointer to any relevant data. This
+                allows extensions to share identical code but have different
+                uses. An example of this is the bit string extension which uses
+                usr_data to contain a list of the bit names.
+
+All the remaining elements are function pointers.
+
+ext_new         is a pointer to a function that allocates memory for the
+                extension ASN1 structure: for example ASN1_OBJECT_new().
+
+ext_free        is a pointer to a function that free up memory of the extension
+                ASN1 structure: for example ASN1_OBJECT_free().
+
+d2i             is the standard ASN1 function that converts a DER buffer into
+                the internal ASN1 structure: for example d2i_ASN1_IA5STRING().
+
+i2d             is the standard ASN1 function that converts the internal
+                structure into the DER representation: for example
+                i2d_ASN1_IA5STRING().
+
+The remaining functions are depend on the type of extension. One i2X and
+one X2i should be set and the rest set to NULL. The types set do not need
+to match up, for example the extension could be set using the multi valued
+v2i function and printed out using the raw i2r.
+
+All functions have the X509V3_EXT_METHOD passed to them in the 'method'
+parameter and an X509V3_CTX structure. Extension code can then access the
+parent structure via the 'method' parameter to for example make use of the value
+of usr_data. If the code needs to use detail relating to the request it can
+use the 'ctx' parameter.
+
+A note should be given here about the 'flags' member of the 'ctx' parameter.
+If it has the value CTX_TEST then the configuration syntax is being checked
+and no actual certificate or CRL exists. Therefore any attempt in the config
+file to access such information should silently succeed. If the syntax is OK
+then it should simply return a (possibly bogus) extension, otherwise it
+should return NULL.
+
+char *i2s(struct v3_ext_method *method, void *ext);
+
+This function takes the internal structure in the ext parameter and returns
+a Malloc'ed string representing its value.
+
+void * s2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
+
+This function takes the string representation in the ext parameter and returns
+an allocated internal structure: ext_free() will be used on this internal
+structure after use.
+
+i2v and v2i handle a STACK_OF(CONF_VALUE):
+
+typedef struct
+{
+        char *section;
+        char *name;
+        char *value;
+} CONF_VALUE;
+
+Only the name and value members are currently used.
+
+STACK_OF(CONF_VALUE) * i2v(struct v3_ext_method *method, void *ext);
+
+This function is passed the internal structure in the ext parameter and
+returns a STACK of CONF_VALUE structures. The values of name, value,
+section and the structure itself will be freed up with Free after use.
+Several helper functions are available to add values to this STACK.
+
+void * v2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx,
+                                                STACK_OF(CONF_VALUE) *values);
+
+This function takes a STACK_OF(CONF_VALUE) structures and should set the
+values of the external structure. This typically uses the name element to
+determine which structure element to set and the value element to determine
+what to set it to. Several helper functions are available for this
+purpose (see above).
+
+int i2r(struct v3_ext_method *method, void *ext, BIO *out, int indent);
+
+This function is passed the internal extension structure in the ext parameter
+and sends out a human readable version of the extension to out. The 'indent'
+parameter should be noted to determine the necessary amount of indentation
+needed on the output.
+
+void * r2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
+
+This is just passed the string representation of the extension. It is intended
+to be used for more elaborate extensions where the standard single and multi
+valued options are insufficient. They can use the 'ctx' parameter to parse the
+configuration database themselves. See the context functions section for details
+of how to do this.
+
+Note: although this type takes the same parameters as the "r2s" function there
+is a subtle difference. Whereas an "r2i" function can access a configuration
+database an "s2i" function MUST NOT. This is so the internal code can safely
+assume that an "s2i" function will work without a configuration database.
+
+==============================================================================
+                            PKCS#12 Library
+==============================================================================
+
+This section describes the internal PKCS#12 support. There are very few
+differences between the old external library and the new internal code at
+present. This may well change because the external library will not be updated
+much in future.
+
+This version now includes a couple of high level PKCS#12 functions which
+generally "do the right thing" and should make it much easier to handle PKCS#12
+structures.
+
+HIGH LEVEL FUNCTIONS.
+
+For most applications you only need concern yourself with the high level
+functions. They can parse and generate simple PKCS#12 files as produced by
+Netscape and MSIE or indeed any compliant PKCS#12 file containing a single
+private key and certificate pair.
+
+1. Initialisation and cleanup.
+
+No special initialisation is needed for the internal PKCS#12 library: the 
+standard SSLeay_add_all_algorithms() is sufficient. If you do not wish to
+add all algorithms (you should at least add SHA1 though) then you can manually
+initialise the PKCS#12 library with:
+
+PKCS12_PBE_add();
+
+The memory allocated by the PKCS#12 library is freed up when EVP_cleanup() is
+called or it can be directly freed with:
+
+EVP_PBE_cleanup();
+
+after this call (or EVP_cleanup() ) no more PKCS#12 library functions should
+be called.
+
+2. I/O functions.
+
+i2d_PKCS12_bio(bp, p12)
+
+This writes out a PKCS12 structure to a BIO.
+
+i2d_PKCS12_fp(fp, p12)
+
+This is the same but for a FILE pointer.
+
+d2i_PKCS12_bio(bp, p12)
+
+This reads in a PKCS12 structure from a BIO.
+
+d2i_PKCS12_fp(fp, p12)
+
+This is the same but for a FILE pointer.
+
+3. High level functions.
+
+3.1 Parsing with PKCS12_parse().
+
+int PKCS12_parse(PKCS12 *p12, char *pass, EVP_PKEY **pkey, X509 **cert,
+                                                                 STACK **ca);
+
+This function takes a PKCS12 structure and a password (ASCII, null terminated)
+and returns the private key, the corresponding certificate and any CA
+certificates. If any of these is not required it can be passed as a NULL.
+The 'ca' parameter should be either NULL, a pointer to NULL or a valid STACK
+structure. Typically to read in a PKCS#12 file you might do:
+
+p12 = d2i_PKCS12_fp(fp, NULL);
+PKCS12_parse(p12, password, &pkey, &cert, NULL);        /* CAs not wanted */
+PKCS12_free(p12);
+
+3.2 PKCS#12 creation with PKCS12_create().
+
+PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
+                        STACK *ca, int nid_key, int nid_cert, int iter,
+                                                 int mac_iter, int keytype);
+
+This function will create a PKCS12 structure from a given password, name,
+private key, certificate and optional STACK of CA certificates. The remaining
+5 parameters can be set to 0 and sensible defaults will be used.
+
+The parameters nid_key and nid_cert are the key and certificate encryption
+algorithms, iter is the encryption iteration count, mac_iter is the MAC
+iteration count and keytype is the type of private key. If you really want
+to know what these last 5 parameters do then read the low level section.
+
+Typically to create a PKCS#12 file the following could be used:
+
+p12 = PKCS12_create(pass, "My Certificate", pkey, cert, NULL, 0,0,0,0,0);
+i2d_PKCS12_fp(fp, p12);
+PKCS12_free(p12);
+
+3.3 Changing a PKCS#12 structure password.
+
+int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
+
+This changes the password of an already existing PKCS#12 structure. oldpass
+is the old password and newpass is the new one. An error occurs if the old
+password is incorrect.
+
+LOW LEVEL FUNCTIONS.
+
+In some cases the high level functions do not provide the necessary
+functionality. For example if you want to generate or parse more complex
+PKCS#12 files. The sample pkcs12 application uses the low level functions
+to display details about the internal structure of a PKCS#12 file.
+
+Introduction.
+
+This is a brief description of how a PKCS#12 file is represented internally:
+some knowledge of PKCS#12 is assumed.
+
+A PKCS#12 object contains several levels.
+
+At the lowest level is a PKCS12_SAFEBAG. This can contain a certificate, a
+CRL, a private key, encrypted or unencrypted, a set of safebags (so the
+structure can be nested) or other secrets (not documented at present). 
+A safebag can optionally have attributes, currently these are: a unicode
+friendlyName (a Unicode string) or a localKeyID (a string of bytes).
+
+At the next level is an authSafe which is a set of safebags collected into
+a PKCS#7 ContentInfo. This can be just plain data, or encrypted itself.
+
+At the top level is the PKCS12 structure itself which contains a set of
+authSafes in an embedded PKCS#7 Contentinfo of type data. In addition it
+contains a MAC which is a kind of password protected digest to preserve
+integrity (so any unencrypted stuff below can't be tampered with).
+
+The reason for these levels is so various objects can be encrypted in various
+ways. For example you might want to encrypt a set of private keys with
+triple-DES and then include the related certificates either unencrypted or
+with lower encryption. Yes it's the dreaded crypto laws at work again which
+allow strong encryption on private keys and only weak encryption on other
+stuff.
+
+To build one of these things you turn all certificates and keys into safebags
+(with optional attributes). You collect the safebags into (one or more) STACKS
+and convert these into authsafes (encrypted or unencrypted).  The authsafes
+are collected into a STACK and added to a PKCS12 structure.  Finally a MAC
+inserted.
+
+Pulling one apart is basically the reverse process. The MAC is verified against
+the given password. The authsafes are extracted and each authsafe split into
+a set of safebags (possibly involving decryption). Finally the safebags are
+decomposed into the original keys and certificates and the attributes used to
+match up private key and certificate pairs.
+
+Anyway here are the functions that do the dirty work.
+
+1. Construction functions.
+
+1.1 Safebag functions.
+
+M_PKCS12_x5092certbag(x509)
+
+This macro takes an X509 structure and returns a certificate bag. The
+X509 structure can be freed up after calling this function.
+
+M_PKCS12_x509crl2certbag(crl)
+
+As above but for a CRL.
+
+PKCS8_PRIV_KEY_INFO *PKEY2PKCS8(EVP_PKEY *pkey)
+
+Take a private key and convert it into a PKCS#8 PrivateKeyInfo structure.
+Works for both RSA and DSA private keys. NB since the PKCS#8 PrivateKeyInfo
+structure contains a private key data in plain text form it should be free'd
+up as soon as it has been encrypted for security reasons (freeing up the
+structure zeros out the sensitive data). This can be done with
+PKCS8_PRIV_KEY_INFO_free().
+
+PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage)
+
+This sets the key type when a key is imported into MSIE or Outlook 98. Two
+values are currently supported: KEY_EX and KEY_SIG. KEY_EX is an exchange type
+key that can also be used for signing but its size is limited in the export
+versions of MS software to 512 bits, it is also the default. KEY_SIG is a
+signing only key but the keysize is unlimited (well 16K is supposed to work).
+If you are using the domestic version of MSIE then you can ignore this because
+KEY_EX is not limited and can be used for both.
+
+PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8)
+
+Convert a PKCS8 private key structure into a keybag. This routine embeds the
+p8 structure in the keybag so p8 should not be freed up or used after it is
+called.  The p8 structure will be freed up when the safebag is freed.
+
+PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8)
+
+Convert a PKCS#8 structure into a shrouded key bag (encrypted). p8 is not
+embedded and can be freed up after use.
+
+int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen)
+int PKCS12_add_friendlyname(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen)
+
+Add a local key id or a friendlyname to a safebag.
+
+1.2 Authsafe functions.
+
+PKCS7 *PKCS12_pack_p7data(STACK *sk)
+Take a stack of safebags and convert them into an unencrypted authsafe. The
+stack of safebags can be freed up after calling this function.
+
+PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, STACK *bags);
+
+As above but encrypted.
+
+1.3 PKCS12 functions.
+
+PKCS12 *PKCS12_init(int mode)
+
+Initialise a PKCS12 structure (currently mode should be NID_pkcs7_data).
+
+M_PKCS12_pack_authsafes(p12, safes)
+
+This macro takes a STACK of authsafes and adds them to a PKCS#12 structure.
+
+int PKCS12_set_mac(PKCS12 *p12, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, EVP_MD *md_type);
+
+Add a MAC to a PKCS12 structure. If EVP_MD is NULL use SHA-1, the spec suggests
+that SHA-1 should be used.
+
+2. Extraction Functions.
+
+2.1 Safebags.
+
+M_PKCS12_bag_type(bag)
+
+Return the type of "bag". Returns one of the following
+
+NID_keyBag
+NID_pkcs8ShroudedKeyBag                 7
+NID_certBag                             8
+NID_crlBag                              9
+NID_secretBag                           10
+NID_safeContentsBag                     11
+
+M_PKCS12_cert_bag_type(bag)
+
+Returns type of certificate bag, following are understood.
+
+NID_x509Certificate                     14
+NID_sdsiCertificate                     15
+
+M_PKCS12_crl_bag_type(bag)
+
+Returns crl bag type, currently only NID_crlBag is recognised.
+
+M_PKCS12_certbag2x509(bag)
+
+This macro extracts an X509 certificate from a certificate bag.
+
+M_PKCS12_certbag2x509crl(bag)
+
+As above but for a CRL.
+
+EVP_PKEY * PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
+
+Extract a private key from a PKCS8 private key info structure.
+
+M_PKCS12_decrypt_skey(bag, pass, passlen) 
+
+Decrypt a shrouded key bag and return a PKCS8 private key info structure.
+Works with both RSA and DSA keys
+
+char *PKCS12_get_friendlyname(bag)
+
+Returns the friendlyName of a bag if present or NULL if none. The returned
+string is a null terminated ASCII string allocated with Malloc(). It should 
+thus be freed up with Free() after use.
+
+2.2 AuthSafe functions.
+
+M_PKCS12_unpack_p7data(p7)
+
+Extract a STACK of safe bags from a PKCS#7 data ContentInfo.
+
+#define M_PKCS12_unpack_p7encdata(p7, pass, passlen)
+
+As above but for an encrypted content info.
+
+2.3 PKCS12 functions.
+
+M_PKCS12_unpack_authsafes(p12)
+
+Extract a STACK of authsafes from a PKCS12 structure.
+
+M_PKCS12_mac_present(p12)
+
+Check to see if a MAC is present.
+
+int PKCS12_verify_mac(PKCS12 *p12, unsigned char *pass, int passlen)
+
+Verify a MAC on a PKCS12 structure. Returns an error if MAC not present.
+
+
+Notes.
+
+1. All the function return 0 or NULL on error.
+2. Encryption based functions take a common set of parameters. These are
+described below.
+
+pass, passlen
+ASCII password and length. The password on the MAC is called the "integrity
+password" the encryption password is called the "privacy password" in the
+PKCS#12 documentation. The passwords do not have to be the same. If -1 is
+passed for the length it is worked out by the function itself (currently
+this is sometimes done whatever is passed as the length but that may change).
+
+salt, saltlen
+A 'salt' if salt is NULL a random salt is used. If saltlen is also zero a
+default length is used.
+
+iter
+Iteration count. This is a measure of how many times an internal function is
+called to encrypt the data. The larger this value is the longer it takes, it
+makes dictionary attacks on passwords harder. NOTE: Some implementations do
+not support an iteration count on the MAC. If the password for the MAC and
+encryption is the same then there is no point in having a high iteration
+count for encryption if the MAC has no count. The MAC could be attacked
+and the password used for the main decryption.
+
+pbe_nid
+This is the NID of the password based encryption method used. The following are
+supported.
+NID_pbe_WithSHA1And128BitRC4
+NID_pbe_WithSHA1And40BitRC4
+NID_pbe_WithSHA1And3_Key_TripleDES_CBC
+NID_pbe_WithSHA1And2_Key_TripleDES_CBC
+NID_pbe_WithSHA1And128BitRC2_CBC
+NID_pbe_WithSHA1And40BitRC2_CBC
+
+Which you use depends on the implementation you are exporting to. "Export
+grade" (i.e. cryptographically challenged) products cannot support all
+algorithms. Typically you may be able to use any encryption on shrouded key
+bags but they must then be placed in an unencrypted authsafe. Other authsafes
+may only support 40bit encryption. Of course if you are using SSLeay
+throughout you can strongly encrypt everything and have high iteration counts
+on everything.
+
+3. For decryption routines only the password and length are needed.
+
+4. Unlike the external version the nid's of objects are the values of the
+constants: that is NID_certBag is the real nid, therefore there is no 
+PKCS12_obj_offset() function.  Note the object constants are not the same as
+those of the external version. If you use these constants then you will need
+to recompile your code.
+
+5. With the exception of PKCS12_MAKE_KEYBAG(), after calling any function or 
+macro of the form PKCS12_MAKE_SOMETHING(other) the "other" structure can be
+reused or freed up safely.
+
diff --git a/src/lib/libssl/doc/standards.txt b/src/lib/libssl/doc/standards.txt
new file mode 100644
index 0000000000..f6675b574b
--- /dev/null
+++ b/src/lib/libssl/doc/standards.txt
@@ -0,0 +1,261 @@
+Standards related to OpenSSL
+============================
+
+[Please, this is currently a draft.  I made a first try at finding
+ documents that describe parts of what OpenSSL implements.  There are
+ big gaps, and I've most certainly done something wrong.  Please
+ correct whatever is...  Also, this note should be removed when this
+ file is reaching a somewhat correct state.        -- Richard Levitte]
+
+
+All pointers in here will be either URL's or blobs of text borrowed
+from miscellaneous indexes, like rfc-index.txt (index of RFCs),
+1id-index.txt (index of Internet drafts) and the like.
+
+To find the latest possible RFCs, it's recommended to either browse
+ftp://ftp.isi.edu/in-notes/ or go to http://www.rfc-editor.org/ and
+use the search mechanism found there.
+To find the latest possible Internet drafts, it's recommended to
+browse ftp://ftp.isi.edu/internet-drafts/.
+To find the latest possible PKCS, it's recommended to browse
+http://www.rsasecurity.com/rsalabs/pkcs/.
+
+
+Implemented:
+------------
+
+These are documents that describe things that are implemented (in
+whole or at least great parts) in OpenSSL.
+
+1319 The MD2 Message-Digest Algorithm. B. Kaliski. April 1992.
+     (Format: TXT=25661 bytes) (Status: INFORMATIONAL)
+
+1320 The MD4 Message-Digest Algorithm. R. Rivest. April 1992. (Format:
+     TXT=32407 bytes) (Status: INFORMATIONAL)
+
+1321 The MD5 Message-Digest Algorithm. R. Rivest. April 1992. (Format:
+     TXT=35222 bytes) (Status: INFORMATIONAL)
+
+2246 The TLS Protocol Version 1.0. T. Dierks, C. Allen. January 1999.
+     (Format: TXT=170401 bytes) (Status: PROPOSED STANDARD)
+
+2268 A Description of the RC2(r) Encryption Algorithm. R. Rivest.
+     January 1998. (Format: TXT=19048 bytes) (Status: INFORMATIONAL)
+
+2315 PKCS 7: Cryptographic Message Syntax Version 1.5. B. Kaliski.
+     March 1998. (Format: TXT=69679 bytes) (Status: INFORMATIONAL)
+
+PKCS#8: Private-Key Information Syntax Standard
+
+PKCS#12: Personal Information Exchange Syntax Standard, version 1.0.
+
+2560 X.509 Internet Public Key Infrastructure Online Certificate
+     Status Protocol - OCSP. M. Myers, R. Ankney, A. Malpani, S. Galperin,
+     C. Adams. June 1999. (Format: TXT=43243 bytes) (Status: PROPOSED
+     STANDARD)
+
+2712 Addition of Kerberos Cipher Suites to Transport Layer Security
+     (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes)
+     (Status: PROPOSED STANDARD)
+
+2898 PKCS #5: Password-Based Cryptography Specification Version 2.0.
+     B. Kaliski. September 2000. (Format: TXT=68692 bytes) (Status:
+     INFORMATIONAL)
+
+2986 PKCS #10: Certification Request Syntax Specification Version 1.7.
+     M. Nystrom, B. Kaliski. November 2000. (Format: TXT=27794 bytes)
+     (Obsoletes RFC2314) (Status: INFORMATIONAL)
+
+3174 US Secure Hash Algorithm 1 (SHA1). D. Eastlake 3rd, P. Jones.
+     September 2001. (Format: TXT=35525 bytes) (Status: INFORMATIONAL)
+
+3268 Advanced Encryption Standard (AES) Ciphersuites for Transport
+     Layer Security (TLS). P. Chown. June 2002. (Format: TXT=13530 bytes)
+     (Status: PROPOSED STANDARD)
+
+3279 Algorithms and Identifiers for the Internet X.509 Public Key
+     Infrastructure Certificate and Certificate Revocation List (CRL)
+     Profile. L. Bassham, W. Polk, R. Housley. April 2002. (Format:
+     TXT=53833 bytes) (Status: PROPOSED STANDARD)
+
+3280 Internet X.509 Public Key Infrastructure Certificate and
+     Certificate Revocation List (CRL) Profile. R. Housley, W. Polk, W.
+     Ford, D. Solo. April 2002. (Format: TXT=295556 bytes) (Obsoletes
+     RFC2459) (Status: PROPOSED STANDARD)
+
+3447 Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography
+     Specifications Version 2.1. J. Jonsson, B. Kaliski. February 2003.
+     (Format: TXT=143173 bytes) (Obsoletes RFC2437) (Status:           
+     INFORMATIONAL)                                         
+
+3820 Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate
+     Profile. S. Tuecke, V. Welch, D. Engert, L. Pearlman, M. Thompson.
+     June 2004. (Format: TXT=86374 bytes) (Status: PROPOSED STANDARD)
+
+
+Related:
+--------
+
+These are documents that are close to OpenSSL, for example the
+STARTTLS documents.
+
+1421 Privacy Enhancement for Internet Electronic Mail: Part I: Message
+     Encryption and Authentication Procedures. J. Linn. February 1993.
+     (Format: TXT=103894 bytes) (Obsoletes RFC1113) (Status: PROPOSED
+     STANDARD)
+
+1422 Privacy Enhancement for Internet Electronic Mail: Part II:
+     Certificate-Based Key Management. S. Kent. February 1993. (Format:
+     TXT=86085 bytes) (Obsoletes RFC1114) (Status: PROPOSED STANDARD)
+
+1423 Privacy Enhancement for Internet Electronic Mail: Part III:
+     Algorithms, Modes, and Identifiers. D. Balenson. February 1993.
+     (Format: TXT=33277 bytes) (Obsoletes RFC1115) (Status: PROPOSED
+     STANDARD)
+
+1424 Privacy Enhancement for Internet Electronic Mail: Part IV: Key
+     Certification and Related Services. B. Kaliski. February 1993.
+     (Format: TXT=17537 bytes) (Status: PROPOSED STANDARD)
+
+2025 The Simple Public-Key GSS-API Mechanism (SPKM). C. Adams. October
+     1996. (Format: TXT=101692 bytes) (Status: PROPOSED STANDARD)
+
+2510 Internet X.509 Public Key Infrastructure Certificate Management
+     Protocols. C. Adams, S. Farrell. March 1999. (Format: TXT=158178
+     bytes) (Status: PROPOSED STANDARD)
+
+2511 Internet X.509 Certificate Request Message Format. M. Myers, C.
+     Adams, D. Solo, D. Kemp. March 1999. (Format: TXT=48278 bytes)
+     (Status: PROPOSED STANDARD)
+
+2527 Internet X.509 Public Key Infrastructure Certificate Policy and
+     Certification Practices Framework. S. Chokhani, W. Ford. March 1999.
+     (Format: TXT=91860 bytes) (Status: INFORMATIONAL)
+
+2538 Storing Certificates in the Domain Name System (DNS). D. Eastlake
+     3rd, O. Gudmundsson. March 1999. (Format: TXT=19857 bytes) (Status:
+     PROPOSED STANDARD)
+
+2539 Storage of Diffie-Hellman Keys in the Domain Name System (DNS).
+     D. Eastlake 3rd. March 1999. (Format: TXT=21049 bytes) (Status:
+     PROPOSED STANDARD)
+
+2559 Internet X.509 Public Key Infrastructure Operational Protocols -
+     LDAPv2. S. Boeyen, T. Howes, P. Richard. April 1999. (Format:
+     TXT=22889 bytes) (Updates RFC1778) (Status: PROPOSED STANDARD)
+
+2585 Internet X.509 Public Key Infrastructure Operational Protocols:
+     FTP and HTTP. R. Housley, P. Hoffman. May 1999. (Format: TXT=14813
+     bytes) (Status: PROPOSED STANDARD)
+
+2587 Internet X.509 Public Key Infrastructure LDAPv2 Schema. S.
+     Boeyen, T. Howes, P. Richard. June 1999. (Format: TXT=15102 bytes)
+     (Status: PROPOSED STANDARD)
+
+2595 Using TLS with IMAP, POP3 and ACAP. C. Newman. June 1999.
+     (Format: TXT=32440 bytes) (Status: PROPOSED STANDARD)
+
+2631 Diffie-Hellman Key Agreement Method. E. Rescorla. June 1999.
+     (Format: TXT=25932 bytes) (Status: PROPOSED STANDARD)
+
+2632 S/MIME Version 3 Certificate Handling. B. Ramsdell, Ed.. June
+     1999. (Format: TXT=27925 bytes) (Status: PROPOSED STANDARD)
+
+2716 PPP EAP TLS Authentication Protocol. B. Aboba, D. Simon. October
+     1999. (Format: TXT=50108 bytes) (Status: EXPERIMENTAL)
+
+2773 Encryption using KEA and SKIPJACK. R. Housley, P. Yee, W. Nace.
+     February 2000. (Format: TXT=20008 bytes) (Updates RFC0959) (Status:
+     EXPERIMENTAL)
+
+2797 Certificate Management Messages over CMS. M. Myers, X. Liu, J.
+     Schaad, J. Weinstein. April 2000. (Format: TXT=103357 bytes) (Status:
+     PROPOSED STANDARD)
+
+2817 Upgrading to TLS Within HTTP/1.1. R. Khare, S. Lawrence. May
+     2000. (Format: TXT=27598 bytes) (Updates RFC2616) (Status: PROPOSED
+     STANDARD)
+
+2818 HTTP Over TLS. E. Rescorla. May 2000. (Format: TXT=15170 bytes)
+     (Status: INFORMATIONAL)
+
+2876 Use of the KEA and SKIPJACK Algorithms in CMS. J. Pawling. July
+     2000. (Format: TXT=29265 bytes) (Status: INFORMATIONAL)
+
+2984 Use of the CAST-128 Encryption Algorithm in CMS. C. Adams.
+     October 2000. (Format: TXT=11591 bytes) (Status: PROPOSED STANDARD)
+
+2985 PKCS #9: Selected Object Classes and Attribute Types Version 2.0.
+     M. Nystrom, B. Kaliski. November 2000. (Format: TXT=70703 bytes)
+     (Status: INFORMATIONAL)
+
+3029 Internet X.509 Public Key Infrastructure Data Validation and
+     Certification Server Protocols. C. Adams, P. Sylvester, M. Zolotarev,
+     R. Zuccherato. February 2001. (Format: TXT=107347 bytes) (Status:
+     EXPERIMENTAL)
+
+3039 Internet X.509 Public Key Infrastructure Qualified Certificates
+     Profile. S. Santesson, W. Polk, P. Barzin, M. Nystrom. January 2001.
+     (Format: TXT=67619 bytes) (Status: PROPOSED STANDARD)
+
+3058 Use of the IDEA Encryption Algorithm in CMS. S. Teiwes, P.
+     Hartmann, D. Kuenzi. February 2001. (Format: TXT=17257 bytes)
+     (Status: INFORMATIONAL)
+
+3161 Internet X.509 Public Key Infrastructure Time-Stamp Protocol
+     (TSP). C. Adams, P. Cain, D. Pinkas, R. Zuccherato. August 2001.
+     (Format: TXT=54585 bytes) (Status: PROPOSED STANDARD)
+
+3185 Reuse of CMS Content Encryption Keys. S. Farrell, S. Turner.
+     October 2001. (Format: TXT=20404 bytes) (Status: PROPOSED STANDARD)
+
+3207 SMTP Service Extension for Secure SMTP over Transport Layer
+     Security. P. Hoffman. February 2002. (Format: TXT=18679 bytes)
+     (Obsoletes RFC2487) (Status: PROPOSED STANDARD)
+
+3217 Triple-DES and RC2 Key Wrapping. R. Housley. December 2001.
+     (Format: TXT=19855 bytes) (Status: INFORMATIONAL)
+
+3274 Compressed Data Content Type for Cryptographic Message Syntax
+     (CMS). P. Gutmann. June 2002. (Format: TXT=11276 bytes) (Status:
+     PROPOSED STANDARD)
+
+3278 Use of Elliptic Curve Cryptography (ECC) Algorithms in
+     Cryptographic Message Syntax (CMS). S. Blake-Wilson, D. Brown, P.
+     Lambert. April 2002. (Format: TXT=33779 bytes) (Status:
+     INFORMATIONAL)
+
+3281 An Internet Attribute Certificate Profile for Authorization. S.
+     Farrell, R. Housley. April 2002. (Format: TXT=90580 bytes) (Status:
+     PROPOSED STANDARD)
+
+3369 Cryptographic Message Syntax (CMS). R. Housley. August 2002.
+     (Format: TXT=113975 bytes) (Obsoletes RFC2630, RFC3211) (Status:
+     PROPOSED STANDARD)
+
+3370 Cryptographic Message Syntax (CMS) Algorithms. R. Housley. August
+     2002. (Format: TXT=51001 bytes) (Obsoletes RFC2630, RFC3211) (Status:
+     PROPOSED STANDARD)
+
+3377 Lightweight Directory Access Protocol (v3): Technical
+     Specification. J. Hodges, R. Morgan. September 2002. (Format:
+     TXT=9981 bytes) (Updates RFC2251, RFC2252, RFC2253, RFC2254, RFC2255,
+     RFC2256, RFC2829, RFC2830) (Status: PROPOSED STANDARD)
+
+3394 Advanced Encryption Standard (AES) Key Wrap Algorithm. J. Schaad,
+     R. Housley. September 2002. (Format: TXT=73072 bytes) (Status:
+     INFORMATIONAL)
+
+3436 Transport Layer Security over Stream Control Transmission
+     Protocol. A. Jungmaier, E. Rescorla, M. Tuexen. December 2002.
+     (Format: TXT=16333 bytes) (Status: PROPOSED STANDARD)
+
+  "Securing FTP with TLS", 01/27/2000, <draft-murray-auth-ftp-ssl-05.txt>  
+ 
+
+To be implemented:
+------------------
+
+These are documents that describe things that are planed to be
+implemented in the hopefully short future.
+
diff --git a/src/lib/libssl/man/Makefile b/src/lib/libssl/man/Makefile
new file mode 100644
index 0000000000..784537b83d
--- /dev/null
+++ b/src/lib/libssl/man/Makefile
@@ -0,0 +1,799 @@
+# $OpenBSD: Makefile,v 1.10 2006/05/12 11:16:58 fkr Exp $
+
+.include <bsd.own.mk>           # for NOMAN
+
+
+POD2MAN=pod2man --official --release="OpenBSD ${OSREV}" --center=OpenSSL
+
+.ifndef NOMAN
+MANALL= \
+        BF_set_key.cat3 \
+        BN_CTX_new.cat3 \
+        BN_CTX_start.cat3 \
+        BN_add.cat3 \
+        BN_add_word.cat3 \
+        BN_bn2bin.cat3 \
+        BN_cmp.cat3 \
+        BN_copy.cat3 \
+        BN_generate_prime.cat3 \
+        BN_mod_inverse.cat3 \
+        BN_mod_mul_montgomery.cat3 \
+        BN_mod_mul_reciprocal.cat3 \
+        BN_new.cat3 \
+        BN_num_bytes.cat3 \
+        BN_rand.cat3 \
+        BN_set_bit.cat3 \
+        BN_swap.cat3 \
+        BN_zero.cat3 \
+        BUF_MEM_new.cat3 \
+        BUF_MEM_new.cat3 \
+        CRYPTO_set_ex_data.cat3 \
+        CRYPTO_set_locking_callback.cat3 \
+        DH_generate_key.cat3 \
+        DH_generate_parameters.cat3 \
+        DH_get_ex_new_index.cat3 \
+        DH_new.cat3 \
+        DH_set_method.cat3 \
+        DH_size.cat3 \
+        DSA_SIG_new.cat3 \
+        DSA_do_sign.cat3 \
+        DSA_dup_DH.cat3 \
+        DSA_generate_key.cat3 \
+        DSA_generate_parameters.cat3 \
+        DSA_get_ex_new_index.cat3 \
+        DSA_new.cat3 \
+        DSA_set_method.cat3 \
+        DSA_sign.cat3 \
+        DSA_size.cat3 \
+        ERR_GET_LIB.cat3 \
+        ERR_clear_error.cat3 \
+        ERR_error_string.cat3 \
+        ERR_get_error.cat3 \
+        ERR_load_crypto_strings.cat3 \
+        ERR_load_strings.cat3 \
+        ERR_print_errors.cat3 \
+        ERR_put_error.cat3 \
+        ERR_remove_state.cat3 \
+        EVP_BytesToKey.cat3 \
+        EVP_DigestInit.cat3 \
+        EVP_EncryptInit.cat3 \
+        EVP_OpenInit.cat3 \
+        EVP_SealInit.cat3 \
+        EVP_SignInit.cat3 \
+        EVP_VerifyInit.cat3 \
+        HMAC.cat3 \
+        MD5.cat3 \
+        OPENSSL_VERSION_NUMBER.cat3 \
+        OpenSSL_add_all_algorithms.cat3 \
+        RAND_add.cat3 \
+        RAND_bytes.cat3 \
+        RAND_cleanup.cat3 \
+        RAND_egd.cat3 \
+        RAND_load_file.cat3 \
+        RAND_set_rand_method.cat3 \
+        RC4.cat3 \
+        RIPEMD160.cat3 \
+        RSA_blinding_on.cat3 \
+        RSA_check_key.cat3 \
+        RSA_generate_key.cat3 \
+        RSA_get_ex_new_index.cat3 \
+        RSA_new.cat3 \
+        RSA_padding_add_PKCS1_type_1.cat3 \
+        RSA_print.cat3 \
+        RSA_private_encrypt.cat3 \
+        RSA_public_encrypt.cat3 \
+        RSA_set_method.cat3 \
+        RSA_sign.cat3 \
+        RSA_sign_ASN1_OCTET_STRING.cat3 \
+        RSA_size.cat3 \
+        SHA1.cat3 \
+        SSL_CIPHER_get_name.cat3 \
+        SSL_COMP_add_compression_method.cat3 \
+        SSL_CTX_add_extra_chain_cert.cat3 \
+        SSL_CTX_add_session.cat3 \
+        SSL_CTX_ctrl.cat3 \
+        SSL_CTX_flush_sessions.cat3 \
+        SSL_CTX_free.cat3 \
+        SSL_CTX_get_ex_new_index.cat3 \
+        SSL_CTX_get_verify_mode.cat3 \
+        SSL_CTX_load_verify_locations.cat3 \
+        SSL_CTX_new.cat3 \
+        SSL_CTX_sess_number.cat3 \
+        SSL_CTX_sess_set_cache_size.cat3 \
+        SSL_CTX_sess_set_get_cb.cat3 \
+        SSL_CTX_sessions.cat3 \
+        SSL_CTX_set_cert_store.cat3 \
+        SSL_CTX_set_cert_verify_callback.cat3 \
+        SSL_CTX_set_cipher_list.cat3 \
+        SSL_CTX_set_client_CA_list.cat3 \
+        SSL_CTX_set_client_cert_cb.cat3 \
+        SSL_CTX_set_default_passwd_cb.cat3 \
+        SSL_CTX_set_generate_session_id.cat3 \
+        SSL_CTX_set_info_callback.cat3 \
+        SSL_CTX_set_max_cert_list.cat3 \
+        SSL_CTX_set_mode.cat3 \
+        SSL_CTX_set_msg_callback.cat3 \
+        SSL_CTX_set_options.cat3 \
+        SSL_CTX_set_quiet_shutdown.cat3 \
+        SSL_CTX_set_session_cache_mode.cat3 \
+        SSL_CTX_set_session_id_context.cat3 \
+        SSL_CTX_set_ssl_version.cat3 \
+        SSL_CTX_set_timeout.cat3 \
+        SSL_CTX_set_tmp_dh_callback.cat3 \
+        SSL_CTX_set_tmp_rsa_callback.cat3 \
+        SSL_CTX_set_verify.cat3 \
+        SSL_CTX_use_certificate.cat3 \
+        SSL_SESSION_free.cat3 \
+        SSL_SESSION_get_ex_new_index.cat3 \
+        SSL_SESSION_get_time.cat3 \
+        SSL_accept.cat3 \
+        SSL_alert_type_string.cat3 \
+        SSL_clear.cat3 \
+        SSL_connect.cat3 \
+        SSL_do_handshake.cat3 \
+        SSL_free.cat3 \
+        SSL_get_SSL_CTX.cat3 \
+        SSL_get_ciphers.cat3 \
+        SSL_get_client_CA_list.cat3 \
+        SSL_get_current_cipher.cat3 \
+        SSL_get_default_timeout.cat3 \
+        SSL_get_error.cat3 \
+        SSL_get_ex_data_X509_STORE_CTX_idx.cat3 \
+        SSL_get_ex_new_index.cat3 \
+        SSL_get_fd.cat3 \
+        SSL_get_peer_cert_chain.cat3 \
+        SSL_get_peer_certificate.cat3 \
+        SSL_get_rbio.cat3 \
+        SSL_get_session.cat3 \
+        SSL_get_verify_result.cat3 \
+        SSL_get_version.cat3 \
+        SSL_library_init.cat3 \
+        SSL_load_client_CA_file.cat3 \
+        SSL_new.cat3 \
+        SSL_pending.cat3 \
+        SSL_read.cat3 \
+        SSL_rstate_string.cat3 \
+        SSL_session_reused.cat3 \
+        SSL_set_bio.cat3 \
+        SSL_set_connect_state.cat3 \
+        SSL_set_fd.cat3 \
+        SSL_set_session.cat3 \
+        SSL_set_shutdown.cat3 \
+        SSL_set_verify_result.cat3 \
+        SSL_shutdown.cat3 \
+        SSL_state_string.cat3 \
+        SSL_want.cat3 \
+        SSL_write.cat3 \
+        acss.cat3 \
+        bn.cat3 \
+        bn_internal.cat3 \
+        crypto.cat3 \
+        d2i_DHparams.cat3 \
+        d2i_RSAPublicKey.cat3 \
+        d2i_SSL_SESSION.cat3 \
+        des_modes.cat7 \
+        des_random_key.cat3 \
+        dh.cat3 \
+        dsa.cat3 \
+        lh_stats.cat3 \
+        lhash.cat3 \
+        rsa.cat3 \
+        ssl.cat3
+
+.if MANPS
+PSALL=  ${MANALL:S/.cat1/.ps1/g:S/.cat2/.ps2/g:S/.cat3/.ps3/g:S/.cat4/.ps4/g:S/.cat5/.ps5/g:S/.cat6/.ps6/g:S/.cat7/.ps7/g:S/.cat8/.ps8/g:S/.cat9/.ps9/g}
+.endif
+
+# these are a real problem, since they re-document functions described in
+# other pages.
+#
+# err.pod -> ERR_get_error.pod
+# ERR_peek_error ERR_get_error_line
+# ERR_peek_error_line ERR_get_error_line_data ERR_peek_error_line_data
+# ERR_GET_LIB ERR_GET_FUNC ERR_GET_REASON ERR_clear_error ERR_error_string
+# ERR_lib_error_string ERR_func_error_string ERR_reason_error_string
+# ERR_print_errors ERR_print_errors_fp ERR_load_crypto_strings ERR_free_strings
+# ERR_remove_state ERR_put_error ERR_add_error_data ERR_load_strings ERR_PACK
+# ERR_get_next_error_library
+#
+# rand.pod -> RAND_bytes.pod
+# RAND_pseudo_bytes RAND_seed RAND_add RAND_status RAND_event
+# RAND_screen RAND_load_file RAND_write_file RAND_file_name RAND_egd
+# RAND_set_rand_method RAND_get_rand_method RAND_SSLeay RAND_cleanup
+
+# buffer.pod -> BUF_MEM_new.pod
+# BUF_MEM_free BUF_MEM_grow BUF_strdup
+
+# rc4.pod -> RC4.pod
+# RC4_set_key
+
+# threads.pod -> CRYPTO_set_locking_callback.pod
+# CRYPTO_set_id_callback CRYPTO_num_locks
+
+# ripemd.pod -> RIPEMD160.pod
+# RIPEMD160_Init RIPEMD160_Update RIPEMD160_Final
+
+# sha.pod -> SHA1.pod
+
+# md5.pod -> MD5.pod
+
+# hmac.pod -> HMAC.pod
+
+# des.pod -> des_random_key, des_set_key, des_key_sched, des_set_key_checked,
+# des_set_key_unchecked, des_set_odd_parity, des_is_weak_key, des_ecb_encrypt,
+# des_ecb2_encrypt, des_ecb3_encrypt, des_ncbc_encrypt, des_cfb_encrypt,
+# des_ofb_encrypt, des_pcbc_encrypt, des_cfb64_encrypt, des_ofb64_encrypt,
+# des_xcbc_encrypt, des_ede2_cbc_encrypt, des_ede2_cfb64_encrypt,
+# des_ede2_ofb64_encrypt, des_ede3_cbc_encrypt, des_ede3_cbcm_encrypt,
+# des_ede3_cfb64_encrypt, des_ede3_ofb64_encrypt, des_read_password,
+# des_read_2passwords, des_read_pw_string, des_cbc_cksum, des_quad_cksum,
+# des_string_to_key, des_string_to_2keys, des_fcrypt, des_crypt,
+# des_enc_read, des_enc_write
+
+.for page src in \
+        BUF_MEM_new buffer \
+        RC4 rc4 \
+        CRYPTO_set_locking_callback threads \
+        RIPEMD160 ripemd \
+        SHA1 sha \
+        MD5 md5 \
+        HMAC hmac \
+        des_random_key des \
+        BF_set_key blowfish
+
+${page}.cat3: ${src}.pod
+        ${POD2MAN} --section=3 --name=${page:U} ${.ALLSRC} | \
+            nroff -Tascii -mandoc > ${.TARGET}
+.  if MANPS
+${page}.ps3: ${src}.pod
+        ${POD2MAN} --section=3 --name=${page:U} ${.ALLSRC} | \
+            nroff -Tps -mandoc > ${.TARGET}
+.  endif
+.endfor
+
+MLINKS+=\
+        BN_CTX_new.3 BN_CTX_free.3 \
+        BN_CTX_new.3 BN_CTX_init.3 \
+        BN_CTX_start.3 BN_CTX_end.3 \
+        BN_CTX_start.3 BN_CTX_get.3 \
+        BN_add.3 BN_div.3 \
+        BN_add.3 BN_exp.3 \
+        BN_add.3 BN_gcd.3 \
+        BN_add.3 BN_mod.3 \
+        BN_add.3 BN_mod_exp.3 \
+        BN_add.3 BN_mod_mul.3 \
+        BN_add.3 BN_mul.3 \
+        BN_add.3 BN_sqr.3 \
+        BN_add.3 BN_sub.3 \
+        BN_add_word.3 BN_div_word.3 \
+        BN_add_word.3 BN_mod_word.3 \
+        BN_add_word.3 BN_mul_word.3 \
+        BN_add_word.3 BN_sub_word.3 \
+        BN_bn2bin.3 BN_bin2bn.3 \
+        BN_bn2bin.3 BN_bn2dec.3 \
+        BN_bn2bin.3 BN_bn2hex.3 \
+        BN_bn2bin.3 BN_bn2mpi.3 \
+        BN_bn2bin.3 BN_dec2bn.3 \
+        BN_bn2bin.3 BN_hex2bn.3 \
+        BN_bn2bin.3 BN_mpi2bn.3 \
+        BN_bn2bin.3 BN_print.3 \
+        BN_bn2bin.3 BN_print_fp.3 \
+        BN_cmp.3 BN_is_odd.3 \
+        BN_cmp.3 BN_is_one.3 \
+        BN_cmp.3 BN_is_word.3 \
+        BN_cmp.3 BN_is_zero.3 \
+        BN_cmp.3 BN_ucmp.3 \
+        BN_copy.3 BN_dup.3 \
+        BN_generate_prime.3 BN_is_prime.3 \
+        BN_generate_prime.3 BN_is_prime_fasttest.3 \
+        BN_mod_mul_montgomery.3 BN_MONT_CTX_copy.3 \
+        BN_mod_mul_montgomery.3 BN_MONT_CTX_free.3 \
+        BN_mod_mul_montgomery.3 BN_MONT_CTX_init.3 \
+        BN_mod_mul_montgomery.3 BN_MONT_CTX_new.3 \
+        BN_mod_mul_montgomery.3 BN_MONT_CTX_set.3 \
+        BN_mod_mul_montgomery.3 BN_from_montgomery.3 \
+        BN_mod_mul_montgomery.3 BN_to_montgomery.3 \
+        BN_mod_mul_reciprocal.3 BN_RECP_CTX_free.3 \
+        BN_mod_mul_reciprocal.3 BN_RECP_CTX_init.3 \
+        BN_mod_mul_reciprocal.3 BN_RECP_CTX_new.3 \
+        BN_mod_mul_reciprocal.3 BN_RECP_CTX_set.3 \
+        BN_mod_mul_reciprocal.3 BN_div_recp.3 \
+        BN_new.3 BN_clear.3 \
+        BN_new.3 BN_clear_free.3 \
+        BN_new.3 BN_free.3 \
+        BN_new.3 BN_init.3 \
+        BN_num_bytes.3 BN_num_bits.3 \
+        BN_num_bytes.3 BN_num_bits_word.3 \
+        BN_rand.3 BN_pseudo_rand.3 \
+        BN_rand.3 BN_rand_range.3 \
+        BN_set_bit.3 BN_clear_bit.3 \
+        BN_set_bit.3 BN_is_bit_set.3 \
+        BN_set_bit.3 BN_lshift.3 \
+        BN_set_bit.3 BN_lshift1.3 \
+        BN_set_bit.3 BN_mask_bits.3 \
+        BN_set_bit.3 BN_rshift.3 \
+        BN_set_bit.3 BN_rshift1.3 \
+        BN_zero.3 BN_get_word.3 \
+        BN_zero.3 BN_one.3 \
+        BN_zero.3 BN_set_word.3 \
+        BN_zero.3 BN_value_one.3 \
+        BUF_MEM_new.3 BUF_MEM_free.3 \
+        BUF_MEM_new.3 BUF_MEM_grow.3 \
+        BUF_MEM_new.3 BUF_strdup.3 \
+        CRYPTO_set_ex_data.3 CRYPTO_get_ex_data.3 \
+        CRYPTO_set_locking_callback.3 CRYPTO_add.3 \
+        CRYPTO_set_locking_callback.3 CRYPTO_add_lock.3 \
+        CRYPTO_set_locking_callback.3 CRYPTO_destroy_dynlockid.3 \
+        CRYPTO_set_locking_callback.3 CRYPTO_get_new_dynlockid.3 \
+        CRYPTO_set_locking_callback.3 CRYPTO_lock.3 \
+        CRYPTO_set_locking_callback.3 CRYPTO_num_locks.3 \
+        CRYPTO_set_locking_callback.3 CRYPTO_r_lock.3 \
+        CRYPTO_set_locking_callback.3 CRYPTO_r_unlock.3 \
+        CRYPTO_set_locking_callback.3 CRYPTO_set_dynlock_create_callback.3 \
+        CRYPTO_set_locking_callback.3 CRYPTO_set_dynlock_destroy_callback.3 \
+        CRYPTO_set_locking_callback.3 CRYPTO_set_dynlock_lock_callback.3 \
+        CRYPTO_set_locking_callback.3 CRYPTO_set_id_callback.3 \
+        CRYPTO_set_locking_callback.3 CRYPTO_w_lock.3 \
+        CRYPTO_set_locking_callback.3 CRYPTO_w_unlock.3 \
+        DH_generate_key.3 DH_compute_key.3 \
+        DH_generate_parameters.3 DH_check.3 \
+        DH_get_ex_new_index.3 DH_get_ex_data.3 \
+        DH_get_ex_new_index.3 DH_set_ex_data.3 \
+        DH_new.3 DH_free.3 \
+        DH_set_method.3 DH_OpenSSL.3 \
+        DH_set_method.3 DH_get_default_method.3 \
+        DH_set_method.3 DH_get_default_openssl_method.3 \
+        DH_set_method.3 DH_new_method.3 \
+        DH_set_method.3 DH_set_default_method.3 \
+        DH_set_method.3 DH_set_default_openssl_method.3 \
+        DSA_new.3 DSA_free.3 \
+        DSA_set_method.3 DSA_OpenSSL.3 \
+        DSA_set_method.3 DSA_get_default_method.3 \
+        DSA_set_method.3 DSA_get_default_openssl_method.3 \
+        DSA_set_method.3 DSA_new_method.3 \
+        DSA_set_method.3 DSA_set_default_method.3 \
+        DSA_set_method.3 DSA_set_default_openssl_method.3 \
+        DSA_sign.3 DSA_sign_setup.3 \
+        DSA_sign.3 DSA_verify.3 \
+        ERR_GET_LIB.3 ERR_GET_FUNC.3 \
+        ERR_GET_LIB.3 ERR_GET_REASON.3 \
+        ERR_error_string.3 ERR_error_string_n.3 \
+        ERR_error_string.3 ERR_func_error_string.3 \
+        ERR_error_string.3 ERR_lib_error_string.3 \
+        ERR_error_string.3 ERR_reason_error_string.3 \
+        ERR_get_error.3 ERR_get_error_line.3 \
+        ERR_get_error.3 ERR_get_error_line_data.3 \
+        ERR_get_error.3 ERR_peek_error.3 \
+        ERR_get_error.3 ERR_peek_error_line.3 \
+        ERR_get_error.3 ERR_peek_error_line_data.3 \
+        ERR_load_crypto_strings.3 ERR_free_strings.3 \
+        ERR_load_crypto_strings.3 SSL_load_error_strings.3 \
+        ERR_load_strings.3 ERR_PACK.3 \
+        ERR_load_strings.3 ERR_get_next_error_library.3 \
+        ERR_print_errors.3 ERR_print_errors_fp.3 \
+        ERR_put_error.3 ERR_add_error_data.3 \
+        EVP_DigestInit.3 EVP_DigestFinal.3 \
+        EVP_DigestInit.3 EVP_DigestUpdate.3 \
+        EVP_DigestInit.3 EVP_MD_CTX_block_size.3 \
+        EVP_DigestInit.3 EVP_MD_CTX_copy.3 \
+        EVP_DigestInit.3 EVP_MD_CTX_md.3 \
+        EVP_DigestInit.3 EVP_MD_CTX_size.3 \
+        EVP_DigestInit.3 EVP_MD_CTX_type.3 \
+        EVP_DigestInit.3 EVP_MD_block_size.3 \
+        EVP_DigestInit.3 EVP_MD_block_size.3 \
+        EVP_DigestInit.3 EVP_MD_pkey_type.3 \
+        EVP_DigestInit.3 EVP_MD_size.3 \
+        EVP_DigestInit.3 EVP_MD_size.3 \
+        EVP_DigestInit.3 EVP_MD_type.3 \
+        EVP_DigestInit.3 EVP_MD_type.3 \
+        EVP_DigestInit.3 EVP_dss.3 \
+        EVP_DigestInit.3 EVP_dss1.3 \
+        EVP_DigestInit.3 EVP_get_digestbyname.3 \
+        EVP_DigestInit.3 EVP_get_digestbyname.3 \
+        EVP_DigestInit.3 EVP_get_digestbynid.3 \
+        EVP_DigestInit.3 EVP_get_digestbynid.3 \
+        EVP_DigestInit.3 EVP_get_digestbyobj.3 \
+        EVP_DigestInit.3 EVP_md2.3 \
+        EVP_DigestInit.3 EVP_md5.3 \
+        EVP_DigestInit.3 EVP_md_null.3 \
+        EVP_DigestInit.3 EVP_mdc2.3 \
+        EVP_DigestInit.3 EVP_ripemd160.3 \
+        EVP_DigestInit.3 EVP_sha.3 \
+        EVP_DigestInit.3 EVP_sha1.3 \
+        EVP_DigestInit.3 OBJ_nid2sn.3 \
+        EVP_DigestInit.3 OBJ_obj2nid.3 \
+        EVP_EncryptInit.3 EVP_CIPHER_CTX_block_size.3 \
+        EVP_EncryptInit.3 EVP_CIPHER_CTX_cipher.3 \
+        EVP_EncryptInit.3 EVP_CIPHER_CTX_cipher.3 \
+        EVP_EncryptInit.3 EVP_CIPHER_CTX_cleanup.3 \
+        EVP_EncryptInit.3 EVP_CIPHER_CTX_ctrl.3 \
+        EVP_EncryptInit.3 EVP_CIPHER_CTX_iv_length.3 \
+        EVP_EncryptInit.3 EVP_CIPHER_CTX_key_length.3 \
+        EVP_EncryptInit.3 EVP_CIPHER_CTX_nid.3 \
+        EVP_EncryptInit.3 EVP_CIPHER_CTX_set_key_length.3 \
+        EVP_EncryptInit.3 EVP_CIPHER_CTX_type.3 \
+        EVP_EncryptInit.3 EVP_CIPHER_asn1_to_param.3 \
+        EVP_EncryptInit.3 EVP_CIPHER_block_size.3 \
+        EVP_EncryptInit.3 EVP_CIPHER_iv_length.3 \
+        EVP_EncryptInit.3 EVP_CIPHER_key_length.3 \
+        EVP_EncryptInit.3 EVP_CIPHER_nid.3 \
+        EVP_EncryptInit.3 EVP_CIPHER_param_to_asn1.3 \
+        EVP_EncryptInit.3 EVP_CIPHER_type.3 \
+        EVP_EncryptInit.3 EVP_CIPHER_type.3 \
+        EVP_EncryptInit.3 EVP_CipherFinal.3 \
+        EVP_EncryptInit.3 EVP_CipherInit.3 \
+        EVP_EncryptInit.3 EVP_CipherUpdate.3 \
+        EVP_EncryptInit.3 EVP_DecryptFinal.3 \
+        EVP_EncryptInit.3 EVP_DecryptInit.3 \
+        EVP_EncryptInit.3 EVP_DecryptUpdate.3 \
+        EVP_EncryptInit.3 EVP_EncryptFinal.3 \
+        EVP_EncryptInit.3 EVP_EncryptUpdate.3 \
+        EVP_EncryptInit.3 EVP_get_cipherbyname.3 \
+        EVP_EncryptInit.3 EVP_get_cipherbyname.3 \
+        EVP_EncryptInit.3 EVP_get_cipherbynid.3 \
+        EVP_EncryptInit.3 EVP_get_cipherbynid.3 \
+        EVP_EncryptInit.3 EVP_get_cipherbyobj.3 \
+        EVP_EncryptInit.3 OBJ_nid2sn.3 \
+        EVP_EncryptInit.3 OBJ_obj2nid.3 \
+        EVP_OpenInit.3 EVP_OpenFinal.3 \
+        EVP_OpenInit.3 EVP_OpenUpdate.3 \
+        EVP_SealInit.3 EVP_SealFinal.3 \
+        EVP_SealInit.3 EVP_SealUpdate.3 \
+        EVP_SignInit.3 EVP_PKEY_size.3 \
+        EVP_SignInit.3 EVP_SignFinal.3 \
+        EVP_SignInit.3 EVP_SignUpdate.3 \
+        EVP_VerifyInit.3 EVP_VerifyFinal.3 \
+        EVP_VerifyInit.3 EVP_VerifyUpdate.3 \
+        HMAC.3 HMAC_Final.3 \
+        HMAC.3 HMAC_Init.3 \
+        HMAC.3 HMAC_Update.3 \
+        HMAC.3 HMAC_cleanup.3 \
+        MD5.3 MD2.3 \
+        MD5.3 MD2_Final.3 \
+        MD5.3 MD2_Init.3 \
+        MD5.3 MD2_Update.3 \
+        MD5.3 MD4.3 \
+        MD5.3 MD4_Final.3 \
+        MD5.3 MD4_Init.3 \
+        MD5.3 MD4_Update.3 \
+        MD5.3 MD5_Final.3 \
+        MD5.3 MD5_Init.3 \
+        MD5.3 MD5_Update.3 \
+        OPENSSL_VERSION_NUMBER.3 SSLeay.3 \
+        OPENSSL_VERSION_NUMBER.3 SSLeay_version.3 \
+        OpenSSL_add_all_algorithms.3 EVP_cleanup.3 \
+        OpenSSL_add_all_algorithms.3 OpenSSL_add_all_ciphers.3 \
+        OpenSSL_add_all_algorithms.3 OpenSSL_add_all_digests.3 \
+        RAND_add.3 RAND_event.3 \
+        RAND_add.3 RAND_screen.3 \
+        RAND_add.3 RAND_seed.3 \
+        RAND_add.3 RAND_status.3 \
+        RAND_bytes.3 RAND_pseudo_bytes.3 \
+        RAND_bytes.3 RAND_pseudo_bytes.3 \
+        RAND_egd.3 RAND_egd_bytes.3 \
+        RAND_load_file.3 RAND_file_name.3 \
+        RAND_load_file.3 RAND_file_name.3 \
+        RAND_load_file.3 RAND_write_file.3 \
+        RAND_load_file.3 RAND_write_file.3 \
+        RAND_set_rand_method.3 RAND_SSLeay.3 \
+        RAND_set_rand_method.3 RAND_SSLeay.3 \
+        RAND_set_rand_method.3 RAND_get_rand_method.3 \
+        RAND_set_rand_method.3 RAND_get_rand_method.3 \
+        RC4.3 RC4_set_key.3 \
+        RIPEMD160.3 RIPEMD160_Final.3 \
+        RIPEMD160.3 RIPEMD160_Init.3 \
+        RIPEMD160.3 RIPEMD160_Update.3 \
+        RSA_blinding_on.3 RSA_blinding_off.3 \
+        RSA_get_ex_new_index.3 RSA_get_ex_data.3 \
+        RSA_get_ex_new_index.3 RSA_set_ex_data.3 \
+        RSA_new.3 RSA_free.3 \
+        RSA_padding_add_PKCS1_type_1.3 RSA_padding_add_PKCS1_OAEP.3 \
+        RSA_padding_add_PKCS1_type_1.3 RSA_padding_add_PKCS1_type_2.3 \
+        RSA_padding_add_PKCS1_type_1.3 RSA_padding_add_SSLv23.3 \
+        RSA_padding_add_PKCS1_type_1.3 RSA_padding_add_none.3 \
+        RSA_padding_add_PKCS1_type_1.3 RSA_padding_check_PKCS1_OAEP.3 \
+        RSA_padding_add_PKCS1_type_1.3 RSA_padding_check_PKCS1_type_1.3 \
+        RSA_padding_add_PKCS1_type_1.3 RSA_padding_check_PKCS1_type_2.3 \
+        RSA_padding_add_PKCS1_type_1.3 RSA_padding_check_SSLv23.3 \
+        RSA_padding_add_PKCS1_type_1.3 RSA_padding_check_none.3 \
+        RSA_print.3 DHparams_print.3 \
+        RSA_print.3 DHparams_print.3 \
+        RSA_print.3 DHparams_print_fp.3 \
+        RSA_print.3 DHparams_print_fp.3 \
+        RSA_print.3 DSA_print.3 \
+        RSA_print.3 DSA_print_fp.3 \
+        RSA_print.3 DSA_print_fp.3 \
+        RSA_print.3 DSAparams_print.3 \
+        RSA_print.3 DSAparams_print.3 \
+        RSA_print.3 DSAparams_print_fp.3 \
+        RSA_print.3 DSAparams_print_fp.3 \
+        RSA_print.3 RSA_print_fp.3 \
+        RSA_print.3 RSA_print_fp.3 \
+        RSA_private_encrypt.3 RSA_public_decrypt.3 \
+        RSA_public_encrypt.3 RSA_private_decrypt.3 \
+        RSA_set_method.3 RSA_PKCS1_RSAref.3 \
+        RSA_set_method.3 RSA_PKCS1_SSLeay.3 \
+        RSA_set_method.3 RSA_flags.3 \
+        RSA_set_method.3 RSA_get_default_method.3 \
+        RSA_set_method.3 RSA_get_default_openssl_method.3 \
+        RSA_set_method.3 RSA_get_method.3 \
+        RSA_set_method.3 RSA_new_method.3 \
+        RSA_set_method.3 RSA_null_method.3 \
+        RSA_set_method.3 RSA_set_default_method.3 \
+        RSA_set_method.3 RSA_set_default_openssl_method.3 \
+        RSA_sign.3 RSA_verify.3 \
+        RSA_sign_ASN1_OCTET_STRING.3 RSA_verify_ASN1_OCTET_STRING.3 \
+        SHA1.3 SHA1_Final.3 \
+        SHA1.3 SHA1_Init.3 \
+        SHA1.3 SHA1_Update.3 \
+        SSL_CIPHER_get_name.3 SSL_CIPHER_description.3 \
+        SSL_CIPHER_get_name.3 SSL_CIPHER_get_bits.3 \
+        SSL_CIPHER_get_name.3 SSL_CIPHER_get_version.3 \
+        SSL_CTX_add_session.3 SSL_CTX_remove_session.3 \
+        SSL_CTX_add_session.3 SSL_add_session.3 \
+        SSL_CTX_add_session.3 SSL_remove_session.3 \
+        SSL_CTX_ctrl.3 SSL_CTX_callback_ctrl.3 \
+        SSL_CTX_ctrl.3 SSL_callback_ctrl.3 \
+        SSL_CTX_ctrl.3 SSL_ctrl.3 \
+        SSL_CTX_flush_sessions.3 SSL_flush_sessions.3 \
+        SSL_CTX_get_ex_new_index.3 SSL_CTX_get_ex_data.3 \
+        SSL_CTX_get_ex_new_index.3 SSL_CTX_set_ex_data.3 \
+        SSL_CTX_get_verify_mode.3 SSL_CTX_get_verify_callback.3 \
+        SSL_CTX_get_verify_mode.3 SSL_CTX_get_verify_depth.3 \
+        SSL_CTX_get_verify_mode.3 SSL_get_verify_callback.3 \
+        SSL_CTX_get_verify_mode.3 SSL_get_verify_depth.3 \
+        SSL_CTX_get_verify_mode.3 SSL_get_verify_mode.3 \
+        SSL_CTX_sess_number.3 SSL_CTX_sess_accept.3 \
+        SSL_CTX_sess_number.3 SSL_CTX_sess_accept_good.3 \
+        SSL_CTX_sess_number.3 SSL_CTX_sess_accept_renegotiate.3 \
+        SSL_CTX_sess_number.3 SSL_CTX_sess_cache_full.3 \
+        SSL_CTX_sess_number.3 SSL_CTX_sess_cb_hits.3 \
+        SSL_CTX_sess_number.3 SSL_CTX_sess_connect.3 \
+        SSL_CTX_sess_number.3 SSL_CTX_sess_connect_good.3 \
+        SSL_CTX_sess_number.3 SSL_CTX_sess_connect_renegotiate.3 \
+        SSL_CTX_sess_number.3 SSL_CTX_sess_hits.3 \
+        SSL_CTX_sess_number.3 SSL_CTX_sess_misses.3 \
+        SSL_CTX_sess_number.3 SSL_CTX_sess_timeouts.3 \
+        SSL_CTX_sess_set_cache_size.3 SSL_CTX_sess_get_cache_size.3 \
+        SSL_CTX_sess_set_get_cb.3 SSL_CTX_sess_get_get_cb.3 \
+        SSL_CTX_sess_set_get_cb.3 SSL_CTX_sess_get_new_cb.3 \
+        SSL_CTX_sess_set_get_cb.3 SSL_CTX_sess_get_remove_cb.3 \
+        SSL_CTX_sess_set_get_cb.3 SSL_CTX_sess_set_new_cb.3 \
+        SSL_CTX_sess_set_get_cb.3 SSL_CTX_sess_set_remove.3 \
+        SSL_CTX_set_cert_store.3 SSL_CTX_get_cert_store.3 \
+        SSL_CTX_set_cipher_list.3 SSL_set_cipher_list.3 \
+        SSL_CTX_set_client_CA_list.3 SSL_CTX_add_client_CA.3 \
+        SSL_CTX_set_client_CA_list.3 SSL_add_client_CA.3 \
+        SSL_CTX_set_client_CA_list.3 SSL_set_client_CA_list.3 \
+        SSL_CTX_set_default_passwd_cb.3 \
+        SSL_CTX_set_default_passwd_cb_userdata.3 \
+        SSL_CTX_set_max_cert_list.3 SSL_CTX_get_max_cert_list.3 \
+        SSL_CTX_set_max_cert_list.3 SSL_get_max_cert_list.3 \
+        SSL_CTX_set_max_cert_list.3 SSL_set_max_cert_list.3 \
+        SSL_CTX_set_mode.3 SSL_CTX_get_mode.3 \
+        SSL_CTX_set_mode.3 SSL_get_mode.3 \
+        SSL_CTX_set_mode.3 SSL_set_mode.3 \
+        SSL_CTX_set_msg_callback.3 SSL_CTX_set_msg_callback_arg.3 \
+        SSL_CTX_set_msg_callback.3 SSL_set_msg_callback.3 \
+        SSL_CTX_set_msg_callback.3 SSL_set_msg_callback_arg.3 \
+        SSL_CTX_set_options.3 SSL_CTX_get_options.3 \
+        SSL_CTX_set_options.3 SSL_get_options.3 \
+        SSL_CTX_set_options.3 SSL_set_options.3 \
+        SSL_CTX_set_quiet_shutdown.3 SSL_CTX_get_quiet_shutdown.3 \
+        SSL_CTX_set_quiet_shutdown.3 SSL_get_quiet_shutdown.3 \
+        SSL_CTX_set_quiet_shutdown.3 SSL_set_quiet_shutdown.3 \
+        SSL_CTX_set_session_cache_mode.3 SSL_CTX_get_session_cache_mode.3 \
+        SSL_CTX_set_session_id_context.3 SSL_set_session_id_context.3 \
+        SSL_CTX_set_ssl_version.3 SSL_get_ssl_method.3 \
+        SSL_CTX_set_ssl_version.3 SSL_set_ssl_method.3 \
+        SSL_CTX_set_timeout.3 SSL_CTX_get_timeout.3 \
+        SSL_CTX_set_tmp_dh_callback.3 SSL_CTX_set_tmp_dh.3 \
+        SSL_CTX_set_tmp_dh_callback.3 SSL_set_tmp_dh.3 \
+        SSL_CTX_set_tmp_dh_callback.3 SSL_set_tmp_dh_callback.3 \
+        SSL_CTX_set_tmp_rsa_callback.3 SSL_CTX_need_tmp_rsa.3 \
+        SSL_CTX_set_tmp_rsa_callback.3 SSL_CTX_set_tmp_rsa.3 \
+        SSL_CTX_set_tmp_rsa_callback.3 SSL_need_tmp_rsa.3 \
+        SSL_CTX_set_tmp_rsa_callback.3 SSL_set_tmp_rsa.3 \
+        SSL_CTX_set_tmp_rsa_callback.3 SSL_set_tmp_rsa_callback.3 \
+        SSL_CTX_set_verify.3 SSL_CTX_set_verify_depth.3 \
+        SSL_CTX_set_verify.3 SSL_set_verify.3 \
+        SSL_CTX_set_verify.3 SSL_set_verify_depth.3 \
+        SSL_CTX_use_certificate.3 SSL_CTX_check_private_key.3 \
+        SSL_CTX_use_certificate.3 SSL_CTX_use_PrivateKey.3 \
+        SSL_CTX_use_certificate.3 SSL_CTX_use_PrivateKey_ASN1.3 \
+        SSL_CTX_use_certificate.3 SSL_CTX_use_PrivateKey_file.3 \
+        SSL_CTX_use_certificate.3 SSL_CTX_use_RSAPrivateKey.3 \
+        SSL_CTX_use_certificate.3 SSL_CTX_use_RSAPrivateKey_ASN1.3 \
+        SSL_CTX_use_certificate.3 SSL_CTX_use_RSAPrivateKey_file.3 \
+        SSL_CTX_use_certificate.3 SSL_CTX_use_certificate_ASN1.3 \
+        SSL_CTX_use_certificate.3 SSL_CTX_use_certificate_chain_file.3 \
+        SSL_CTX_use_certificate.3 SSL_CTX_use_certificate_file.3 \
+        SSL_CTX_use_certificate.3 SSL_check_private_key.3 \
+        SSL_CTX_use_certificate.3 SSL_use_PrivateKey.3 \
+        SSL_CTX_use_certificate.3 SSL_use_PrivateKey_ASN1.3 \
+        SSL_CTX_use_certificate.3 SSL_use_PrivateKey_file.3 \
+        SSL_CTX_use_certificate.3 SSL_use_RSAPrivateKey.3 \
+        SSL_CTX_use_certificate.3 SSL_use_RSAPrivateKey_ASN1.3 \
+        SSL_CTX_use_certificate.3 SSL_use_RSAPrivateKey_file.3 \
+        SSL_CTX_use_certificate.3 SSL_use_certificate.3 \
+        SSL_CTX_use_certificate.3 SSL_use_certificate_ASN1.3 \
+        SSL_CTX_use_certificate.3 SSL_use_certificate_file.3 \
+        SSL_SESSION_get_ex_new_index.3 SSL_SESSION_get_ex_data.3 \
+        SSL_SESSION_get_ex_new_index.3 SSL_SESSION_set_ex_data.3 \
+        SSL_SESSION_get_time.3 SSL_SESSION_get_timeout.3 \
+        SSL_SESSION_get_time.3 SSL_SESSION_set_time.3 \
+        SSL_SESSION_get_time.3 SSL_SESSION_set_timeout.3 \
+        SSL_SESSION_get_time.3 SSL_get_time.3 \
+        SSL_SESSION_get_time.3 SSL_get_timeout.3 \
+        SSL_SESSION_get_time.3 SSL_set_time.3 \
+        SSL_SESSION_get_time.3 SSL_set_timeout.3 \
+        SSL_alert_type_string.3 SSL_alert_desc_string.3 \
+        SSL_alert_type_string.3 SSL_alert_desc_string_long.3 \
+        SSL_alert_type_string.3 SSL_alert_type_string_long.3 \
+        SSL_get_ciphers.3 SSL_get_cipher_list.3 \
+        SSL_get_client_CA_list.3 SSL_CTX_get_client_CA_list.3 \
+        SSL_get_current_cipher.3 SSL_get_cipher.3 \
+        SSL_get_current_cipher.3 SSL_get_cipher_bits.3 \
+        SSL_get_current_cipher.3 SSL_get_cipher_name.3 \
+        SSL_get_current_cipher.3 SSL_get_cipher_version.3 \
+        SSL_get_ex_new_index.3 SSL_get_ex_data.3 \
+        SSL_get_ex_new_index.3 SSL_set_ex_data.3 \
+        SSL_get_fd.3 SSL_get_rfd.3 \
+        SSL_get_fd.3 SSL_get_wfd.3 \
+        SSL_get_rbio.3 SSL_get_wbio.3 \
+        SSL_get_session.3 SSL_get0_session.3 \
+        SSL_get_session.3 SSL_get1_session.3 \
+        SSL_library_init.3 OpenSSL_add_ssl_algorithms.3 \
+        SSL_library_init.3 SSLeay_add_ssl_algorithms.3 \
+        SSL_rstate_string.3 SSL_rstate_string_long.3 \
+        SSL_set_connect_state.3 SSL_set_accept_state.3 \
+        SSL_set_fd.3 SSL_set_rfd.3 \
+        SSL_set_fd.3 SSL_set_wfd.3 \
+        SSL_set_shutdown.3 SSL_get_shutdown.3 \
+        SSL_state_string.3 SSL_state_string_long.3 \
+        SSL_want.3 SSL_want_nothing.3 \
+        SSL_want.3 SSL_want_read.3 \
+        SSL_want.3 SSL_want_write.3 \
+        SSL_want.3 SSL_want_x509_lookup.3 \
+        acss.3 acss_setkey.3 \
+        BF_set_key.3 BF_cbc.3 \
+        BF_set_key.3 BF_cbc_encrypt.3 \
+        BF_set_key.3 BF_cfb64_encrypt.3 \
+        BF_set_key.3 BF_decrypt.3 \
+        BF_set_key.3 BF_ecb.3 \
+        BF_set_key.3 BF_ecb_encrypt.3 \
+        BF_set_key.3 BF_encrypt.3 \
+        BF_set_key.3 BF_ofb64_encrypt.3 \
+        BF_set_key.3 BF_options.3 \
+        bn_internal.3 bn_add_words.3 \
+        bn_internal.3 bn_check_top.3 \
+        bn_internal.3 bn_cmp_words.3 \
+        bn_internal.3 bn_div_words.3 \
+        bn_internal.3 bn_dump.3 \
+        bn_internal.3 bn_expand.3 \
+        bn_internal.3 bn_expand2.3 \
+        bn_internal.3 bn_fix_top.3 \
+        bn_internal.3 bn_mul_add_words.3 \
+        bn_internal.3 bn_mul_comba4.3 \
+        bn_internal.3 bn_mul_comba8.3 \
+        bn_internal.3 bn_mul_high.3 \
+        bn_internal.3 bn_mul_low_normal.3 \
+        bn_internal.3 bn_mul_low_recursive.3 \
+        bn_internal.3 bn_mul_normal.3 \
+        bn_internal.3 bn_mul_part_recursive.3 \
+        bn_internal.3 bn_mul_recursive.3 \
+        bn_internal.3 bn_mul_words.3 \
+        bn_internal.3 bn_print.3 \
+        bn_internal.3 bn_set_high.3 \
+        bn_internal.3 bn_set_low.3 \
+        bn_internal.3 bn_set_max.3 \
+        bn_internal.3 bn_sqr_comba4.3 \
+        bn_internal.3 bn_sqr_comba8.3 \
+        bn_internal.3 bn_sqr_normal.3 \
+        bn_internal.3 bn_sqr_recursive.3 \
+        bn_internal.3 bn_sqr_words.3 \
+        bn_internal.3 bn_sub_words.3 \
+        bn_internal.3 bn_wexpand.3 \
+        bn_internal.3 mul.3 \
+        bn_internal.3 mul_add.3 \
+        bn_internal.3 sqr.3 \
+        d2i_DHparams.3 i2d_DHparams.3 \
+        d2i_RSAPublicKey.3 d2i_Netscape_RSA.3 \
+        d2i_RSAPublicKey.3 d2i_RSAPrivateKey.3 \
+        d2i_RSAPublicKey.3 i2d_Netscape_RSA.3 \
+        d2i_RSAPublicKey.3 i2d_RSAPrivateKey.3 \
+        d2i_RSAPublicKey.3 i2d_RSAPublicKey.3 \
+        d2i_SSL_SESSION.3 i2d_SSL_SESSION.3 \
+        des_random_key.3 des_string_to_2keys.3 \
+        des_random_key.3 des_cbc_cksum.3 \
+        des_random_key.3 des_cfb64_encrypt.3 \
+        des_random_key.3 des_cfb_encrypt.3 \
+        des_random_key.3 des_crypt.3 \
+        des_random_key.3 des_ecb2_encrypt.3 \
+        des_random_key.3 des_ecb3_encrypt.3 \
+        des_random_key.3 des_ecb_encrypt.3 \
+        des_random_key.3 des_ede2_cbc_encrypt.3 \
+        des_random_key.3 des_ede2_cfb64_encrypt.3 \
+        des_random_key.3 des_ede2_ofb64_encrypt.3 \
+        des_random_key.3 des_ede3_cbc_encrypt.3 \
+        des_random_key.3 des_ede3_cbcm_encrypt.3 \
+        des_random_key.3 des_ede3_cfb64_encrypt.3 \
+        des_random_key.3 des_ede3_ofb64_encrypt.3 \
+        des_random_key.3 des_enc_read.3 \
+        des_random_key.3 des_enc_write.3 \
+        des_random_key.3 des_fcrypt.3 \
+        des_random_key.3 des_is_weak_key.3 \
+        des_random_key.3 des_key_sched.3 \
+        des_random_key.3 des_ncbc_encrypt.3 \
+        des_random_key.3 des_ofb64_encrypt.3 \
+        des_random_key.3 des_ofb_encrypt.3 \
+        des_random_key.3 des_pcbc_encrypt.3 \
+        des_random_key.3 des_quad_cksum.3 \
+        des_random_key.3 des_read_2passwords.3 \
+        des_random_key.3 des_read_password.3 \
+        des_random_key.3 des_read_pw_string.3 \
+        des_random_key.3 des_set_key.3 \
+        des_random_key.3 des_set_key_checked.3 \
+        des_random_key.3 des_set_key_unchecked.3 \
+        des_random_key.3 des_set_odd_parity.3 \
+        des_random_key.3 des_string_to_2keys.3 \
+        des_random_key.3 des_string_to_key.3 \
+        des_random_key.3 des_xcbc_encrypt.3 \
+        dsa.3 DSA_OpenSSL.3 \
+        dsa.3 DSA_SIG_free.3 \
+        dsa.3 DSA_do_verify.3 \
+        dsa.3 DSA_free.3 \
+        dsa.3 DSA_get_default_method.3 \
+        dsa.3 DSA_get_ex_data.3 \
+        dsa.3 DSA_new_method.3 \
+        dsa.3 DSA_set_default_method.3 \
+        dsa.3 DSA_set_ex_data.3 \
+        dsa.3 DSA_sign_setup.3 \
+        dsa.3 DSA_verify.3 \
+        dsa.3 d2i_DSAPrivateKey.3 \
+        dsa.3 d2i_DSAPublicKey.3 \
+        dsa.3 d2i_DSA_SIG.3 \
+        dsa.3 d2i_DSAparams.3 \
+        dsa.3 i2d_DSAPrivateKey.3 \
+        dsa.3 i2d_DSAPublicKey.3 \
+        dsa.3 i2d_DSA_SIG.3 \
+        dsa.3 i2d_DSAparams.3 \
+        lh_stats.3 lh_node_stats.3 \
+        lh_stats.3 lh_node_stats_bio.3 \
+        lh_stats.3 lh_node_usage_stats.3 \
+        lh_stats.3 lh_node_usage_stats_bio.3 \
+        lh_stats.3 lh_stats_bio.3 \
+        lhash.3 lh_delete.3 \
+        lhash.3 lh_doall.3 \
+        lhash.3 lh_doall_arg.3 \
+        lhash.3 lh_error.3 \
+        lhash.3 lh_free.3 \
+        lhash.3 lh_insert.3 \
+        lhash.3 lh_new.3 \
+        lhash.3 lh_retrieve.3
+
+.include <bsd.man.mk>
+.else
+maninstall:
+
+.endif
+
+# XXX .PATH order is critical because of non-unique filenames
+.PATH: ${.CURDIR}/../src/doc/crypto ${.CURDIR}/../src/doc/ssl ${.CURDIR}/../src/doc/apps
+.SUFFIXES: .pod
+.for sect in 1 3 7
+
+.pod.cat${sect}:
+        ${POD2MAN} --section=${sect} --name=${*:U} ${.ALLSRC} | \
+            nroff -Tascii -mandoc > ${.TARGET}
+
+.pod.ps${sect}:
+        ${POD2MAN} --section=${sect} --name=${*:U} ${.ALLSRC} | \
+            nroff -Tps -mandoc > ${.TARGET}
+.endfor
+
+.include <bsd.obj.mk>
+.include <bsd.subdir.mk>
+
+clean cleandir:
+        rm -f ${CLEANFILES}
diff --git a/src/lib/libssl/openssl.cnf b/src/lib/libssl/openssl.cnf
new file mode 100644
index 0000000000..bb97b155b8
--- /dev/null
+++ b/src/lib/libssl/openssl.cnf
@@ -0,0 +1,65 @@
+#
+# OpenSSL example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE                = /dev/arandom
+
+####################################################################
+[ req ]
+default_bits            = 1024
+default_keyfile         = privkey.pem
+distinguished_name      = req_distinguished_name
+attributes              = req_attributes
+
+[ req_distinguished_name ]
+countryName                     = Country Name (2 letter code)
+#countryName_default            = AU
+countryName_min                 = 2
+countryName_max                 = 2
+
+stateOrProvinceName             = State or Province Name (full name)
+#stateOrProvinceName_default    = Some-State
+
+localityName                    = Locality Name (eg, city)
+
+0.organizationName              = Organization Name (eg, company)
+#0.organizationName_default     = Internet Widgits Pty Ltd
+
+# we can do this but it is not needed normally :-)
+#1.organizationName             = Second Organization Name (eg, company)
+#1.organizationName_default     = CryptSoft Pty Ltd
+
+organizationalUnitName          = Organizational Unit Name (eg, section)
+#organizationalUnitName_default =
+
+commonName                      = Common Name (eg, fully qualified host name)
+commonName_max                  = 64
+
+emailAddress                    = Email Address
+emailAddress_max                = 64
+
+[ req_attributes ]
+challengePassword               = A challenge password
+challengePassword_min           = 4
+challengePassword_max           = 20
+
+unstructuredName                = An optional company name
+
+[ x509v3_extensions ]
+
+nsCaRevocationUrl               = http://www.cryptsoft.com/ca-crl.pem
+nsComment                       = "This is a comment"
+
+# under ASN.1, the 0 bit would be encoded as 80
+nsCertType                      = 0x40
+
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+#nsCertSequence
+#nsCertExt
+#nsDataType
+
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c
new file mode 100644
index 0000000000..779e94a35c
--- /dev/null
+++ b/src/lib/libssl/s23_clnt.c
@@ -0,0 +1,509 @@
+/* ssl/s23_clnt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+
+static SSL_METHOD *ssl23_get_client_method(int ver);
+static int ssl23_client_hello(SSL *s);
+static int ssl23_get_server_hello(SSL *s);
+static SSL_METHOD *ssl23_get_client_method(int ver)
+        {
+#ifndef OPENSSL_NO_SSL2
+        if (ver == SSL2_VERSION)
+                return(SSLv2_client_method());
+#endif
+        if (ver == SSL3_VERSION)
+                return(SSLv3_client_method());
+        else if (ver == TLS1_VERSION)
+                return(TLSv1_client_method());
+        else
+                return(NULL);
+        }
+
+SSL_METHOD *SSLv23_client_method(void)
+        {
+        static int init=1;
+        static SSL_METHOD SSLv23_client_data;
+
+        if (init)
+                {
+                CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
+
+                if (init)
+                        {
+                        memcpy((char *)&SSLv23_client_data,
+                                (char *)sslv23_base_method(),sizeof(SSL_METHOD));
+                        SSLv23_client_data.ssl_connect=ssl23_connect;
+                        SSLv23_client_data.get_ssl_method=ssl23_get_client_method;
+                        init=0;
+                        }
+
+                CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
+                }
+        return(&SSLv23_client_data);
+        }
+
+int ssl23_connect(SSL *s)
+        {
+        BUF_MEM *buf=NULL;
+        unsigned long Time=time(NULL);
+        void (*cb)(const SSL *ssl,int type,int val)=NULL;
+        int ret= -1;
+        int new_state,state;
+
+        RAND_add(&Time,sizeof(Time),0);
+        ERR_clear_error();
+        clear_sys_error();
+
+        if (s->info_callback != NULL)
+                cb=s->info_callback;
+        else if (s->ctx->info_callback != NULL)
+                cb=s->ctx->info_callback;
+        
+        s->in_handshake++;
+        if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 
+
+        for (;;)
+                {
+                state=s->state;
+
+                switch(s->state)
+                        {
+                case SSL_ST_BEFORE:
+                case SSL_ST_CONNECT:
+                case SSL_ST_BEFORE|SSL_ST_CONNECT:
+                case SSL_ST_OK|SSL_ST_CONNECT:
+
+                        if (s->session != NULL)
+                                {
+                                SSLerr(SSL_F_SSL23_CONNECT,SSL_R_SSL23_DOING_SESSION_ID_REUSE);
+                                ret= -1;
+                                goto end;
+                                }
+                        s->server=0;
+                        if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
+
+                        /* s->version=TLS1_VERSION; */
+                        s->type=SSL_ST_CONNECT;
+
+                        if (s->init_buf == NULL)
+                                {
+                                if ((buf=BUF_MEM_new()) == NULL)
+                                        {
+                                        ret= -1;
+                                        goto end;
+                                        }
+                                if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
+                                        {
+                                        ret= -1;
+                                        goto end;
+                                        }
+                                s->init_buf=buf;
+                                buf=NULL;
+                                }
+
+                        if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
+
+                        ssl3_init_finished_mac(s);
+
+                        s->state=SSL23_ST_CW_CLNT_HELLO_A;
+                        s->ctx->stats.sess_connect++;
+                        s->init_num=0;
+                        break;
+
+                case SSL23_ST_CW_CLNT_HELLO_A:
+                case SSL23_ST_CW_CLNT_HELLO_B:
+
+                        s->shutdown=0;
+                        ret=ssl23_client_hello(s);
+                        if (ret <= 0) goto end;
+                        s->state=SSL23_ST_CR_SRVR_HELLO_A;
+                        s->init_num=0;
+
+                        break;
+
+                case SSL23_ST_CR_SRVR_HELLO_A:
+                case SSL23_ST_CR_SRVR_HELLO_B:
+                        ret=ssl23_get_server_hello(s);
+                        if (ret >= 0) cb=NULL;
+                        goto end;
+                        /* break; */
+
+                default:
+                        SSLerr(SSL_F_SSL23_CONNECT,SSL_R_UNKNOWN_STATE);
+                        ret= -1;
+                        goto end;
+                        /* break; */
+                        }
+
+                if (s->debug) { (void)BIO_flush(s->wbio); }
+
+                if ((cb != NULL) && (s->state != state))
+                        {
+                        new_state=s->state;
+                        s->state=state;
+                        cb(s,SSL_CB_CONNECT_LOOP,1);
+                        s->state=new_state;
+                        }
+                }
+end:
+        s->in_handshake--;
+        if (buf != NULL)
+                BUF_MEM_free(buf);
+        if (cb != NULL)
+                cb(s,SSL_CB_CONNECT_EXIT,ret);
+        return(ret);
+        }
+
+
+static int ssl23_client_hello(SSL *s)
+        {
+        unsigned char *buf;
+        unsigned char *p,*d;
+        int i,ch_len;
+        int ret;
+
+        buf=(unsigned char *)s->init_buf->data;
+        if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
+                {
+#if 0
+                /* don't reuse session-id's */
+                if (!ssl_get_new_session(s,0))
+                        {
+                        return(-1);
+                        }
+#endif
+
+                p=s->s3->client_random;
+                if(RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE) <= 0)
+                    return -1;
+
+                /* Do the message type and length last */
+                d= &(buf[2]);
+                p=d+9;
+
+                *(d++)=SSL2_MT_CLIENT_HELLO;
+                if (!(s->options & SSL_OP_NO_TLSv1))
+                        {
+                        *(d++)=TLS1_VERSION_MAJOR;
+                        *(d++)=TLS1_VERSION_MINOR;
+                        s->client_version=TLS1_VERSION;
+                        }
+#ifdef OPENSSL_FIPS
+                else if(FIPS_mode())
+                        {
+                        SSLerr(SSL_F_SSL23_CLIENT_HELLO,
+                                        SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
+                        return -1;
+                        }
+#endif
+                else if (!(s->options & SSL_OP_NO_SSLv3))
+                        {
+                        *(d++)=SSL3_VERSION_MAJOR;
+                        *(d++)=SSL3_VERSION_MINOR;
+                        s->client_version=SSL3_VERSION;
+                        }
+                else if (!(s->options & SSL_OP_NO_SSLv2))
+                        {
+                        *(d++)=SSL2_VERSION_MAJOR;
+                        *(d++)=SSL2_VERSION_MINOR;
+                        s->client_version=SSL2_VERSION;
+                        }
+                else
+                        {
+                        SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_PROTOCOLS_AVAILABLE);
+                        return(-1);
+                        }
+
+                /* Ciphers supported */
+                i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p);
+                if (i == 0)
+                        {
+                        /* no ciphers */
+                        SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
+                        return(-1);
+                        }
+                s2n(i,d);
+                p+=i;
+
+                /* put in the session-id, zero since there is no
+                 * reuse. */
+#if 0
+                s->session->session_id_length=0;
+#endif
+                s2n(0,d);
+
+                if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
+                        ch_len=SSL2_CHALLENGE_LENGTH;
+                else
+                        ch_len=SSL2_MAX_CHALLENGE_LENGTH;
+
+                /* write out sslv2 challenge */
+                if (SSL3_RANDOM_SIZE < ch_len)
+                        i=SSL3_RANDOM_SIZE;
+                else
+                        i=ch_len;
+                s2n(i,d);
+                memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
+                if(RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i) <= 0)
+                        return -1;
+
+                memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
+                p+=i;
+
+                i= p- &(buf[2]);
+                buf[0]=((i>>8)&0xff)|0x80;
+                buf[1]=(i&0xff);
+
+                s->state=SSL23_ST_CW_CLNT_HELLO_B;
+                /* number of bytes to write */
+                s->init_num=i+2;
+                s->init_off=0;
+
+                ssl3_finish_mac(s,&(buf[2]),i);
+                }
+
+        /* SSL3_ST_CW_CLNT_HELLO_B */
+        ret = ssl23_write_bytes(s);
+        if (ret >= 2)
+                if (s->msg_callback)
+                        s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
+        return ret;
+        }
+
+static int ssl23_get_server_hello(SSL *s)
+        {
+        char buf[8];
+        unsigned char *p;
+        int i;
+        int n;
+
+        n=ssl23_read_bytes(s,7);
+
+        if (n != 7) return(n);
+        p=s->packet;
+
+        memcpy(buf,p,n);
+
+        if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
+                (p[5] == 0x00) && (p[6] == 0x02))
+                {
+#ifdef OPENSSL_NO_SSL2
+                SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
+                goto err;
+#else
+                /* we are talking sslv2 */
+                /* we need to clean up the SSLv3 setup and put in the
+                 * sslv2 stuff. */
+                int ch_len;
+
+                if (s->options & SSL_OP_NO_SSLv2)
+                        {
+                        SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
+                        goto err;
+                        }
+                if (s->s2 == NULL)
+                        {
+                        if (!ssl2_new(s))
+                                goto err;
+                        }
+                else
+                        ssl2_clear(s);
+
+                if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
+                        ch_len=SSL2_CHALLENGE_LENGTH;
+                else
+                        ch_len=SSL2_MAX_CHALLENGE_LENGTH;
+
+                /* write out sslv2 challenge */
+                i=(SSL3_RANDOM_SIZE < ch_len)
+                        ?SSL3_RANDOM_SIZE:ch_len;
+                s->s2->challenge_length=i;
+                memcpy(s->s2->challenge,
+                        &(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
+
+                if (s->s3 != NULL) ssl3_free(s);
+
+                if (!BUF_MEM_grow_clean(s->init_buf,
+                        SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
+                        {
+                        SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB);
+                        goto err;
+                        }
+
+                s->state=SSL2_ST_GET_SERVER_HELLO_A;
+                if (!(s->client_version == SSL2_VERSION))
+                        /* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */
+                        s->s2->ssl2_rollback=1;
+
+                /* setup the 5 bytes we have read so we get them from
+                 * the sslv2 buffer */
+                s->rstate=SSL_ST_READ_HEADER;
+                s->packet_length=n;
+                s->packet= &(s->s2->rbuf[0]);
+                memcpy(s->packet,buf,n);
+                s->s2->rbuf_left=n;
+                s->s2->rbuf_offs=0;
+
+                /* we have already written one */
+                s->s2->write_sequence=1;
+
+                s->method=SSLv2_client_method();
+                s->handshake_func=s->method->ssl_connect;
+#endif
+                }
+        else if ((p[0] == SSL3_RT_HANDSHAKE) &&
+                 (p[1] == SSL3_VERSION_MAJOR) &&
+                 ((p[2] == SSL3_VERSION_MINOR) ||
+                  (p[2] == TLS1_VERSION_MINOR)) &&
+                 (p[5] == SSL3_MT_SERVER_HELLO))
+                {
+                /* we have sslv3 or tls1 */
+
+                if (!ssl_init_wbio_buffer(s,1)) goto err;
+
+                /* we are in this state */
+                s->state=SSL3_ST_CR_SRVR_HELLO_A;
+
+                /* put the 5 bytes we have read into the input buffer
+                 * for SSLv3 */
+                s->rstate=SSL_ST_READ_HEADER;
+                s->packet_length=n;
+                s->packet= &(s->s3->rbuf.buf[0]);
+                memcpy(s->packet,buf,n);
+                s->s3->rbuf.left=n;
+                s->s3->rbuf.offset=0;
+
+                if ((p[2] == SSL3_VERSION_MINOR) &&
+                        !(s->options & SSL_OP_NO_SSLv3))
+                        {
+#ifdef OPENSSL_FIPS
+                        if(FIPS_mode())
+                                {
+                                SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
+                                        SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
+                                goto err;
+                                }
+#endif
+                        s->version=SSL3_VERSION;
+                        s->method=SSLv3_client_method();
+                        }
+                else if ((p[2] == TLS1_VERSION_MINOR) &&
+                        !(s->options & SSL_OP_NO_TLSv1))
+                        {
+                        s->version=TLS1_VERSION;
+                        s->method=TLSv1_client_method();
+                        }
+                else
+                        {
+                        SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
+                        goto err;
+                        }
+                        
+                s->handshake_func=s->method->ssl_connect;
+                }
+        else if ((p[0] == SSL3_RT_ALERT) &&
+                 (p[1] == SSL3_VERSION_MAJOR) &&
+                 ((p[2] == SSL3_VERSION_MINOR) ||
+                  (p[2] == TLS1_VERSION_MINOR)) &&
+                 (p[3] == 0) &&
+                 (p[4] == 2))
+                {
+                void (*cb)(const SSL *ssl,int type,int val)=NULL;
+                int j;
+
+                /* An alert */
+                if (s->info_callback != NULL)
+                        cb=s->info_callback;
+                else if (s->ctx->info_callback != NULL)
+                        cb=s->ctx->info_callback;
+ 
+                i=p[5];
+                if (cb != NULL)
+                        {
+                        j=(i<<8)|p[6];
+                        cb(s,SSL_CB_READ_ALERT,j);
+                        }
+
+                s->rwstate=SSL_NOTHING;
+                SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_AD_REASON_OFFSET+p[6]);
+                goto err;
+                }
+        else
+                {
+                SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNKNOWN_PROTOCOL);
+                goto err;
+                }
+        s->init_num=0;
+
+        /* Since, if we are sending a ssl23 client hello, we are not
+         * reusing a session-id */
+        if (!ssl_get_new_session(s,0))
+                goto err;
+
+        s->first_packet=1;
+        return(SSL_connect(s));
+err:
+        return(-1);
+        }
+
diff --git a/src/lib/libssl/s23_lib.c b/src/lib/libssl/s23_lib.c
new file mode 100644
index 0000000000..8d7dbcf569
--- /dev/null
+++ b/src/lib/libssl/s23_lib.c
@@ -0,0 +1,236 @@
+/* ssl/s23_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/objects.h>
+#include "ssl_locl.h"
+
+static int ssl23_num_ciphers(void );
+static SSL_CIPHER *ssl23_get_cipher(unsigned int u);
+static int ssl23_read(SSL *s, void *buf, int len);
+static int ssl23_peek(SSL *s, void *buf, int len);
+static int ssl23_write(SSL *s, const void *buf, int len);
+static long ssl23_default_timeout(void );
+static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
+static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p);
+const char *SSL23_version_str="SSLv2/3 compatibility" OPENSSL_VERSION_PTEXT;
+
+static SSL_METHOD SSLv23_data= {
+        TLS1_VERSION,
+        tls1_new,
+        tls1_clear,
+        tls1_free,
+        ssl_undefined_function,
+        ssl_undefined_function,
+        ssl23_read,
+        ssl23_peek,
+        ssl23_write,
+        ssl_undefined_function,
+        ssl_undefined_function,
+        ssl_ok,
+        ssl3_ctrl,
+        ssl3_ctx_ctrl,
+        ssl23_get_cipher_by_char,
+        ssl23_put_cipher_by_char,
+        ssl_undefined_const_function,
+        ssl23_num_ciphers,
+        ssl23_get_cipher,
+        ssl_bad_method,
+        ssl23_default_timeout,
+        &ssl3_undef_enc_method,
+        ssl_undefined_function,
+        ssl3_callback_ctrl,
+        ssl3_ctx_callback_ctrl,
+        };
+
+static long ssl23_default_timeout(void)
+        {
+        return(300);
+        }
+
+SSL_METHOD *sslv23_base_method(void)
+        {
+        return(&SSLv23_data);
+        }
+
+static int ssl23_num_ciphers(void)
+        {
+        return(ssl3_num_ciphers()
+#ifndef OPENSSL_NO_SSL2
+               + ssl2_num_ciphers()
+#endif
+            );
+        }
+
+static SSL_CIPHER *ssl23_get_cipher(unsigned int u)
+        {
+        unsigned int uu=ssl3_num_ciphers();
+
+        if (u < uu)
+                return(ssl3_get_cipher(u));
+        else
+#ifndef OPENSSL_NO_SSL2
+                return(ssl2_get_cipher(u-uu));
+#else
+                return(NULL);
+#endif
+        }
+
+/* This function needs to check if the ciphers required are actually
+ * available */
+static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
+        {
+        SSL_CIPHER c,*cp;
+        unsigned long id;
+        int n;
+
+        n=ssl3_num_ciphers();
+        id=0x03000000|((unsigned long)p[0]<<16L)|
+                ((unsigned long)p[1]<<8L)|(unsigned long)p[2];
+        c.id=id;
+        cp=ssl3_get_cipher_by_char(p);
+#ifndef OPENSSL_NO_SSL2
+        if (cp == NULL)
+                cp=ssl2_get_cipher_by_char(p);
+#endif
+        return(cp);
+        }
+
+static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
+        {
+        long l;
+
+        /* We can write SSLv2 and SSLv3 ciphers */
+        if (p != NULL)
+                {
+                l=c->id;
+                p[0]=((unsigned char)(l>>16L))&0xFF;
+                p[1]=((unsigned char)(l>> 8L))&0xFF;
+                p[2]=((unsigned char)(l     ))&0xFF;
+                }
+        return(3);
+        }
+
+static int ssl23_read(SSL *s, void *buf, int len)
+        {
+        int n;
+
+        clear_sys_error();
+        if (SSL_in_init(s) && (!s->in_handshake))
+                {
+                n=s->handshake_func(s);
+                if (n < 0) return(n);
+                if (n == 0)
+                        {
+                        SSLerr(SSL_F_SSL23_READ,SSL_R_SSL_HANDSHAKE_FAILURE);
+                        return(-1);
+                        }
+                return(SSL_read(s,buf,len));
+                }
+        else
+                {
+                ssl_undefined_function(s);
+                return(-1);
+                }
+        }
+
+static int ssl23_peek(SSL *s, void *buf, int len)
+        {
+        int n;
+
+        clear_sys_error();
+        if (SSL_in_init(s) && (!s->in_handshake))
+                {
+                n=s->handshake_func(s);
+                if (n < 0) return(n);
+                if (n == 0)
+                        {
+                        SSLerr(SSL_F_SSL23_PEEK,SSL_R_SSL_HANDSHAKE_FAILURE);
+                        return(-1);
+                        }
+                return(SSL_peek(s,buf,len));
+                }
+        else
+                {
+                ssl_undefined_function(s);
+                return(-1);
+                }
+        }
+
+static int ssl23_write(SSL *s, const void *buf, int len)
+        {
+        int n;
+
+        clear_sys_error();
+        if (SSL_in_init(s) && (!s->in_handshake))
+                {
+                n=s->handshake_func(s);
+                if (n < 0) return(n);
+                if (n == 0)
+                        {
+                        SSLerr(SSL_F_SSL23_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE);
+                        return(-1);
+                        }
+                return(SSL_write(s,buf,len));
+                }
+        else
+                {
+                ssl_undefined_function(s);
+                return(-1);
+                }
+        }
diff --git a/src/lib/libssl/s23_pkt.c b/src/lib/libssl/s23_pkt.c
new file mode 100644
index 0000000000..4ca6a1b258
--- /dev/null
+++ b/src/lib/libssl/s23_pkt.c
@@ -0,0 +1,117 @@
+/* ssl/s23_pkt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "ssl_locl.h"
+#include <openssl/evp.h>
+#include <openssl/buffer.h>
+
+int ssl23_write_bytes(SSL *s)
+        {
+        int i,num,tot;
+        char *buf;
+
+        buf=s->init_buf->data;
+        tot=s->init_off;
+        num=s->init_num;
+        for (;;)
+                {
+                s->rwstate=SSL_WRITING;
+                i=BIO_write(s->wbio,&(buf[tot]),num);
+                if (i <= 0)
+                        {
+                        s->init_off=tot;
+                        s->init_num=num;
+                        return(i);
+                        }
+                s->rwstate=SSL_NOTHING;
+                if (i == num) return(tot+i);
+
+                num-=i;
+                tot+=i;
+                }
+        }
+
+/* return regularly only when we have read (at least) 'n' bytes */
+int ssl23_read_bytes(SSL *s, int n)
+        {
+        unsigned char *p;
+        int j;
+
+        if (s->packet_length < (unsigned int)n)
+                {
+                p=s->packet;
+
+                for (;;)
+                        {
+                        s->rwstate=SSL_READING;
+                        j=BIO_read(s->rbio,(char *)&(p[s->packet_length]),
+                                n-s->packet_length);
+                        if (j <= 0)
+                                return(j);
+                        s->rwstate=SSL_NOTHING;
+                        s->packet_length+=j;
+                        if (s->packet_length >= (unsigned int)n)
+                                return(s->packet_length);
+                        }
+                }
+        return(n);
+        }
+
diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c
new file mode 100644
index 0000000000..e9edc34328
--- /dev/null
+++ b/src/lib/libssl/s23_srvr.c
@@ -0,0 +1,603 @@
+/* ssl/s23_srvr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+
+static SSL_METHOD *ssl23_get_server_method(int ver);
+int ssl23_get_client_hello(SSL *s);
+static SSL_METHOD *ssl23_get_server_method(int ver)
+        {
+#ifndef OPENSSL_NO_SSL2
+        if (ver == SSL2_VERSION)
+                return(SSLv2_server_method());
+#endif
+        if (ver == SSL3_VERSION)
+                return(SSLv3_server_method());
+        else if (ver == TLS1_VERSION)
+                return(TLSv1_server_method());
+        else
+                return(NULL);
+        }
+
+SSL_METHOD *SSLv23_server_method(void)
+        {
+        static int init=1;
+        static SSL_METHOD SSLv23_server_data;
+
+        if (init)
+                {
+                CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
+
+                if (init)
+                        {
+                        memcpy((char *)&SSLv23_server_data,
+                                (char *)sslv23_base_method(),sizeof(SSL_METHOD));
+                        SSLv23_server_data.ssl_accept=ssl23_accept;
+                        SSLv23_server_data.get_ssl_method=ssl23_get_server_method;
+                        init=0;
+                        }
+
+                CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
+                }
+        return(&SSLv23_server_data);
+        }
+
+int ssl23_accept(SSL *s)
+        {
+        BUF_MEM *buf;
+        unsigned long Time=time(NULL);
+        void (*cb)(const SSL *ssl,int type,int val)=NULL;
+        int ret= -1;
+        int new_state,state;
+
+        RAND_add(&Time,sizeof(Time),0);
+        ERR_clear_error();
+        clear_sys_error();
+
+        if (s->info_callback != NULL)
+                cb=s->info_callback;
+        else if (s->ctx->info_callback != NULL)
+                cb=s->ctx->info_callback;
+        
+        s->in_handshake++;
+        if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 
+
+        for (;;)
+                {
+                state=s->state;
+
+                switch(s->state)
+                        {
+                case SSL_ST_BEFORE:
+                case SSL_ST_ACCEPT:
+                case SSL_ST_BEFORE|SSL_ST_ACCEPT:
+                case SSL_ST_OK|SSL_ST_ACCEPT:
+
+                        s->server=1;
+                        if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
+
+                        /* s->version=SSL3_VERSION; */
+                        s->type=SSL_ST_ACCEPT;
+
+                        if (s->init_buf == NULL)
+                                {
+                                if ((buf=BUF_MEM_new()) == NULL)
+                                        {
+                                        ret= -1;
+                                        goto end;
+                                        }
+                                if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
+                                        {
+                                        ret= -1;
+                                        goto end;
+                                        }
+                                s->init_buf=buf;
+                                }
+
+                        ssl3_init_finished_mac(s);
+
+                        s->state=SSL23_ST_SR_CLNT_HELLO_A;
+                        s->ctx->stats.sess_accept++;
+                        s->init_num=0;
+                        break;
+
+                case SSL23_ST_SR_CLNT_HELLO_A:
+                case SSL23_ST_SR_CLNT_HELLO_B:
+
+                        s->shutdown=0;
+                        ret=ssl23_get_client_hello(s);
+                        if (ret >= 0) cb=NULL;
+                        goto end;
+                        /* break; */
+
+                default:
+                        SSLerr(SSL_F_SSL23_ACCEPT,SSL_R_UNKNOWN_STATE);
+                        ret= -1;
+                        goto end;
+                        /* break; */
+                        }
+
+                if ((cb != NULL) && (s->state != state))
+                        {
+                        new_state=s->state;
+                        s->state=state;
+                        cb(s,SSL_CB_ACCEPT_LOOP,1);
+                        s->state=new_state;
+                        }
+                }
+end:
+        s->in_handshake--;
+        if (cb != NULL)
+                cb(s,SSL_CB_ACCEPT_EXIT,ret);
+        return(ret);
+        }
+
+
+int ssl23_get_client_hello(SSL *s)
+        {
+        char buf_space[11]; /* Request this many bytes in initial read.
+                             * We can detect SSL 3.0/TLS 1.0 Client Hellos
+                             * ('type == 3') correctly only when the following
+                             * is in a single record, which is not guaranteed by
+                             * the protocol specification:
+                             * Byte  Content
+                             *  0     type            \
+                             *  1/2   version          > record header
+                             *  3/4   length          /
+                             *  5     msg_type        \
+                             *  6-8   length           > Client Hello message
+                             *  9/10  client_version  /
+                             */
+        char *buf= &(buf_space[0]);
+        unsigned char *p,*d,*d_len,*dd;
+        unsigned int i;
+        unsigned int csl,sil,cl;
+        int n=0,j;
+        int type=0;
+        int v[2];
+#ifndef OPENSSL_NO_RSA
+        int use_sslv2_strong=0;
+#endif
+
+        if (s->state == SSL23_ST_SR_CLNT_HELLO_A)
+                {
+                /* read the initial header */
+                v[0]=v[1]=0;
+
+                if (!ssl3_setup_buffers(s)) goto err;
+
+                n=ssl23_read_bytes(s, sizeof buf_space);
+                if (n != sizeof buf_space) return(n); /* n == -1 || n == 0 */
+
+                p=s->packet;
+
+                memcpy(buf,p,n);
+
+                if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO))
+                        {
+                        /*
+                         * SSLv2 header
+                         */
+                        if ((p[3] == 0x00) && (p[4] == 0x02))
+                                {
+                                v[0]=p[3]; v[1]=p[4];
+                                /* SSLv2 */
+                                if (!(s->options & SSL_OP_NO_SSLv2))
+                                        type=1;
+                                }
+                        else if (p[3] == SSL3_VERSION_MAJOR)
+                                {
+                                v[0]=p[3]; v[1]=p[4];
+                                /* SSLv3/TLSv1 */
+                                if (p[4] >= TLS1_VERSION_MINOR)
+                                        {
+                                        if (!(s->options & SSL_OP_NO_TLSv1))
+                                                {
+                                                s->version=TLS1_VERSION;
+                                                /* type=2; */ /* done later to survive restarts */
+                                                s->state=SSL23_ST_SR_CLNT_HELLO_B;
+                                                }
+                                        else if (!(s->options & SSL_OP_NO_SSLv3))
+                                                {
+                                                s->version=SSL3_VERSION;
+                                                /* type=2; */
+                                                s->state=SSL23_ST_SR_CLNT_HELLO_B;
+                                                }
+                                        else if (!(s->options & SSL_OP_NO_SSLv2))
+                                                {
+                                                type=1;
+                                                }
+                                        }
+                                else if (!(s->options & SSL_OP_NO_SSLv3))
+                                        {
+                                        s->version=SSL3_VERSION;
+                                        /* type=2; */
+                                        s->state=SSL23_ST_SR_CLNT_HELLO_B;
+                                        }
+                                else if (!(s->options & SSL_OP_NO_SSLv2))
+                                        type=1;
+
+                                }
+                        }
+                else if ((p[0] == SSL3_RT_HANDSHAKE) &&
+                         (p[1] == SSL3_VERSION_MAJOR) &&
+                         (p[5] == SSL3_MT_CLIENT_HELLO) &&
+                         ((p[3] == 0 && p[4] < 5 /* silly record length? */)
+                                || (p[9] == p[1])))
+                        {
+                        /*
+                         * SSLv3 or tls1 header
+                         */
+                        
+                        v[0]=p[1]; /* major version (= SSL3_VERSION_MAJOR) */
+                        /* We must look at client_version inside the Client Hello message
+                         * to get the correct minor version.
+                         * However if we have only a pathologically small fragment of the
+                         * Client Hello message, this would be difficult, and we'd have
+                         * to read more records to find out.
+                         * No known SSL 3.0 client fragments ClientHello like this,
+                         * so we simply assume TLS 1.0 to avoid protocol version downgrade
+                         * attacks. */
+                        if (p[3] == 0 && p[4] < 6)
+                                {
+#if 0
+                                SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_SMALL);
+                                goto err;
+#else
+                                v[1] = TLS1_VERSION_MINOR;
+#endif
+                                }
+                        else
+                                v[1]=p[10]; /* minor version according to client_version */
+                        if (v[1] >= TLS1_VERSION_MINOR)
+                                {
+                                if (!(s->options & SSL_OP_NO_TLSv1))
+                                        {
+                                        s->version=TLS1_VERSION;
+                                        type=3;
+                                        }
+                                else if (!(s->options & SSL_OP_NO_SSLv3))
+                                        {
+                                        s->version=SSL3_VERSION;
+                                        type=3;
+                                        }
+                                }
+                        else
+                                {
+                                /* client requests SSL 3.0 */
+                                if (!(s->options & SSL_OP_NO_SSLv3))
+                                        {
+                                        s->version=SSL3_VERSION;
+                                        type=3;
+                                        }
+                                else if (!(s->options & SSL_OP_NO_TLSv1))
+                                        {
+                                        /* we won't be able to use TLS of course,
+                                         * but this will send an appropriate alert */
+                                        s->version=TLS1_VERSION;
+                                        type=3;
+                                        }
+                                }
+                        }
+                else if ((strncmp("GET ", (char *)p,4) == 0) ||
+                         (strncmp("POST ",(char *)p,5) == 0) ||
+                         (strncmp("HEAD ",(char *)p,5) == 0) ||
+                         (strncmp("PUT ", (char *)p,4) == 0))
+                        {
+                        SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTP_REQUEST);
+                        goto err;
+                        }
+                else if (strncmp("CONNECT",(char *)p,7) == 0)
+                        {
+                        SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTPS_PROXY_REQUEST);
+                        goto err;
+                        }
+                }
+
+#ifdef OPENSSL_FIPS
+        if (FIPS_mode() && (s->version < TLS1_VERSION))
+                {
+                SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
+                                        SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
+                goto err;
+                }
+#endif
+
+        if (s->state == SSL23_ST_SR_CLNT_HELLO_B)
+                {
+                /* we have SSLv3/TLSv1 in an SSLv2 header
+                 * (other cases skip this state) */
+
+                type=2;
+                p=s->packet;
+                v[0] = p[3]; /* == SSL3_VERSION_MAJOR */
+                v[1] = p[4];
+
+                n=((p[0]&0x7f)<<8)|p[1];
+                if (n > (1024*4))
+                        {
+                        SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE);
+                        goto err;
+                        }
+
+                j=ssl23_read_bytes(s,n+2);
+                if (j <= 0) return(j);
+
+                ssl3_finish_mac(s, s->packet+2, s->packet_length-2);
+                if (s->msg_callback)
+                        s->msg_callback(0, SSL2_VERSION, 0, s->packet+2, s->packet_length-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
+
+                p=s->packet;
+                p+=5;
+                n2s(p,csl);
+                n2s(p,sil);
+                n2s(p,cl);
+                d=(unsigned char *)s->init_buf->data;
+                if ((csl+sil+cl+11) != s->packet_length)
+                        {
+                        SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH);
+                        goto err;
+                        }
+
+                /* record header: msg_type ... */
+                *(d++) = SSL3_MT_CLIENT_HELLO;
+                /* ... and length (actual value will be written later) */
+                d_len = d;
+                d += 3;
+
+                /* client_version */
+                *(d++) = SSL3_VERSION_MAJOR; /* == v[0] */
+                *(d++) = v[1];
+
+                /* lets populate the random area */
+                /* get the challenge_length */
+                i=(cl > SSL3_RANDOM_SIZE)?SSL3_RANDOM_SIZE:cl;
+                memset(d,0,SSL3_RANDOM_SIZE);
+                memcpy(&(d[SSL3_RANDOM_SIZE-i]),&(p[csl+sil]),i);
+                d+=SSL3_RANDOM_SIZE;
+
+                /* no session-id reuse */
+                *(d++)=0;
+
+                /* ciphers */
+                j=0;
+                dd=d;
+                d+=2;
+                for (i=0; i<csl; i+=3)
+                        {
+                        if (p[i] != 0) continue;
+                        *(d++)=p[i+1];
+                        *(d++)=p[i+2];
+                        j+=2;
+                        }
+                s2n(j,dd);
+
+                /* COMPRESSION */
+                *(d++)=1;
+                *(d++)=0;
+                
+                i = (d-(unsigned char *)s->init_buf->data) - 4;
+                l2n3((long)i, d_len);
+
+                /* get the data reused from the init_buf */
+                s->s3->tmp.reuse_message=1;
+                s->s3->tmp.message_type=SSL3_MT_CLIENT_HELLO;
+                s->s3->tmp.message_size=i;
+                }
+
+        /* imaginary new state (for program structure): */
+        /* s->state = SSL23_SR_CLNT_HELLO_C */
+
+        if (type == 1)
+                {
+#ifdef OPENSSL_NO_SSL2
+                SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
+                goto err;
+#else
+                /* we are talking sslv2 */
+                /* we need to clean up the SSLv3/TLSv1 setup and put in the
+                 * sslv2 stuff. */
+
+                if (s->s2 == NULL)
+                        {
+                        if (!ssl2_new(s))
+                                goto err;
+                        }
+                else
+                        ssl2_clear(s);
+
+                if (s->s3 != NULL) ssl3_free(s);
+
+                if (!BUF_MEM_grow_clean(s->init_buf,
+                        SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
+                        {
+                        goto err;
+                        }
+
+                s->state=SSL2_ST_GET_CLIENT_HELLO_A;
+                if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
+                        s->s2->ssl2_rollback=0;
+                else
+                        /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
+                         * (SSL 3.0 draft/RFC 2246, App. E.2) */
+                        s->s2->ssl2_rollback=1;
+
+                /* setup the n bytes we have read so we get them from
+                 * the sslv2 buffer */
+                s->rstate=SSL_ST_READ_HEADER;
+                s->packet_length=n;
+                s->packet= &(s->s2->rbuf[0]);
+                memcpy(s->packet,buf,n);
+                s->s2->rbuf_left=n;
+                s->s2->rbuf_offs=0;
+
+                s->method=SSLv2_server_method();
+                s->handshake_func=s->method->ssl_accept;
+#endif
+                }
+
+        if ((type == 2) || (type == 3))
+                {
+                /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */
+
+                if (!ssl_init_wbio_buffer(s,1)) goto err;
+
+                /* we are in this state */
+                s->state=SSL3_ST_SR_CLNT_HELLO_A;
+
+                if (type == 3)
+                        {
+                        /* put the 'n' bytes we have read into the input buffer
+                         * for SSLv3 */
+                        s->rstate=SSL_ST_READ_HEADER;
+                        s->packet_length=n;
+                        s->packet= &(s->s3->rbuf.buf[0]);
+                        memcpy(s->packet,buf,n);
+                        s->s3->rbuf.left=n;
+                        s->s3->rbuf.offset=0;
+                        }
+                else
+                        {
+                        s->packet_length=0;
+                        s->s3->rbuf.left=0;
+                        s->s3->rbuf.offset=0;
+                        }
+
+                if (s->version == TLS1_VERSION)
+                        s->method = TLSv1_server_method();
+                else
+                        s->method = SSLv3_server_method();
+#if 0 /* ssl3_get_client_hello does this */
+                s->client_version=(v[0]<<8)|v[1];
+#endif
+                s->handshake_func=s->method->ssl_accept;
+                }
+        
+        if ((type < 1) || (type > 3))
+                {
+                /* bad, very bad */
+                SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL);
+                goto err;
+                }
+        s->init_num=0;
+
+        if (buf != buf_space) OPENSSL_free(buf);
+        s->first_packet=1;
+        return(SSL_accept(s));
+err:
+        if (buf != buf_space) OPENSSL_free(buf);
+        return(-1);
+        }
diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c
new file mode 100644
index 0000000000..64d317b7ac
--- /dev/null
+++ b/src/lib/libssl/s3_both.c
@@ -0,0 +1,635 @@
+/* ssl/s3_both.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <limits.h>
+#include <string.h>
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+
+/* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */
+int ssl3_do_write(SSL *s, int type)
+        {
+        int ret;
+
+        ret=ssl3_write_bytes(s,type,&s->init_buf->data[s->init_off],
+                             s->init_num);
+        if (ret < 0) return(-1);
+        if (type == SSL3_RT_HANDSHAKE)
+                /* should not be done for 'Hello Request's, but in that case
+                 * we'll ignore the result anyway */
+                ssl3_finish_mac(s,(unsigned char *)&s->init_buf->data[s->init_off],ret);
+        
+        if (ret == s->init_num)
+                {
+                if (s->msg_callback)
+                        s->msg_callback(1, s->version, type, s->init_buf->data, (size_t)(s->init_off + s->init_num), s, s->msg_callback_arg);
+                return(1);
+                }
+        s->init_off+=ret;
+        s->init_num-=ret;
+        return(0);
+        }
+
+int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
+        {
+        unsigned char *p,*d;
+        int i;
+        unsigned long l;
+
+        if (s->state == a)
+                {
+                d=(unsigned char *)s->init_buf->data;
+                p= &(d[4]);
+
+                i=s->method->ssl3_enc->final_finish_mac(s,
+                        &(s->s3->finish_dgst1),
+                        &(s->s3->finish_dgst2),
+                        sender,slen,s->s3->tmp.finish_md);
+                s->s3->tmp.finish_md_len = i;
+                memcpy(p, s->s3->tmp.finish_md, i);
+                p+=i;
+                l=i;
+
+#ifdef OPENSSL_SYS_WIN16
+                /* MSVC 1.5 does not clear the top bytes of the word unless
+                 * I do this.
+                 */
+                l&=0xffff;
+#endif
+
+                *(d++)=SSL3_MT_FINISHED;
+                l2n3(l,d);
+                s->init_num=(int)l+4;
+                s->init_off=0;
+
+                s->state=b;
+                }
+
+        /* SSL3_ST_SEND_xxxxxx_HELLO_B */
+        return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+        }
+
+int ssl3_get_finished(SSL *s, int a, int b)
+        {
+        int al,i,ok;
+        long n;
+        unsigned char *p;
+
+        /* the mac has already been generated when we received the
+         * change cipher spec message and is in s->s3->tmp.peer_finish_md
+         */ 
+
+        n=ssl3_get_message(s,
+                a,
+                b,
+                SSL3_MT_FINISHED,
+                64, /* should actually be 36+4 :-) */
+                &ok);
+
+        if (!ok) return((int)n);
+
+        /* If this occurs, we have missed a message */
+        if (!s->s3->change_cipher_spec)
+                {
+                al=SSL_AD_UNEXPECTED_MESSAGE;
+                SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_GOT_A_FIN_BEFORE_A_CCS);
+                goto f_err;
+                }
+        s->s3->change_cipher_spec=0;
+
+        p = (unsigned char *)s->init_msg;
+        i = s->s3->tmp.peer_finish_md_len;
+
+        if (i != n)
+                {
+                al=SSL_AD_DECODE_ERROR;
+                SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_BAD_DIGEST_LENGTH);
+                goto f_err;
+                }
+
+        if (memcmp(p, s->s3->tmp.peer_finish_md, i) != 0)
+                {
+                al=SSL_AD_DECRYPT_ERROR;
+                SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED);
+                goto f_err;
+                }
+
+        return(1);
+f_err:
+        ssl3_send_alert(s,SSL3_AL_FATAL,al);
+        return(0);
+        }
+
+/* for these 2 messages, we need to
+ * ssl->enc_read_ctx                    re-init
+ * ssl->s3->read_sequence               zero
+ * ssl->s3->read_mac_secret             re-init
+ * ssl->session->read_sym_enc           assign
+ * ssl->session->read_compression       assign
+ * ssl->session->read_hash              assign
+ */
+int ssl3_send_change_cipher_spec(SSL *s, int a, int b)
+        { 
+        unsigned char *p;
+
+        if (s->state == a)
+                {
+                p=(unsigned char *)s->init_buf->data;
+                *p=SSL3_MT_CCS;
+                s->init_num=1;
+                s->init_off=0;
+
+                s->state=b;
+                }
+
+        /* SSL3_ST_CW_CHANGE_B */
+        return(ssl3_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC));
+        }
+
+unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
+        {
+        unsigned char *p;
+        int n,i;
+        unsigned long l=7;
+        BUF_MEM *buf;
+        X509_STORE_CTX xs_ctx;
+        X509_OBJECT obj;
+
+        int no_chain;
+
+        if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) || s->ctx->extra_certs)
+                no_chain = 1;
+        else
+                no_chain = 0;
+
+        /* TLSv1 sends a chain with nothing in it, instead of an alert */
+        buf=s->init_buf;
+        if (!BUF_MEM_grow_clean(buf,10))
+                {
+                SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
+                return(0);
+                }
+        if (x != NULL)
+                {
+                if(!no_chain && !X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL))
+                        {
+                        SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB);
+                        return(0);
+                        }
+
+                for (;;)
+                        {
+                        n=i2d_X509(x,NULL);
+                        if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))
+                                {
+                                SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
+                                return(0);
+                                }
+                        p=(unsigned char *)&(buf->data[l]);
+                        l2n3(n,p);
+                        i2d_X509(x,&p);
+                        l+=n+3;
+
+                        if (no_chain)
+                                break;
+
+                        if (X509_NAME_cmp(X509_get_subject_name(x),
+                                X509_get_issuer_name(x)) == 0) break;
+
+                        i=X509_STORE_get_by_subject(&xs_ctx,X509_LU_X509,
+                                X509_get_issuer_name(x),&obj);
+                        if (i <= 0) break;
+                        x=obj.data.x509;
+                        /* Count is one too high since the X509_STORE_get uped the
+                         * ref count */
+                        X509_free(x);
+                        }
+                if (!no_chain)
+                        X509_STORE_CTX_cleanup(&xs_ctx);
+                }
+
+        /* Thawte special :-) */
+        if (s->ctx->extra_certs != NULL)
+        for (i=0; i<sk_X509_num(s->ctx->extra_certs); i++)
+                {
+                x=sk_X509_value(s->ctx->extra_certs,i);
+                n=i2d_X509(x,NULL);
+                if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))
+                        {
+                        SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
+                        return(0);
+                        }
+                p=(unsigned char *)&(buf->data[l]);
+                l2n3(n,p);
+                i2d_X509(x,&p);
+                l+=n+3;
+                }
+
+        l-=7;
+        p=(unsigned char *)&(buf->data[4]);
+        l2n3(l,p);
+        l+=3;
+        p=(unsigned char *)&(buf->data[0]);
+        *(p++)=SSL3_MT_CERTIFICATE;
+        l2n3(l,p);
+        l+=4;
+        return(l);
+        }
+
+/* Obtain handshake message of message type 'mt' (any if mt == -1),
+ * maximum acceptable body length 'max'.
+ * The first four bytes (msg_type and length) are read in state 'st1',
+ * the body is read in state 'stn'.
+ */
+long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
+        {
+        unsigned char *p;
+        unsigned long l;
+        long n;
+        int i,al;
+
+        if (s->s3->tmp.reuse_message)
+                {
+                s->s3->tmp.reuse_message=0;
+                if ((mt >= 0) && (s->s3->tmp.message_type != mt))
+                        {
+                        al=SSL_AD_UNEXPECTED_MESSAGE;
+                        SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
+                        goto f_err;
+                        }
+                *ok=1;
+                s->init_msg = s->init_buf->data + 4;
+                s->init_num = (int)s->s3->tmp.message_size;
+                return s->init_num;
+                }
+
+        p=(unsigned char *)s->init_buf->data;
+
+        if (s->state == st1) /* s->init_num < 4 */
+                {
+                int skip_message;
+
+                do
+                        {
+                        while (s->init_num < 4)
+                                {
+                                i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],
+                                        4 - s->init_num, 0);
+                                if (i <= 0)
+                                        {
+                                        s->rwstate=SSL_READING;
+                                        *ok = 0;
+                                        return i;
+                                        }
+                                s->init_num+=i;
+                                }
+                        
+                        skip_message = 0;
+                        if (!s->server)
+                                if (p[0] == SSL3_MT_HELLO_REQUEST)
+                                        /* The server may always send 'Hello Request' messages --
+                                         * we are doing a handshake anyway now, so ignore them
+                                         * if their format is correct. Does not count for
+                                         * 'Finished' MAC. */
+                                        if (p[1] == 0 && p[2] == 0 &&p[3] == 0)
+                                                {
+                                                s->init_num = 0;
+                                                skip_message = 1;
+
+                                                if (s->msg_callback)
+                                                        s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, p, 4, s, s->msg_callback_arg);
+                                                }
+                        }
+                while (skip_message);
+
+                /* s->init_num == 4 */
+
+                if ((mt >= 0) && (*p != mt))
+                        {
+                        al=SSL_AD_UNEXPECTED_MESSAGE;
+                        SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
+                        goto f_err;
+                        }
+                if ((mt < 0) && (*p == SSL3_MT_CLIENT_HELLO) &&
+                                        (st1 == SSL3_ST_SR_CERT_A) &&
+                                        (stn == SSL3_ST_SR_CERT_B))
+                        {
+                        /* At this point we have got an MS SGC second client
+                         * hello (maybe we should always allow the client to
+                         * start a new handshake?). We need to restart the mac.
+                         * Don't increment {num,total}_renegotiations because
+                         * we have not completed the handshake. */
+                        ssl3_init_finished_mac(s);
+                        }
+
+                s->s3->tmp.message_type= *(p++);
+
+                n2l3(p,l);
+                if (l > (unsigned long)max)
+                        {
+                        al=SSL_AD_ILLEGAL_PARAMETER;
+                        SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
+                        goto f_err;
+                        }
+                if (l > (INT_MAX-4)) /* BUF_MEM_grow takes an 'int' parameter */
+                        {
+                        al=SSL_AD_ILLEGAL_PARAMETER;
+                        SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
+                        goto f_err;
+                        }
+                if (l && !BUF_MEM_grow_clean(s->init_buf,(int)l+4))
+                        {
+                        SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB);
+                        goto err;
+                        }
+                s->s3->tmp.message_size=l;
+                s->state=stn;
+
+                s->init_msg = s->init_buf->data + 4;
+                s->init_num = 0;
+                }
+
+        /* next state (stn) */
+        p = s->init_msg;
+        n = s->s3->tmp.message_size - s->init_num;
+        while (n > 0)
+                {
+                i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],n,0);
+                if (i <= 0)
+                        {
+                        s->rwstate=SSL_READING;
+                        *ok = 0;
+                        return i;
+                        }
+                s->init_num += i;
+                n -= i;
+                }
+        ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4);
+        if (s->msg_callback)
+                s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->init_buf->data, (size_t)s->init_num + 4, s, s->msg_callback_arg);
+        *ok=1;
+        return s->init_num;
+f_err:
+        ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+        *ok=0;
+        return(-1);
+        }
+
+int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
+        {
+        EVP_PKEY *pk;
+        int ret= -1,i,j;
+
+        if (pkey == NULL)
+                pk=X509_get_pubkey(x);
+        else
+                pk=pkey;
+        if (pk == NULL) goto err;
+
+        i=pk->type;
+        if (i == EVP_PKEY_RSA)
+                {
+                ret=SSL_PKEY_RSA_ENC;
+                if (x != NULL)
+                        {
+                        j=X509_get_ext_count(x);
+                        /* check to see if this is a signing only certificate */
+                        /* EAY EAY EAY EAY */
+                        }
+                }
+        else if (i == EVP_PKEY_DSA)
+                {
+                ret=SSL_PKEY_DSA_SIGN;
+                }
+        else if (i == EVP_PKEY_DH)
+                {
+                /* if we just have a key, we needs to be guess */
+
+                if (x == NULL)
+                        ret=SSL_PKEY_DH_DSA;
+                else
+                        {
+                        j=X509_get_signature_type(x);
+                        if (j == EVP_PKEY_RSA)
+                                ret=SSL_PKEY_DH_RSA;
+                        else if (j== EVP_PKEY_DSA)
+                                ret=SSL_PKEY_DH_DSA;
+                        else ret= -1;
+                        }
+                }
+        else
+                ret= -1;
+
+err:
+        if(!pkey) EVP_PKEY_free(pk);
+        return(ret);
+        }
+
+int ssl_verify_alarm_type(long type)
+        {
+        int al;
+
+        switch(type)
+                {
+        case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+        case X509_V_ERR_UNABLE_TO_GET_CRL:
+        case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
+                al=SSL_AD_UNKNOWN_CA;
+                break;
+        case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
+        case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
+        case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
+        case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+        case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+        case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
+        case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
+        case X509_V_ERR_CERT_NOT_YET_VALID:
+        case X509_V_ERR_CRL_NOT_YET_VALID:
+        case X509_V_ERR_CERT_UNTRUSTED:
+        case X509_V_ERR_CERT_REJECTED:
+                al=SSL_AD_BAD_CERTIFICATE;
+                break;
+        case X509_V_ERR_CERT_SIGNATURE_FAILURE:
+        case X509_V_ERR_CRL_SIGNATURE_FAILURE:
+                al=SSL_AD_DECRYPT_ERROR;
+                break;
+        case X509_V_ERR_CERT_HAS_EXPIRED:
+        case X509_V_ERR_CRL_HAS_EXPIRED:
+                al=SSL_AD_CERTIFICATE_EXPIRED;
+                break;
+        case X509_V_ERR_CERT_REVOKED:
+                al=SSL_AD_CERTIFICATE_REVOKED;
+                break;
+        case X509_V_ERR_OUT_OF_MEM:
+                al=SSL_AD_INTERNAL_ERROR;
+                break;
+        case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+        case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
+        case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
+        case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
+        case X509_V_ERR_CERT_CHAIN_TOO_LONG:
+        case X509_V_ERR_PATH_LENGTH_EXCEEDED:
+        case X509_V_ERR_INVALID_CA:
+                al=SSL_AD_UNKNOWN_CA;
+                break;
+        case X509_V_ERR_APPLICATION_VERIFICATION:
+                al=SSL_AD_HANDSHAKE_FAILURE;
+                break;
+        case X509_V_ERR_INVALID_PURPOSE:
+                al=SSL_AD_UNSUPPORTED_CERTIFICATE;
+                break;
+        default:
+                al=SSL_AD_CERTIFICATE_UNKNOWN;
+                break;
+                }
+        return(al);
+        }
+
+int ssl3_setup_buffers(SSL *s)
+        {
+        unsigned char *p;
+        unsigned int extra;
+        size_t len;
+
+        if (s->s3->rbuf.buf == NULL)
+                {
+                if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
+                        extra=SSL3_RT_MAX_EXTRA;
+                else
+                        extra=0;
+                len = SSL3_RT_MAX_PACKET_SIZE + extra;
+                if ((p=OPENSSL_malloc(len)) == NULL)
+                        goto err;
+                s->s3->rbuf.buf = p;
+                s->s3->rbuf.len = len;
+                }
+
+        if (s->s3->wbuf.buf == NULL)
+                {
+                len = SSL3_RT_MAX_PACKET_SIZE;
+                len += SSL3_RT_HEADER_LENGTH + 256; /* extra space for empty fragment */
+                if ((p=OPENSSL_malloc(len)) == NULL)
+                        goto err;
+                s->s3->wbuf.buf = p;
+                s->s3->wbuf.len = len;
+                }
+        s->packet= &(s->s3->rbuf.buf[0]);
+        return(1);
+err:
+        SSLerr(SSL_F_SSL3_SETUP_BUFFERS,ERR_R_MALLOC_FAILURE);
+        return(0);
+        }
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
new file mode 100644
index 0000000000..ebf83b0322
--- /dev/null
+++ b/src/lib/libssl/s3_clnt.c
@@ -0,0 +1,1985 @@
+/* ssl/s3_clnt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include "kssl_lcl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/md5.h>
+#include <openssl/fips.h>
+
+static SSL_METHOD *ssl3_get_client_method(int ver);
+static int ssl3_client_hello(SSL *s);
+static int ssl3_get_server_hello(SSL *s);
+static int ssl3_get_certificate_request(SSL *s);
+static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b);
+static int ssl3_get_server_done(SSL *s);
+static int ssl3_send_client_verify(SSL *s);
+static int ssl3_send_client_certificate(SSL *s);
+static int ssl3_send_client_key_exchange(SSL *s);
+static int ssl3_get_key_exchange(SSL *s);
+static int ssl3_get_server_certificate(SSL *s);
+static int ssl3_check_cert_and_algorithm(SSL *s);
+static SSL_METHOD *ssl3_get_client_method(int ver)
+        {
+        if (ver == SSL3_VERSION)
+                return(SSLv3_client_method());
+        else
+                return(NULL);
+        }
+
+SSL_METHOD *SSLv3_client_method(void)
+        {
+        static int init=1;
+        static SSL_METHOD SSLv3_client_data;
+
+        if (init)
+                {
+                CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
+
+                if (init)
+                        {
+                        memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(),
+                                sizeof(SSL_METHOD));
+                        SSLv3_client_data.ssl_connect=ssl3_connect;
+                        SSLv3_client_data.get_ssl_method=ssl3_get_client_method;
+                        init=0;
+                        }
+
+                CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
+                }
+        return(&SSLv3_client_data);
+        }
+
+int ssl3_connect(SSL *s)
+        {
+        BUF_MEM *buf=NULL;
+        unsigned long Time=time(NULL),l;
+        long num1;
+        void (*cb)(const SSL *ssl,int type,int val)=NULL;
+        int ret= -1;
+        int new_state,state,skip=0;
+
+        RAND_add(&Time,sizeof(Time),0);
+        ERR_clear_error();
+        clear_sys_error();
+
+        if (s->info_callback != NULL)
+                cb=s->info_callback;
+        else if (s->ctx->info_callback != NULL)
+                cb=s->ctx->info_callback;
+        
+        s->in_handshake++;
+        if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 
+
+        for (;;)
+                {
+                state=s->state;
+
+                switch(s->state)
+                        {
+                case SSL_ST_RENEGOTIATE:
+                        s->new_session=1;
+                        s->state=SSL_ST_CONNECT;
+                        s->ctx->stats.sess_connect_renegotiate++;
+                        /* break */
+                case SSL_ST_BEFORE:
+                case SSL_ST_CONNECT:
+                case SSL_ST_BEFORE|SSL_ST_CONNECT:
+                case SSL_ST_OK|SSL_ST_CONNECT:
+
+                        s->server=0;
+                        if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
+
+                        if ((s->version & 0xff00 ) != 0x0300)
+                                {
+                                SSLerr(SSL_F_SSL3_CONNECT, ERR_R_INTERNAL_ERROR);
+                                ret = -1;
+                                goto end;
+                                }
+                                
+                        /* s->version=SSL3_VERSION; */
+                        s->type=SSL_ST_CONNECT;
+
+                        if (s->init_buf == NULL)
+                                {
+                                if ((buf=BUF_MEM_new()) == NULL)
+                                        {
+                                        ret= -1;
+                                        goto end;
+                                        }
+                                if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
+                                        {
+                                        ret= -1;
+                                        goto end;
+                                        }
+                                s->init_buf=buf;
+                                buf=NULL;
+                                }
+
+                        if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
+
+                        /* setup buffing BIO */
+                        if (!ssl_init_wbio_buffer(s,0)) { ret= -1; goto end; }
+
+                        /* don't push the buffering BIO quite yet */
+
+                        ssl3_init_finished_mac(s);
+
+                        s->state=SSL3_ST_CW_CLNT_HELLO_A;
+                        s->ctx->stats.sess_connect++;
+                        s->init_num=0;
+                        break;
+
+                case SSL3_ST_CW_CLNT_HELLO_A:
+                case SSL3_ST_CW_CLNT_HELLO_B:
+
+                        s->shutdown=0;
+                        ret=ssl3_client_hello(s);
+                        if (ret <= 0) goto end;
+                        s->state=SSL3_ST_CR_SRVR_HELLO_A;
+                        s->init_num=0;
+
+                        /* turn on buffering for the next lot of output */
+                        if (s->bbio != s->wbio)
+                                s->wbio=BIO_push(s->bbio,s->wbio);
+
+                        break;
+
+                case SSL3_ST_CR_SRVR_HELLO_A:
+                case SSL3_ST_CR_SRVR_HELLO_B:
+                        ret=ssl3_get_server_hello(s);
+                        if (ret <= 0) goto end;
+                        if (s->hit)
+                                s->state=SSL3_ST_CR_FINISHED_A;
+                        else
+                                s->state=SSL3_ST_CR_CERT_A;
+                        s->init_num=0;
+                        break;
+
+                case SSL3_ST_CR_CERT_A:
+                case SSL3_ST_CR_CERT_B:
+                        /* Check if it is anon DH */
+                        if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
+                                {
+                                ret=ssl3_get_server_certificate(s);
+                                if (ret <= 0) goto end;
+                                }
+                        else
+                                skip=1;
+                        s->state=SSL3_ST_CR_KEY_EXCH_A;
+                        s->init_num=0;
+                        break;
+
+                case SSL3_ST_CR_KEY_EXCH_A:
+                case SSL3_ST_CR_KEY_EXCH_B:
+                        ret=ssl3_get_key_exchange(s);
+                        if (ret <= 0) goto end;
+                        s->state=SSL3_ST_CR_CERT_REQ_A;
+                        s->init_num=0;
+
+                        /* at this point we check that we have the
+                         * required stuff from the server */
+                        if (!ssl3_check_cert_and_algorithm(s))
+                                {
+                                ret= -1;
+                                goto end;
+                                }
+                        break;
+
+                case SSL3_ST_CR_CERT_REQ_A:
+                case SSL3_ST_CR_CERT_REQ_B:
+                        ret=ssl3_get_certificate_request(s);
+                        if (ret <= 0) goto end;
+                        s->state=SSL3_ST_CR_SRVR_DONE_A;
+                        s->init_num=0;
+                        break;
+
+                case SSL3_ST_CR_SRVR_DONE_A:
+                case SSL3_ST_CR_SRVR_DONE_B:
+                        ret=ssl3_get_server_done(s);
+                        if (ret <= 0) goto end;
+                        if (s->s3->tmp.cert_req)
+                                s->state=SSL3_ST_CW_CERT_A;
+                        else
+                                s->state=SSL3_ST_CW_KEY_EXCH_A;
+                        s->init_num=0;
+
+                        break;
+
+                case SSL3_ST_CW_CERT_A:
+                case SSL3_ST_CW_CERT_B:
+                case SSL3_ST_CW_CERT_C:
+                case SSL3_ST_CW_CERT_D:
+                        ret=ssl3_send_client_certificate(s);
+                        if (ret <= 0) goto end;
+                        s->state=SSL3_ST_CW_KEY_EXCH_A;
+                        s->init_num=0;
+                        break;
+
+                case SSL3_ST_CW_KEY_EXCH_A:
+                case SSL3_ST_CW_KEY_EXCH_B:
+                        ret=ssl3_send_client_key_exchange(s);
+                        if (ret <= 0) goto end;
+                        l=s->s3->tmp.new_cipher->algorithms;
+                        /* EAY EAY EAY need to check for DH fix cert
+                         * sent back */
+                        /* For TLS, cert_req is set to 2, so a cert chain
+                         * of nothing is sent, but no verify packet is sent */
+                        if (s->s3->tmp.cert_req == 1)
+                                {
+                                s->state=SSL3_ST_CW_CERT_VRFY_A;
+                                }
+                        else
+                                {
+                                s->state=SSL3_ST_CW_CHANGE_A;
+                                s->s3->change_cipher_spec=0;
+                                }
+
+                        s->init_num=0;
+                        break;
+
+                case SSL3_ST_CW_CERT_VRFY_A:
+                case SSL3_ST_CW_CERT_VRFY_B:
+                        ret=ssl3_send_client_verify(s);
+                        if (ret <= 0) goto end;
+                        s->state=SSL3_ST_CW_CHANGE_A;
+                        s->init_num=0;
+                        s->s3->change_cipher_spec=0;
+                        break;
+
+                case SSL3_ST_CW_CHANGE_A:
+                case SSL3_ST_CW_CHANGE_B:
+                        ret=ssl3_send_change_cipher_spec(s,
+                                SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
+                        if (ret <= 0) goto end;
+                        s->state=SSL3_ST_CW_FINISHED_A;
+                        s->init_num=0;
+
+                        s->session->cipher=s->s3->tmp.new_cipher;
+                        if (s->s3->tmp.new_compression == NULL)
+                                s->session->compress_meth=0;
+                        else
+                                s->session->compress_meth=
+                                        s->s3->tmp.new_compression->id;
+                        if (!s->method->ssl3_enc->setup_key_block(s))
+                                {
+                                ret= -1;
+                                goto end;
+                                }
+
+                        if (!s->method->ssl3_enc->change_cipher_state(s,
+                                SSL3_CHANGE_CIPHER_CLIENT_WRITE))
+                                {
+                                ret= -1;
+                                goto end;
+                                }
+
+                        break;
+
+                case SSL3_ST_CW_FINISHED_A:
+                case SSL3_ST_CW_FINISHED_B:
+                        ret=ssl3_send_finished(s,
+                                SSL3_ST_CW_FINISHED_A,SSL3_ST_CW_FINISHED_B,
+                                s->method->ssl3_enc->client_finished_label,
+                                s->method->ssl3_enc->client_finished_label_len);
+                        if (ret <= 0) goto end;
+                        s->state=SSL3_ST_CW_FLUSH;
+
+                        /* clear flags */
+                        s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
+                        if (s->hit)
+                                {
+                                s->s3->tmp.next_state=SSL_ST_OK;
+                                if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED)
+                                        {
+                                        s->state=SSL_ST_OK;
+                                        s->s3->flags|=SSL3_FLAGS_POP_BUFFER;
+                                        s->s3->delay_buf_pop_ret=0;
+                                        }
+                                }
+                        else
+                                {
+                                s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A;
+                                }
+                        s->init_num=0;
+                        break;
+
+                case SSL3_ST_CR_FINISHED_A:
+                case SSL3_ST_CR_FINISHED_B:
+
+                        ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A,
+                                SSL3_ST_CR_FINISHED_B);
+                        if (ret <= 0) goto end;
+
+                        if (s->hit)
+                                s->state=SSL3_ST_CW_CHANGE_A;
+                        else
+                                s->state=SSL_ST_OK;
+                        s->init_num=0;
+                        break;
+
+                case SSL3_ST_CW_FLUSH:
+                        /* number of bytes to be flushed */
+                        num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
+                        if (num1 > 0)
+                                {
+                                s->rwstate=SSL_WRITING;
+                                num1=BIO_flush(s->wbio);
+                                if (num1 <= 0) { ret= -1; goto end; }
+                                s->rwstate=SSL_NOTHING;
+                                }
+
+                        s->state=s->s3->tmp.next_state;
+                        break;
+
+                case SSL_ST_OK:
+                        /* clean a few things up */
+                        ssl3_cleanup_key_block(s);
+
+                        if (s->init_buf != NULL)
+                                {
+                                BUF_MEM_free(s->init_buf);
+                                s->init_buf=NULL;
+                                }
+
+                        /* If we are not 'joining' the last two packets,
+                         * remove the buffering now */
+                        if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
+                                ssl_free_wbio_buffer(s);
+                        /* else do it later in ssl3_write */
+
+                        s->init_num=0;
+                        s->new_session=0;
+
+                        ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);
+                        if (s->hit) s->ctx->stats.sess_hit++;
+
+                        ret=1;
+                        /* s->server=0; */
+                        s->handshake_func=ssl3_connect;
+                        s->ctx->stats.sess_connect_good++;
+
+                        if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
+
+                        goto end;
+                        /* break; */
+                        
+                default:
+                        SSLerr(SSL_F_SSL3_CONNECT,SSL_R_UNKNOWN_STATE);
+                        ret= -1;
+                        goto end;
+                        /* break; */
+                        }
+
+                /* did we do anything */
+                if (!s->s3->tmp.reuse_message && !skip)
+                        {
+                        if (s->debug)
+                                {
+                                if ((ret=BIO_flush(s->wbio)) <= 0)
+                                        goto end;
+                                }
+
+                        if ((cb != NULL) && (s->state != state))
+                                {
+                                new_state=s->state;
+                                s->state=state;
+                                cb(s,SSL_CB_CONNECT_LOOP,1);
+                                s->state=new_state;
+                                }
+                        }
+                skip=0;
+                }
+end:
+        s->in_handshake--;
+        if (buf != NULL)
+                BUF_MEM_free(buf);
+        if (cb != NULL)
+                cb(s,SSL_CB_CONNECT_EXIT,ret);
+        return(ret);
+        }
+
+
+static int ssl3_client_hello(SSL *s)
+        {
+        unsigned char *buf;
+        unsigned char *p,*d;
+        int i,j;
+        unsigned long Time,l;
+        SSL_COMP *comp;
+
+        buf=(unsigned char *)s->init_buf->data;
+        if (s->state == SSL3_ST_CW_CLNT_HELLO_A)
+                {
+                if ((s->session == NULL) ||
+                        (s->session->ssl_version != s->version) ||
+                        (s->session->not_resumable))
+                        {
+                        if (!ssl_get_new_session(s,0))
+                                goto err;
+                        }
+                /* else use the pre-loaded session */
+
+                p=s->s3->client_random;
+                Time=time(NULL);                        /* Time */
+                l2n(Time,p);
+                if(RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
+                    goto err;
+
+                /* Do the message type and length last */
+                d=p= &(buf[4]);
+
+                *(p++)=s->version>>8;
+                *(p++)=s->version&0xff;
+                s->client_version=s->version;
+
+                /* Random stuff */
+                memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
+                p+=SSL3_RANDOM_SIZE;
+
+                /* Session ID */
+                if (s->new_session)
+                        i=0;
+                else
+                        i=s->session->session_id_length;
+                *(p++)=i;
+                if (i != 0)
+                        {
+                        if (i > sizeof s->session->session_id)
+                                {
+                                SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+                                goto err;
+                                }
+                        memcpy(p,s->session->session_id,i);
+                        p+=i;
+                        }
+                
+                /* Ciphers supported */
+                i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]));
+                if (i == 0)
+                        {
+                        SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
+                        goto err;
+                        }
+                s2n(i,p);
+                p+=i;
+
+                /* COMPRESSION */
+                if (s->ctx->comp_methods == NULL)
+                        j=0;
+                else
+                        j=sk_SSL_COMP_num(s->ctx->comp_methods);
+                *(p++)=1+j;
+                for (i=0; i<j; i++)
+                        {
+                        comp=sk_SSL_COMP_value(s->ctx->comp_methods,i);
+                        *(p++)=comp->id;
+                        }
+                *(p++)=0; /* Add the NULL method */
+                
+                l=(p-d);
+                d=buf;
+                *(d++)=SSL3_MT_CLIENT_HELLO;
+                l2n3(l,d);
+
+                s->state=SSL3_ST_CW_CLNT_HELLO_B;
+                /* number of bytes to write */
+                s->init_num=p-buf;
+                s->init_off=0;
+                }
+
+        /* SSL3_ST_CW_CLNT_HELLO_B */
+        return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+err:
+        return(-1);
+        }
+
+static int ssl3_get_server_hello(SSL *s)
+        {
+        STACK_OF(SSL_CIPHER) *sk;
+        SSL_CIPHER *c;
+        unsigned char *p,*d;
+        int i,al,ok;
+        unsigned int j;
+        long n;
+        SSL_COMP *comp;
+
+        n=ssl3_get_message(s,
+                SSL3_ST_CR_SRVR_HELLO_A,
+                SSL3_ST_CR_SRVR_HELLO_B,
+                SSL3_MT_SERVER_HELLO,
+                300, /* ?? */
+                &ok);
+
+        if (!ok) return((int)n);
+        d=p=(unsigned char *)s->init_msg;
+
+        if ((p[0] != (s->version>>8)) || (p[1] != (s->version&0xff)))
+                {
+                SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_SSL_VERSION);
+                s->version=(s->version&0xff00)|p[1];
+                al=SSL_AD_PROTOCOL_VERSION;
+                goto f_err;
+                }
+        p+=2;
+
+        /* load the server hello data */
+        /* load the server random */
+        memcpy(s->s3->server_random,p,SSL3_RANDOM_SIZE);
+        p+=SSL3_RANDOM_SIZE;
+
+        /* get the session-id */
+        j= *(p++);
+
+        if ((j > sizeof s->session->session_id) || (j > SSL3_SESSION_ID_SIZE))
+                {
+                al=SSL_AD_ILLEGAL_PARAMETER;
+                SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_LONG);
+                goto f_err;
+                }
+
+        if (j != 0 && j == s->session->session_id_length
+            && memcmp(p,s->session->session_id,j) == 0)
+            {
+            if(s->sid_ctx_length != s->session->sid_ctx_length
+               || memcmp(s->session->sid_ctx,s->sid_ctx,s->sid_ctx_length))
+                {
+                /* actually a client application bug */
+                al=SSL_AD_ILLEGAL_PARAMETER;
+                SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
+                goto f_err;
+                }
+            s->hit=1;
+            }
+        else    /* a miss or crap from the other end */
+                {
+                /* If we were trying for session-id reuse, make a new
+                 * SSL_SESSION so we don't stuff up other people */
+                s->hit=0;
+                if (s->session->session_id_length > 0)
+                        {
+                        if (!ssl_get_new_session(s,0))
+                                {
+                                al=SSL_AD_INTERNAL_ERROR;
+                                goto f_err;
+                                }
+                        }
+                s->session->session_id_length=j;
+                memcpy(s->session->session_id,p,j); /* j could be 0 */
+                }
+        p+=j;
+        c=ssl_get_cipher_by_char(s,p);
+        if (c == NULL)
+                {
+                /* unknown cipher */
+                al=SSL_AD_ILLEGAL_PARAMETER;
+                SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNKNOWN_CIPHER_RETURNED);
+                goto f_err;
+                }
+        p+=ssl_put_cipher_by_char(s,NULL,NULL);
+
+        sk=ssl_get_ciphers_by_id(s);
+        i=sk_SSL_CIPHER_find(sk,c);
+        if (i < 0)
+                {
+                /* we did not say we would use this cipher */
+                al=SSL_AD_ILLEGAL_PARAMETER;
+                SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED);
+                goto f_err;
+                }
+
+        /* Depending on the session caching (internal/external), the cipher
+           and/or cipher_id values may not be set. Make sure that
+           cipher_id is set and use it for comparison. */
+        if (s->session->cipher)
+                s->session->cipher_id = s->session->cipher->id;
+        if (s->hit && (s->session->cipher_id != c->id))
+                {
+                if (!(s->options &
+                        SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
+                        {
+                        al=SSL_AD_ILLEGAL_PARAMETER;
+                        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
+                        goto f_err;
+                        }
+                }
+        s->s3->tmp.new_cipher=c;
+
+        /* lets get the compression algorithm */
+        /* COMPRESSION */
+        j= *(p++);
+        if (j == 0)
+                comp=NULL;
+        else
+                comp=ssl3_comp_find(s->ctx->comp_methods,j);
+        
+        if ((j != 0) && (comp == NULL))
+                {
+                al=SSL_AD_ILLEGAL_PARAMETER;
+                SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
+                goto f_err;
+                }
+        else
+                {
+                s->s3->tmp.new_compression=comp;
+                }
+
+        if (p != (d+n))
+                {
+                /* wrong packet length */
+                al=SSL_AD_DECODE_ERROR;
+                SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_BAD_PACKET_LENGTH);
+                goto err;
+                }
+
+        return(1);
+f_err:
+        ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+        return(-1);
+        }
+
+static int ssl3_get_server_certificate(SSL *s)
+        {
+        int al,i,ok,ret= -1;
+        unsigned long n,nc,llen,l;
+        X509 *x=NULL;
+        unsigned char *p,*d,*q;
+        STACK_OF(X509) *sk=NULL;
+        SESS_CERT *sc;
+        EVP_PKEY *pkey=NULL;
+        int need_cert = 1; /* VRS: 0=> will allow null cert if auth == KRB5 */
+
+        n=ssl3_get_message(s,
+                SSL3_ST_CR_CERT_A,
+                SSL3_ST_CR_CERT_B,
+                -1,
+                s->max_cert_list,
+                &ok);
+
+        if (!ok) return((int)n);
+
+        if (s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE)
+                {
+                s->s3->tmp.reuse_message=1;
+                return(1);
+                }
+
+        if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE)
+                {
+                al=SSL_AD_UNEXPECTED_MESSAGE;
+                SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_BAD_MESSAGE_TYPE);
+                goto f_err;
+                }
+        d=p=(unsigned char *)s->init_msg;
+
+        if ((sk=sk_X509_new_null()) == NULL)
+                {
+                SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+                goto err;
+                }
+
+        n2l3(p,llen);
+        if (llen+3 != n)
+                {
+                al=SSL_AD_DECODE_ERROR;
+                SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_LENGTH_MISMATCH);
+                goto f_err;
+                }
+        for (nc=0; nc<llen; )
+                {
+                n2l3(p,l);
+                if ((l+nc+3) > llen)
+                        {
+                        al=SSL_AD_DECODE_ERROR;
+                        SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
+                        goto f_err;
+                        }
+
+                q=p;
+                x=d2i_X509(NULL,&q,l);
+                if (x == NULL)
+                        {
+                        al=SSL_AD_BAD_CERTIFICATE;
+                        SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_ASN1_LIB);
+                        goto f_err;
+                        }
+                if (q != (p+l))
+                        {
+                        al=SSL_AD_DECODE_ERROR;
+                        SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
+                        goto f_err;
+                        }
+                if (!sk_X509_push(sk,x))
+                        {
+                        SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+                        goto err;
+                        }
+                x=NULL;
+                nc+=l+3;
+                p=q;
+                }
+
+        i=ssl_verify_cert_chain(s,sk);
+        if ((s->verify_mode != SSL_VERIFY_NONE) && (!i)
+#ifndef OPENSSL_NO_KRB5
+                && (s->s3->tmp.new_cipher->algorithms & (SSL_MKEY_MASK|SSL_AUTH_MASK))
+                != (SSL_aKRB5|SSL_kKRB5)
+#endif /* OPENSSL_NO_KRB5 */
+                )
+                {
+                al=ssl_verify_alarm_type(s->verify_result);
+                SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
+                goto f_err; 
+                }
+        ERR_clear_error(); /* but we keep s->verify_result */
+
+        sc=ssl_sess_cert_new();
+        if (sc == NULL) goto err;
+
+        if (s->session->sess_cert) ssl_sess_cert_free(s->session->sess_cert);
+        s->session->sess_cert=sc;
+
+        sc->cert_chain=sk;
+        /* Inconsistency alert: cert_chain does include the peer's
+         * certificate, which we don't include in s3_srvr.c */
+        x=sk_X509_value(sk,0);
+        sk=NULL;
+        /* VRS 19990621: possible memory leak; sk=null ==> !sk_pop_free() @end*/
+
+        pkey=X509_get_pubkey(x);
+
+        /* VRS: allow null cert if auth == KRB5 */
+        need_cert =     ((s->s3->tmp.new_cipher->algorithms
+                        & (SSL_MKEY_MASK|SSL_AUTH_MASK))
+                        == (SSL_aKRB5|SSL_kKRB5))? 0: 1;
+
+#ifdef KSSL_DEBUG
+        printf("pkey,x = %p, %p\n", pkey,x);
+        printf("ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x,pkey));
+        printf("cipher, alg, nc = %s, %lx, %d\n", s->s3->tmp.new_cipher->name,
+                s->s3->tmp.new_cipher->algorithms, need_cert);
+#endif    /* KSSL_DEBUG */
+
+        if (need_cert && ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey)))
+                {
+                x=NULL;
+                al=SSL3_AL_FATAL;
+                SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+                        SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS);
+                goto f_err;
+                }
+
+        i=ssl_cert_type(x,pkey);
+        if (need_cert && i < 0)
+                {
+                x=NULL;
+                al=SSL3_AL_FATAL;
+                SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+                        SSL_R_UNKNOWN_CERTIFICATE_TYPE);
+                goto f_err;
+                }
+
+        if (need_cert)
+                {
+                sc->peer_cert_type=i;
+                CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
+                /* Why would the following ever happen?
+                 * We just created sc a couple of lines ago. */
+                if (sc->peer_pkeys[i].x509 != NULL)
+                        X509_free(sc->peer_pkeys[i].x509);
+                sc->peer_pkeys[i].x509=x;
+                sc->peer_key= &(sc->peer_pkeys[i]);
+
+                if (s->session->peer != NULL)
+                        X509_free(s->session->peer);
+                CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
+                s->session->peer=x;
+                }
+        else
+                {
+                sc->peer_cert_type=i;
+                sc->peer_key= NULL;
+
+                if (s->session->peer != NULL)
+                        X509_free(s->session->peer);
+                s->session->peer=NULL;
+                }
+        s->session->verify_result = s->verify_result;
+
+        x=NULL;
+        ret=1;
+
+        if (0)
+                {
+f_err:
+                ssl3_send_alert(s,SSL3_AL_FATAL,al);
+                }
+err:
+        EVP_PKEY_free(pkey);
+        X509_free(x);
+        sk_X509_pop_free(sk,X509_free);
+        return(ret);
+        }
+
+static int ssl3_get_key_exchange(SSL *s)
+        {
+#ifndef OPENSSL_NO_RSA
+        unsigned char *q,md_buf[EVP_MAX_MD_SIZE*2];
+#endif
+        EVP_MD_CTX md_ctx;
+        unsigned char *param,*p;
+        int al,i,j,param_len,ok;
+        long n,alg;
+        EVP_PKEY *pkey=NULL;
+#ifndef OPENSSL_NO_RSA
+        RSA *rsa=NULL;
+#endif
+#ifndef OPENSSL_NO_DH
+        DH *dh=NULL;
+#endif
+
+        /* use same message size as in ssl3_get_certificate_request()
+         * as ServerKeyExchange message may be skipped */
+        n=ssl3_get_message(s,
+                SSL3_ST_CR_KEY_EXCH_A,
+                SSL3_ST_CR_KEY_EXCH_B,
+                -1,
+                s->max_cert_list,
+                &ok);
+
+        if (!ok) return((int)n);
+
+        if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE)
+                {
+                s->s3->tmp.reuse_message=1;
+                return(1);
+                }
+
+        param=p=(unsigned char *)s->init_msg;
+
+        if (s->session->sess_cert != NULL)
+                {
+#ifndef OPENSSL_NO_RSA
+                if (s->session->sess_cert->peer_rsa_tmp != NULL)
+                        {
+                        RSA_free(s->session->sess_cert->peer_rsa_tmp);
+                        s->session->sess_cert->peer_rsa_tmp=NULL;
+                        }
+#endif
+#ifndef OPENSSL_NO_DH
+                if (s->session->sess_cert->peer_dh_tmp)
+                        {
+                        DH_free(s->session->sess_cert->peer_dh_tmp);
+                        s->session->sess_cert->peer_dh_tmp=NULL;
+                        }
+#endif
+                }
+        else
+                {
+                s->session->sess_cert=ssl_sess_cert_new();
+                }
+
+        param_len=0;
+        alg=s->s3->tmp.new_cipher->algorithms;
+        EVP_MD_CTX_init(&md_ctx);
+
+#ifndef OPENSSL_NO_RSA
+        if (alg & SSL_kRSA)
+                {
+                if ((rsa=RSA_new()) == NULL)
+                        {
+                        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
+                        goto err;
+                        }
+                n2s(p,i);
+                param_len=i+2;
+                if (param_len > n)
+                        {
+                        al=SSL_AD_DECODE_ERROR;
+                        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_MODULUS_LENGTH);
+                        goto f_err;
+                        }
+                if (!(rsa->n=BN_bin2bn(p,i,rsa->n)))
+                        {
+                        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+                        goto err;
+                        }
+                p+=i;
+
+                n2s(p,i);
+                param_len+=i+2;
+                if (param_len > n)
+                        {
+                        al=SSL_AD_DECODE_ERROR;
+                        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_E_LENGTH);
+                        goto f_err;
+                        }
+                if (!(rsa->e=BN_bin2bn(p,i,rsa->e)))
+                        {
+                        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+                        goto err;
+                        }
+                p+=i;
+                n-=param_len;
+
+                /* this should be because we are using an export cipher */
+                if (alg & SSL_aRSA)
+                        pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
+                else
+                        {
+                        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
+                        goto err;
+                        }
+                s->session->sess_cert->peer_rsa_tmp=rsa;
+                rsa=NULL;
+                }
+#else /* OPENSSL_NO_RSA */
+        if (0)
+                ;
+#endif
+#ifndef OPENSSL_NO_DH
+        else if (alg & SSL_kEDH)
+                {
+                if ((dh=DH_new()) == NULL)
+                        {
+                        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_DH_LIB);
+                        goto err;
+                        }
+                n2s(p,i);
+                param_len=i+2;
+                if (param_len > n)
+                        {
+                        al=SSL_AD_DECODE_ERROR;
+                        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_P_LENGTH);
+                        goto f_err;
+                        }
+                if (!(dh->p=BN_bin2bn(p,i,NULL)))
+                        {
+                        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+                        goto err;
+                        }
+                p+=i;
+
+                n2s(p,i);
+                param_len+=i+2;
+                if (param_len > n)
+                        {
+                        al=SSL_AD_DECODE_ERROR;
+                        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_G_LENGTH);
+                        goto f_err;
+                        }
+                if (!(dh->g=BN_bin2bn(p,i,NULL)))
+                        {
+                        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+                        goto err;
+                        }
+                p+=i;
+
+                n2s(p,i);
+                param_len+=i+2;
+                if (param_len > n)
+                        {
+                        al=SSL_AD_DECODE_ERROR;
+                        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_PUB_KEY_LENGTH);
+                        goto f_err;
+                        }
+                if (!(dh->pub_key=BN_bin2bn(p,i,NULL)))
+                        {
+                        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+                        goto err;
+                        }
+                p+=i;
+                n-=param_len;
+
+#ifndef OPENSSL_NO_RSA
+                if (alg & SSL_aRSA)
+                        pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
+#else
+                if (0)
+                        ;
+#endif
+#ifndef OPENSSL_NO_DSA
+                else if (alg & SSL_aDSS)
+                        pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].x509);
+#endif
+                /* else anonymous DH, so no certificate or pkey. */
+
+                s->session->sess_cert->peer_dh_tmp=dh;
+                dh=NULL;
+                }
+        else if ((alg & SSL_kDHr) || (alg & SSL_kDHd))
+                {
+                al=SSL_AD_ILLEGAL_PARAMETER;
+                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
+                goto f_err;
+                }
+#endif /* !OPENSSL_NO_DH */
+        if (alg & SSL_aFZA)
+                {
+                al=SSL_AD_HANDSHAKE_FAILURE;
+                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
+                goto f_err;
+                }
+
+
+        /* p points to the next byte, there are 'n' bytes left */
+
+
+        /* if it was signed, check the signature */
+        if (pkey != NULL)
+                {
+                n2s(p,i);
+                n-=2;
+                j=EVP_PKEY_size(pkey);
+
+                if ((i != n) || (n > j) || (n <= 0))
+                        {
+                        /* wrong packet length */
+                        al=SSL_AD_DECODE_ERROR;
+                        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_WRONG_SIGNATURE_LENGTH);
+                        goto f_err;
+                        }
+
+#ifndef OPENSSL_NO_RSA
+                if (pkey->type == EVP_PKEY_RSA)
+                        {
+                        int num;
+
+                        j=0;
+                        q=md_buf;
+                        for (num=2; num > 0; num--)
+                                {
+                                EVP_MD_CTX_set_flags(&md_ctx,
+                                        EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+                                EVP_DigestInit_ex(&md_ctx,(num == 2)
+                                        ?s->ctx->md5:s->ctx->sha1, NULL);
+                                EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
+                                EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
+                                EVP_DigestUpdate(&md_ctx,param,param_len);
+                                
+                                EVP_DigestFinal_ex(&md_ctx,q,(unsigned int *)&i);
+                                q+=i;
+                                j+=i;
+                                }
+                        i=RSA_verify(NID_md5_sha1, md_buf, j, p, n,
+                                                                pkey->pkey.rsa);
+                        if (i < 0)
+                                {
+                                al=SSL_AD_DECRYPT_ERROR;
+                                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT);
+                                goto f_err;
+                                }
+                        if (i == 0)
+                                {
+                                /* bad signature */
+                                al=SSL_AD_DECRYPT_ERROR;
+                                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE);
+                                goto f_err;
+                                }
+                        }
+                else
+#endif
+#ifndef OPENSSL_NO_DSA
+                        if (pkey->type == EVP_PKEY_DSA)
+                        {
+                        /* lets do DSS */
+                        EVP_VerifyInit_ex(&md_ctx,EVP_dss1(), NULL);
+                        EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
+                        EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
+                        EVP_VerifyUpdate(&md_ctx,param,param_len);
+                        if (!EVP_VerifyFinal(&md_ctx,p,(int)n,pkey))
+                                {
+                                /* bad signature */
+                                al=SSL_AD_DECRYPT_ERROR;
+                                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE);
+                                goto f_err;
+                                }
+                        }
+                else
+#endif
+                        {
+                        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
+                        goto err;
+                        }
+                }
+        else
+                {
+                /* still data left over */
+                if (!(alg & SSL_aNULL))
+                        {
+                        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
+                        goto err;
+                        }
+                if (n != 0)
+                        {
+                        al=SSL_AD_DECODE_ERROR;
+                        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_EXTRA_DATA_IN_MESSAGE);
+                        goto f_err;
+                        }
+                }
+        EVP_PKEY_free(pkey);
+        EVP_MD_CTX_cleanup(&md_ctx);
+        return(1);
+f_err:
+        ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+        EVP_PKEY_free(pkey);
+#ifndef OPENSSL_NO_RSA
+        if (rsa != NULL)
+                RSA_free(rsa);
+#endif
+#ifndef OPENSSL_NO_DH
+        if (dh != NULL)
+                DH_free(dh);
+#endif
+        EVP_MD_CTX_cleanup(&md_ctx);
+        return(-1);
+        }
+
+static int ssl3_get_certificate_request(SSL *s)
+        {
+        int ok,ret=0;
+        unsigned long n,nc,l;
+        unsigned int llen,ctype_num,i;
+        X509_NAME *xn=NULL;
+        unsigned char *p,*d,*q;
+        STACK_OF(X509_NAME) *ca_sk=NULL;
+
+        n=ssl3_get_message(s,
+                SSL3_ST_CR_CERT_REQ_A,
+                SSL3_ST_CR_CERT_REQ_B,
+                -1,
+                s->max_cert_list,
+                &ok);
+
+        if (!ok) return((int)n);
+
+        s->s3->tmp.cert_req=0;
+
+        if (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE)
+                {
+                s->s3->tmp.reuse_message=1;
+                return(1);
+                }
+
+        if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST)
+                {
+                ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
+                SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_WRONG_MESSAGE_TYPE);
+                goto err;
+                }
+
+        /* TLS does not like anon-DH with client cert */
+        if (s->version > SSL3_VERSION)
+                {
+                l=s->s3->tmp.new_cipher->algorithms;
+                if (l & SSL_aNULL)
+                        {
+                        ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
+                        SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
+                        goto err;
+                        }
+                }
+
+        d=p=(unsigned char *)s->init_msg;
+
+        if ((ca_sk=sk_X509_NAME_new(ca_dn_cmp)) == NULL)
+                {
+                SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
+                goto err;
+                }
+
+        /* get the certificate types */
+        ctype_num= *(p++);
+        if (ctype_num > SSL3_CT_NUMBER)
+                ctype_num=SSL3_CT_NUMBER;
+        for (i=0; i<ctype_num; i++)
+                s->s3->tmp.ctype[i]= p[i];
+        p+=ctype_num;
+
+        /* get the CA RDNs */
+        n2s(p,llen);
+#if 0
+{
+FILE *out;
+out=fopen("/tmp/vsign.der","w");
+fwrite(p,1,llen,out);
+fclose(out);
+}
+#endif
+
+        if ((llen+ctype_num+2+1) != n)
+                {
+                ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
+                SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_LENGTH_MISMATCH);
+                goto err;
+                }
+
+        for (nc=0; nc<llen; )
+                {
+                n2s(p,l);
+                if ((l+nc+2) > llen)
+                        {
+                        if ((s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
+                                goto cont; /* netscape bugs */
+                        ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
+                        SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_TOO_LONG);
+                        goto err;
+                        }
+
+                q=p;
+
+                if ((xn=d2i_X509_NAME(NULL,&q,l)) == NULL)
+                        {
+                        /* If netscape tolerance is on, ignore errors */
+                        if (s->options & SSL_OP_NETSCAPE_CA_DN_BUG)
+                                goto cont;
+                        else
+                                {
+                                ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
+                                SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_ASN1_LIB);
+                                goto err;
+                                }
+                        }
+
+                if (q != (p+l))
+                        {
+                        ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
+                        SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_LENGTH_MISMATCH);
+                        goto err;
+                        }
+                if (!sk_X509_NAME_push(ca_sk,xn))
+                        {
+                        SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
+                        goto err;
+                        }
+
+                p+=l;
+                nc+=l+2;
+                }
+
+        if (0)
+                {
+cont:
+                ERR_clear_error();
+                }
+
+        /* we should setup a certificate to return.... */
+        s->s3->tmp.cert_req=1;
+        s->s3->tmp.ctype_num=ctype_num;
+        if (s->s3->tmp.ca_names != NULL)
+                sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
+        s->s3->tmp.ca_names=ca_sk;
+        ca_sk=NULL;
+
+        ret=1;
+err:
+        if (ca_sk != NULL) sk_X509_NAME_pop_free(ca_sk,X509_NAME_free);
+        return(ret);
+        }
+
+static int ca_dn_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
+        {
+        return(X509_NAME_cmp(*a,*b));
+        }
+
+static int ssl3_get_server_done(SSL *s)
+        {
+        int ok,ret=0;
+        long n;
+
+        n=ssl3_get_message(s,
+                SSL3_ST_CR_SRVR_DONE_A,
+                SSL3_ST_CR_SRVR_DONE_B,
+                SSL3_MT_SERVER_DONE,
+                30, /* should be very small, like 0 :-) */
+                &ok);
+
+        if (!ok) return((int)n);
+        if (n > 0)
+                {
+                /* should contain no data */
+                ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
+                SSLerr(SSL_F_SSL3_GET_SERVER_DONE,SSL_R_LENGTH_MISMATCH);
+                return -1;
+                }
+        ret=1;
+        return(ret);
+        }
+
+static int ssl3_send_client_key_exchange(SSL *s)
+        {
+        unsigned char *p,*d;
+        int n;
+        unsigned long l;
+#ifndef OPENSSL_NO_RSA
+        unsigned char *q;
+        EVP_PKEY *pkey=NULL;
+#endif
+#ifndef OPENSSL_NO_KRB5
+        KSSL_ERR kssl_err;
+#endif /* OPENSSL_NO_KRB5 */
+
+        if (s->state == SSL3_ST_CW_KEY_EXCH_A)
+                {
+                d=(unsigned char *)s->init_buf->data;
+                p= &(d[4]);
+
+                l=s->s3->tmp.new_cipher->algorithms;
+
+                /* Fool emacs indentation */
+                if (0) {}
+#ifndef OPENSSL_NO_RSA
+                else if (l & SSL_kRSA)
+                        {
+                        RSA *rsa;
+                        unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
+
+                        if (s->session->sess_cert->peer_rsa_tmp != NULL)
+                                rsa=s->session->sess_cert->peer_rsa_tmp;
+                        else
+                                {
+                                pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
+                                if ((pkey == NULL) ||
+                                        (pkey->type != EVP_PKEY_RSA) ||
+                                        (pkey->pkey.rsa == NULL))
+                                        {
+                                        SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
+                                        goto err;
+                                        }
+                                rsa=pkey->pkey.rsa;
+                                EVP_PKEY_free(pkey);
+                                }
+                                
+                        tmp_buf[0]=s->client_version>>8;
+                        tmp_buf[1]=s->client_version&0xff;
+                        if (RAND_bytes(&(tmp_buf[2]),sizeof tmp_buf-2) <= 0)
+                                        goto err;
+
+                        s->session->master_key_length=sizeof tmp_buf;
+
+                        q=p;
+                        /* Fix buf for TLS and beyond */
+                        if (s->version > SSL3_VERSION)
+                                p+=2;
+                        n=RSA_public_encrypt(sizeof tmp_buf,
+                                tmp_buf,p,rsa,RSA_PKCS1_PADDING);
+#ifdef PKCS1_CHECK
+                        if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++;
+                        if (s->options & SSL_OP_PKCS1_CHECK_2) tmp_buf[0]=0x70;
+#endif
+                        if (n <= 0)
+                                {
+                                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_ENCRYPT);
+                                goto err;
+                                }
+
+                        /* Fix buf for TLS and beyond */
+                        if (s->version > SSL3_VERSION)
+                                {
+                                s2n(n,q);
+                                n+=2;
+                                }
+
+                        s->session->master_key_length=
+                                s->method->ssl3_enc->generate_master_secret(s,
+                                        s->session->master_key,
+                                        tmp_buf,sizeof tmp_buf);
+                        OPENSSL_cleanse(tmp_buf,sizeof tmp_buf);
+                        }
+#endif
+#ifndef OPENSSL_NO_KRB5
+                else if (l & SSL_kKRB5)
+                        {
+                        krb5_error_code krb5rc;
+                        KSSL_CTX        *kssl_ctx = s->kssl_ctx;
+                        /*  krb5_data   krb5_ap_req;  */
+                        krb5_data       *enc_ticket;
+                        krb5_data       authenticator, *authp = NULL;
+                        EVP_CIPHER_CTX  ciph_ctx;
+                        EVP_CIPHER      *enc = NULL;
+                        unsigned char   iv[EVP_MAX_IV_LENGTH];
+                        unsigned char   tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
+                        unsigned char   epms[SSL_MAX_MASTER_KEY_LENGTH 
+                                                + EVP_MAX_IV_LENGTH];
+                        int             padl, outl = sizeof(epms);
+
+                        EVP_CIPHER_CTX_init(&ciph_ctx);
+
+#ifdef KSSL_DEBUG
+                        printf("ssl3_send_client_key_exchange(%lx & %lx)\n",
+                                l, SSL_kKRB5);
+#endif  /* KSSL_DEBUG */
+
+                        authp = NULL;
+#ifdef KRB5SENDAUTH
+                        if (KRB5SENDAUTH)  authp = &authenticator;
+#endif  /* KRB5SENDAUTH */
+
+                        krb5rc = kssl_cget_tkt(kssl_ctx, &enc_ticket, authp,
+                                &kssl_err);
+                        enc = kssl_map_enc(kssl_ctx->enctype);
+                        if (enc == NULL)
+                            goto err;
+#ifdef KSSL_DEBUG
+                        {
+                        printf("kssl_cget_tkt rtn %d\n", krb5rc);
+                        if (krb5rc && kssl_err.text)
+                          printf("kssl_cget_tkt kssl_err=%s\n", kssl_err.text);
+                        }
+#endif  /* KSSL_DEBUG */
+
+                        if (krb5rc)
+                                {
+                                ssl3_send_alert(s,SSL3_AL_FATAL,
+                                                SSL_AD_HANDSHAKE_FAILURE);
+                                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                                                kssl_err.reason);
+                                goto err;
+                                }
+
+                        /*  20010406 VRS - Earlier versions used KRB5 AP_REQ
+                        **  in place of RFC 2712 KerberosWrapper, as in:
+                        **
+                        **  Send ticket (copy to *p, set n = length)
+                        **  n = krb5_ap_req.length;
+                        **  memcpy(p, krb5_ap_req.data, krb5_ap_req.length);
+                        **  if (krb5_ap_req.data)  
+                        **    kssl_krb5_free_data_contents(NULL,&krb5_ap_req);
+                        **
+                        **  Now using real RFC 2712 KerberosWrapper
+                        **  (Thanks to Simon Wilkinson <sxw@sxw.org.uk>)
+                        **  Note: 2712 "opaque" types are here replaced
+                        **  with a 2-byte length followed by the value.
+                        **  Example:
+                        **  KerberosWrapper= xx xx asn1ticket 0 0 xx xx encpms
+                        **  Where "xx xx" = length bytes.  Shown here with
+                        **  optional authenticator omitted.
+                        */
+
+                        /*  KerberosWrapper.Ticket              */
+                        s2n(enc_ticket->length,p);
+                        memcpy(p, enc_ticket->data, enc_ticket->length);
+                        p+= enc_ticket->length;
+                        n = enc_ticket->length + 2;
+
+                        /*  KerberosWrapper.Authenticator       */
+                        if (authp  &&  authp->length)  
+                                {
+                                s2n(authp->length,p);
+                                memcpy(p, authp->data, authp->length);
+                                p+= authp->length;
+                                n+= authp->length + 2;
+                                
+                                free(authp->data);
+                                authp->data = NULL;
+                                authp->length = 0;
+                                }
+                        else
+                                {
+                                s2n(0,p);/*  null authenticator length  */
+                                n+=2;
+                                }
+ 
+                        if (RAND_bytes(tmp_buf,sizeof tmp_buf) <= 0)
+                            goto err;
+
+                        /*  20010420 VRS.  Tried it this way; failed.
+                        **      EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL);
+                        **      EVP_CIPHER_CTX_set_key_length(&ciph_ctx,
+                        **                              kssl_ctx->length);
+                        **      EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
+                        */
+
+                        memset(iv, 0, sizeof iv);  /* per RFC 1510 */
+                        EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,
+                                kssl_ctx->key,iv);
+                        EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf,
+                                sizeof tmp_buf);
+                        EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl);
+                        outl += padl;
+                        if (outl > sizeof epms)
+                                {
+                                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+                                goto err;
+                                }
+                        EVP_CIPHER_CTX_cleanup(&ciph_ctx);
+
+                        /*  KerberosWrapper.EncryptedPreMasterSecret    */
+                        s2n(outl,p);
+                        memcpy(p, epms, outl);
+                        p+=outl;
+                        n+=outl + 2;
+
+                        s->session->master_key_length=
+                                s->method->ssl3_enc->generate_master_secret(s,
+                                        s->session->master_key,
+                                        tmp_buf, sizeof tmp_buf);
+
+                        OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
+                        OPENSSL_cleanse(epms, outl);
+                        }
+#endif
+#ifndef OPENSSL_NO_DH
+                else if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
+                        {
+                        DH *dh_srvr,*dh_clnt;
+
+                        if (s->session->sess_cert->peer_dh_tmp != NULL)
+                                dh_srvr=s->session->sess_cert->peer_dh_tmp;
+                        else
+                                {
+                                /* we get them from the cert */
+                                ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
+                                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
+                                goto err;
+                                }
+                        
+                        /* generate a new random key */
+                        if ((dh_clnt=DHparams_dup(dh_srvr)) == NULL)
+                                {
+                                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
+                                goto err;
+                                }
+                        if (!DH_generate_key(dh_clnt))
+                                {
+                                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
+                                goto err;
+                                }
+
+                        /* use the 'p' output buffer for the DH key, but
+                         * make sure to clear it out afterwards */
+
+                        n=DH_compute_key(p,dh_srvr->pub_key,dh_clnt);
+
+                        if (n <= 0)
+                                {
+                                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
+                                goto err;
+                                }
+
+                        /* generate master key from the result */
+                        s->session->master_key_length=
+                                s->method->ssl3_enc->generate_master_secret(s,
+                                        s->session->master_key,p,n);
+                        /* clean up */
+                        memset(p,0,n);
+
+                        /* send off the data */
+                        n=BN_num_bytes(dh_clnt->pub_key);
+                        s2n(n,p);
+                        BN_bn2bin(dh_clnt->pub_key,p);
+                        n+=2;
+
+                        DH_free(dh_clnt);
+
+                        /* perhaps clean things up a bit EAY EAY EAY EAY*/
+                        }
+#endif
+                else
+                        {
+                        ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
+                        SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
+                        goto err;
+                        }
+                
+                *(d++)=SSL3_MT_CLIENT_KEY_EXCHANGE;
+                l2n3(n,d);
+
+                s->state=SSL3_ST_CW_KEY_EXCH_B;
+                /* number of bytes to write */
+                s->init_num=n+4;
+                s->init_off=0;
+                }
+
+        /* SSL3_ST_CW_KEY_EXCH_B */
+        return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+err:
+        return(-1);
+        }
+
+static int ssl3_send_client_verify(SSL *s)
+        {
+        unsigned char *p,*d;
+        unsigned char data[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
+        EVP_PKEY *pkey;
+#ifndef OPENSSL_NO_RSA
+        unsigned u=0;
+#endif
+        unsigned long n;
+#ifndef OPENSSL_NO_DSA
+        int j;
+#endif
+
+        if (s->state == SSL3_ST_CW_CERT_VRFY_A)
+                {
+                d=(unsigned char *)s->init_buf->data;
+                p= &(d[4]);
+                pkey=s->cert->key->privatekey;
+
+                s->method->ssl3_enc->cert_verify_mac(s,&(s->s3->finish_dgst2),
+                        &(data[MD5_DIGEST_LENGTH]));
+
+#ifndef OPENSSL_NO_RSA
+                if (pkey->type == EVP_PKEY_RSA)
+                        {
+                        s->method->ssl3_enc->cert_verify_mac(s,
+                                &(s->s3->finish_dgst1),&(data[0]));
+                        if (RSA_sign(NID_md5_sha1, data,
+                                         MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
+                                        &(p[2]), &u, pkey->pkey.rsa) <= 0 )
+                                {
+                                SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_RSA_LIB);
+                                goto err;
+                                }
+                        s2n(u,p);
+                        n=u+2;
+                        }
+                else
+#endif
+#ifndef OPENSSL_NO_DSA
+                        if (pkey->type == EVP_PKEY_DSA)
+                        {
+                        if (!DSA_sign(pkey->save_type,
+                                &(data[MD5_DIGEST_LENGTH]),
+                                SHA_DIGEST_LENGTH,&(p[2]),
+                                (unsigned int *)&j,pkey->pkey.dsa))
+                                {
+                                SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_DSA_LIB);
+                                goto err;
+                                }
+                        s2n(j,p);
+                        n=j+2;
+                        }
+                else
+#endif
+                        {
+                        SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_INTERNAL_ERROR);
+                        goto err;
+                        }
+                *(d++)=SSL3_MT_CERTIFICATE_VERIFY;
+                l2n3(n,d);
+
+                s->state=SSL3_ST_CW_CERT_VRFY_B;
+                s->init_num=(int)n+4;
+                s->init_off=0;
+                }
+        return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+err:
+        return(-1);
+        }
+
+static int ssl3_send_client_certificate(SSL *s)
+        {
+        X509 *x509=NULL;
+        EVP_PKEY *pkey=NULL;
+        int i;
+        unsigned long l;
+
+        if (s->state == SSL3_ST_CW_CERT_A)
+                {
+                if ((s->cert == NULL) ||
+                        (s->cert->key->x509 == NULL) ||
+                        (s->cert->key->privatekey == NULL))
+                        s->state=SSL3_ST_CW_CERT_B;
+                else
+                        s->state=SSL3_ST_CW_CERT_C;
+                }
+
+        /* We need to get a client cert */
+        if (s->state == SSL3_ST_CW_CERT_B)
+                {
+                /* If we get an error, we need to
+                 * ssl->rwstate=SSL_X509_LOOKUP; return(-1);
+                 * We then get retied later */
+                i=0;
+                if (s->ctx->client_cert_cb != NULL)
+                        i=s->ctx->client_cert_cb(s,&(x509),&(pkey));
+                if (i < 0)
+                        {
+                        s->rwstate=SSL_X509_LOOKUP;
+                        return(-1);
+                        }
+                s->rwstate=SSL_NOTHING;
+                if ((i == 1) && (pkey != NULL) && (x509 != NULL))
+                        {
+                        s->state=SSL3_ST_CW_CERT_B;
+                        if (    !SSL_use_certificate(s,x509) ||
+                                !SSL_use_PrivateKey(s,pkey))
+                                i=0;
+                        }
+                else if (i == 1)
+                        {
+                        i=0;
+                        SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
+                        }
+
+                if (x509 != NULL) X509_free(x509);
+                if (pkey != NULL) EVP_PKEY_free(pkey);
+                if (i == 0)
+                        {
+                        if (s->version == SSL3_VERSION)
+                                {
+                                s->s3->tmp.cert_req=0;
+                                ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_NO_CERTIFICATE);
+                                return(1);
+                                }
+                        else
+                                {
+                                s->s3->tmp.cert_req=2;
+                                }
+                        }
+
+                /* Ok, we have a cert */
+                s->state=SSL3_ST_CW_CERT_C;
+                }
+
+        if (s->state == SSL3_ST_CW_CERT_C)
+                {
+                s->state=SSL3_ST_CW_CERT_D;
+                l=ssl3_output_cert_chain(s,
+                        (s->s3->tmp.cert_req == 2)?NULL:s->cert->key->x509);
+                s->init_num=(int)l;
+                s->init_off=0;
+                }
+        /* SSL3_ST_CW_CERT_D */
+        return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+        }
+
+#define has_bits(i,m)   (((i)&(m)) == (m))
+
+static int ssl3_check_cert_and_algorithm(SSL *s)
+        {
+        int i,idx;
+        long algs;
+        EVP_PKEY *pkey=NULL;
+        SESS_CERT *sc;
+#ifndef OPENSSL_NO_RSA
+        RSA *rsa;
+#endif
+#ifndef OPENSSL_NO_DH
+        DH *dh;
+#endif
+
+        sc=s->session->sess_cert;
+
+        if (sc == NULL)
+                {
+                SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,ERR_R_INTERNAL_ERROR);
+                goto err;
+                }
+
+        algs=s->s3->tmp.new_cipher->algorithms;
+
+        /* we don't have a certificate */
+        if (algs & (SSL_aDH|SSL_aNULL|SSL_aKRB5))
+                return(1);
+
+#ifndef OPENSSL_NO_RSA
+        rsa=s->session->sess_cert->peer_rsa_tmp;
+#endif
+#ifndef OPENSSL_NO_DH
+        dh=s->session->sess_cert->peer_dh_tmp;
+#endif
+
+        /* This is the passed certificate */
+
+        idx=sc->peer_cert_type;
+        pkey=X509_get_pubkey(sc->peer_pkeys[idx].x509);
+        i=X509_certificate_type(sc->peer_pkeys[idx].x509,pkey);
+        EVP_PKEY_free(pkey);
+
+        
+        /* Check that we have a certificate if we require one */
+        if ((algs & SSL_aRSA) && !has_bits(i,EVP_PK_RSA|EVP_PKT_SIGN))
+                {
+                SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_SIGNING_CERT);
+                goto f_err;
+                }
+#ifndef OPENSSL_NO_DSA
+        else if ((algs & SSL_aDSS) && !has_bits(i,EVP_PK_DSA|EVP_PKT_SIGN))
+                {
+                SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DSA_SIGNING_CERT);
+                goto f_err;
+                }
+#endif
+#ifndef OPENSSL_NO_RSA
+        if ((algs & SSL_kRSA) &&
+                !(has_bits(i,EVP_PK_RSA|EVP_PKT_ENC) || (rsa != NULL)))
+                {
+                SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_ENCRYPTING_CERT);
+                goto f_err;
+                }
+#endif
+#ifndef OPENSSL_NO_DH
+        if ((algs & SSL_kEDH) &&
+                !(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
+                {
+                SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);
+                goto f_err;
+                }
+        else if ((algs & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
+                {
+                SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT);
+                goto f_err;
+                }
+#ifndef OPENSSL_NO_DSA
+        else if ((algs & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
+                {
+                SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT);
+                goto f_err;
+                }
+#endif
+#endif
+
+        if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && !has_bits(i,EVP_PKT_EXP))
+                {
+#ifndef OPENSSL_NO_RSA
+                if (algs & SSL_kRSA)
+                        {
+                        if (rsa == NULL
+                            || RSA_size(rsa)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
+                                {
+                                SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
+                                goto f_err;
+                                }
+                        }
+                else
+#endif
+#ifndef OPENSSL_NO_DH
+                        if (algs & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
+                            {
+                            if (dh == NULL
+                                || DH_size(dh)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
+                                {
+                                SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_DH_KEY);
+                                goto f_err;
+                                }
+                        }
+                else
+#endif
+                        {
+                        SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
+                        goto f_err;
+                        }
+                }
+        return(1);
+f_err:
+        ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
+err:
+        return(0);
+        }
+
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
new file mode 100644
index 0000000000..9bf1dbec06
--- /dev/null
+++ b/src/lib/libssl/s3_lib.c
@@ -0,0 +1,1799 @@
+/* ssl/s3_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/objects.h>
+#include "ssl_locl.h"
+#include "kssl_lcl.h"
+#include <openssl/md5.h>
+
+const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT;
+
+#define SSL3_NUM_CIPHERS        (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
+
+static long ssl3_default_timeout(void );
+
+OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
+/* The RSA ciphers */
+/* Cipher 01 */
+        {
+        1,
+        SSL3_TXT_RSA_NULL_MD5,
+        SSL3_CK_RSA_NULL_MD5,
+        SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3,
+        SSL_NOT_EXP|SSL_STRONG_NONE,
+        0,
+        0,
+        0,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+/* Cipher 02 */
+        {
+        1,
+        SSL3_TXT_RSA_NULL_SHA,
+        SSL3_CK_RSA_NULL_SHA,
+        SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3,
+        SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+        0,
+        0,
+        0,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+
+/* anon DH */
+/* Cipher 17 */
+        {
+        1,
+        SSL3_TXT_ADH_RC4_40_MD5,
+        SSL3_CK_ADH_RC4_40_MD5,
+        SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
+        SSL_EXPORT|SSL_EXP40,
+        0,
+        40,
+        128,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+/* Cipher 18 */
+        {
+        1,
+        SSL3_TXT_ADH_RC4_128_MD5,
+        SSL3_CK_ADH_RC4_128_MD5,
+        SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
+        SSL_NOT_EXP|SSL_MEDIUM,
+        0,
+        128,
+        128,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+/* Cipher 19 */
+        {
+        1,
+        SSL3_TXT_ADH_DES_40_CBC_SHA,
+        SSL3_CK_ADH_DES_40_CBC_SHA,
+        SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_SSLV3,
+        SSL_EXPORT|SSL_EXP40|SSL_FIPS,
+        0,
+        40,
+        128,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+/* Cipher 1A */
+        {
+        1,
+        SSL3_TXT_ADH_DES_64_CBC_SHA,
+        SSL3_CK_ADH_DES_64_CBC_SHA,
+        SSL_kEDH |SSL_aNULL|SSL_DES  |SSL_SHA1|SSL_SSLV3,
+        SSL_NOT_EXP|SSL_LOW|SSL_FIPS,
+        0,
+        56,
+        56,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+/* Cipher 1B */
+        {
+        1,
+        SSL3_TXT_ADH_DES_192_CBC_SHA,
+        SSL3_CK_ADH_DES_192_CBC_SHA,
+        SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3,
+        SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+        0,
+        168,
+        168,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+
+/* RSA again */
+/* Cipher 03 */
+        {
+        1,
+        SSL3_TXT_RSA_RC4_40_MD5,
+        SSL3_CK_RSA_RC4_40_MD5,
+        SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
+        SSL_EXPORT|SSL_EXP40,
+        0,
+        40,
+        128,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+/* Cipher 04 */
+        {
+        1,
+        SSL3_TXT_RSA_RC4_128_MD5,
+        SSL3_CK_RSA_RC4_128_MD5,
+        SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5|SSL_SSLV3,
+        SSL_NOT_EXP|SSL_MEDIUM,
+        0,
+        128,
+        128,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+/* Cipher 05 */
+        {
+        1,
+        SSL3_TXT_RSA_RC4_128_SHA,
+        SSL3_CK_RSA_RC4_128_SHA,
+        SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_SHA1|SSL_SSLV3,
+        SSL_NOT_EXP|SSL_MEDIUM,
+        0,
+        128,
+        128,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+/* Cipher 06 */
+        {
+        1,
+        SSL3_TXT_RSA_RC2_40_MD5,
+        SSL3_CK_RSA_RC2_40_MD5,
+        SSL_kRSA|SSL_aRSA|SSL_RC2  |SSL_MD5 |SSL_SSLV3,
+        SSL_EXPORT|SSL_EXP40,
+        0,
+        40,
+        128,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+/* Cipher 07 */
+#ifndef OPENSSL_NO_IDEA
+        {
+        1,
+        SSL3_TXT_RSA_IDEA_128_SHA,
+        SSL3_CK_RSA_IDEA_128_SHA,
+        SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_SSLV3,
+        SSL_NOT_EXP|SSL_MEDIUM,
+        0,
+        128,
+        128,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+#endif
+/* Cipher 08 */
+        {
+        1,
+        SSL3_TXT_RSA_DES_40_CBC_SHA,
+        SSL3_CK_RSA_DES_40_CBC_SHA,
+        SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
+        SSL_EXPORT|SSL_EXP40|SSL_FIPS,
+        0,
+        40,
+        56,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+/* Cipher 09 */
+        {
+        1,
+        SSL3_TXT_RSA_DES_64_CBC_SHA,
+        SSL3_CK_RSA_DES_64_CBC_SHA,
+        SSL_kRSA|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_SSLV3,
+        SSL_NOT_EXP|SSL_LOW|SSL_FIPS,
+        0,
+        56,
+        56,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+/* Cipher 0A */
+        {
+        1,
+        SSL3_TXT_RSA_DES_192_CBC3_SHA,
+        SSL3_CK_RSA_DES_192_CBC3_SHA,
+        SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
+        SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+        0,
+        168,
+        168,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+
+/*  The DH ciphers */
+/* Cipher 0B */
+        {
+        0,
+        SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
+        SSL3_CK_DH_DSS_DES_40_CBC_SHA,
+        SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
+        SSL_EXPORT|SSL_EXP40|SSL_FIPS,
+        0,
+        40,
+        56,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+/* Cipher 0C */
+        {
+        0,
+        SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
+        SSL3_CK_DH_DSS_DES_64_CBC_SHA,
+        SSL_kDHd |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_SSLV3,
+        SSL_NOT_EXP|SSL_LOW|SSL_FIPS,
+        0,
+        56,
+        56,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+/* Cipher 0D */
+        {
+        0,
+        SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
+        SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
+        SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
+        SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+        0,
+        168,
+        168,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+/* Cipher 0E */
+        {
+        0,
+        SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
+        SSL3_CK_DH_RSA_DES_40_CBC_SHA,
+        SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
+        SSL_EXPORT|SSL_EXP40|SSL_FIPS,
+        0,
+        40,
+        56,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+/* Cipher 0F */
+        {
+        0,
+        SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
+        SSL3_CK_DH_RSA_DES_64_CBC_SHA,
+        SSL_kDHr |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_SSLV3,
+        SSL_NOT_EXP|SSL_LOW|SSL_FIPS,
+        0,
+        56,
+        56,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+/* Cipher 10 */
+        {
+        0,
+        SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
+        SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
+        SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
+        SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+        0,
+        168,
+        168,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+
+/* The Ephemeral DH ciphers */
+/* Cipher 11 */
+        {
+        1,
+        SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
+        SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
+        SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_SSLV3,
+        SSL_EXPORT|SSL_EXP40|SSL_FIPS,
+        0,
+        40,
+        56,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+/* Cipher 12 */
+        {
+        1,
+        SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
+        SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
+        SSL_kEDH|SSL_aDSS|SSL_DES  |SSL_SHA1|SSL_SSLV3,
+        SSL_NOT_EXP|SSL_LOW|SSL_FIPS,
+        0,
+        56,
+        56,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+/* Cipher 13 */
+        {
+        1,
+        SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
+        SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
+        SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_SSLV3,
+        SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+        0,
+        168,
+        168,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+/* Cipher 14 */
+        {
+        1,
+        SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
+        SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
+        SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
+        SSL_EXPORT|SSL_EXP40|SSL_FIPS,
+        0,
+        40,
+        56,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+/* Cipher 15 */
+        {
+        1,
+        SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
+        SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
+        SSL_kEDH|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_SSLV3,
+        SSL_NOT_EXP|SSL_LOW|SSL_FIPS,
+        0,
+        56,
+        56,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+/* Cipher 16 */
+        {
+        1,
+        SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
+        SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
+        SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
+        SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+        0,
+        168,
+        168,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+
+/* Fortezza */
+/* Cipher 1C */
+        {
+        0,
+        SSL3_TXT_FZA_DMS_NULL_SHA,
+        SSL3_CK_FZA_DMS_NULL_SHA,
+        SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3,
+        SSL_NOT_EXP|SSL_STRONG_NONE,
+        0,
+        0,
+        0,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+
+/* Cipher 1D */
+        {
+        0,
+        SSL3_TXT_FZA_DMS_FZA_SHA,
+        SSL3_CK_FZA_DMS_FZA_SHA,
+        SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3,
+        SSL_NOT_EXP|SSL_STRONG_NONE,
+        0,
+        0,
+        0,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+
+#if 0
+/* Cipher 1E */
+        {
+        0,
+        SSL3_TXT_FZA_DMS_RC4_SHA,
+        SSL3_CK_FZA_DMS_RC4_SHA,
+        SSL_kFZA|SSL_aFZA |SSL_RC4  |SSL_SHA1|SSL_SSLV3,
+        SSL_NOT_EXP|SSL_MEDIUM,
+        0,
+        128,
+        128,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+#endif
+
+#ifndef OPENSSL_NO_KRB5
+/* The Kerberos ciphers
+** 20000107 VRS: And the first shall be last,
+** in hopes of avoiding the lynx ssl renegotiation problem.
+*/
+/* Cipher 1E VRS */
+        {
+        1,
+        SSL3_TXT_KRB5_DES_64_CBC_SHA,
+        SSL3_CK_KRB5_DES_64_CBC_SHA,
+        SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_SHA1   |SSL_SSLV3,
+        SSL_NOT_EXP|SSL_LOW|SSL_FIPS,
+        0,
+        56,
+        56,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+
+/* Cipher 1F VRS */
+        {
+        1,
+        SSL3_TXT_KRB5_DES_192_CBC3_SHA,
+        SSL3_CK_KRB5_DES_192_CBC3_SHA,
+        SSL_kKRB5|SSL_aKRB5|  SSL_3DES|SSL_SHA1  |SSL_SSLV3,
+        SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+        0,
+        112,
+        168,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+
+/* Cipher 20 VRS */
+        {
+        1,
+        SSL3_TXT_KRB5_RC4_128_SHA,
+        SSL3_CK_KRB5_RC4_128_SHA,
+        SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_SHA1  |SSL_SSLV3,
+        SSL_NOT_EXP|SSL_MEDIUM,
+        0,
+        128,
+        128,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+
+/* Cipher 21 VRS */
+        {
+        1,
+        SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
+        SSL3_CK_KRB5_IDEA_128_CBC_SHA,
+        SSL_kKRB5|SSL_aKRB5|  SSL_IDEA|SSL_SHA1  |SSL_SSLV3,
+        SSL_NOT_EXP|SSL_MEDIUM,
+        0,
+        128,
+        128,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+
+/* Cipher 22 VRS */
+        {
+        1,
+        SSL3_TXT_KRB5_DES_64_CBC_MD5,
+        SSL3_CK_KRB5_DES_64_CBC_MD5,
+        SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_MD5    |SSL_SSLV3,
+        SSL_NOT_EXP|SSL_LOW,
+        0,
+        56,
+        56,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+
+/* Cipher 23 VRS */
+        {
+        1,
+        SSL3_TXT_KRB5_DES_192_CBC3_MD5,
+        SSL3_CK_KRB5_DES_192_CBC3_MD5,
+        SSL_kKRB5|SSL_aKRB5|  SSL_3DES|SSL_MD5   |SSL_SSLV3,
+        SSL_NOT_EXP|SSL_HIGH,
+        0,
+        112,
+        168,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+
+/* Cipher 24 VRS */
+        {
+        1,
+        SSL3_TXT_KRB5_RC4_128_MD5,
+        SSL3_CK_KRB5_RC4_128_MD5,
+        SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_MD5  |SSL_SSLV3,
+        SSL_NOT_EXP|SSL_MEDIUM,
+        0,
+        128,
+        128,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+
+/* Cipher 25 VRS */
+        {
+        1,
+        SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
+        SSL3_CK_KRB5_IDEA_128_CBC_MD5,
+        SSL_kKRB5|SSL_aKRB5|  SSL_IDEA|SSL_MD5  |SSL_SSLV3,
+        SSL_NOT_EXP|SSL_MEDIUM,
+        0,
+        128,
+        128,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+
+/* Cipher 26 VRS */
+        {
+        1,
+        SSL3_TXT_KRB5_DES_40_CBC_SHA,
+        SSL3_CK_KRB5_DES_40_CBC_SHA,
+        SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_SHA1   |SSL_SSLV3,
+        SSL_EXPORT|SSL_EXP40|SSL_FIPS,
+        0,
+        40,
+        56,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+
+/* Cipher 27 VRS */
+        {
+        1,
+        SSL3_TXT_KRB5_RC2_40_CBC_SHA,
+        SSL3_CK_KRB5_RC2_40_CBC_SHA,
+        SSL_kKRB5|SSL_aKRB5|  SSL_RC2|SSL_SHA1   |SSL_SSLV3,
+        SSL_EXPORT|SSL_EXP40,
+        0,
+        40,
+        128,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+
+/* Cipher 28 VRS */
+        {
+        1,
+        SSL3_TXT_KRB5_RC4_40_SHA,
+        SSL3_CK_KRB5_RC4_40_SHA,
+        SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_SHA1   |SSL_SSLV3,
+        SSL_EXPORT|SSL_EXP40,
+        0,
+        128,
+        128,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+
+/* Cipher 29 VRS */
+        {
+        1,
+        SSL3_TXT_KRB5_DES_40_CBC_MD5,
+        SSL3_CK_KRB5_DES_40_CBC_MD5,
+        SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_MD5    |SSL_SSLV3,
+        SSL_EXPORT|SSL_EXP40,
+        0,
+        40,
+        56,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+
+/* Cipher 2A VRS */
+        {
+        1,
+        SSL3_TXT_KRB5_RC2_40_CBC_MD5,
+        SSL3_CK_KRB5_RC2_40_CBC_MD5,
+        SSL_kKRB5|SSL_aKRB5|  SSL_RC2|SSL_MD5    |SSL_SSLV3,
+        SSL_EXPORT|SSL_EXP40,
+        0,
+        40,
+        128,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+
+/* Cipher 2B VRS */
+        {
+        1,
+        SSL3_TXT_KRB5_RC4_40_MD5,
+        SSL3_CK_KRB5_RC4_40_MD5,
+        SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_MD5    |SSL_SSLV3,
+        SSL_EXPORT|SSL_EXP40,
+        0,
+        128,
+        128,
+        SSL_ALL_CIPHERS,
+        SSL_ALL_STRENGTHS,
+        },
+#endif  /* OPENSSL_NO_KRB5 */
+
+
+#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
+        /* New TLS Export CipherSuites */
+        /* Cipher 60 */
+            {
+            1,
+            TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
+            TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
+            SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_TLSV1,
+            SSL_EXPORT|SSL_EXP56,
+            0,
+            56,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+        /* Cipher 61 */
+            {
+            1,
+            TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
+            TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
+            SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_TLSV1,
+            SSL_EXPORT|SSL_EXP56,
+            0,
+            56,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+        /* Cipher 62 */
+            {
+            1,
+            TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
+            TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
+            SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1,
+            SSL_EXPORT|SSL_EXP56|SSL_FIPS,
+            0,
+            56,
+            56,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+        /* Cipher 63 */
+            {
+            1,
+            TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
+            TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
+            SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_TLSV1,
+            SSL_EXPORT|SSL_EXP56|SSL_FIPS,
+            0,
+            56,
+            56,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+        /* Cipher 64 */
+            {
+            1,
+            TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
+            TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
+            SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
+            SSL_EXPORT|SSL_EXP56,
+            0,
+            56,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+        /* Cipher 65 */
+            {
+            1,
+            TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
+            TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
+            SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
+            SSL_EXPORT|SSL_EXP56,
+            0,
+            56,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+        /* Cipher 66 */
+            {
+            1,
+            TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
+            TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
+            SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_MEDIUM,
+            0,
+            128,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS
+            },
+#endif
+        /* New AES ciphersuites */
+
+        /* Cipher 2F */
+            {
+            1,
+            TLS1_TXT_RSA_WITH_AES_128_SHA,
+            TLS1_CK_RSA_WITH_AES_128_SHA,
+            SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
+            SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS,
+            0,
+            128,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+        /* Cipher 30 */
+            {
+            0,
+            TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
+            TLS1_CK_DH_DSS_WITH_AES_128_SHA,
+            SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS,
+            0,
+            128,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+        /* Cipher 31 */
+            {
+            0,
+            TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
+            TLS1_CK_DH_RSA_WITH_AES_128_SHA,
+            SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS,
+            0,
+            128,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+        /* Cipher 32 */
+            {
+            1,
+            TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
+            TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
+            SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS,
+            0,
+            128,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+        /* Cipher 33 */
+            {
+            1,
+            TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
+            TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
+            SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS,
+            0,
+            128,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+        /* Cipher 34 */
+            {
+            1,
+            TLS1_TXT_ADH_WITH_AES_128_SHA,
+            TLS1_CK_ADH_WITH_AES_128_SHA,
+            SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS,
+            0,
+            128,
+            128,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+        /* Cipher 35 */
+            {
+            1,
+            TLS1_TXT_RSA_WITH_AES_256_SHA,
+            TLS1_CK_RSA_WITH_AES_256_SHA,
+            SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
+            SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+            0,
+            256,
+            256,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+        /* Cipher 36 */
+            {
+            0,
+            TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
+            TLS1_CK_DH_DSS_WITH_AES_256_SHA,
+            SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+            0,
+            256,
+            256,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+        /* Cipher 37 */
+            {
+            0,
+            TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
+            TLS1_CK_DH_RSA_WITH_AES_256_SHA,
+            SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+            0,
+            256,
+            256,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+        /* Cipher 38 */
+            {
+            1,
+            TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
+            TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
+            SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+            0,
+            256,
+            256,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+        /* Cipher 39 */
+            {
+            1,
+            TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
+            TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
+            SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+            0,
+            256,
+            256,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+        /* Cipher 3A */
+            {
+            1,
+            TLS1_TXT_ADH_WITH_AES_256_SHA,
+            TLS1_CK_ADH_WITH_AES_256_SHA,
+            SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+            0,
+            256,
+            256,
+            SSL_ALL_CIPHERS,
+            SSL_ALL_STRENGTHS,
+            },
+
+/* end of list */
+        };
+
+static SSL3_ENC_METHOD SSLv3_enc_data={
+        ssl3_enc,
+        ssl3_mac,
+        ssl3_setup_key_block,
+        ssl3_generate_master_secret,
+        ssl3_change_cipher_state,
+        ssl3_final_finish_mac,
+        MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
+        ssl3_cert_verify_mac,
+        SSL3_MD_CLIENT_FINISHED_CONST,4,
+        SSL3_MD_SERVER_FINISHED_CONST,4,
+        ssl3_alert_code,
+        };
+
+static SSL_METHOD SSLv3_data= {
+        SSL3_VERSION,
+        ssl3_new,
+        ssl3_clear,
+        ssl3_free,
+        ssl_undefined_function,
+        ssl_undefined_function,
+        ssl3_read,
+        ssl3_peek,
+        ssl3_write,
+        ssl3_shutdown,
+        ssl3_renegotiate,
+        ssl3_renegotiate_check,
+        ssl3_ctrl,
+        ssl3_ctx_ctrl,
+        ssl3_get_cipher_by_char,
+        ssl3_put_cipher_by_char,
+        ssl3_pending,
+        ssl3_num_ciphers,
+        ssl3_get_cipher,
+        ssl_bad_method,
+        ssl3_default_timeout,
+        &SSLv3_enc_data,
+        ssl_undefined_function,
+        ssl3_callback_ctrl,
+        ssl3_ctx_callback_ctrl,
+        };
+
+static long ssl3_default_timeout(void)
+        {
+        /* 2 hours, the 24 hours mentioned in the SSLv3 spec
+         * is way too long for http, the cache would over fill */
+        return(60*60*2);
+        }
+
+SSL_METHOD *sslv3_base_method(void)
+        {
+        return(&SSLv3_data);
+        }
+
+int ssl3_num_ciphers(void)
+        {
+        return(SSL3_NUM_CIPHERS);
+        }
+
+SSL_CIPHER *ssl3_get_cipher(unsigned int u)
+        {
+        if (u < SSL3_NUM_CIPHERS)
+                return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
+        else
+                return(NULL);
+        }
+
+int ssl3_pending(const SSL *s)
+        {
+        if (s->rstate == SSL_ST_READ_BODY)
+                return 0;
+        
+        return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
+        }
+
+int ssl3_new(SSL *s)
+        {
+        SSL3_STATE *s3;
+
+        if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
+        memset(s3,0,sizeof *s3);
+        EVP_MD_CTX_init(&s3->finish_dgst1);
+        EVP_MD_CTX_init(&s3->finish_dgst2);
+
+        s->s3=s3;
+
+        s->method->ssl_clear(s);
+        return(1);
+err:
+        return(0);
+        }
+
+void ssl3_free(SSL *s)
+        {
+        if(s == NULL)
+            return;
+
+        ssl3_cleanup_key_block(s);
+        if (s->s3->rbuf.buf != NULL)
+                OPENSSL_free(s->s3->rbuf.buf);
+        if (s->s3->wbuf.buf != NULL)
+                OPENSSL_free(s->s3->wbuf.buf);
+        if (s->s3->rrec.comp != NULL)
+                OPENSSL_free(s->s3->rrec.comp);
+#ifndef OPENSSL_NO_DH
+        if (s->s3->tmp.dh != NULL)
+                DH_free(s->s3->tmp.dh);
+#endif
+        if (s->s3->tmp.ca_names != NULL)
+                sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
+        EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
+        EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
+        OPENSSL_cleanse(s->s3,sizeof *s->s3);
+        OPENSSL_free(s->s3);
+        s->s3=NULL;
+        }
+
+void ssl3_clear(SSL *s)
+        {
+        unsigned char *rp,*wp;
+        size_t rlen, wlen;
+
+        ssl3_cleanup_key_block(s);
+        if (s->s3->tmp.ca_names != NULL)
+                sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
+
+        if (s->s3->rrec.comp != NULL)
+                {
+                OPENSSL_free(s->s3->rrec.comp);
+                s->s3->rrec.comp=NULL;
+                }
+#ifndef OPENSSL_NO_DH
+        if (s->s3->tmp.dh != NULL)
+                DH_free(s->s3->tmp.dh);
+#endif
+
+        rp = s->s3->rbuf.buf;
+        wp = s->s3->wbuf.buf;
+        rlen = s->s3->rbuf.len;
+        wlen = s->s3->wbuf.len;
+
+        EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
+        EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
+
+        memset(s->s3,0,sizeof *s->s3);
+        s->s3->rbuf.buf = rp;
+        s->s3->wbuf.buf = wp;
+        s->s3->rbuf.len = rlen;
+        s->s3->wbuf.len = wlen;
+
+        ssl_free_wbio_buffer(s);
+
+        s->packet_length=0;
+        s->s3->renegotiate=0;
+        s->s3->total_renegotiations=0;
+        s->s3->num_renegotiations=0;
+        s->s3->in_read_app_data=0;
+        s->version=SSL3_VERSION;
+        }
+
+long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
+        {
+        int ret=0;
+
+#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
+        if (
+#ifndef OPENSSL_NO_RSA
+            cmd == SSL_CTRL_SET_TMP_RSA ||
+            cmd == SSL_CTRL_SET_TMP_RSA_CB ||
+#endif
+#ifndef OPENSSL_NO_DSA
+            cmd == SSL_CTRL_SET_TMP_DH ||
+            cmd == SSL_CTRL_SET_TMP_DH_CB ||
+#endif
+                0)
+                {
+                if (!ssl_cert_inst(&s->cert))
+                        {
+                        SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
+                        return(0);
+                        }
+                }
+#endif
+
+        switch (cmd)
+                {
+        case SSL_CTRL_GET_SESSION_REUSED:
+                ret=s->hit;
+                break;
+        case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
+                break;
+        case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
+                ret=s->s3->num_renegotiations;
+                break;
+        case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
+                ret=s->s3->num_renegotiations;
+                s->s3->num_renegotiations=0;
+                break;
+        case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
+                ret=s->s3->total_renegotiations;
+                break;
+        case SSL_CTRL_GET_FLAGS:
+                ret=(int)(s->s3->flags);
+                break;
+#ifndef OPENSSL_NO_RSA
+        case SSL_CTRL_NEED_TMP_RSA:
+                if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
+                    ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
+                     (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
+                        ret = 1;
+                break;
+        case SSL_CTRL_SET_TMP_RSA:
+                {
+                        RSA *rsa = (RSA *)parg;
+                        if (rsa == NULL)
+                                {
+                                SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+                                return(ret);
+                                }
+                        if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
+                                {
+                                SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
+                                return(ret);
+                                }
+                        if (s->cert->rsa_tmp != NULL)
+                                RSA_free(s->cert->rsa_tmp);
+                        s->cert->rsa_tmp = rsa;
+                        ret = 1;
+                }
+                break;
+        case SSL_CTRL_SET_TMP_RSA_CB:
+                {
+                SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+                return(ret);
+                }
+                break;
+#endif
+#ifndef OPENSSL_NO_DH
+        case SSL_CTRL_SET_TMP_DH:
+                {
+                        DH *dh = (DH *)parg;
+                        if (dh == NULL)
+                                {
+                                SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+                                return(ret);
+                                }
+                        if ((dh = DHparams_dup(dh)) == NULL)
+                                {
+                                SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
+                                return(ret);
+                                }
+                        if (!(s->options & SSL_OP_SINGLE_DH_USE))
+                                {
+                                if (!DH_generate_key(dh))
+                                        {
+                                        DH_free(dh);
+                                        SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
+                                        return(ret);
+                                        }
+                                }
+                        if (s->cert->dh_tmp != NULL)
+                                DH_free(s->cert->dh_tmp);
+                        s->cert->dh_tmp = dh;
+                        ret = 1;
+                }
+                break;
+        case SSL_CTRL_SET_TMP_DH_CB:
+                {
+                SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+                return(ret);
+                }
+                break;
+#endif
+        default:
+                break;
+                }
+        return(ret);
+        }
+
+long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)())
+        {
+        int ret=0;
+
+#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
+        if (
+#ifndef OPENSSL_NO_RSA
+            cmd == SSL_CTRL_SET_TMP_RSA_CB ||
+#endif
+#ifndef OPENSSL_NO_DSA
+            cmd == SSL_CTRL_SET_TMP_DH_CB ||
+#endif
+                0)
+                {
+                if (!ssl_cert_inst(&s->cert))
+                        {
+                        SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
+                        return(0);
+                        }
+                }
+#endif
+
+        switch (cmd)
+                {
+#ifndef OPENSSL_NO_RSA
+        case SSL_CTRL_SET_TMP_RSA_CB:
+                {
+                s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
+                }
+                break;
+#endif
+#ifndef OPENSSL_NO_DH
+        case SSL_CTRL_SET_TMP_DH_CB:
+                {
+                s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
+                }
+                break;
+#endif
+        default:
+                break;
+                }
+        return(ret);
+        }
+
+long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
+        {
+        CERT *cert;
+
+        cert=ctx->cert;
+
+        switch (cmd)
+                {
+#ifndef OPENSSL_NO_RSA
+        case SSL_CTRL_NEED_TMP_RSA:
+                if (    (cert->rsa_tmp == NULL) &&
+                        ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
+                         (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
+                        )
+                        return(1);
+                else
+                        return(0);
+                /* break; */
+        case SSL_CTRL_SET_TMP_RSA:
+                {
+                RSA *rsa;
+                int i;
+
+                rsa=(RSA *)parg;
+                i=1;
+                if (rsa == NULL)
+                        i=0;
+                else
+                        {
+                        if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
+                                i=0;
+                        }
+                if (!i)
+                        {
+                        SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
+                        return(0);
+                        }
+                else
+                        {
+                        if (cert->rsa_tmp != NULL)
+                                RSA_free(cert->rsa_tmp);
+                        cert->rsa_tmp=rsa;
+                        return(1);
+                        }
+                }
+                /* break; */
+        case SSL_CTRL_SET_TMP_RSA_CB:
+                {
+                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+                return(0);
+                }
+                break;
+#endif
+#ifndef OPENSSL_NO_DH
+        case SSL_CTRL_SET_TMP_DH:
+                {
+                DH *new=NULL,*dh;
+
+                dh=(DH *)parg;
+                if ((new=DHparams_dup(dh)) == NULL)
+                        {
+                        SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
+                        return 0;
+                        }
+                if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
+                        {
+                        if (!DH_generate_key(new))
+                                {
+                                SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
+                                DH_free(new);
+                                return 0;
+                                }
+                        }
+                if (cert->dh_tmp != NULL)
+                        DH_free(cert->dh_tmp);
+                cert->dh_tmp=new;
+                return 1;
+                }
+                /*break; */
+        case SSL_CTRL_SET_TMP_DH_CB:
+                {
+                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+                return(0);
+                }
+                break;
+#endif
+        /* A Thawte special :-) */
+        case SSL_CTRL_EXTRA_CHAIN_CERT:
+                if (ctx->extra_certs == NULL)
+                        {
+                        if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
+                                return(0);
+                        }
+                sk_X509_push(ctx->extra_certs,(X509 *)parg);
+                break;
+
+        default:
+                return(0);
+                }
+        return(1);
+        }
+
+long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
+        {
+        CERT *cert;
+
+        cert=ctx->cert;
+
+        switch (cmd)
+                {
+#ifndef OPENSSL_NO_RSA
+        case SSL_CTRL_SET_TMP_RSA_CB:
+                {
+                cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
+                }
+                break;
+#endif
+#ifndef OPENSSL_NO_DH
+        case SSL_CTRL_SET_TMP_DH_CB:
+                {
+                cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
+                }
+                break;
+#endif
+        default:
+                return(0);
+                }
+        return(1);
+        }
+
+/* This function needs to check if the ciphers required are actually
+ * available */
+SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
+        {
+        static int init=1;
+        static SSL_CIPHER *sorted[SSL3_NUM_CIPHERS];
+        SSL_CIPHER c,*cp= &c,**cpp;
+        unsigned long id;
+        int i;
+
+        if (init)
+                {
+                CRYPTO_w_lock(CRYPTO_LOCK_SSL);
+
+                if (init)
+                        {
+                        for (i=0; i<SSL3_NUM_CIPHERS; i++)
+                                sorted[i]= &(ssl3_ciphers[i]);
+
+                        qsort(sorted,
+                                SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
+                                FP_ICC ssl_cipher_ptr_id_cmp);
+
+                        init=0;
+                        }
+                
+                CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
+                }
+
+        id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
+        c.id=id;
+        cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
+                (char *)sorted,
+                SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
+                FP_ICC ssl_cipher_ptr_id_cmp);
+        if ((cpp == NULL) || !(*cpp)->valid)
+                return(NULL);
+        else
+                return(*cpp);
+        }
+
+int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
+        {
+        long l;
+
+        if (p != NULL)
+                {
+                l=c->id;
+                if ((l & 0xff000000) != 0x03000000) return(0);
+                p[0]=((unsigned char)(l>> 8L))&0xFF;
+                p[1]=((unsigned char)(l     ))&0xFF;
+                }
+        return(2);
+        }
+
+SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
+             STACK_OF(SSL_CIPHER) *srvr)
+        {
+        SSL_CIPHER *c,*ret=NULL;
+        STACK_OF(SSL_CIPHER) *prio, *allow;
+        int i,j,ok;
+        CERT *cert;
+        unsigned long alg,mask,emask;
+
+        /* Let's see which ciphers we can support */
+        cert=s->cert;
+
+#if 0
+        /* Do not set the compare functions, because this may lead to a
+         * reordering by "id". We want to keep the original ordering.
+         * We may pay a price in performance during sk_SSL_CIPHER_find(),
+         * but would have to pay with the price of sk_SSL_CIPHER_dup().
+         */
+        sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
+        sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
+#endif
+
+#ifdef CIPHER_DEBUG
+        printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), srvr);
+        for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i)
+            {
+            c=sk_SSL_CIPHER_value(srvr,i);
+            printf("%p:%s\n",c,c->name);
+            }
+        printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), clnt);
+        for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i)
+            {
+            c=sk_SSL_CIPHER_value(clnt,i);
+            printf("%p:%s\n",c,c->name);
+            }
+#endif
+
+        if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
+            {
+            prio = srvr;
+            allow = clnt;
+            }
+        else
+            {
+            prio = clnt;
+            allow = srvr;
+            }
+
+        for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
+                {
+                c=sk_SSL_CIPHER_value(prio,i);
+
+                ssl_set_cert_masks(cert,c);
+                mask=cert->mask;
+                emask=cert->export_mask;
+                        
+#ifdef KSSL_DEBUG
+                printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);
+#endif    /* KSSL_DEBUG */
+
+                alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
+#ifndef OPENSSL_NO_KRB5
+                if (alg & SSL_KRB5) 
+                        {
+                        if ( !kssl_keytab_is_available(s->kssl_ctx) )
+                            continue;
+                        }
+#endif /* OPENSSL_NO_KRB5 */
+                if (SSL_C_IS_EXPORT(c))
+                        {
+                        ok=((alg & emask) == alg)?1:0;
+#ifdef CIPHER_DEBUG
+                        printf("%d:[%08lX:%08lX]%p:%s (export)\n",ok,alg,emask,
+                               c,c->name);
+#endif
+                        }
+                else
+                        {
+                        ok=((alg & mask) == alg)?1:0;
+#ifdef CIPHER_DEBUG
+                        printf("%d:[%08lX:%08lX]%p:%s\n",ok,alg,mask,c,
+                               c->name);
+#endif
+                        }
+
+                if (!ok) continue;
+        
+                j=sk_SSL_CIPHER_find(allow,c);
+                if (j >= 0)
+                        {
+                        ret=sk_SSL_CIPHER_value(allow,j);
+                        break;
+                        }
+                }
+        return(ret);
+        }
+
+int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
+        {
+        int ret=0;
+        unsigned long alg;
+
+        alg=s->s3->tmp.new_cipher->algorithms;
+
+#ifndef OPENSSL_NO_DH
+        if (alg & (SSL_kDHr|SSL_kEDH))
+                {
+#  ifndef OPENSSL_NO_RSA
+                p[ret++]=SSL3_CT_RSA_FIXED_DH;
+#  endif
+#  ifndef OPENSSL_NO_DSA
+                p[ret++]=SSL3_CT_DSS_FIXED_DH;
+#  endif
+                }
+        if ((s->version == SSL3_VERSION) &&
+                (alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
+                {
+#  ifndef OPENSSL_NO_RSA
+                p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
+#  endif
+#  ifndef OPENSSL_NO_DSA
+                p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
+#  endif
+                }
+#endif /* !OPENSSL_NO_DH */
+#ifndef OPENSSL_NO_RSA
+        p[ret++]=SSL3_CT_RSA_SIGN;
+#endif
+#ifndef OPENSSL_NO_DSA
+        p[ret++]=SSL3_CT_DSS_SIGN;
+#endif
+        return(ret);
+        }
+
+int ssl3_shutdown(SSL *s)
+        {
+
+        /* Don't do anything much if we have not done the handshake or
+         * we don't want to send messages :-) */
+        if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
+                {
+                s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+                return(1);
+                }
+
+        if (!(s->shutdown & SSL_SENT_SHUTDOWN))
+                {
+                s->shutdown|=SSL_SENT_SHUTDOWN;
+#if 1
+                ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
+#endif
+                /* our shutdown alert has been sent now, and if it still needs
+                 * to be written, s->s3->alert_dispatch will be true */
+                }
+        else if (s->s3->alert_dispatch)
+                {
+                /* resend it if not sent */
+#if 1
+                ssl3_dispatch_alert(s);
+#endif
+                }
+        else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
+                {
+                /* If we are waiting for a close from our peer, we are closed */
+                ssl3_read_bytes(s,0,NULL,0,0);
+                }
+
+        if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
+                !s->s3->alert_dispatch)
+                return(1);
+        else
+                return(0);
+        }
+
+int ssl3_write(SSL *s, const void *buf, int len)
+        {
+        int ret,n;
+
+#if 0
+        if (s->shutdown & SSL_SEND_SHUTDOWN)
+                {
+                s->rwstate=SSL_NOTHING;
+                return(0);
+                }
+#endif
+        clear_sys_error();
+        if (s->s3->renegotiate) ssl3_renegotiate_check(s);
+
+        /* This is an experimental flag that sends the
+         * last handshake message in the same packet as the first
+         * use data - used to see if it helps the TCP protocol during
+         * session-id reuse */
+        /* The second test is because the buffer may have been removed */
+        if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
+                {
+                /* First time through, we write into the buffer */
+                if (s->s3->delay_buf_pop_ret == 0)
+                        {
+                        ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
+                                             buf,len);
+                        if (ret <= 0) return(ret);
+
+                        s->s3->delay_buf_pop_ret=ret;
+                        }
+
+                s->rwstate=SSL_WRITING;
+                n=BIO_flush(s->wbio);
+                if (n <= 0) return(n);
+                s->rwstate=SSL_NOTHING;
+
+                /* We have flushed the buffer, so remove it */
+                ssl_free_wbio_buffer(s);
+                s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
+
+                ret=s->s3->delay_buf_pop_ret;
+                s->s3->delay_buf_pop_ret=0;
+                }
+        else
+                {
+                ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
+                                     buf,len);
+                if (ret <= 0) return(ret);
+                }
+
+        return(ret);
+        }
+
+static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
+        {
+        int ret;
+        
+        clear_sys_error();
+        if (s->s3->renegotiate) ssl3_renegotiate_check(s);
+        s->s3->in_read_app_data=1;
+        ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
+        if ((ret == -1) && (s->s3->in_read_app_data == 2))
+                {
+                /* ssl3_read_bytes decided to call s->handshake_func, which
+                 * called ssl3_read_bytes to read handshake data.
+                 * However, ssl3_read_bytes actually found application data
+                 * and thinks that application data makes sense here; so disable
+                 * handshake processing and try to read application data again. */
+                s->in_handshake++;
+                ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
+                s->in_handshake--;
+                }
+        else
+                s->s3->in_read_app_data=0;
+
+        return(ret);
+        }
+
+int ssl3_read(SSL *s, void *buf, int len)
+        {
+        return ssl3_read_internal(s, buf, len, 0);
+        }
+
+int ssl3_peek(SSL *s, void *buf, int len)
+        {
+        return ssl3_read_internal(s, buf, len, 1);
+        }
+
+int ssl3_renegotiate(SSL *s)
+        {
+        if (s->handshake_func == NULL)
+                return(1);
+
+        if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
+                return(0);
+
+        s->s3->renegotiate=1;
+        return(1);
+        }
+
+int ssl3_renegotiate_check(SSL *s)
+        {
+        int ret=0;
+
+        if (s->s3->renegotiate)
+                {
+                if (    (s->s3->rbuf.left == 0) &&
+                        (s->s3->wbuf.left == 0) &&
+                        !SSL_in_init(s))
+                        {
+/*
+if we are the server, and we have sent a 'RENEGOTIATE' message, we
+need to go to SSL_ST_ACCEPT.
+*/
+                        /* SSL_ST_ACCEPT */
+                        s->state=SSL_ST_RENEGOTIATE;
+                        s->s3->renegotiate=0;
+                        s->s3->num_renegotiations++;
+                        s->s3->total_renegotiations++;
+                        ret=1;
+                        }
+                }
+        return(ret);
+        }
+
diff --git a/src/lib/libssl/s3_pkt.c b/src/lib/libssl/s3_pkt.c
new file mode 100644
index 0000000000..cb0b12b400
--- /dev/null
+++ b/src/lib/libssl/s3_pkt.c
@@ -0,0 +1,1310 @@
+/* ssl/s3_pkt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "ssl_locl.h"
+#include <openssl/evp.h>
+#include <openssl/buffer.h>
+
+static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
+                         unsigned int len, int create_empty_fragment);
+static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
+                              unsigned int len);
+static int ssl3_get_record(SSL *s);
+static int do_compress(SSL *ssl);
+static int do_uncompress(SSL *ssl);
+static int do_change_cipher_spec(SSL *ssl);
+
+/* used only by ssl3_get_record */
+static int ssl3_read_n(SSL *s, int n, int max, int extend)
+        {
+        /* If extend == 0, obtain new n-byte packet; if extend == 1, increase
+         * packet by another n bytes.
+         * The packet will be in the sub-array of s->s3->rbuf.buf specified
+         * by s->packet and s->packet_length.
+         * (If s->read_ahead is set, 'max' bytes may be stored in rbuf
+         * [plus s->packet_length bytes if extend == 1].)
+         */
+        int i,off,newb;
+
+        if (!extend)
+                {
+                /* start with empty packet ... */
+                if (s->s3->rbuf.left == 0)
+                        s->s3->rbuf.offset = 0;
+                s->packet = s->s3->rbuf.buf + s->s3->rbuf.offset;
+                s->packet_length = 0;
+                /* ... now we can act as if 'extend' was set */
+                }
+
+        /* if there is enough in the buffer from a previous read, take some */
+        if (s->s3->rbuf.left >= (int)n)
+                {
+                s->packet_length+=n;
+                s->s3->rbuf.left-=n;
+                s->s3->rbuf.offset+=n;
+                return(n);
+                }
+
+        /* else we need to read more data */
+        if (!s->read_ahead)
+                max=n;
+
+        {
+                /* avoid buffer overflow */
+                int max_max = s->s3->rbuf.len - s->packet_length;
+                if (max > max_max)
+                        max = max_max;
+        }
+        if (n > max) /* does not happen */
+                {
+                SSLerr(SSL_F_SSL3_READ_N,ERR_R_INTERNAL_ERROR);
+                return -1;
+                }
+
+        off = s->packet_length;
+        newb = s->s3->rbuf.left;
+        /* Move any available bytes to front of buffer:
+         * 'off' bytes already pointed to by 'packet',
+         * 'newb' extra ones at the end */
+        if (s->packet != s->s3->rbuf.buf)
+                {
+                /*  off > 0 */
+                memmove(s->s3->rbuf.buf, s->packet, off+newb);
+                s->packet = s->s3->rbuf.buf;
+                }
+
+        while (newb < n)
+                {
+                /* Now we have off+newb bytes at the front of s->s3->rbuf.buf and need
+                 * to read in more until we have off+n (up to off+max if possible) */
+
+                clear_sys_error();
+                if (s->rbio != NULL)
+                        {
+                        s->rwstate=SSL_READING;
+                        i=BIO_read(s->rbio,     &(s->s3->rbuf.buf[off+newb]), max-newb);
+                        }
+                else
+                        {
+                        SSLerr(SSL_F_SSL3_READ_N,SSL_R_READ_BIO_NOT_SET);
+                        i = -1;
+                        }
+
+                if (i <= 0)
+                        {
+                        s->s3->rbuf.left = newb;
+                        return(i);
+                        }
+                newb+=i;
+                }
+
+        /* done reading, now the book-keeping */
+        s->s3->rbuf.offset = off + n;
+        s->s3->rbuf.left = newb - n;
+        s->packet_length += n;
+        s->rwstate=SSL_NOTHING;
+        return(n);
+        }
+
+/* Call this to get a new input record.
+ * It will return <= 0 if more data is needed, normally due to an error
+ * or non-blocking IO.
+ * When it finishes, one packet has been decoded and can be found in
+ * ssl->s3->rrec.type    - is the type of record
+ * ssl->s3->rrec.data,   - data
+ * ssl->s3->rrec.length, - number of bytes
+ */
+/* used only by ssl3_read_bytes */
+static int ssl3_get_record(SSL *s)
+        {
+        int ssl_major,ssl_minor,al;
+        int enc_err,n,i,ret= -1;
+        SSL3_RECORD *rr;
+        SSL_SESSION *sess;
+        unsigned char *p;
+        unsigned char md[EVP_MAX_MD_SIZE];
+        short version;
+        unsigned int mac_size;
+        int clear=0;
+        size_t extra;
+        int decryption_failed_or_bad_record_mac = 0;
+        unsigned char *mac = NULL;
+
+        rr= &(s->s3->rrec);
+        sess=s->session;
+
+        if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
+                extra=SSL3_RT_MAX_EXTRA;
+        else
+                extra=0;
+        if (extra != s->s3->rbuf.len - SSL3_RT_MAX_PACKET_SIZE)
+                {
+                /* actually likely an application error: SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER
+                 * set after ssl3_setup_buffers() was done */
+                SSLerr(SSL_F_SSL3_GET_RECORD, ERR_R_INTERNAL_ERROR);
+                return -1;
+                }
+
+again:
+        /* check if we have the header */
+        if (    (s->rstate != SSL_ST_READ_BODY) ||
+                (s->packet_length < SSL3_RT_HEADER_LENGTH)) 
+                {
+                n=ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);
+                if (n <= 0) return(n); /* error or non-blocking */
+                s->rstate=SSL_ST_READ_BODY;
+
+                p=s->packet;
+
+                /* Pull apart the header into the SSL3_RECORD */
+                rr->type= *(p++);
+                ssl_major= *(p++);
+                ssl_minor= *(p++);
+                version=(ssl_major<<8)|ssl_minor;
+                n2s(p,rr->length);
+
+                /* Lets check version */
+                if (s->first_packet)
+                        {
+                        s->first_packet=0;
+                        }
+                else
+                        {
+                        if (version != s->version)
+                                {
+                                SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
+                                /* Send back error using their
+                                 * version number :-) */
+                                s->version=version;
+                                al=SSL_AD_PROTOCOL_VERSION;
+                                goto f_err;
+                                }
+                        }
+
+                if ((version>>8) != SSL3_VERSION_MAJOR)
+                        {
+                        SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
+                        goto err;
+                        }
+
+                if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
+                        {
+                        al=SSL_AD_RECORD_OVERFLOW;
+                        SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PACKET_LENGTH_TOO_LONG);
+                        goto f_err;
+                        }
+
+                /* now s->rstate == SSL_ST_READ_BODY */
+                }
+
+        /* s->rstate == SSL_ST_READ_BODY, get and decode the data */
+
+        if (rr->length > s->packet_length-SSL3_RT_HEADER_LENGTH)
+                {
+                /* now s->packet_length == SSL3_RT_HEADER_LENGTH */
+                i=rr->length;
+                n=ssl3_read_n(s,i,i,1);
+                if (n <= 0) return(n); /* error or non-blocking io */
+                /* now n == rr->length,
+                 * and s->packet_length == SSL3_RT_HEADER_LENGTH + rr->length */
+                }
+
+        s->rstate=SSL_ST_READ_HEADER; /* set state for later operations */
+
+        /* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
+         * and we have that many bytes in s->packet
+         */
+        rr->input= &(s->packet[SSL3_RT_HEADER_LENGTH]);
+
+        /* ok, we can now read from 's->packet' data into 'rr'
+         * rr->input points at rr->length bytes, which
+         * need to be copied into rr->data by either
+         * the decryption or by the decompression
+         * When the data is 'copied' into the rr->data buffer,
+         * rr->input will be pointed at the new buffer */ 
+
+        /* We now have - encrypted [ MAC [ compressed [ plain ] ] ]
+         * rr->length bytes of encrypted compressed stuff. */
+
+        /* check is not needed I believe */
+        if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
+                {
+                al=SSL_AD_RECORD_OVERFLOW;
+                SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
+                goto f_err;
+                }
+
+        /* decrypt in place in 'rr->input' */
+        rr->data=rr->input;
+
+        enc_err = s->method->ssl3_enc->enc(s,0);
+        if (enc_err <= 0)
+                {
+                if (enc_err == 0)
+                        /* SSLerr() and ssl3_send_alert() have been called */
+                        goto err;
+
+                /* Otherwise enc_err == -1, which indicates bad padding
+                 * (rec->length has not been changed in this case).
+                 * To minimize information leaked via timing, we will perform
+                 * the MAC computation anyway. */
+                decryption_failed_or_bad_record_mac = 1;
+                }
+
+#ifdef TLS_DEBUG
+printf("dec %d\n",rr->length);
+{ unsigned int z; for (z=0; z<rr->length; z++) printf("%02X%c",rr->data[z],((z+1)%16)?' ':'\n'); }
+printf("\n");
+#endif
+
+        /* r->length is now the compressed data plus mac */
+        if (    (sess == NULL) ||
+                (s->enc_read_ctx == NULL) ||
+                (s->read_hash == NULL))
+                clear=1;
+
+        if (!clear)
+                {
+                mac_size=EVP_MD_size(s->read_hash);
+
+                if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size)
+                        {
+#if 0 /* OK only for stream ciphers (then rr->length is visible from ciphertext anyway) */
+                        al=SSL_AD_RECORD_OVERFLOW;
+                        SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PRE_MAC_LENGTH_TOO_LONG);
+                        goto f_err;
+#else
+                        decryption_failed_or_bad_record_mac = 1;
+#endif                  
+                        }
+                /* check the MAC for rr->input (it's in mac_size bytes at the tail) */
+                if (rr->length >= mac_size)
+                        {
+                        rr->length -= mac_size;
+                        mac = &rr->data[rr->length];
+                        }
+                else
+                        {
+                        /* record (minus padding) is too short to contain a MAC */
+#if 0 /* OK only for stream ciphers */
+                        al=SSL_AD_DECODE_ERROR;
+                        SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);
+                        goto f_err;
+#else
+                        decryption_failed_or_bad_record_mac = 1;
+                        rr->length = 0;
+#endif
+                        }
+                i=s->method->ssl3_enc->mac(s,md,0);
+                if (mac == NULL || memcmp(md, mac, mac_size) != 0)
+                        {
+                        decryption_failed_or_bad_record_mac = 1;
+                        }
+                }
+
+        if (decryption_failed_or_bad_record_mac)
+                {
+                /* A separate 'decryption_failed' alert was introduced with TLS 1.0,
+                 * SSL 3.0 only has 'bad_record_mac'.  But unless a decryption
+                 * failure is directly visible from the ciphertext anyway,
+                 * we should not reveal which kind of error occured -- this
+                 * might become visible to an attacker (e.g. via a logfile) */
+                al=SSL_AD_BAD_RECORD_MAC;
+                SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);
+                goto f_err;
+                }
+
+        /* r->length is now just compressed */
+        if (s->expand != NULL)
+                {
+                if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra)
+                        {
+                        al=SSL_AD_RECORD_OVERFLOW;
+                        SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);
+                        goto f_err;
+                        }
+                if (!do_uncompress(s))
+                        {
+                        al=SSL_AD_DECOMPRESSION_FAILURE;
+                        SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION);
+                        goto f_err;
+                        }
+                }
+
+        if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH+extra)
+                {
+                al=SSL_AD_RECORD_OVERFLOW;
+                SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);
+                goto f_err;
+                }
+
+        rr->off=0;
+        /* So at this point the following is true
+         * ssl->s3->rrec.type   is the type of record
+         * ssl->s3->rrec.length == number of bytes in record
+         * ssl->s3->rrec.off    == offset to first valid byte
+         * ssl->s3->rrec.data   == where to take bytes from, increment
+         *                         after use :-).
+         */
+
+        /* we have pulled in a full packet so zero things */
+        s->packet_length=0;
+
+        /* just read a 0 length packet */
+        if (rr->length == 0) goto again;
+
+        return(1);
+
+f_err:
+        ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+        return(ret);
+        }
+
+static int do_uncompress(SSL *ssl)
+        {
+        int i;
+        SSL3_RECORD *rr;
+
+        rr= &(ssl->s3->rrec);
+        i=COMP_expand_block(ssl->expand,rr->comp,
+                SSL3_RT_MAX_PLAIN_LENGTH,rr->data,(int)rr->length);
+        if (i < 0)
+                return(0);
+        else
+                rr->length=i;
+        rr->data=rr->comp;
+
+        return(1);
+        }
+
+static int do_compress(SSL *ssl)
+        {
+        int i;
+        SSL3_RECORD *wr;
+
+        wr= &(ssl->s3->wrec);
+        i=COMP_compress_block(ssl->compress,wr->data,
+                SSL3_RT_MAX_COMPRESSED_LENGTH,
+                wr->input,(int)wr->length);
+        if (i < 0)
+                return(0);
+        else
+                wr->length=i;
+
+        wr->input=wr->data;
+        return(1);
+        }
+
+/* Call this to write data in records of type 'type'
+ * It will return <= 0 if not all data has been sent or non-blocking IO.
+ */
+int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
+        {
+        const unsigned char *buf=buf_;
+        unsigned int tot,n,nw;
+        int i;
+
+        s->rwstate=SSL_NOTHING;
+        tot=s->s3->wnum;
+        s->s3->wnum=0;
+
+        if (SSL_in_init(s) && !s->in_handshake)
+                {
+                i=s->handshake_func(s);
+                if (i < 0) return(i);
+                if (i == 0)
+                        {
+                        SSLerr(SSL_F_SSL3_WRITE_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
+                        return -1;
+                        }
+                }
+
+        n=(len-tot);
+        for (;;)
+                {
+                if (n > SSL3_RT_MAX_PLAIN_LENGTH)
+                        nw=SSL3_RT_MAX_PLAIN_LENGTH;
+                else
+                        nw=n;
+
+                i=do_ssl3_write(s, type, &(buf[tot]), nw, 0);
+                if (i <= 0)
+                        {
+                        s->s3->wnum=tot;
+                        return i;
+                        }
+
+                if ((i == (int)n) ||
+                        (type == SSL3_RT_APPLICATION_DATA &&
+                         (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE)))
+                        {
+                        /* next chunk of data should get another prepended empty fragment
+                         * in ciphersuites with known-IV weakness: */
+                        s->s3->empty_fragment_done = 0;
+                        
+                        return tot+i;
+                        }
+
+                n-=i;
+                tot+=i;
+                }
+        }
+
+static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
+                         unsigned int len, int create_empty_fragment)
+        {
+        unsigned char *p,*plen;
+        int i,mac_size,clear=0;
+        int prefix_len = 0;
+        SSL3_RECORD *wr;
+        SSL3_BUFFER *wb;
+        SSL_SESSION *sess;
+
+        /* first check if there is a SSL3_BUFFER still being written
+         * out.  This will happen with non blocking IO */
+        if (s->s3->wbuf.left != 0)
+                return(ssl3_write_pending(s,type,buf,len));
+
+        /* If we have an alert to send, lets send it */
+        if (s->s3->alert_dispatch)
+                {
+                i=ssl3_dispatch_alert(s);
+                if (i <= 0)
+                        return(i);
+                /* if it went, fall through and send more stuff */
+                }
+
+        if (len == 0 && !create_empty_fragment)
+                return 0;
+
+        wr= &(s->s3->wrec);
+        wb= &(s->s3->wbuf);
+        sess=s->session;
+
+        if (    (sess == NULL) ||
+                (s->enc_write_ctx == NULL) ||
+                (s->write_hash == NULL))
+                clear=1;
+
+        if (clear)
+                mac_size=0;
+        else
+                mac_size=EVP_MD_size(s->write_hash);
+
+        /* 'create_empty_fragment' is true only when this function calls itself */
+        if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done)
+                {
+                /* countermeasure against known-IV weakness in CBC ciphersuites
+                 * (see http://www.openssl.org/~bodo/tls-cbc.txt) */
+
+                if (s->s3->need_empty_fragments && type == SSL3_RT_APPLICATION_DATA)
+                        {
+                        /* recursive function call with 'create_empty_fragment' set;
+                         * this prepares and buffers the data for an empty fragment
+                         * (these 'prefix_len' bytes are sent out later
+                         * together with the actual payload) */
+                        prefix_len = do_ssl3_write(s, type, buf, 0, 1);
+                        if (prefix_len <= 0)
+                                goto err;
+
+                        if (s->s3->wbuf.len < (size_t)prefix_len + SSL3_RT_MAX_PACKET_SIZE)
+                                {
+                                /* insufficient space */
+                                SSLerr(SSL_F_DO_SSL3_WRITE, ERR_R_INTERNAL_ERROR);
+                                goto err;
+                                }
+                        }
+                
+                s->s3->empty_fragment_done = 1;
+                }
+
+        p = wb->buf + prefix_len;
+
+        /* write the header */
+
+        *(p++)=type&0xff;
+        wr->type=type;
+
+        *(p++)=(s->version>>8);
+        *(p++)=s->version&0xff;
+
+        /* field where we are to write out packet length */
+        plen=p; 
+        p+=2;
+
+        /* lets setup the record stuff. */
+        wr->data=p;
+        wr->length=(int)len;
+        wr->input=(unsigned char *)buf;
+
+        /* we now 'read' from wr->input, wr->length bytes into
+         * wr->data */
+
+        /* first we compress */
+        if (s->compress != NULL)
+                {
+                if (!do_compress(s))
+                        {
+                        SSLerr(SSL_F_DO_SSL3_WRITE,SSL_R_COMPRESSION_FAILURE);
+                        goto err;
+                        }
+                }
+        else
+                {
+                memcpy(wr->data,wr->input,wr->length);
+                wr->input=wr->data;
+                }
+
+        /* we should still have the output to wr->data and the input
+         * from wr->input.  Length should be wr->length.
+         * wr->data still points in the wb->buf */
+
+        if (mac_size != 0)
+                {
+                s->method->ssl3_enc->mac(s,&(p[wr->length]),1);
+                wr->length+=mac_size;
+                wr->input=p;
+                wr->data=p;
+                }
+
+        /* ssl3_enc can only have an error on read */
+        s->method->ssl3_enc->enc(s,1);
+
+        /* record length after mac and block padding */
+        s2n(wr->length,plen);
+
+        /* we should now have
+         * wr->data pointing to the encrypted data, which is
+         * wr->length long */
+        wr->type=type; /* not needed but helps for debugging */
+        wr->length+=SSL3_RT_HEADER_LENGTH;
+
+        if (create_empty_fragment)
+                {
+                /* we are in a recursive call;
+                 * just return the length, don't write out anything here
+                 */
+                return wr->length;
+                }
+
+        /* now let's set up wb */
+        wb->left = prefix_len + wr->length;
+        wb->offset = 0;
+
+        /* memorize arguments so that ssl3_write_pending can detect bad write retries later */
+        s->s3->wpend_tot=len;
+        s->s3->wpend_buf=buf;
+        s->s3->wpend_type=type;
+        s->s3->wpend_ret=len;
+
+        /* we now just need to write the buffer */
+        return ssl3_write_pending(s,type,buf,len);
+err:
+        return -1;
+        }
+
+/* if s->s3->wbuf.left != 0, we need to call this */
+static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
+                              unsigned int len)
+        {
+        int i;
+
+/* XXXX */
+        if ((s->s3->wpend_tot > (int)len)
+                || ((s->s3->wpend_buf != buf) &&
+                        !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))
+                || (s->s3->wpend_type != type))
+                {
+                SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY);
+                return(-1);
+                }
+
+        for (;;)
+                {
+                clear_sys_error();
+                if (s->wbio != NULL)
+                        {
+                        s->rwstate=SSL_WRITING;
+                        i=BIO_write(s->wbio,
+                                (char *)&(s->s3->wbuf.buf[s->s3->wbuf.offset]),
+                                (unsigned int)s->s3->wbuf.left);
+                        }
+                else
+                        {
+                        SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BIO_NOT_SET);
+                        i= -1;
+                        }
+                if (i == s->s3->wbuf.left)
+                        {
+                        s->s3->wbuf.left=0;
+                        s->rwstate=SSL_NOTHING;
+                        return(s->s3->wpend_ret);
+                        }
+                else if (i <= 0)
+                        return(i);
+                s->s3->wbuf.offset+=i;
+                s->s3->wbuf.left-=i;
+                }
+        }
+
+/* Return up to 'len' payload bytes received in 'type' records.
+ * 'type' is one of the following:
+ *
+ *   -  SSL3_RT_HANDSHAKE (when ssl3_get_message calls us)
+ *   -  SSL3_RT_APPLICATION_DATA (when ssl3_read calls us)
+ *   -  0 (during a shutdown, no data has to be returned)
+ *
+ * If we don't have stored data to work from, read a SSL/TLS record first
+ * (possibly multiple records if we still don't have anything to return).
+ *
+ * This function must handle any surprises the peer may have for us, such as
+ * Alert records (e.g. close_notify), ChangeCipherSpec records (not really
+ * a surprise, but handled as if it were), or renegotiation requests.
+ * Also if record payloads contain fragments too small to process, we store
+ * them until there is enough for the respective protocol (the record protocol
+ * may use arbitrary fragmentation and even interleaving):
+ *     Change cipher spec protocol
+ *             just 1 byte needed, no need for keeping anything stored
+ *     Alert protocol
+ *             2 bytes needed (AlertLevel, AlertDescription)
+ *     Handshake protocol
+ *             4 bytes needed (HandshakeType, uint24 length) -- we just have
+ *             to detect unexpected Client Hello and Hello Request messages
+ *             here, anything else is handled by higher layers
+ *     Application data protocol
+ *             none of our business
+ */
+int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
+        {
+        int al,i,j,ret;
+        unsigned int n;
+        SSL3_RECORD *rr;
+        void (*cb)(const SSL *ssl,int type2,int val)=NULL;
+
+        if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
+                if (!ssl3_setup_buffers(s))
+                        return(-1);
+
+        if ((type && (type != SSL3_RT_APPLICATION_DATA) && (type != SSL3_RT_HANDSHAKE) && type) ||
+            (peek && (type != SSL3_RT_APPLICATION_DATA)))
+                {
+                SSLerr(SSL_F_SSL3_READ_BYTES, ERR_R_INTERNAL_ERROR);
+                return -1;
+                }
+
+        if ((type == SSL3_RT_HANDSHAKE) && (s->s3->handshake_fragment_len > 0))
+                /* (partially) satisfy request from storage */
+                {
+                unsigned char *src = s->s3->handshake_fragment;
+                unsigned char *dst = buf;
+                unsigned int k;
+
+                /* peek == 0 */
+                n = 0;
+                while ((len > 0) && (s->s3->handshake_fragment_len > 0))
+                        {
+                        *dst++ = *src++;
+                        len--; s->s3->handshake_fragment_len--;
+                        n++;
+                        }
+                /* move any remaining fragment bytes: */
+                for (k = 0; k < s->s3->handshake_fragment_len; k++)
+                        s->s3->handshake_fragment[k] = *src++;
+                return n;
+        }
+
+        /* Now s->s3->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE. */
+
+        if (!s->in_handshake && SSL_in_init(s))
+                {
+                /* type == SSL3_RT_APPLICATION_DATA */
+                i=s->handshake_func(s);
+                if (i < 0) return(i);
+                if (i == 0)
+                        {
+                        SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
+                        return(-1);
+                        }
+                }
+start:
+        s->rwstate=SSL_NOTHING;
+
+        /* s->s3->rrec.type         - is the type of record
+         * s->s3->rrec.data,    - data
+         * s->s3->rrec.off,     - offset into 'data' for next read
+         * s->s3->rrec.length,  - number of bytes. */
+        rr = &(s->s3->rrec);
+
+        /* get new packet if necessary */
+        if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY))
+                {
+                ret=ssl3_get_record(s);
+                if (ret <= 0) return(ret);
+                }
+
+        /* we now have a packet which can be read and processed */
+
+        if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
+                                       * reset by ssl3_get_finished */
+                && (rr->type != SSL3_RT_HANDSHAKE))
+                {
+                al=SSL_AD_UNEXPECTED_MESSAGE;
+                SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_DATA_BETWEEN_CCS_AND_FINISHED);
+                goto f_err;
+                }
+
+        /* If the other end has shut down, throw anything we read away
+         * (even in 'peek' mode) */
+        if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
+                {
+                rr->length=0;
+                s->rwstate=SSL_NOTHING;
+                return(0);
+                }
+
+
+        if (type == rr->type) /* SSL3_RT_APPLICATION_DATA or SSL3_RT_HANDSHAKE */
+                {
+                /* make sure that we are not getting application data when we
+                 * are doing a handshake for the first time */
+                if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
+                        (s->enc_read_ctx == NULL))
+                        {
+                        al=SSL_AD_UNEXPECTED_MESSAGE;
+                        SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_APP_DATA_IN_HANDSHAKE);
+                        goto f_err;
+                        }
+
+                if (len <= 0) return(len);
+
+                if ((unsigned int)len > rr->length)
+                        n = rr->length;
+                else
+                        n = (unsigned int)len;
+
+                memcpy(buf,&(rr->data[rr->off]),n);
+                if (!peek)
+                        {
+                        rr->length-=n;
+                        rr->off+=n;
+                        if (rr->length == 0)
+                                {
+                                s->rstate=SSL_ST_READ_HEADER;
+                                rr->off=0;
+                                }
+                        }
+                return(n);
+                }
+
+
+        /* If we get here, then type != rr->type; if we have a handshake
+         * message, then it was unexpected (Hello Request or Client Hello). */
+
+        /* In case of record types for which we have 'fragment' storage,
+         * fill that so that we can process the data at a fixed place.
+         */
+                {
+                unsigned int dest_maxlen = 0;
+                unsigned char *dest = NULL;
+                unsigned int *dest_len = NULL;
+
+                if (rr->type == SSL3_RT_HANDSHAKE)
+                        {
+                        dest_maxlen = sizeof s->s3->handshake_fragment;
+                        dest = s->s3->handshake_fragment;
+                        dest_len = &s->s3->handshake_fragment_len;
+                        }
+                else if (rr->type == SSL3_RT_ALERT)
+                        {
+                        dest_maxlen = sizeof s->s3->alert_fragment;
+                        dest = s->s3->alert_fragment;
+                        dest_len = &s->s3->alert_fragment_len;
+                        }
+
+                if (dest_maxlen > 0)
+                        {
+                        n = dest_maxlen - *dest_len; /* available space in 'dest' */
+                        if (rr->length < n)
+                                n = rr->length; /* available bytes */
+
+                        /* now move 'n' bytes: */
+                        while (n-- > 0)
+                                {
+                                dest[(*dest_len)++] = rr->data[rr->off++];
+                                rr->length--;
+                                }
+
+                        if (*dest_len < dest_maxlen)
+                                goto start; /* fragment was too small */
+                        }
+                }
+
+        /* s->s3->handshake_fragment_len == 4  iff  rr->type == SSL3_RT_HANDSHAKE;
+         * s->s3->alert_fragment_len == 2      iff  rr->type == SSL3_RT_ALERT.
+         * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) */
+
+        /* If we are a client, check for an incoming 'Hello Request': */
+        if ((!s->server) &&
+                (s->s3->handshake_fragment_len >= 4) &&
+                (s->s3->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) &&
+                (s->session != NULL) && (s->session->cipher != NULL))
+                {
+                s->s3->handshake_fragment_len = 0;
+
+                if ((s->s3->handshake_fragment[1] != 0) ||
+                        (s->s3->handshake_fragment[2] != 0) ||
+                        (s->s3->handshake_fragment[3] != 0))
+                        {
+                        al=SSL_AD_DECODE_ERROR;
+                        SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_HELLO_REQUEST);
+                        goto f_err;
+                        }
+
+                if (s->msg_callback)
+                        s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->s3->handshake_fragment, 4, s, s->msg_callback_arg);
+
+                if (SSL_is_init_finished(s) &&
+                        !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
+                        !s->s3->renegotiate)
+                        {
+                        ssl3_renegotiate(s);
+                        if (ssl3_renegotiate_check(s))
+                                {
+                                i=s->handshake_func(s);
+                                if (i < 0) return(i);
+                                if (i == 0)
+                                        {
+                                        SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
+                                        return(-1);
+                                        }
+
+                                if (!(s->mode & SSL_MODE_AUTO_RETRY))
+                                        {
+                                        if (s->s3->rbuf.left == 0) /* no read-ahead left? */
+                                                {
+                                                BIO *bio;
+                                                /* In the case where we try to read application data,
+                                                 * but we trigger an SSL handshake, we return -1 with
+                                                 * the retry option set.  Otherwise renegotiation may
+                                                 * cause nasty problems in the blocking world */
+                                                s->rwstate=SSL_READING;
+                                                bio=SSL_get_rbio(s);
+                                                BIO_clear_retry_flags(bio);
+                                                BIO_set_retry_read(bio);
+                                                return(-1);
+                                                }
+                                        }
+                                }
+                        }
+                /* we either finished a handshake or ignored the request,
+                 * now try again to obtain the (application) data we were asked for */
+                goto start;
+                }
+
+        if (s->s3->alert_fragment_len >= 2)
+                {
+                int alert_level = s->s3->alert_fragment[0];
+                int alert_descr = s->s3->alert_fragment[1];
+
+                s->s3->alert_fragment_len = 0;
+
+                if (s->msg_callback)
+                        s->msg_callback(0, s->version, SSL3_RT_ALERT, s->s3->alert_fragment, 2, s, s->msg_callback_arg);
+
+                if (s->info_callback != NULL)
+                        cb=s->info_callback;
+                else if (s->ctx->info_callback != NULL)
+                        cb=s->ctx->info_callback;
+
+                if (cb != NULL)
+                        {
+                        j = (alert_level << 8) | alert_descr;
+                        cb(s, SSL_CB_READ_ALERT, j);
+                        }
+
+                if (alert_level == 1) /* warning */
+                        {
+                        s->s3->warn_alert = alert_descr;
+                        if (alert_descr == SSL_AD_CLOSE_NOTIFY)
+                                {
+                                s->shutdown |= SSL_RECEIVED_SHUTDOWN;
+                                return(0);
+                                }
+                        }
+                else if (alert_level == 2) /* fatal */
+                        {
+                        char tmp[16];
+
+                        s->rwstate=SSL_NOTHING;
+                        s->s3->fatal_alert = alert_descr;
+                        SSLerr(SSL_F_SSL3_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr);
+                        BIO_snprintf(tmp,sizeof tmp,"%d",alert_descr);
+                        ERR_add_error_data(2,"SSL alert number ",tmp);
+                        s->shutdown|=SSL_RECEIVED_SHUTDOWN;
+                        SSL_CTX_remove_session(s->ctx,s->session);
+                        return(0);
+                        }
+                else
+                        {
+                        al=SSL_AD_ILLEGAL_PARAMETER;
+                        SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNKNOWN_ALERT_TYPE);
+                        goto f_err;
+                        }
+
+                goto start;
+                }
+
+        if (s->shutdown & SSL_SENT_SHUTDOWN) /* but we have not received a shutdown */
+                {
+                s->rwstate=SSL_NOTHING;
+                rr->length=0;
+                return(0);
+                }
+
+        if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC)
+                {
+                /* 'Change Cipher Spec' is just a single byte, so we know
+                 * exactly what the record payload has to look like */
+                if (    (rr->length != 1) || (rr->off != 0) ||
+                        (rr->data[0] != SSL3_MT_CCS))
+                        {
+                        al=SSL_AD_ILLEGAL_PARAMETER;
+                        SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC);
+                        goto f_err;
+                        }
+
+                /* Check we have a cipher to change to */
+                if (s->s3->tmp.new_cipher == NULL)
+                        {
+                        al=SSL_AD_UNEXPECTED_MESSAGE;
+                        SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY);
+                        goto f_err;
+                        }
+
+                rr->length=0;
+
+                if (s->msg_callback)
+                        s->msg_callback(0, s->version, SSL3_RT_CHANGE_CIPHER_SPEC, rr->data, 1, s, s->msg_callback_arg);
+
+                s->s3->change_cipher_spec=1;
+                if (!do_change_cipher_spec(s))
+                        goto err;
+                else
+                        goto start;
+                }
+
+        /* Unexpected handshake message (Client Hello, or protocol violation) */
+        if ((s->s3->handshake_fragment_len >= 4) &&     !s->in_handshake)
+                {
+                if (((s->state&SSL_ST_MASK) == SSL_ST_OK) &&
+                        !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS))
+                        {
+#if 0 /* worked only because C operator preferences are not as expected (and
+       * because this is not really needed for clients except for detecting
+       * protocol violations): */
+                        s->state=SSL_ST_BEFORE|(s->server)
+                                ?SSL_ST_ACCEPT
+                                :SSL_ST_CONNECT;
+#else
+                        s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
+#endif
+                        s->new_session=1;
+                        }
+                i=s->handshake_func(s);
+                if (i < 0) return(i);
+                if (i == 0)
+                        {
+                        SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
+                        return(-1);
+                        }
+
+                if (!(s->mode & SSL_MODE_AUTO_RETRY))
+                        {
+                        if (s->s3->rbuf.left == 0) /* no read-ahead left? */
+                                {
+                                BIO *bio;
+                                /* In the case where we try to read application data,
+                                 * but we trigger an SSL handshake, we return -1 with
+                                 * the retry option set.  Otherwise renegotiation may
+                                 * cause nasty problems in the blocking world */
+                                s->rwstate=SSL_READING;
+                                bio=SSL_get_rbio(s);
+                                BIO_clear_retry_flags(bio);
+                                BIO_set_retry_read(bio);
+                                return(-1);
+                                }
+                        }
+                goto start;
+                }
+
+        switch (rr->type)
+                {
+        default:
+#ifndef OPENSSL_NO_TLS
+                /* TLS just ignores unknown message types */
+                if (s->version == TLS1_VERSION)
+                        {
+                        rr->length = 0;
+                        goto start;
+                        }
+#endif
+                al=SSL_AD_UNEXPECTED_MESSAGE;
+                SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
+                goto f_err;
+        case SSL3_RT_CHANGE_CIPHER_SPEC:
+        case SSL3_RT_ALERT:
+        case SSL3_RT_HANDSHAKE:
+                /* we already handled all of these, with the possible exception
+                 * of SSL3_RT_HANDSHAKE when s->in_handshake is set, but that
+                 * should not happen when type != rr->type */
+                al=SSL_AD_UNEXPECTED_MESSAGE;
+                SSLerr(SSL_F_SSL3_READ_BYTES,ERR_R_INTERNAL_ERROR);
+                goto f_err;
+        case SSL3_RT_APPLICATION_DATA:
+                /* At this point, we were expecting handshake data,
+                 * but have application data.  If the library was
+                 * running inside ssl3_read() (i.e. in_read_app_data
+                 * is set) and it makes sense to read application data
+                 * at this point (session renegotiation not yet started),
+                 * we will indulge it.
+                 */
+                if (s->s3->in_read_app_data &&
+                        (s->s3->total_renegotiations != 0) &&
+                        ((
+                                (s->state & SSL_ST_CONNECT) &&
+                                (s->state >= SSL3_ST_CW_CLNT_HELLO_A) &&
+                                (s->state <= SSL3_ST_CR_SRVR_HELLO_A)
+                                ) || (
+                                        (s->state & SSL_ST_ACCEPT) &&
+                                        (s->state <= SSL3_ST_SW_HELLO_REQ_A) &&
+                                        (s->state >= SSL3_ST_SR_CLNT_HELLO_A)
+                                        )
+                                ))
+                        {
+                        s->s3->in_read_app_data=2;
+                        return(-1);
+                        }
+                else
+                        {
+                        al=SSL_AD_UNEXPECTED_MESSAGE;
+                        SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
+                        goto f_err;
+                        }
+                }
+        /* not reached */
+
+f_err:
+        ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+        return(-1);
+        }
+
+static int do_change_cipher_spec(SSL *s)
+        {
+        int i;
+        const char *sender;
+        int slen;
+
+        if (s->state & SSL_ST_ACCEPT)
+                i=SSL3_CHANGE_CIPHER_SERVER_READ;
+        else
+                i=SSL3_CHANGE_CIPHER_CLIENT_READ;
+
+        if (s->s3->tmp.key_block == NULL)
+                {
+                s->session->cipher=s->s3->tmp.new_cipher;
+                if (!s->method->ssl3_enc->setup_key_block(s)) return(0);
+                }
+
+        if (!s->method->ssl3_enc->change_cipher_state(s,i))
+                return(0);
+
+        /* we have to record the message digest at
+         * this point so we can get it before we read
+         * the finished message */
+        if (s->state & SSL_ST_CONNECT)
+                {
+                sender=s->method->ssl3_enc->server_finished_label;
+                slen=s->method->ssl3_enc->server_finished_label_len;
+                }
+        else
+                {
+                sender=s->method->ssl3_enc->client_finished_label;
+                slen=s->method->ssl3_enc->client_finished_label_len;
+                }
+
+        s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
+                &(s->s3->finish_dgst1),
+                &(s->s3->finish_dgst2),
+                sender,slen,s->s3->tmp.peer_finish_md);
+
+        return(1);
+        }
+
+void ssl3_send_alert(SSL *s, int level, int desc)
+        {
+        /* Map tls/ssl alert value to correct one */
+        desc=s->method->ssl3_enc->alert_value(desc);
+        if (s->version == SSL3_VERSION && desc == SSL_AD_PROTOCOL_VERSION)
+                desc = SSL_AD_HANDSHAKE_FAILURE; /* SSL 3.0 does not have protocol_version alerts */
+        if (desc < 0) return;
+        /* If a fatal one, remove from cache */
+        if ((level == 2) && (s->session != NULL))
+                SSL_CTX_remove_session(s->ctx,s->session);
+
+        s->s3->alert_dispatch=1;
+        s->s3->send_alert[0]=level;
+        s->s3->send_alert[1]=desc;
+        if (s->s3->wbuf.left == 0) /* data still being written out? */
+                ssl3_dispatch_alert(s);
+        /* else data is still being written out, we will get written
+         * some time in the future */
+        }
+
+int ssl3_dispatch_alert(SSL *s)
+        {
+        int i,j;
+        void (*cb)(const SSL *ssl,int type,int val)=NULL;
+
+        s->s3->alert_dispatch=0;
+        i = do_ssl3_write(s, SSL3_RT_ALERT, &s->s3->send_alert[0], 2, 0);
+        if (i <= 0)
+                {
+                s->s3->alert_dispatch=1;
+                }
+        else
+                {
+                /* Alert sent to BIO.  If it is important, flush it now.
+                 * If the message does not get sent due to non-blocking IO,
+                 * we will not worry too much. */
+                if (s->s3->send_alert[0] == SSL3_AL_FATAL)
+                        (void)BIO_flush(s->wbio);
+
+                if (s->msg_callback)
+                        s->msg_callback(1, s->version, SSL3_RT_ALERT, s->s3->send_alert, 2, s, s->msg_callback_arg);
+
+                if (s->info_callback != NULL)
+                        cb=s->info_callback;
+                else if (s->ctx->info_callback != NULL)
+                        cb=s->ctx->info_callback;
+
+                if (cb != NULL)
+                        {
+                        j=(s->s3->send_alert[0]<<8)|s->s3->send_alert[1];
+                        cb(s,SSL_CB_WRITE_ALERT,j);
+                        }
+                }
+        return(i);
+        }
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
new file mode 100644
index 0000000000..c4a1a71523
--- /dev/null
+++ b/src/lib/libssl/s3_srvr.c
@@ -0,0 +1,2082 @@
+/* ssl/s3_srvr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#define REUSE_CIPHER_BUG
+#define NETSCAPE_HANG_BUG
+
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include "kssl_lcl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#ifndef OPENSSL_NO_KRB5
+#include <openssl/krb5_asn.h>
+#endif
+#include <openssl/md5.h>
+#include <openssl/fips.h>
+
+static SSL_METHOD *ssl3_get_server_method(int ver);
+static int ssl3_get_client_hello(SSL *s);
+static int ssl3_check_client_hello(SSL *s);
+static int ssl3_send_server_hello(SSL *s);
+static int ssl3_send_server_key_exchange(SSL *s);
+static int ssl3_send_certificate_request(SSL *s);
+static int ssl3_send_server_done(SSL *s);
+static int ssl3_get_client_key_exchange(SSL *s);
+static int ssl3_get_client_certificate(SSL *s);
+static int ssl3_get_cert_verify(SSL *s);
+static int ssl3_send_hello_request(SSL *s);
+
+static SSL_METHOD *ssl3_get_server_method(int ver)
+        {
+        if (ver == SSL3_VERSION)
+                return(SSLv3_server_method());
+        else
+                return(NULL);
+        }
+
+SSL_METHOD *SSLv3_server_method(void)
+        {
+        static int init=1;
+        static SSL_METHOD SSLv3_server_data;
+
+        if (init)
+                {
+                CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
+
+                if (init)
+                        {
+                        memcpy((char *)&SSLv3_server_data,(char *)sslv3_base_method(),
+                                sizeof(SSL_METHOD));
+                        SSLv3_server_data.ssl_accept=ssl3_accept;
+                        SSLv3_server_data.get_ssl_method=ssl3_get_server_method;
+                        init=0;
+                        }
+                        
+                CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
+                }
+        return(&SSLv3_server_data);
+        }
+
+int ssl3_accept(SSL *s)
+        {
+        BUF_MEM *buf;
+        unsigned long l,Time=time(NULL);
+        void (*cb)(const SSL *ssl,int type,int val)=NULL;
+        long num1;
+        int ret= -1;
+        int new_state,state,skip=0;
+
+        RAND_add(&Time,sizeof(Time),0);
+        ERR_clear_error();
+        clear_sys_error();
+
+        if (s->info_callback != NULL)
+                cb=s->info_callback;
+        else if (s->ctx->info_callback != NULL)
+                cb=s->ctx->info_callback;
+
+        /* init things to blank */
+        s->in_handshake++;
+        if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
+
+        if (s->cert == NULL)
+                {
+                SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_NO_CERTIFICATE_SET);
+                return(-1);
+                }
+
+        for (;;)
+                {
+                state=s->state;
+
+                switch (s->state)
+                        {
+                case SSL_ST_RENEGOTIATE:
+                        s->new_session=1;
+                        /* s->state=SSL_ST_ACCEPT; */
+
+                case SSL_ST_BEFORE:
+                case SSL_ST_ACCEPT:
+                case SSL_ST_BEFORE|SSL_ST_ACCEPT:
+                case SSL_ST_OK|SSL_ST_ACCEPT:
+
+                        s->server=1;
+                        if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
+
+                        if ((s->version>>8) != 3)
+                                {
+                                SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);
+                                return -1;
+                                }
+                        s->type=SSL_ST_ACCEPT;
+
+                        if (s->init_buf == NULL)
+                                {
+                                if ((buf=BUF_MEM_new()) == NULL)
+                                        {
+                                        ret= -1;
+                                        goto end;
+                                        }
+                                if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
+                                        {
+                                        ret= -1;
+                                        goto end;
+                                        }
+                                s->init_buf=buf;
+                                }
+
+                        if (!ssl3_setup_buffers(s))
+                                {
+                                ret= -1;
+                                goto end;
+                                }
+
+                        s->init_num=0;
+
+                        if (s->state != SSL_ST_RENEGOTIATE)
+                                {
+                                /* Ok, we now need to push on a buffering BIO so that
+                                 * the output is sent in a way that TCP likes :-)
+                                 */
+                                if (!ssl_init_wbio_buffer(s,1)) { ret= -1; goto end; }
+                                
+                                ssl3_init_finished_mac(s);
+                                s->state=SSL3_ST_SR_CLNT_HELLO_A;
+                                s->ctx->stats.sess_accept++;
+                                }
+                        else
+                                {
+                                /* s->state == SSL_ST_RENEGOTIATE,
+                                 * we will just send a HelloRequest */
+                                s->ctx->stats.sess_accept_renegotiate++;
+                                s->state=SSL3_ST_SW_HELLO_REQ_A;
+                                }
+                        break;
+
+                case SSL3_ST_SW_HELLO_REQ_A:
+                case SSL3_ST_SW_HELLO_REQ_B:
+
+                        s->shutdown=0;
+                        ret=ssl3_send_hello_request(s);
+                        if (ret <= 0) goto end;
+                        s->s3->tmp.next_state=SSL3_ST_SW_HELLO_REQ_C;
+                        s->state=SSL3_ST_SW_FLUSH;
+                        s->init_num=0;
+
+                        ssl3_init_finished_mac(s);
+                        break;
+
+                case SSL3_ST_SW_HELLO_REQ_C:
+                        s->state=SSL_ST_OK;
+                        break;
+
+                case SSL3_ST_SR_CLNT_HELLO_A:
+                case SSL3_ST_SR_CLNT_HELLO_B:
+                case SSL3_ST_SR_CLNT_HELLO_C:
+
+                        s->shutdown=0;
+                        ret=ssl3_get_client_hello(s);
+                        if (ret <= 0) goto end;
+                        s->new_session = 2;
+                        s->state=SSL3_ST_SW_SRVR_HELLO_A;
+                        s->init_num=0;
+                        break;
+
+                case SSL3_ST_SW_SRVR_HELLO_A:
+                case SSL3_ST_SW_SRVR_HELLO_B:
+                        ret=ssl3_send_server_hello(s);
+                        if (ret <= 0) goto end;
+
+                        if (s->hit)
+                                s->state=SSL3_ST_SW_CHANGE_A;
+                        else
+                                s->state=SSL3_ST_SW_CERT_A;
+                        s->init_num=0;
+                        break;
+
+                case SSL3_ST_SW_CERT_A:
+                case SSL3_ST_SW_CERT_B:
+                        /* Check if it is anon DH */
+                        if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
+                                {
+                                ret=ssl3_send_server_certificate(s);
+                                if (ret <= 0) goto end;
+                                }
+                        else
+                                skip=1;
+                        s->state=SSL3_ST_SW_KEY_EXCH_A;
+                        s->init_num=0;
+                        break;
+
+                case SSL3_ST_SW_KEY_EXCH_A:
+                case SSL3_ST_SW_KEY_EXCH_B:
+                        l=s->s3->tmp.new_cipher->algorithms;
+
+                        /* clear this, it may get reset by
+                         * send_server_key_exchange */
+                        if ((s->options & SSL_OP_EPHEMERAL_RSA)
+#ifndef OPENSSL_NO_KRB5
+                                && !(l & SSL_KRB5)
+#endif /* OPENSSL_NO_KRB5 */
+                                )
+                                /* option SSL_OP_EPHEMERAL_RSA sends temporary RSA key
+                                 * even when forbidden by protocol specs
+                                 * (handshake may fail as clients are not required to
+                                 * be able to handle this) */
+                                s->s3->tmp.use_rsa_tmp=1;
+                        else
+                                s->s3->tmp.use_rsa_tmp=0;
+
+                        /* only send if a DH key exchange, fortezza or
+                         * RSA but we have a sign only certificate */
+                        if (s->s3->tmp.use_rsa_tmp
+                            || (l & (SSL_DH|SSL_kFZA))
+                            || ((l & SSL_kRSA)
+                                && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
+                                    || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
+                                        && EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
+                                        )
+                                    )
+                                )
+                            )
+                                {
+                                ret=ssl3_send_server_key_exchange(s);
+                                if (ret <= 0) goto end;
+                                }
+                        else
+                                skip=1;
+
+                        s->state=SSL3_ST_SW_CERT_REQ_A;
+                        s->init_num=0;
+                        break;
+
+                case SSL3_ST_SW_CERT_REQ_A:
+                case SSL3_ST_SW_CERT_REQ_B:
+                        if (/* don't request cert unless asked for it: */
+                                !(s->verify_mode & SSL_VERIFY_PEER) ||
+                                /* if SSL_VERIFY_CLIENT_ONCE is set,
+                                 * don't request cert during re-negotiation: */
+                                ((s->session->peer != NULL) &&
+                                 (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) ||
+                                /* never request cert in anonymous ciphersuites
+                                 * (see section "Certificate request" in SSL 3 drafts
+                                 * and in RFC 2246): */
+                                ((s->s3->tmp.new_cipher->algorithms & SSL_aNULL) &&
+                                 /* ... except when the application insists on verification
+                                  * (against the specs, but s3_clnt.c accepts this for SSL 3) */
+                                 !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) ||
+                                 /* never request cert in Kerberos ciphersuites */
+                                (s->s3->tmp.new_cipher->algorithms & SSL_aKRB5))
+                                {
+                                /* no cert request */
+                                skip=1;
+                                s->s3->tmp.cert_request=0;
+                                s->state=SSL3_ST_SW_SRVR_DONE_A;
+                                }
+                        else
+                                {
+                                s->s3->tmp.cert_request=1;
+                                ret=ssl3_send_certificate_request(s);
+                                if (ret <= 0) goto end;
+#ifndef NETSCAPE_HANG_BUG
+                                s->state=SSL3_ST_SW_SRVR_DONE_A;
+#else
+                                s->state=SSL3_ST_SW_FLUSH;
+                                s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
+#endif
+                                s->init_num=0;
+                                }
+                        break;
+
+                case SSL3_ST_SW_SRVR_DONE_A:
+                case SSL3_ST_SW_SRVR_DONE_B:
+                        ret=ssl3_send_server_done(s);
+                        if (ret <= 0) goto end;
+                        s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
+                        s->state=SSL3_ST_SW_FLUSH;
+                        s->init_num=0;
+                        break;
+                
+                case SSL3_ST_SW_FLUSH:
+                        /* number of bytes to be flushed */
+                        num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
+                        if (num1 > 0)
+                                {
+                                s->rwstate=SSL_WRITING;
+                                num1=BIO_flush(s->wbio);
+                                if (num1 <= 0) { ret= -1; goto end; }
+                                s->rwstate=SSL_NOTHING;
+                                }
+
+                        s->state=s->s3->tmp.next_state;
+                        break;
+
+                case SSL3_ST_SR_CERT_A:
+                case SSL3_ST_SR_CERT_B:
+                        /* Check for second client hello (MS SGC) */
+                        ret = ssl3_check_client_hello(s);
+                        if (ret <= 0)
+                                goto end;
+                        if (ret == 2)
+                                s->state = SSL3_ST_SR_CLNT_HELLO_C;
+                        else {
+                                if (s->s3->tmp.cert_request)
+                                        {
+                                        ret=ssl3_get_client_certificate(s);
+                                        if (ret <= 0) goto end;
+                                        }
+                                s->init_num=0;
+                                s->state=SSL3_ST_SR_KEY_EXCH_A;
+                        }
+                        break;
+
+                case SSL3_ST_SR_KEY_EXCH_A:
+                case SSL3_ST_SR_KEY_EXCH_B:
+                        ret=ssl3_get_client_key_exchange(s);
+                        if (ret <= 0) goto end;
+                        s->state=SSL3_ST_SR_CERT_VRFY_A;
+                        s->init_num=0;
+
+                        /* We need to get hashes here so if there is
+                         * a client cert, it can be verified */ 
+                        s->method->ssl3_enc->cert_verify_mac(s,
+                                &(s->s3->finish_dgst1),
+                                &(s->s3->tmp.cert_verify_md[0]));
+                        s->method->ssl3_enc->cert_verify_mac(s,
+                                &(s->s3->finish_dgst2),
+                                &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]));
+
+                        break;
+
+                case SSL3_ST_SR_CERT_VRFY_A:
+                case SSL3_ST_SR_CERT_VRFY_B:
+
+                        /* we should decide if we expected this one */
+                        ret=ssl3_get_cert_verify(s);
+                        if (ret <= 0) goto end;
+
+                        s->state=SSL3_ST_SR_FINISHED_A;
+                        s->init_num=0;
+                        break;
+
+                case SSL3_ST_SR_FINISHED_A:
+                case SSL3_ST_SR_FINISHED_B:
+                        ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A,
+                                SSL3_ST_SR_FINISHED_B);
+                        if (ret <= 0) goto end;
+                        if (s->hit)
+                                s->state=SSL_ST_OK;
+                        else
+                                s->state=SSL3_ST_SW_CHANGE_A;
+                        s->init_num=0;
+                        break;
+
+                case SSL3_ST_SW_CHANGE_A:
+                case SSL3_ST_SW_CHANGE_B:
+
+                        s->session->cipher=s->s3->tmp.new_cipher;
+                        if (!s->method->ssl3_enc->setup_key_block(s))
+                                { ret= -1; goto end; }
+
+                        ret=ssl3_send_change_cipher_spec(s,
+                                SSL3_ST_SW_CHANGE_A,SSL3_ST_SW_CHANGE_B);
+
+                        if (ret <= 0) goto end;
+                        s->state=SSL3_ST_SW_FINISHED_A;
+                        s->init_num=0;
+
+                        if (!s->method->ssl3_enc->change_cipher_state(s,
+                                SSL3_CHANGE_CIPHER_SERVER_WRITE))
+                                {
+                                ret= -1;
+                                goto end;
+                                }
+
+                        break;
+
+                case SSL3_ST_SW_FINISHED_A:
+                case SSL3_ST_SW_FINISHED_B:
+                        ret=ssl3_send_finished(s,
+                                SSL3_ST_SW_FINISHED_A,SSL3_ST_SW_FINISHED_B,
+                                s->method->ssl3_enc->server_finished_label,
+                                s->method->ssl3_enc->server_finished_label_len);
+                        if (ret <= 0) goto end;
+                        s->state=SSL3_ST_SW_FLUSH;
+                        if (s->hit)
+                                s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
+                        else
+                                s->s3->tmp.next_state=SSL_ST_OK;
+                        s->init_num=0;
+                        break;
+
+                case SSL_ST_OK:
+                        /* clean a few things up */
+                        ssl3_cleanup_key_block(s);
+
+                        BUF_MEM_free(s->init_buf);
+                        s->init_buf=NULL;
+
+                        /* remove buffering on output */
+                        ssl_free_wbio_buffer(s);
+
+                        s->init_num=0;
+
+                        if (s->new_session == 2) /* skipped if we just sent a HelloRequest */
+                                {
+                                /* actually not necessarily a 'new' session unless
+                                 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
+                                
+                                s->new_session=0;
+                                
+                                ssl_update_cache(s,SSL_SESS_CACHE_SERVER);
+                                
+                                s->ctx->stats.sess_accept_good++;
+                                /* s->server=1; */
+                                s->handshake_func=ssl3_accept;
+
+                                if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
+                                }
+                        
+                        ret = 1;
+                        goto end;
+                        /* break; */
+
+                default:
+                        SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_UNKNOWN_STATE);
+                        ret= -1;
+                        goto end;
+                        /* break; */
+                        }
+                
+                if (!s->s3->tmp.reuse_message && !skip)
+                        {
+                        if (s->debug)
+                                {
+                                if ((ret=BIO_flush(s->wbio)) <= 0)
+                                        goto end;
+                                }
+
+
+                        if ((cb != NULL) && (s->state != state))
+                                {
+                                new_state=s->state;
+                                s->state=state;
+                                cb(s,SSL_CB_ACCEPT_LOOP,1);
+                                s->state=new_state;
+                                }
+                        }
+                skip=0;
+                }
+end:
+        /* BIO_flush(s->wbio); */
+
+        s->in_handshake--;
+        if (cb != NULL)
+                cb(s,SSL_CB_ACCEPT_EXIT,ret);
+        return(ret);
+        }
+
+static int ssl3_send_hello_request(SSL *s)
+        {
+        unsigned char *p;
+
+        if (s->state == SSL3_ST_SW_HELLO_REQ_A)
+                {
+                p=(unsigned char *)s->init_buf->data;
+                *(p++)=SSL3_MT_HELLO_REQUEST;
+                *(p++)=0;
+                *(p++)=0;
+                *(p++)=0;
+
+                s->state=SSL3_ST_SW_HELLO_REQ_B;
+                /* number of bytes to write */
+                s->init_num=4;
+                s->init_off=0;
+                }
+
+        /* SSL3_ST_SW_HELLO_REQ_B */
+        return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+        }
+
+static int ssl3_check_client_hello(SSL *s)
+        {
+        int ok;
+        long n;
+
+        /* this function is called when we really expect a Certificate message,
+         * so permit appropriate message length */
+        n=ssl3_get_message(s,
+                SSL3_ST_SR_CERT_A,
+                SSL3_ST_SR_CERT_B,
+                -1,
+                s->max_cert_list,
+                &ok);
+        if (!ok) return((int)n);
+        s->s3->tmp.reuse_message = 1;
+        if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO)
+                {
+                /* Throw away what we have done so far in the current handshake,
+                 * which will now be aborted. (A full SSL_clear would be too much.)
+                 * I hope that tmp.dh is the only thing that may need to be cleared
+                 * when a handshake is not completed ... */
+#ifndef OPENSSL_NO_DH
+                if (s->s3->tmp.dh != NULL)
+                        {
+                        DH_free(s->s3->tmp.dh);
+                        s->s3->tmp.dh = NULL;
+                        }
+#endif
+                return 2;
+                }
+        return 1;
+}
+
+static int ssl3_get_client_hello(SSL *s)
+        {
+        int i,j,ok,al,ret= -1;
+        long n;
+        unsigned long id;
+        unsigned char *p,*d,*q;
+        SSL_CIPHER *c;
+        SSL_COMP *comp=NULL;
+        STACK_OF(SSL_CIPHER) *ciphers=NULL;
+
+        /* We do this so that we will respond with our native type.
+         * If we are TLSv1 and we get SSLv3, we will respond with TLSv1,
+         * This down switching should be handled by a different method.
+         * If we are SSLv3, we will respond with SSLv3, even if prompted with
+         * TLSv1.
+         */
+        if (s->state == SSL3_ST_SR_CLNT_HELLO_A)
+                {
+                s->first_packet=1;
+                s->state=SSL3_ST_SR_CLNT_HELLO_B;
+                }
+        n=ssl3_get_message(s,
+                SSL3_ST_SR_CLNT_HELLO_B,
+                SSL3_ST_SR_CLNT_HELLO_C,
+                SSL3_MT_CLIENT_HELLO,
+                SSL3_RT_MAX_PLAIN_LENGTH,
+                &ok);
+
+        if (!ok) return((int)n);
+        d=p=(unsigned char *)s->init_msg;
+
+        /* use version from inside client hello, not from record header
+         * (may differ: see RFC 2246, Appendix E, second paragraph) */
+        s->client_version=(((int)p[0])<<8)|(int)p[1];
+        p+=2;
+
+        if (s->client_version < s->version)
+                {
+                SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER);
+                if ((s->client_version>>8) == SSL3_VERSION_MAJOR) 
+                        {
+                        /* similar to ssl3_get_record, send alert using remote version number */
+                        s->version = s->client_version;
+                        }
+                al = SSL_AD_PROTOCOL_VERSION;
+                goto f_err;
+                }
+
+        /* load the client random */
+        memcpy(s->s3->client_random,p,SSL3_RANDOM_SIZE);
+        p+=SSL3_RANDOM_SIZE;
+
+        /* get the session-id */
+        j= *(p++);
+
+        s->hit=0;
+        /* Versions before 0.9.7 always allow session reuse during renegotiation
+         * (i.e. when s->new_session is true), option
+         * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is new with 0.9.7.
+         * Maybe this optional behaviour should always have been the default,
+         * but we cannot safely change the default behaviour (or new applications
+         * might be written that become totally unsecure when compiled with
+         * an earlier library version)
+         */
+        if (j == 0 || (s->new_session && (s->options & SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION)))
+                {
+                if (!ssl_get_new_session(s,1))
+                        goto err;
+                }
+        else
+                {
+                i=ssl_get_prev_session(s,p,j);
+                if (i == 1)
+                        { /* previous session */
+                        s->hit=1;
+                        }
+                else if (i == -1)
+                        goto err;
+                else /* i == 0 */
+                        {
+                        if (!ssl_get_new_session(s,1))
+                                goto err;
+                        }
+                }
+
+        p+=j;
+        n2s(p,i);
+        if ((i == 0) && (j != 0))
+                {
+                /* we need a cipher if we are not resuming a session */
+                al=SSL_AD_ILLEGAL_PARAMETER;
+                SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_SPECIFIED);
+                goto f_err;
+                }
+        if ((p+i) >= (d+n))
+                {
+                /* not enough data */
+                al=SSL_AD_DECODE_ERROR;
+                SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
+                goto f_err;
+                }
+        if ((i > 0) && (ssl_bytes_to_cipher_list(s,p,i,&(ciphers))
+                == NULL))
+                {
+                goto err;
+                }
+        p+=i;
+
+        /* If it is a hit, check that the cipher is in the list */
+        if ((s->hit) && (i > 0))
+                {
+                j=0;
+                id=s->session->cipher->id;
+
+#ifdef CIPHER_DEBUG
+                printf("client sent %d ciphers\n",sk_num(ciphers));
+#endif
+                for (i=0; i<sk_SSL_CIPHER_num(ciphers); i++)
+                        {
+                        c=sk_SSL_CIPHER_value(ciphers,i);
+#ifdef CIPHER_DEBUG
+                        printf("client [%2d of %2d]:%s\n",
+                                i,sk_num(ciphers),SSL_CIPHER_get_name(c));
+#endif
+                        if (c->id == id)
+                                {
+                                j=1;
+                                break;
+                                }
+                        }
+                if (j == 0)
+                        {
+                        if ((s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1))
+                                {
+                                /* Very bad for multi-threading.... */
+                                s->session->cipher=sk_SSL_CIPHER_value(ciphers,
+                                                                       0);
+                                }
+                        else
+                                {
+                                /* we need to have the cipher in the cipher
+                                 * list if we are asked to reuse it */
+                                al=SSL_AD_ILLEGAL_PARAMETER;
+                                SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_REQUIRED_CIPHER_MISSING);
+                                goto f_err;
+                                }
+                        }
+                }
+
+        /* compression */
+        i= *(p++);
+        if ((p+i) > (d+n))
+                {
+                /* not enough data */
+                al=SSL_AD_DECODE_ERROR;
+                SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
+                goto f_err;
+                }
+        q=p;
+        for (j=0; j<i; j++)
+                {
+                if (p[j] == 0) break;
+                }
+
+        p+=i;
+        if (j >= i)
+                {
+                /* no compress */
+                al=SSL_AD_DECODE_ERROR;
+                SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_COMPRESSION_SPECIFIED);
+                goto f_err;
+                }
+
+        /* Worst case, we will use the NULL compression, but if we have other
+         * options, we will now look for them.  We have i-1 compression
+         * algorithms from the client, starting at q. */
+        s->s3->tmp.new_compression=NULL;
+        if (s->ctx->comp_methods != NULL)
+                { /* See if we have a match */
+                int m,nn,o,v,done=0;
+
+                nn=sk_SSL_COMP_num(s->ctx->comp_methods);
+                for (m=0; m<nn; m++)
+                        {
+                        comp=sk_SSL_COMP_value(s->ctx->comp_methods,m);
+                        v=comp->id;
+                        for (o=0; o<i; o++)
+                                {
+                                if (v == q[o])
+                                        {
+                                        done=1;
+                                        break;
+                                        }
+                                }
+                        if (done) break;
+                        }
+                if (done)
+                        s->s3->tmp.new_compression=comp;
+                else
+                        comp=NULL;
+                }
+
+        /* TLS does not mind if there is extra stuff */
+#if 0   /* SSL 3.0 does not mind either, so we should disable this test
+         * (was enabled in 0.9.6d through 0.9.6j and 0.9.7 through 0.9.7b,
+         * in earlier SSLeay/OpenSSL releases this test existed but was buggy) */
+        if (s->version == SSL3_VERSION)
+                {
+                if (p < (d+n))
+                        {
+                        /* wrong number of bytes,
+                         * there could be more to follow */
+                        al=SSL_AD_DECODE_ERROR;
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
+                        goto f_err;
+                        }
+                }
+#endif
+
+        /* Given s->session->ciphers and SSL_get_ciphers, we must
+         * pick a cipher */
+
+        if (!s->hit)
+                {
+                s->session->compress_meth=(comp == NULL)?0:comp->id;
+                if (s->session->ciphers != NULL)
+                        sk_SSL_CIPHER_free(s->session->ciphers);
+                s->session->ciphers=ciphers;
+                if (ciphers == NULL)
+                        {
+                        al=SSL_AD_ILLEGAL_PARAMETER;
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_PASSED);
+                        goto f_err;
+                        }
+                ciphers=NULL;
+                c=ssl3_choose_cipher(s,s->session->ciphers,
+                                     SSL_get_ciphers(s));
+
+                if (c == NULL)
+                        {
+                        al=SSL_AD_HANDSHAKE_FAILURE;
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER);
+                        goto f_err;
+                        }
+                s->s3->tmp.new_cipher=c;
+                }
+        else
+                {
+                /* Session-id reuse */
+#ifdef REUSE_CIPHER_BUG
+                STACK_OF(SSL_CIPHER) *sk;
+                SSL_CIPHER *nc=NULL;
+                SSL_CIPHER *ec=NULL;
+
+                if (s->options & SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG)
+                        {
+                        sk=s->session->ciphers;
+                        for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
+                                {
+                                c=sk_SSL_CIPHER_value(sk,i);
+                                if (c->algorithms & SSL_eNULL)
+                                        nc=c;
+                                if (SSL_C_IS_EXPORT(c))
+                                        ec=c;
+                                }
+                        if (nc != NULL)
+                                s->s3->tmp.new_cipher=nc;
+                        else if (ec != NULL)
+                                s->s3->tmp.new_cipher=ec;
+                        else
+                                s->s3->tmp.new_cipher=s->session->cipher;
+                        }
+                else
+#endif
+                s->s3->tmp.new_cipher=s->session->cipher;
+                }
+        
+        /* we now have the following setup. 
+         * client_random
+         * cipher_list          - our prefered list of ciphers
+         * ciphers              - the clients prefered list of ciphers
+         * compression          - basically ignored right now
+         * ssl version is set   - sslv3
+         * s->session           - The ssl session has been setup.
+         * s->hit               - session reuse flag
+         * s->tmp.new_cipher    - the new cipher to use.
+         */
+
+        ret=1;
+        if (0)
+                {
+f_err:
+                ssl3_send_alert(s,SSL3_AL_FATAL,al);
+                }
+err:
+        if (ciphers != NULL) sk_SSL_CIPHER_free(ciphers);
+        return(ret);
+        }
+
+static int ssl3_send_server_hello(SSL *s)
+        {
+        unsigned char *buf;
+        unsigned char *p,*d;
+        int i,sl;
+        unsigned long l,Time;
+
+        if (s->state == SSL3_ST_SW_SRVR_HELLO_A)
+                {
+                buf=(unsigned char *)s->init_buf->data;
+                p=s->s3->server_random;
+                Time=time(NULL);                        /* Time */
+                l2n(Time,p);
+                if(RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
+                        return -1;
+                /* Do the message type and length last */
+                d=p= &(buf[4]);
+
+                *(p++)=s->version>>8;
+                *(p++)=s->version&0xff;
+
+                /* Random stuff */
+                memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
+                p+=SSL3_RANDOM_SIZE;
+
+                /* now in theory we have 3 options to sending back the
+                 * session id.  If it is a re-use, we send back the
+                 * old session-id, if it is a new session, we send
+                 * back the new session-id or we send back a 0 length
+                 * session-id if we want it to be single use.
+                 * Currently I will not implement the '0' length session-id
+                 * 12-Jan-98 - I'll now support the '0' length stuff.
+                 */
+                if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER))
+                        s->session->session_id_length=0;
+
+                sl=s->session->session_id_length;
+                if (sl > sizeof s->session->session_id)
+                        {
+                        SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
+                        return -1;
+                        }
+                *(p++)=sl;
+                memcpy(p,s->session->session_id,sl);
+                p+=sl;
+
+                /* put the cipher */
+                i=ssl3_put_cipher_by_char(s->s3->tmp.new_cipher,p);
+                p+=i;
+
+                /* put the compression method */
+                if (s->s3->tmp.new_compression == NULL)
+                        *(p++)=0;
+                else
+                        *(p++)=s->s3->tmp.new_compression->id;
+
+                /* do the header */
+                l=(p-d);
+                d=buf;
+                *(d++)=SSL3_MT_SERVER_HELLO;
+                l2n3(l,d);
+
+                s->state=SSL3_ST_CW_CLNT_HELLO_B;
+                /* number of bytes to write */
+                s->init_num=p-buf;
+                s->init_off=0;
+                }
+
+        /* SSL3_ST_CW_CLNT_HELLO_B */
+        return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+        }
+
+static int ssl3_send_server_done(SSL *s)
+        {
+        unsigned char *p;
+
+        if (s->state == SSL3_ST_SW_SRVR_DONE_A)
+                {
+                p=(unsigned char *)s->init_buf->data;
+
+                /* do the header */
+                *(p++)=SSL3_MT_SERVER_DONE;
+                *(p++)=0;
+                *(p++)=0;
+                *(p++)=0;
+
+                s->state=SSL3_ST_SW_SRVR_DONE_B;
+                /* number of bytes to write */
+                s->init_num=4;
+                s->init_off=0;
+                }
+
+        /* SSL3_ST_CW_CLNT_HELLO_B */
+        return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+        }
+
+static int ssl3_send_server_key_exchange(SSL *s)
+        {
+#ifndef OPENSSL_NO_RSA
+        unsigned char *q;
+        int j,num;
+        RSA *rsa;
+        unsigned char md_buf[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
+        unsigned int u;
+#endif
+#ifndef OPENSSL_NO_DH
+        DH *dh=NULL,*dhp;
+#endif
+        EVP_PKEY *pkey;
+        unsigned char *p,*d;
+        int al,i;
+        unsigned long type;
+        int n;
+        CERT *cert;
+        BIGNUM *r[4];
+        int nr[4],kn;
+        BUF_MEM *buf;
+        EVP_MD_CTX md_ctx;
+
+        EVP_MD_CTX_init(&md_ctx);
+        if (s->state == SSL3_ST_SW_KEY_EXCH_A)
+                {
+                type=s->s3->tmp.new_cipher->algorithms & SSL_MKEY_MASK;
+                cert=s->cert;
+
+                buf=s->init_buf;
+
+                r[0]=r[1]=r[2]=r[3]=NULL;
+                n=0;
+#ifndef OPENSSL_NO_RSA
+                if (type & SSL_kRSA)
+                        {
+                        rsa=cert->rsa_tmp;
+                        if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL))
+                                {
+                                rsa=s->cert->rsa_tmp_cb(s,
+                                      SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
+                                      SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
+                                if(rsa == NULL)
+                                {
+                                        al=SSL_AD_HANDSHAKE_FAILURE;
+                                        SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
+                                        goto f_err;
+                                }
+                                RSA_up_ref(rsa);
+                                cert->rsa_tmp=rsa;
+                                }
+                        if (rsa == NULL)
+                                {
+                                al=SSL_AD_HANDSHAKE_FAILURE;
+                                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_KEY);
+                                goto f_err;
+                                }
+                        r[0]=rsa->n;
+                        r[1]=rsa->e;
+                        s->s3->tmp.use_rsa_tmp=1;
+                        }
+                else
+#endif
+#ifndef OPENSSL_NO_DH
+                        if (type & SSL_kEDH)
+                        {
+                        dhp=cert->dh_tmp;
+                        if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
+                                dhp=s->cert->dh_tmp_cb(s,
+                                      SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
+                                      SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
+                        if (dhp == NULL)
+                                {
+                                al=SSL_AD_HANDSHAKE_FAILURE;
+                                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
+                                goto f_err;
+                                }
+
+                        if (s->s3->tmp.dh != NULL)
+                                {
+                                DH_free(dh);
+                                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+                                goto err;
+                                }
+
+                        if ((dh=DHparams_dup(dhp)) == NULL)
+                                {
+                                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
+                                goto err;
+                                }
+
+                        s->s3->tmp.dh=dh;
+                        if ((dhp->pub_key == NULL ||
+                             dhp->priv_key == NULL ||
+                             (s->options & SSL_OP_SINGLE_DH_USE)))
+                                {
+                                if(!DH_generate_key(dh))
+                                    {
+                                    SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+                                           ERR_R_DH_LIB);
+                                    goto err;
+                                    }
+                                }
+                        else
+                                {
+                                dh->pub_key=BN_dup(dhp->pub_key);
+                                dh->priv_key=BN_dup(dhp->priv_key);
+                                if ((dh->pub_key == NULL) ||
+                                        (dh->priv_key == NULL))
+                                        {
+                                        SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
+                                        goto err;
+                                        }
+                                }
+                        r[0]=dh->p;
+                        r[1]=dh->g;
+                        r[2]=dh->pub_key;
+                        }
+                else 
+#endif
+                        {
+                        al=SSL_AD_HANDSHAKE_FAILURE;
+                        SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
+                        goto f_err;
+                        }
+                for (i=0; r[i] != NULL; i++)
+                        {
+                        nr[i]=BN_num_bytes(r[i]);
+                        n+=2+nr[i];
+                        }
+
+                if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
+                        {
+                        if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher))
+                                == NULL)
+                                {
+                                al=SSL_AD_DECODE_ERROR;
+                                goto f_err;
+                                }
+                        kn=EVP_PKEY_size(pkey);
+                        }
+                else
+                        {
+                        pkey=NULL;
+                        kn=0;
+                        }
+
+                if (!BUF_MEM_grow_clean(buf,n+4+kn))
+                        {
+                        SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_BUF);
+                        goto err;
+                        }
+                d=(unsigned char *)s->init_buf->data;
+                p= &(d[4]);
+
+                for (i=0; r[i] != NULL; i++)
+                        {
+                        s2n(nr[i],p);
+                        BN_bn2bin(r[i],p);
+                        p+=nr[i];
+                        }
+
+                /* not anonymous */
+                if (pkey != NULL)
+                        {
+                        /* n is the length of the params, they start at &(d[4])
+                         * and p points to the space at the end. */
+#ifndef OPENSSL_NO_RSA
+                        if (pkey->type == EVP_PKEY_RSA)
+                                {
+                                q=md_buf;
+                                j=0;
+                                for (num=2; num > 0; num--)
+                                        {
+                                        EVP_MD_CTX_set_flags(&md_ctx,
+                                                EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+                                        EVP_DigestInit_ex(&md_ctx,(num == 2)
+                                                ?s->ctx->md5:s->ctx->sha1, NULL);
+                                        EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
+                                        EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
+                                        EVP_DigestUpdate(&md_ctx,&(d[4]),n);
+                                        EVP_DigestFinal_ex(&md_ctx,q,
+                                                (unsigned int *)&i);
+                                        q+=i;
+                                        j+=i;
+                                        }
+                                if (RSA_sign(NID_md5_sha1, md_buf, j,
+                                        &(p[2]), &u, pkey->pkey.rsa) <= 0)
+                                        {
+                                        SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_RSA);
+                                        goto err;
+                                        }
+                                s2n(u,p);
+                                n+=u+2;
+                                }
+                        else
+#endif
+#if !defined(OPENSSL_NO_DSA)
+                                if (pkey->type == EVP_PKEY_DSA)
+                                {
+                                /* lets do DSS */
+                                EVP_SignInit_ex(&md_ctx,EVP_dss1(), NULL);
+                                EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
+                                EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
+                                EVP_SignUpdate(&md_ctx,&(d[4]),n);
+                                if (!EVP_SignFinal(&md_ctx,&(p[2]),
+                                        (unsigned int *)&i,pkey))
+                                        {
+                                        SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_DSA);
+                                        goto err;
+                                        }
+                                s2n(i,p);
+                                n+=i+2;
+                                }
+                        else
+#endif
+                                {
+                                /* Is this error check actually needed? */
+                                al=SSL_AD_HANDSHAKE_FAILURE;
+                                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_PKEY_TYPE);
+                                goto f_err;
+                                }
+                        }
+
+                *(d++)=SSL3_MT_SERVER_KEY_EXCHANGE;
+                l2n3(n,d);
+
+                /* we should now have things packed up, so lets send
+                 * it off */
+                s->init_num=n+4;
+                s->init_off=0;
+                }
+
+        s->state = SSL3_ST_SW_KEY_EXCH_B;
+        EVP_MD_CTX_cleanup(&md_ctx);
+        return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+f_err:
+        ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+        EVP_MD_CTX_cleanup(&md_ctx);
+        return(-1);
+        }
+
+static int ssl3_send_certificate_request(SSL *s)
+        {
+        unsigned char *p,*d;
+        int i,j,nl,off,n;
+        STACK_OF(X509_NAME) *sk=NULL;
+        X509_NAME *name;
+        BUF_MEM *buf;
+
+        if (s->state == SSL3_ST_SW_CERT_REQ_A)
+                {
+                buf=s->init_buf;
+
+                d=p=(unsigned char *)&(buf->data[4]);
+
+                /* get the list of acceptable cert types */
+                p++;
+                n=ssl3_get_req_cert_type(s,p);
+                d[0]=n;
+                p+=n;
+                n++;
+
+                off=n;
+                p+=2;
+                n+=2;
+
+                sk=SSL_get_client_CA_list(s);
+                nl=0;
+                if (sk != NULL)
+                        {
+                        for (i=0; i<sk_X509_NAME_num(sk); i++)
+                                {
+                                name=sk_X509_NAME_value(sk,i);
+                                j=i2d_X509_NAME(name,NULL);
+                                if (!BUF_MEM_grow_clean(buf,4+n+j+2))
+                                        {
+                                        SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,ERR_R_BUF_LIB);
+                                        goto err;
+                                        }
+                                p=(unsigned char *)&(buf->data[4+n]);
+                                if (!(s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
+                                        {
+                                        s2n(j,p);
+                                        i2d_X509_NAME(name,&p);
+                                        n+=2+j;
+                                        nl+=2+j;
+                                        }
+                                else
+                                        {
+                                        d=p;
+                                        i2d_X509_NAME(name,&p);
+                                        j-=2; s2n(j,d); j+=2;
+                                        n+=j;
+                                        nl+=j;
+                                        }
+                                }
+                        }
+                /* else no CA names */
+                p=(unsigned char *)&(buf->data[4+off]);
+                s2n(nl,p);
+
+                d=(unsigned char *)buf->data;
+                *(d++)=SSL3_MT_CERTIFICATE_REQUEST;
+                l2n3(n,d);
+
+                /* we should now have things packed up, so lets send
+                 * it off */
+
+                s->init_num=n+4;
+                s->init_off=0;
+#ifdef NETSCAPE_HANG_BUG
+                p=(unsigned char *)s->init_buf->data + s->init_num;
+
+                /* do the header */
+                *(p++)=SSL3_MT_SERVER_DONE;
+                *(p++)=0;
+                *(p++)=0;
+                *(p++)=0;
+                s->init_num += 4;
+#endif
+
+                s->state = SSL3_ST_SW_CERT_REQ_B;
+                }
+
+        /* SSL3_ST_SW_CERT_REQ_B */
+        return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+err:
+        return(-1);
+        }
+
+static int ssl3_get_client_key_exchange(SSL *s)
+        {
+        int i,al,ok;
+        long n;
+        unsigned long l;
+        unsigned char *p;
+#ifndef OPENSSL_NO_RSA
+        RSA *rsa=NULL;
+        EVP_PKEY *pkey=NULL;
+#endif
+#ifndef OPENSSL_NO_DH
+        BIGNUM *pub=NULL;
+        DH *dh_srvr;
+#endif
+#ifndef OPENSSL_NO_KRB5
+        KSSL_ERR kssl_err;
+#endif /* OPENSSL_NO_KRB5 */
+
+        n=ssl3_get_message(s,
+                SSL3_ST_SR_KEY_EXCH_A,
+                SSL3_ST_SR_KEY_EXCH_B,
+                SSL3_MT_CLIENT_KEY_EXCHANGE,
+                2048, /* ??? */
+                &ok);
+
+        if (!ok) return((int)n);
+        p=(unsigned char *)s->init_msg;
+
+        l=s->s3->tmp.new_cipher->algorithms;
+
+#ifndef OPENSSL_NO_RSA
+        if (l & SSL_kRSA)
+                {
+                /* FIX THIS UP EAY EAY EAY EAY */
+                if (s->s3->tmp.use_rsa_tmp)
+                        {
+                        if ((s->cert != NULL) && (s->cert->rsa_tmp != NULL))
+                                rsa=s->cert->rsa_tmp;
+                        /* Don't do a callback because rsa_tmp should
+                         * be sent already */
+                        if (rsa == NULL)
+                                {
+                                al=SSL_AD_HANDSHAKE_FAILURE;
+                                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_PKEY);
+                                goto f_err;
+
+                                }
+                        }
+                else
+                        {
+                        pkey=s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey;
+                        if (    (pkey == NULL) ||
+                                (pkey->type != EVP_PKEY_RSA) ||
+                                (pkey->pkey.rsa == NULL))
+                                {
+                                al=SSL_AD_HANDSHAKE_FAILURE;
+                                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_RSA_CERTIFICATE);
+                                goto f_err;
+                                }
+                        rsa=pkey->pkey.rsa;
+                        }
+
+                /* TLS */
+                if (s->version > SSL3_VERSION)
+                        {
+                        n2s(p,i);
+                        if (n != i+2)
+                                {
+                                if (!(s->options & SSL_OP_TLS_D5_BUG))
+                                        {
+                                        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
+                                        goto err;
+                                        }
+                                else
+                                        p-=2;
+                                }
+                        else
+                                n=i;
+                        }
+
+                i=RSA_private_decrypt((int)n,p,p,rsa,RSA_PKCS1_PADDING);
+
+                al = -1;
+                
+                if (i != SSL_MAX_MASTER_KEY_LENGTH)
+                        {
+                        al=SSL_AD_DECODE_ERROR;
+                        /* SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT); */
+                        }
+
+                if ((al == -1) && !((p[0] == (s->client_version>>8)) && (p[1] == (s->client_version & 0xff))))
+                        {
+                        /* The premaster secret must contain the same version number as the
+                         * ClientHello to detect version rollback attacks (strangely, the
+                         * protocol does not offer such protection for DH ciphersuites).
+                         * However, buggy clients exist that send the negotiated protocol
+                         * version instead if the server does not support the requested
+                         * protocol version.
+                         * If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients. */
+                        if (!((s->options & SSL_OP_TLS_ROLLBACK_BUG) &&
+                                (p[0] == (s->version>>8)) && (p[1] == (s->version & 0xff))))
+                                {
+                                al=SSL_AD_DECODE_ERROR;
+                                /* SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER); */
+
+                                /* The Klima-Pokorny-Rosa extension of Bleichenbacher's attack
+                                 * (http://eprint.iacr.org/2003/052/) exploits the version
+                                 * number check as a "bad version oracle" -- an alert would
+                                 * reveal that the plaintext corresponding to some ciphertext
+                                 * made up by the adversary is properly formatted except
+                                 * that the version number is wrong.  To avoid such attacks,
+                                 * we should treat this just like any other decryption error. */
+                                }
+                        }
+
+                if (al != -1)
+                        {
+                        /* Some decryption failure -- use random value instead as countermeasure
+                         * against Bleichenbacher's attack on PKCS #1 v1.5 RSA padding
+                         * (see RFC 2246, section 7.4.7.1). */
+                        ERR_clear_error();
+                        i = SSL_MAX_MASTER_KEY_LENGTH;
+                        p[0] = s->client_version >> 8;
+                        p[1] = s->client_version & 0xff;
+                        if(RAND_pseudo_bytes(p+2, i-2) <= 0)  /* should be RAND_bytes, but we cannot work around a failure */
+                                goto err;
+                        }
+        
+                s->session->master_key_length=
+                        s->method->ssl3_enc->generate_master_secret(s,
+                                s->session->master_key,
+                                p,i);
+                OPENSSL_cleanse(p,i);
+                }
+        else
+#endif
+#ifndef OPENSSL_NO_DH
+                if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
+                {
+                n2s(p,i);
+                if (n != i+2)
+                        {
+                        if (!(s->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG))
+                                {
+                                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
+                                goto err;
+                                }
+                        else
+                                {
+                                p-=2;
+                                i=(int)n;
+                                }
+                        }
+
+                if (n == 0L) /* the parameters are in the cert */
+                        {
+                        al=SSL_AD_HANDSHAKE_FAILURE;
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_DECODE_DH_CERTS);
+                        goto f_err;
+                        }
+                else
+                        {
+                        if (s->s3->tmp.dh == NULL)
+                                {
+                                al=SSL_AD_HANDSHAKE_FAILURE;
+                                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
+                                goto f_err;
+                                }
+                        else
+                                dh_srvr=s->s3->tmp.dh;
+                        }
+
+                pub=BN_bin2bn(p,i,NULL);
+                if (pub == NULL)
+                        {
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BN_LIB);
+                        goto err;
+                        }
+
+                i=DH_compute_key(p,pub,dh_srvr);
+
+                if (i <= 0)
+                        {
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
+                        goto err;
+                        }
+
+                DH_free(s->s3->tmp.dh);
+                s->s3->tmp.dh=NULL;
+
+                BN_clear_free(pub);
+                pub=NULL;
+                s->session->master_key_length=
+                        s->method->ssl3_enc->generate_master_secret(s,
+                                s->session->master_key,p,i);
+                OPENSSL_cleanse(p,i);
+                }
+        else
+#endif
+#ifndef OPENSSL_NO_KRB5
+        if (l & SSL_kKRB5)
+                {
+                krb5_error_code         krb5rc;
+                krb5_data               enc_ticket;
+                krb5_data               authenticator;
+                krb5_data               enc_pms;
+                KSSL_CTX                *kssl_ctx = s->kssl_ctx;
+                EVP_CIPHER_CTX          ciph_ctx;
+                EVP_CIPHER              *enc = NULL;
+                unsigned char           iv[EVP_MAX_IV_LENGTH];
+                unsigned char           pms[SSL_MAX_MASTER_KEY_LENGTH
+                                               + EVP_MAX_BLOCK_LENGTH];
+                int                     padl, outl;
+                krb5_timestamp          authtime = 0;
+                krb5_ticket_times       ttimes;
+
+                EVP_CIPHER_CTX_init(&ciph_ctx);
+
+                if (!kssl_ctx)  kssl_ctx = kssl_ctx_new();
+
+                n2s(p,i);
+                enc_ticket.length = i;
+
+                if (n < (long)enc_ticket.length + 6)
+                        {
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                                SSL_R_DATA_LENGTH_TOO_LONG);
+                        goto err;
+                        }
+
+                enc_ticket.data = (char *)p;
+                p+=enc_ticket.length;
+
+                n2s(p,i);
+                authenticator.length = i;
+
+                if (n < (long)(enc_ticket.length + authenticator.length + 6))
+                        {
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                                SSL_R_DATA_LENGTH_TOO_LONG);
+                        goto err;
+                        }
+
+                authenticator.data = (char *)p;
+                p+=authenticator.length;
+
+                n2s(p,i);
+                enc_pms.length = i;
+                enc_pms.data = (char *)p;
+                p+=enc_pms.length;
+
+                /* Note that the length is checked again below,
+                ** after decryption
+                */
+                if(enc_pms.length > sizeof pms)
+                        {
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                               SSL_R_DATA_LENGTH_TOO_LONG);
+                        goto err;
+                        }
+
+                if (n != (long)(enc_ticket.length + authenticator.length +
+                                                enc_pms.length + 6))
+                        {
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                                SSL_R_DATA_LENGTH_TOO_LONG);
+                        goto err;
+                        }
+
+                if ((krb5rc = kssl_sget_tkt(kssl_ctx, &enc_ticket, &ttimes,
+                                        &kssl_err)) != 0)
+                        {
+#ifdef KSSL_DEBUG
+                        printf("kssl_sget_tkt rtn %d [%d]\n",
+                                krb5rc, kssl_err.reason);
+                        if (kssl_err.text)
+                                printf("kssl_err text= %s\n", kssl_err.text);
+#endif  /* KSSL_DEBUG */
+                        SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                                kssl_err.reason);
+                        goto err;
+                        }
+
+                /*  Note: no authenticator is not considered an error,
+                **  but will return authtime == 0.
+                */
+                if ((krb5rc = kssl_check_authent(kssl_ctx, &authenticator,
+                                        &authtime, &kssl_err)) != 0)
+                        {
+#ifdef KSSL_DEBUG
+                        printf("kssl_check_authent rtn %d [%d]\n",
+                                krb5rc, kssl_err.reason);
+                        if (kssl_err.text)
+                                printf("kssl_err text= %s\n", kssl_err.text);
+#endif  /* KSSL_DEBUG */
+                        SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                                kssl_err.reason);
+                        goto err;
+                        }
+
+                if ((krb5rc = kssl_validate_times(authtime, &ttimes)) != 0)
+                        {
+                        SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, krb5rc);
+                        goto err;
+                        }
+
+#ifdef KSSL_DEBUG
+                kssl_ctx_show(kssl_ctx);
+#endif  /* KSSL_DEBUG */
+
+                enc = kssl_map_enc(kssl_ctx->enctype);
+                if (enc == NULL)
+                    goto err;
+
+                memset(iv, 0, sizeof iv);       /* per RFC 1510 */
+
+                if (!EVP_DecryptInit_ex(&ciph_ctx,enc,NULL,kssl_ctx->key,iv))
+                        {
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                                SSL_R_DECRYPTION_FAILED);
+                        goto err;
+                        }
+                if (!EVP_DecryptUpdate(&ciph_ctx, pms,&outl,
+                                        (unsigned char *)enc_pms.data, enc_pms.length))
+                        {
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                                SSL_R_DECRYPTION_FAILED);
+                        goto err;
+                        }
+                if (outl > SSL_MAX_MASTER_KEY_LENGTH)
+                        {
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                                SSL_R_DATA_LENGTH_TOO_LONG);
+                        goto err;
+                        }
+                if (!EVP_DecryptFinal_ex(&ciph_ctx,&(pms[outl]),&padl))
+                        {
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                                SSL_R_DECRYPTION_FAILED);
+                        goto err;
+                        }
+                outl += padl;
+                if (outl > SSL_MAX_MASTER_KEY_LENGTH)
+                        {
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                                SSL_R_DATA_LENGTH_TOO_LONG);
+                        goto err;
+                        }
+                EVP_CIPHER_CTX_cleanup(&ciph_ctx);
+
+                s->session->master_key_length=
+                        s->method->ssl3_enc->generate_master_secret(s,
+                                s->session->master_key, pms, outl);
+
+                if (kssl_ctx->client_princ)
+                        {
+                        int len = strlen(kssl_ctx->client_princ);
+                        if ( len < SSL_MAX_KRB5_PRINCIPAL_LENGTH ) 
+                                {
+                                s->session->krb5_client_princ_len = len;
+                                memcpy(s->session->krb5_client_princ,kssl_ctx->client_princ,len);
+                                }
+                        }
+
+
+                /*  Was doing kssl_ctx_free() here,
+                **  but it caused problems for apache.
+                **  kssl_ctx = kssl_ctx_free(kssl_ctx);
+                **  if (s->kssl_ctx)  s->kssl_ctx = NULL;
+                */
+                }
+        else
+#endif  /* OPENSSL_NO_KRB5 */
+                {
+                al=SSL_AD_HANDSHAKE_FAILURE;
+                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                                SSL_R_UNKNOWN_CIPHER_TYPE);
+                goto f_err;
+                }
+
+        return(1);
+f_err:
+        ssl3_send_alert(s,SSL3_AL_FATAL,al);
+#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA)
+err:
+#endif
+        return(-1);
+        }
+
+static int ssl3_get_cert_verify(SSL *s)
+        {
+        EVP_PKEY *pkey=NULL;
+        unsigned char *p;
+        int al,ok,ret=0;
+        long n;
+        int type=0,i,j;
+        X509 *peer;
+
+        n=ssl3_get_message(s,
+                SSL3_ST_SR_CERT_VRFY_A,
+                SSL3_ST_SR_CERT_VRFY_B,
+                -1,
+                514, /* 514? */
+                &ok);
+
+        if (!ok) return((int)n);
+
+        if (s->session->peer != NULL)
+                {
+                peer=s->session->peer;
+                pkey=X509_get_pubkey(peer);
+                type=X509_certificate_type(peer,pkey);
+                }
+        else
+                {
+                peer=NULL;
+                pkey=NULL;
+                }
+
+        if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_VERIFY)
+                {
+                s->s3->tmp.reuse_message=1;
+                if ((peer != NULL) && (type | EVP_PKT_SIGN))
+                        {
+                        al=SSL_AD_UNEXPECTED_MESSAGE;
+                        SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_MISSING_VERIFY_MESSAGE);
+                        goto f_err;
+                        }
+                ret=1;
+                goto end;
+                }
+
+        if (peer == NULL)
+                {
+                SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_NO_CLIENT_CERT_RECEIVED);
+                al=SSL_AD_UNEXPECTED_MESSAGE;
+                goto f_err;
+                }
+
+        if (!(type & EVP_PKT_SIGN))
+                {
+                SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE);
+                al=SSL_AD_ILLEGAL_PARAMETER;
+                goto f_err;
+                }
+
+        if (s->s3->change_cipher_spec)
+                {
+                SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY);
+                al=SSL_AD_UNEXPECTED_MESSAGE;
+                goto f_err;
+                }
+
+        /* we now have a signature that we need to verify */
+        p=(unsigned char *)s->init_msg;
+        n2s(p,i);
+        n-=2;
+        if (i > n)
+                {
+                SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_LENGTH_MISMATCH);
+                al=SSL_AD_DECODE_ERROR;
+                goto f_err;
+                }
+
+        j=EVP_PKEY_size(pkey);
+        if ((i > j) || (n > j) || (n <= 0))
+                {
+                SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_WRONG_SIGNATURE_SIZE);
+                al=SSL_AD_DECODE_ERROR;
+                goto f_err;
+                }
+
+#ifndef OPENSSL_NO_RSA 
+        if (pkey->type == EVP_PKEY_RSA)
+                {
+                i=RSA_verify(NID_md5_sha1, s->s3->tmp.cert_verify_md,
+                        MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, p, i, 
+                                                        pkey->pkey.rsa);
+                if (i < 0)
+                        {
+                        al=SSL_AD_DECRYPT_ERROR;
+                        SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_DECRYPT);
+                        goto f_err;
+                        }
+                if (i == 0)
+                        {
+                        al=SSL_AD_DECRYPT_ERROR;
+                        SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_SIGNATURE);
+                        goto f_err;
+                        }
+                }
+        else
+#endif
+#ifndef OPENSSL_NO_DSA
+                if (pkey->type == EVP_PKEY_DSA)
+                {
+                j=DSA_verify(pkey->save_type,
+                        &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
+                        SHA_DIGEST_LENGTH,p,i,pkey->pkey.dsa);
+                if (j <= 0)
+                        {
+                        /* bad signature */
+                        al=SSL_AD_DECRYPT_ERROR;
+                        SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_DSA_SIGNATURE);
+                        goto f_err;
+                        }
+                }
+        else
+#endif
+                {
+                SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,ERR_R_INTERNAL_ERROR);
+                al=SSL_AD_UNSUPPORTED_CERTIFICATE;
+                goto f_err;
+                }
+
+
+        ret=1;
+        if (0)
+                {
+f_err:
+                ssl3_send_alert(s,SSL3_AL_FATAL,al);
+                }
+end:
+        EVP_PKEY_free(pkey);
+        return(ret);
+        }
+
+static int ssl3_get_client_certificate(SSL *s)
+        {
+        int i,ok,al,ret= -1;
+        X509 *x=NULL;
+        unsigned long l,nc,llen,n;
+        unsigned char *p,*d,*q;
+        STACK_OF(X509) *sk=NULL;
+
+        n=ssl3_get_message(s,
+                SSL3_ST_SR_CERT_A,
+                SSL3_ST_SR_CERT_B,
+                -1,
+                s->max_cert_list,
+                &ok);
+
+        if (!ok) return((int)n);
+
+        if      (s->s3->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE)
+                {
+                if (    (s->verify_mode & SSL_VERIFY_PEER) &&
+                        (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
+                        {
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
+                        al=SSL_AD_HANDSHAKE_FAILURE;
+                        goto f_err;
+                        }
+                /* If tls asked for a client cert, the client must return a 0 list */
+                if ((s->version > SSL3_VERSION) && s->s3->tmp.cert_request)
+                        {
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST);
+                        al=SSL_AD_UNEXPECTED_MESSAGE;
+                        goto f_err;
+                        }
+                s->s3->tmp.reuse_message=1;
+                return(1);
+                }
+
+        if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE)
+                {
+                al=SSL_AD_UNEXPECTED_MESSAGE;
+                SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_WRONG_MESSAGE_TYPE);
+                goto f_err;
+                }
+        d=p=(unsigned char *)s->init_msg;
+
+        if ((sk=sk_X509_new_null()) == NULL)
+                {
+                SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+                goto err;
+                }
+
+        n2l3(p,llen);
+        if (llen+3 != n)
+                {
+                al=SSL_AD_DECODE_ERROR;
+                SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_LENGTH_MISMATCH);
+                goto f_err;
+                }
+        for (nc=0; nc<llen; )
+                {
+                n2l3(p,l);
+                if ((l+nc+3) > llen)
+                        {
+                        al=SSL_AD_DECODE_ERROR;
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
+                        goto f_err;
+                        }
+
+                q=p;
+                x=d2i_X509(NULL,&p,l);
+                if (x == NULL)
+                        {
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_ASN1_LIB);
+                        goto err;
+                        }
+                if (p != (q+l))
+                        {
+                        al=SSL_AD_DECODE_ERROR;
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
+                        goto f_err;
+                        }
+                if (!sk_X509_push(sk,x))
+                        {
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+                        goto err;
+                        }
+                x=NULL;
+                nc+=l+3;
+                }
+
+        if (sk_X509_num(sk) <= 0)
+                {
+                /* TLS does not mind 0 certs returned */
+                if (s->version == SSL3_VERSION)
+                        {
+                        al=SSL_AD_HANDSHAKE_FAILURE;
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATES_RETURNED);
+                        goto f_err;
+                        }
+                /* Fail for TLS only if we required a certificate */
+                else if ((s->verify_mode & SSL_VERIFY_PEER) &&
+                         (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
+                        {
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
+                        al=SSL_AD_HANDSHAKE_FAILURE;
+                        goto f_err;
+                        }
+                }
+        else
+                {
+                i=ssl_verify_cert_chain(s,sk);
+                if (!i)
+                        {
+                        al=ssl_verify_alarm_type(s->verify_result);
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED);
+                        goto f_err;
+                        }
+                }
+
+        if (s->session->peer != NULL) /* This should not be needed */
+                X509_free(s->session->peer);
+        s->session->peer=sk_X509_shift(sk);
+        s->session->verify_result = s->verify_result;
+
+        /* With the current implementation, sess_cert will always be NULL
+         * when we arrive here. */
+        if (s->session->sess_cert == NULL)
+                {
+                s->session->sess_cert = ssl_sess_cert_new();
+                if (s->session->sess_cert == NULL)
+                        {
+                        SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+                        goto err;
+                        }
+                }
+        if (s->session->sess_cert->cert_chain != NULL)
+                sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free);
+        s->session->sess_cert->cert_chain=sk;
+        /* Inconsistency alert: cert_chain does *not* include the
+         * peer's own certificate, while we do include it in s3_clnt.c */
+
+        sk=NULL;
+
+        ret=1;
+        if (0)
+                {
+f_err:
+                ssl3_send_alert(s,SSL3_AL_FATAL,al);
+                }
+err:
+        if (x != NULL) X509_free(x);
+        if (sk != NULL) sk_X509_pop_free(sk,X509_free);
+        return(ret);
+        }
+
+int ssl3_send_server_certificate(SSL *s)
+        {
+        unsigned long l;
+        X509 *x;
+
+        if (s->state == SSL3_ST_SW_CERT_A)
+                {
+                x=ssl_get_server_send_cert(s);
+                if (x == NULL &&
+                        /* VRS: allow null cert if auth == KRB5 */
+                        (s->s3->tmp.new_cipher->algorithms
+                                & (SSL_MKEY_MASK|SSL_AUTH_MASK))
+                        != (SSL_aKRB5|SSL_kKRB5))
+                        {
+                        SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,ERR_R_INTERNAL_ERROR);
+                        return(0);
+                        }
+
+                l=ssl3_output_cert_chain(s,x);
+                s->state=SSL3_ST_SW_CERT_B;
+                s->init_num=(int)l;
+                s->init_off=0;
+                }
+
+        /* SSL3_ST_SW_CERT_B */
+        return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+        }
diff --git a/src/lib/libssl/shlib_version b/src/lib/libssl/shlib_version
new file mode 100644
index 0000000000..c10074d52a
--- /dev/null
+++ b/src/lib/libssl/shlib_version
@@ -0,0 +1,2 @@
+major=10
+minor=0
diff --git a/src/lib/libssl/src/CHANGES b/src/lib/libssl/src/CHANGES
index 2840a36a6d..cccc4f812f 100644
--- a/src/lib/libssl/src/CHANGES
+++ b/src/lib/libssl/src/CHANGES
@@ -2,94 +2,8 @@
  OpenSSL CHANGES
  _______________
 
- Changes between 0.9.7i and 0.9.7j  [04 May 2006]
-
-  *) Adapt fipsld and the build system to link against the validated FIPS
-     module in FIPS mode.
-     [Steve Henson]
-
-  *) Fixes for VC++ 2005 build under Windows.
-     [Steve Henson]
-
-  *) Add new Windows build target VC-32-GMAKE for VC++. This uses GNU make 
-     from a Windows bash shell such as MSYS. It is autodetected from the
-     "config" script when run from a VC++ environment. Modify standard VC++
-     build to use fipscanister.o from the GNU make build. 
-     [Steve Henson]
-
- Changes between 0.9.7h and 0.9.7i  [14 Oct 2005]
-
-  *) Wrapped the definition of EVP_MAX_MD_SIZE in a #ifdef OPENSSL_FIPS.
-     The value now differs depending on if you build for FIPS or not.
-     BEWARE!  A program linked with a shared FIPSed libcrypto can't be
-     safely run with a non-FIPSed libcrypto, as it may crash because of
-     the difference induced by this change.
-     [Andy Polyakov]
-
- Changes between 0.9.7g and 0.9.7h  [11 Oct 2005]
-
-  *) Remove the functionality of SSL_OP_MSIE_SSLV2_RSA_PADDING
-     (part of SSL_OP_ALL).  This option used to disable the
-     countermeasure against man-in-the-middle protocol-version
-     rollback in the SSL 2.0 server implementation, which is a bad
-     idea.  (CVE-2005-2969)
-
-     [Bodo Moeller; problem pointed out by Yutaka Oiwa (Research Center
-     for Information Security, National Institute of Advanced Industrial
-     Science and Technology [AIST], Japan)]
-
-  *) Minimal support for X9.31 signatures and PSS padding modes. This is
-     mainly for FIPS compliance and not fully integrated at this stage.
-     [Steve Henson]
-
-  *) For DSA signing, unless DSA_FLAG_NO_EXP_CONSTTIME is set, perform
-     the exponentiation using a fixed-length exponent.  (Otherwise,
-     the information leaked through timing could expose the secret key
-     after many signatures; cf. Bleichenbacher's attack on DSA with
-     biased k.)
-     [Bodo Moeller]
-
-  *) Make a new fixed-window mod_exp implementation the default for
-     RSA, DSA, and DH private-key operations so that the sequence of
-     squares and multiplies and the memory access pattern are
-     independent of the particular secret key.  This will mitigate
-     cache-timing and potential related attacks.
-
-     BN_mod_exp_mont_consttime() is the new exponentiation implementation,
-     and this is automatically used by BN_mod_exp_mont() if the new flag
-     BN_FLG_EXP_CONSTTIME is set for the exponent.  RSA, DSA, and DH
-     will use this BN flag for private exponents unless the flag
-     RSA_FLAG_NO_EXP_CONSTTIME, DSA_FLAG_NO_EXP_CONSTTIME, or
-     DH_FLAG_NO_EXP_CONSTTIME, respectively, is set.
-
-     [Matthew D Wood (Intel Corp), with some changes by Bodo Moeller]
-
-  *) Change the client implementation for SSLv23_method() and
-     SSLv23_client_method() so that is uses the SSL 3.0/TLS 1.0
-     Client Hello message format if the SSL_OP_NO_SSLv2 option is set.
-     (Previously, the SSL 2.0 backwards compatible Client Hello
-     message format would be used even with SSL_OP_NO_SSLv2.)
-     [Bodo Moeller]
-
-  *) Add support for smime-type MIME parameter in S/MIME messages which some
-     clients need.
-     [Steve Henson]
-
-  *) New function BN_MONT_CTX_set_locked() to set montgomery parameters in
-     a threadsafe manner. Modify rsa code to use new function and add calls
-     to dsa and dh code (which had race conditions before).
-     [Steve Henson]
-
-  *) Include the fixed error library code in the C error file definitions
-     instead of fixing them up at runtime. This keeps the error code
-     structures constant.
-     [Steve Henson]
-
  Changes between 0.9.7f and 0.9.7g  [11 Apr 2005]
 
-  [NB: OpenSSL 0.9.7h and later 0.9.7 patch levels were released after
-  OpenSSL 0.9.8.]
-
   *) Fixes for newer kerberos headers. NB: the casts are needed because
      the 'length' field is signed on one version and unsigned on another
      with no (?) obvious way to tell the difference, without these VC++
@@ -197,11 +111,11 @@
  Changes between 0.9.7c and 0.9.7d  [17 Mar 2004]
 
   *) Fix null-pointer assignment in do_change_cipher_spec() revealed           
-     by using the Codenomicon TLS Test Tool (CVE-2004-0079)                    
+     by using the Codenomicon TLS Test Tool (CAN-2004-0079)                    
      [Joe Orton, Steve Henson]   
 
   *) Fix flaw in SSL/TLS handshaking when using Kerberos ciphersuites
-     (CVE-2004-0112)
+     (CAN-2004-0112)
      [Joe Orton, Steve Henson]   
 
   *) Make it possible to have multiple active certificates with the same
@@ -244,9 +158,9 @@
   *) Fix various bugs revealed by running the NISCC test suite:
 
      Stop out of bounds reads in the ASN1 code when presented with
-     invalid tags (CVE-2003-0543 and CVE-2003-0544).
+     invalid tags (CAN-2003-0543 and CAN-2003-0544).
      
-     Free up ASN1_TYPE correctly if ANY type is invalid (CVE-2003-0545).
+     Free up ASN1_TYPE correctly if ANY type is invalid (CAN-2003-0545).
 
      If verify callback ignores invalid public key errors don't try to check
      certificate signature with the NULL public key.
@@ -331,7 +245,7 @@
      via timing by performing a MAC computation even if incorrrect
      block cipher padding has been found.  This is a countermeasure
      against active attacks where the attacker has to distinguish
-     between bad padding and a MAC verification error. (CVE-2003-0078)
+     between bad padding and a MAC verification error. (CAN-2003-0078)
 
      [Bodo Moeller; problem pointed out by Brice Canvel (EPFL),
      Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and
@@ -548,7 +462,7 @@
 
      Remote buffer overflow in SSL3 protocol - an attacker could
      supply an oversized master key in Kerberos-enabled versions.
-     (CVE-2002-0657)
+     (CAN-2002-0657)
      [Ben Laurie (CHATS)]
 
   *) Change the SSL kerb5 codes to match RFC 2712.
@@ -2232,7 +2146,7 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
  Changes between 0.9.6l and 0.9.6m  [17 Mar 2004]
 
   *) Fix null-pointer assignment in do_change_cipher_spec() revealed
-     by using the Codenomicon TLS Test Tool (CVE-2004-0079)
+     by using the Codenomicon TLS Test Tool (CAN-2004-0079)
      [Joe Orton, Steve Henson]
 
  Changes between 0.9.6k and 0.9.6l  [04 Nov 2003]
@@ -2240,7 +2154,7 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
   *) Fix additional bug revealed by the NISCC test suite:
 
      Stop bug triggering large recursion when presented with
-     certain ASN.1 tags (CVE-2003-0851)
+     certain ASN.1 tags (CAN-2003-0851)
      [Steve Henson]
 
  Changes between 0.9.6j and 0.9.6k  [30 Sep 2003]
@@ -2248,7 +2162,7 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
   *) Fix various bugs revealed by running the NISCC test suite:
 
      Stop out of bounds reads in the ASN1 code when presented with
-     invalid tags (CVE-2003-0543 and CVE-2003-0544).
+     invalid tags (CAN-2003-0543 and CAN-2003-0544).
      
      If verify callback ignores invalid public key errors don't try to check
      certificate signature with the NULL public key.
@@ -2300,7 +2214,7 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
      via timing by performing a MAC computation even if incorrrect
      block cipher padding has been found.  This is a countermeasure
      against active attacks where the attacker has to distinguish
-     between bad padding and a MAC verification error. (CVE-2003-0078)
+     between bad padding and a MAC verification error. (CAN-2003-0078)
 
      [Bodo Moeller; problem pointed out by Brice Canvel (EPFL),
      Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and
@@ -2433,7 +2347,7 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
   *) Add various sanity checks to asn1_get_length() to reject
      the ASN1 length bytes if they exceed sizeof(long), will appear
      negative or the content length exceeds the length of the
-     supplied buffer. (CVE-2002-0659)
+     supplied buffer. (CAN-2002-0659)
      [Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>]
 
   *) Assertions for various potential buffer overflows, not known to
@@ -2441,15 +2355,15 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
      [Ben Laurie (CHATS)]
 
   *) Various temporary buffers to hold ASCII versions of integers were
-     too small for 64 bit platforms. (CVE-2002-0655)
+     too small for 64 bit platforms. (CAN-2002-0655)
      [Matthew Byng-Maddick <mbm@aldigital.co.uk> and Ben Laurie (CHATS)>
 
   *) Remote buffer overflow in SSL3 protocol - an attacker could
-     supply an oversized session ID to a client. (CVE-2002-0656)
+     supply an oversized session ID to a client. (CAN-2002-0656)
      [Ben Laurie (CHATS)]
 
   *) Remote buffer overflow in SSL2 protocol - an attacker could
-     supply an oversized client master key. (CVE-2002-0656)
+     supply an oversized client master key. (CAN-2002-0656)
      [Ben Laurie (CHATS)]
 
  Changes between 0.9.6c and 0.9.6d  [9 May 2002]
diff --git a/src/lib/libssl/src/Configure b/src/lib/libssl/src/Configure
index a38783dd98..e0e732c445 100644
--- a/src/lib/libssl/src/Configure
+++ b/src/lib/libssl/src/Configure
@@ -177,11 +177,11 @@ my %table=(
 # actually recommend to consider using gcc shared build even with vendor
 # compiler:-)
 #                                               <appro@fy.chalmers.se>
-"solaris64-x86_64-gcc","gcc:-m64 -O3 -Wall -DL_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o::::::asm/rc4-x86_64.o:::dlfcn:solaris-shared:-fPIC:-m64 -shared -static-libgcc:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-x86_64-gcc","gcc:-m64 -O3 -Wall -DL_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o::::::asm/rc4-amd64.o:::dlfcn:solaris-shared:-fPIC:-m64 -shared -static-libgcc:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 #### Solaris x86 with Sun C setups
-"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-x86_64-cc","cc:-fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL::::::::::dlfcn:solaris-shared:-KPIC:-xarch=amd64 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-x86_64-cc","cc:-fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL::::::::::dlfcn:solaris-shared:-KPIC:-xarch=amd64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 #### SPARC Solaris with GNU C setups
 "solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -200,17 +200,17 @@ my %table=(
 
 #### SPARC Solaris with Sun C setups
 # DO NOT use /xO[34] on sparc with SC3.0.  It is broken, and will not pass the tests
-"solaris-sparc-sc3","cc:-fast -O -Xa -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparc-sc3","cc:-fast -O -Xa -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # SC4.0 doesn't pass 'make test', upgrade to SC5.0 or SC4.2.
 # SC4.2 is ok, better than gcc even on bn as long as you tell it -xarch=v8
 # SC5.0 note: Compiler common patch 107357-01 or later is required!
-"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-KPIC:-xarch=v9 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs",
+"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-KPIC:-xarch=v9:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs",
 ####
-"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 #### SPARC Linux setups
 "linux-sparcv7","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::",
@@ -271,56 +271,56 @@ my %table=(
 #
 #!#"hpux-parisc-cc","cc:-Ae +O3 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
 # Since there is mention of this in shlib/hpux10-cc.sh
-"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::::-Wl,+cdp,../%3a,+cdp,./%3a,+s,+b,\$(INSTALLTOP)/lib -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::::-Wl,+cdp,../%3a,+cdp,./%3a,+s,+b,\$(INSTALLTOP)/lib -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux64-parisc-cc","cc:-Ae +DD64 +O3 +ESlit -z -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux64-parisc-cc","cc:-Ae +DD64 +O3 +ESlit -z -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # 64bit PARISC for GCC without optimization, which seems to make problems.
 # Submitted by <ross.alexander@uk.neceur.com>
-"hpux64-parisc-gcc","gcc:-DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux-shared:-fpic:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux64-parisc-gcc","gcc:-DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:-fpic::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux64-shared:-fpic::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 # IA-64 targets
-"hpux-ia64-cc","cc:-Ae +DD32 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:hpux-shared:+Z:-b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-ia64-cc","cc:-Ae +DD32 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:hpux-shared:+Z::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # Frank Geurts <frank.geurts@nl.abnamro.com> has patiently assisted with
 # with debugging of the following config.
-"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:hpux-shared:+Z:+DD64 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:hpux64-shared:+Z::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 # More attempts at unified 10.X and 11.X targets for HP C compiler.
 #
 # Chris Ruemmler <ruemmler@cup.hp.com>
 # Kevin Steves <ks@hp.se>
-"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+cdp,../%3a,+cdp,./%3a,+s,+b,\$(INSTALLTOP)/lib -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+cdp,../%3a,+cdp,./%3a,+s,+b,\$(INSTALLTOP)/lib -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2.o:::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2.o:::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # Isn't the line below meaningless? HP-UX cc optimizes for host by default.
 # hpux-parisc1_0-cc with +DAportable flag would make more sense. <appro>
-"hpux-parisc1_1-cc","cc:+DA1.1 +DS1.1 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+cdp,../%3a,+cdp,./%3a,+s,+b,\$(INSTALLTOP)/lib -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc1_1-cc","cc:+DA1.1 +DS1.1 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 # HPUX 9.X config.
 # Don't use the bundled cc.  It is broken.  Use HP ANSI C if possible, or
 # egcs.  gcc 2.8.1 is also broken.
 
-"hpux-cc",      "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::(unknown)::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-cc",      "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::(unknown)::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # If hpux-cc fails (e.g. during "make test"), try the next one; otherwise,
 # please report your OS and compiler version to the openssl-bugs@openssl.org
 # mailing list.
-"hpux-brokencc",        "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::(unknown)::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-brokencc",        "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
-"hpux-gcc",     "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-gcc",     "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # If hpux-gcc fails, try this one:
-"hpux-brokengcc",       "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-brokengcc",       "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 # HPUX 9.X on Motorola 68k platforms with gcc
 "hpux-m68k-gcc",  "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):::BN_LLONG DES_PTR DES_UNROLL:::::::::::::",
 
 # HPUX 10.X config.  Supports threads.
-"hpux10-cc",    "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux10-cc",    "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # If hpux10-cc fails, try this one (if still fails, try deleting BN_LLONG):
-"hpux10-brokencc",      "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux10-brokencc",      "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
-"hpux10-gcc",   "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux10-gcc",   "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # If hpux10-gcc fails, try this one:
-"hpux10-brokengcc",     "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT::-Wl,+s,+b,\$(INSTALLTOP)/lib -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux10-brokengcc",     "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 # HPUX 11.X from www.globus.org.
 # Only works on PA-RISC 2.0 cpus, and not optimized.  Why?
@@ -409,9 +409,10 @@ my %table=(
 "linux-m68k",   "gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG::",
 "linux-s390",   "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "linux-s390x",  "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ia64",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ia64-ecc",   "ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o::::::asm/rc4-x86_64.o:::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ia64",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:asm/ia64.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ia64-ecc",   "ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:asm/ia64.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o::::::asm/rc4-amd64.o:::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-em64t", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "NetBSD-m68",   "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "NetBSD-x86",   "gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -529,17 +530,17 @@ my %table=(
 "BC-16","bcc:::(unknown):WIN16::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::",
 
 # MinGW
-"mingw", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -mno-cygwin -Wall -D_WIN32_WINNT=0x333:::MINGW32:-lwsock32 -lgdi32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_out_asm}:win32:cygwin-shared:-D_WINDLL:-mno-cygwin:.dll.a",
+"mingw", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -mno-cygwin -Wall:::MINGW32:-lwsock32 -lgdi32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:win32:cygwin-shared:-D_WINDLL:-mno-cygwin:.dll",
 
 # UWIN 
 "UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32",
 
 # Cygwin
 "Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32",
-"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:cygwin-shared:-D_WINDLL::.dll.a",
+"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:cygwin-shared:-D_WINDLL::.dll",
 
 # DJGPP
-"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::",
+"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall -DDEVRANDOM=\"/dev/urandom\\x24\":::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::",
 
 # Ultrix from Bernhard Simon <simon@zid.tuwien.ac.at>
 "ultrix-cc","cc:-std1 -O -Olimit 2500 -DL_ENDIAN::(unknown):::::::",
@@ -562,8 +563,8 @@ my %table=(
 
 ##### MacOS X (a.k.a. Rhapsody or Darwin) setup
 "rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
-"darwin-ppc-cc","cc:-O3 -fomit-frame-pointer -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/osx_ppc32.o:::::::::dlfcn:darwin-shared:-fPIC -fno-common::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-"darwin-i386-cc","cc:-O3 -fomit-frame-pointer -fno-common::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin-ppc-cc","cc:-O3 -fomit-frame-pointer -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/osx_ppc32.o::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin-i386-cc","cc:-O3 -fomit-frame-pointer -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
 
 ##### A/UX
 "aux3-gcc","gcc:-O2 -DTERMIO::(unknown):AUX:-lbsd:RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
@@ -621,8 +622,6 @@ my $prefix="";
 my $openssldir="";
 my $exe_ext="";
 my $install_prefix="";
-my $fipslibdir="/usr/local/ssl/lib";
-my $baseaddr="0xFB00000";
 my $no_threads=0;
 my $no_shared=1;
 my $zlib=0;
@@ -808,7 +807,7 @@ PROCESS_ARGS:
                                 {
                                 while (<IN>)
                                         {
-                                        chomp;
+                                        chop;
                                         if (/^CONFIGURE_ARGS=(.*)/)
                                                 {
                                                 $argvstring=$1;
@@ -867,22 +866,6 @@ PROCESS_ARGS:
                                 {
                                 $withargs{"krb5-".$1}=$2;
                                 }
-                        elsif (/^--with-zlib-lib=(.*)$/)
-                                {
-                                $withargs{"zlib-lib"}=$1;
-                                }
-                        elsif (/^--with-fipslibdir=(.*)$/)
-                                {
-                                $fipslibdir="$1";
-                                }
-                        elsif (/^--with-baseaddr=(.*)$/)
-                                {
-                                $baseaddr="$1";
-                                }
-                        elsif (/^--with-zlib-include=(.*)$/)
-                                {
-                                $withargs{"zlib-include"}="-I$1";
-                                }
                         else
                                 {
                                 print STDERR $usage;
@@ -896,7 +879,7 @@ PROCESS_ARGS:
                         }
                 else
                         {
-                        die "target already defined - $target (offending arg: $_)\n" if ($target ne "");
+                        die "target already defined - $target\n" if ($target ne "");
                         $target=$_;
                         }
                 unless ($_ eq $target) {
@@ -982,26 +965,10 @@ chop $prefix if $prefix =~ /\/$/;
 $openssldir=$prefix . "/ssl" if $openssldir eq "";
 $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
 
-if ($fips && ! -f "$fipslibdir/fipscanister.o")
-        {
-        my $fipswinerr = "";
-        $fipswinerr = <<EOF if $IsWindows;
- Ensure that the correct path to the FIPS module directory
-has been given to the --with-fipslibdir option.
-EOF
-        print STDERR <<EOF;
-The file fipscanister.o could not be located. Please build and install the
-FIPS module using the instructions in the user guide before compiling OpenSSL
-in FIPS mode.$fipswinerr
-EOF
-        exit 1;
-        }
-
 
 print "IsWindows=$IsWindows\n";
 
 my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
-for (@fields) { s/%([\dA-Fa-f]{2})/chr(hex($1))/eg; }
 my $cc = $fields[$idx_cc];
 my $cflags = $fields[$idx_cflags];
 my $unistd = $fields[$idx_unistd];
@@ -1060,7 +1027,7 @@ else
                         if $withargs{"krb5-dir"} eq "";
                 $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
                         "/lib -lgssapi -lkrb5 -lcom_err"
-                        if $withargs{"krb5-lib"} eq "" && !$IsWindows;
+                        if $withargs{"krb5-lib"} eq "";
                 $cflags="-DKRB5_HEIMDAL $cflags";
                 }
         if ($withargs{"krb5-flavor"} =~ /^[Mm][Ii][Tt]/)
@@ -1069,7 +1036,7 @@ else
                         if $withargs{"krb5-dir"} eq "";
                 $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
                         "/lib -lgssapi_krb5 -lkrb5 -lcom_err -lk5crypto"
-                        if $withargs{"krb5-lib"} eq "" && !$IsWindows;
+                        if $withargs{"krb5-lib"} eq "";
                 $cflags="-DKRB5_MIT $cflags";
                 $withargs{"krb5-flavor"} =~ s/^[Mm][Ii][Tt][._-]*//;
                 if ($withargs{"krb5-flavor"} =~ /^1[._-]*[01]/)
@@ -1088,7 +1055,7 @@ else
                         }
                 }
         $withargs{"krb5-lib"} .= " -lresolv"
-                if ("$lresolv" ne "" && !$IsWindows);
+                if ("$lresolv" ne "");
         $withargs{"krb5-include"} = "-I".$withargs{"krb5-dir"}."/include"
                 if $withargs{"krb5-include"} eq "" &&
                    $withargs{"krb5-dir"} ne "";
@@ -1184,8 +1151,7 @@ if (!$no_shared)
         {
         if ($shared_cflag ne "")
                 {
-                $cflags = "$shared_cflag -DOPENSSL_PIC $cflags";
-                $shared_ldflag = "$shared_ldflag $shared_cflag" if($fips);
+                $cflags = "$shared_cflag $cflags";
                 }
         }
 
@@ -1208,22 +1174,16 @@ if ($ranlib eq "")
 $bn_obj = $bn_asm unless $bn_obj ne "";
 
 my $fips_des_obj;
-my $fips_aes_obj;
 my $fips_sha1_obj;
 if ($fips)
         {
-        if ($des_obj =~ /\-elf\.o$/)
+        if ($des_obj =~ /\-elf\.o$/ && $no_shared) # FIPS DES module is not PIC
                 {
                 $fips_des_obj='asm/fips-dx86-elf.o';
                 $openssl_other_defines.="#define OPENSSL_FIPS_DES_ASM\n";
-                $fips_aes_obj='asm/fips-ax86-elf.o';
-                $openssl_other_defines.="#define OPENSSL_FIPS_AES_ASM\n";
-                }
-        else    {
-                $fips_des_obj=$fips_des_enc;
-                $fips_aes_obj='fips_aes_core.o';
                 }
-        $fips_sha1_obj='asm/fips-sx86-elf.o' if ($sha1_obj =~ /\-elf\.o$/);
+        else {  $fips_des_obj=$fips_des_enc;  }
+        $fips_sha1_obj='asm/sx86-elf.o' if ($sha1_obj =~ /\-elf\.o$/);
         $des_obj=$sha1_obj="";
         $openssl_other_defines.="#define OPENSSL_FIPS\n";
         }
@@ -1295,7 +1255,7 @@ print OUT "### Generated automatically from Makefile.org by Configure.\n\n";
 my $sdirs=0;
 while (<IN>)
         {
-        chomp;
+        chop;
         $sdirs = 1 if /^SDIRS=/;
         if ($sdirs) {
                 my $dir;
@@ -1327,7 +1287,6 @@ while (<IN>)
         s/^BN_ASM=.*$/BN_ASM= $bn_obj/;
         s/^DES_ENC=.*$/DES_ENC= $des_obj/;
         s/^FIPS_DES_ENC=.*$/FIPS_DES_ENC= $fips_des_obj/;
-        s/^FIPS_AES_ENC=.*$/FIPS_AES_ENC= $fips_aes_obj/;
         s/^BF_ENC=.*$/BF_ENC= $bf_obj/;
         s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/;
         s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/;
@@ -1342,10 +1301,6 @@ while (<IN>)
         s/^PERL=.*/PERL= $perl/;
         s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/;
         s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/;
-        s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/;
-        s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/;
-        s/^BASEADDR=.*/BASEADDR=$baseaddr/;
-        s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/;
         s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
         s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
         s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
@@ -1699,13 +1654,12 @@ sub print_table_entry
         {
         my $target = shift;
 
-        my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
-        for (@fields) { s/%([\dA-Fa-f]{2})/chr(hex($1))/eg; }
         (my $cc,my $cflags,my $unistd,my $thread_cflag,my $sys_id,my $lflags,
         my $bn_ops,my $bn_obj,my $des_obj,my $bf_obj,
         my $md5_obj,my $sha1_obj,my $cast_obj,my $rc4_obj,my $rmd160_obj,
         my $rc5_obj,my $dso_scheme,my $shared_target,my $shared_cflag,
-        my $shared_ldflag,my $shared_extension,my $ranlib,my $arflags)=@fields;
+        my $shared_ldflag,my $shared_extension,my $ranlib,my $arflags)=
+        split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
                         
         print <<EOF
 
@@ -1748,7 +1702,6 @@ sub test_sanity
         foreach $target (sort keys %table)
                 {
                 @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
-                for (@fields) { s/%([\dA-Fa-f]{2})/chr(hex($1))/eg; }
 
                 if ($fields[$idx_dso_scheme-1] =~ /^(dl|dlfcn|win32|vms)$/)
                         {
diff --git a/src/lib/libssl/src/FAQ b/src/lib/libssl/src/FAQ
index 6545cd72aa..943fc9d4a3 100644
--- a/src/lib/libssl/src/FAQ
+++ b/src/lib/libssl/src/FAQ
@@ -70,7 +70,7 @@ OpenSSL  -  Frequently Asked Questions
 * Which is the current version of OpenSSL?
 
 The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 0.9.7j was released on May 4, 2006.
+OpenSSL 0.9.7g was released on April 11, 2005.
 
 In addition to the current stable release, you can also access daily
 snapshots of the OpenSSL development version at <URL:
@@ -141,8 +141,8 @@ less Unix-centric, it might have been used much earlier.
 
 With version 0.9.6 OpenSSL was extended to interface to external crypto
 hardware. This was realized in a special release '0.9.6-engine'. With
-version 0.9.7 the changes were merged into the main development line,
-so that the special release is no longer necessary.
+version 0.9.7 (not yet released) the changes were merged into the main
+development line, so that the special release is no longer necessary.
 
 * How do I check the authenticity of the OpenSSL distribution?
 
diff --git a/src/lib/libssl/src/LICENSE b/src/lib/libssl/src/LICENSE
index e6afecc724..40277883a5 100644
--- a/src/lib/libssl/src/LICENSE
+++ b/src/lib/libssl/src/LICENSE
@@ -12,7 +12,7 @@
   ---------------
 
 /* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2004 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
diff --git a/src/lib/libssl/src/Makefile.org b/src/lib/libssl/src/Makefile.org
index b9db0dd57d..cc4000b148 100644
--- a/src/lib/libssl/src/Makefile.org
+++ b/src/lib/libssl/src/Makefile.org
@@ -102,7 +102,6 @@ PROCESSOR=
 # Set DES_ENC to des_enc.o if you want to use the C version
 #There are 4 x86 assember options.
 FIPS_DES_ENC= des_enc.o fcrypt_b.o
-FIPS_AES_ENC= fips_aes_core.o
 DES_ENC= asm/dx86-out.o asm/yx86-out.o
 #DES_ENC= des_enc.o fcrypt_b.o          # C
 #DES_ENC= asm/dx86-elf.o asm/yx86-elf.o # elf
@@ -172,29 +171,11 @@ RMD160_ASM_OBJ= asm/rm86-out.o
 KRB5_INCLUDES=
 LIBKRB5=
 
-# Zlib stuff
-ZLIB_INCLUDE=
-LIBZLIB=
-
-# This is the location of fipscanister.o and friends.
-# The FIPS module build will place it $(INSTALLTOP)/lib
-# but since $(INSTALLTOP) can only take the default value
-# when the module is built it will be in /usr/local/ssl/lib
-# $(INSTALLTOP) for this build make be different so hard
-# code the path.
-
-FIPSLIBDIR=/usr/local/ssl/lib
-
-# Shared library base address. Currently only used on Windows.
-#
-
-BASEADDR=
-
 # When we're prepared to use shared libraries in the programs we link here
 # we might set SHLIB_MARK to '$(SHARED_LIBS)'.
 SHLIB_MARK=
 
-DIRS=   crypto fips-1.0 ssl $(SHLIB_MARK) apps test tools
+DIRS=   crypto fips ssl $(SHLIB_MARK) sigs apps test tools
 SHLIBDIRS= crypto ssl
 
 # dirs in crypto to build
@@ -205,7 +186,7 @@ SDIRS=  objects \
         buffer bio stack lhash rand err \
         evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
 
-FDIRS=  sha rand des aes dsa rsa dh hmac
+FDIRS=  sha1 rand des aes dsa rsa dh
 
 # tests to perform.  "alltests" is a special word indicating that all tests
 # should be performed.
@@ -224,6 +205,7 @@ ONEDIRS=out tmp
 EDIRS=  times doc bugs util include certs ms shlib mt demos perl sf dep VMS
 WDIRS=  windows
 LIBS=   libcrypto.a libssl.a
+SIGS=   libcrypto.a.sha1
 SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
 SHARED_SSL=libssl$(SHLIB_EXT)
 SHARED_LIBS=
@@ -243,12 +225,19 @@ HEADER=         e_os.h
 
 all: Makefile sub_all openssl.pc
 
+sigs:   $(SIGS)
+libcrypto.a.sha1: libcrypto.a
+        @if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
+                $(RANLIB) libcrypto.a; \
+                fips/sha1/fips_standalone_sha1 libcrypto.a > libcrypto.a.sha1; \
+        fi
+
 sub_all:
         @for i in $(DIRS); \
         do \
         if [ -d "$$i" ]; then \
                 (cd $$i && echo "making all in $$i..." && \
-                $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' FIPS_AES_ENC='${FIPS_AES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' FIPSLIBDIR='${FIPSLIBDIR}' all ) || exit 1; \
+                $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' all ) || exit 1; \
         else \
                 $(MAKE) $$i; \
         fi; \
@@ -259,7 +248,7 @@ sub_target:
         do \
         if [ -d "$$i" ]; then \
                 (cd $$i && echo "making $(TARGET) in $$i..." && \
-                $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' FIPS_AES_ENC='${FIPS_AES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TARGET='$(TARGET)' sub_target ) || exit 1; \
+                $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TARGET='$(TARGET)' sub_target ) || exit 1; \
         else \
                 $(MAKE) $$i; \
         fi; \
@@ -315,12 +304,12 @@ do_gnu-shared:
         if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
                 libs="$(LIBKRB5) $$libs"; \
         fi; \
-        ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
+        ( set -x; ${CC} ${SHARED_LDFLAGS} \
                 -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
                 -Wl,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
                 -Wl,-Bsymbolic \
                 -Wl,--whole-archive lib$$i.a \
-                -Wl,--no-whole-archive $$libs ${EX_LIBS} ) || exit 1; \
+                -Wl,--no-whole-archive $$libs ${EX_LIBS} -lc ) || exit 1; \
         libs="-l$$i $$libs"; \
         done
 
@@ -332,8 +321,7 @@ do_darwin-shared:
         if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
                 libs="$(LIBKRB5) $$libs"; \
         fi; \
-        ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
-                --verbose -dynamiclib -o lib$$i${SHLIB_EXT} \
+        ( set -x; ${CC} --verbose -dynamiclib -o lib$$i${SHLIB_EXT} \
                 lib$$i.a $$libs -all_load -current_version ${SHLIB_MAJOR}.${SHLIB_MINOR} \
                 -compatibility_version ${SHLIB_MAJOR}.`echo ${SHLIB_MINOR} | cut -d. -f1` \
                 -install_name ${INSTALLTOP}/lib/lib$$i${SHLIB_EXT} ) || exit 1; \
@@ -350,15 +338,14 @@ do_cygwin-shared:
         [ "$(PLATFORM)" = "mingw" ] && shlib=$${i}eay32.dll; \
         [ -f apps/$$shlib ] && rm apps/$$shlib; \
         [ -f test/$$shlib ] && rm test/$$shlib; \
-        base=;  [ $$i = "crypto" ] && base=-Wl,--image-base,0x63000000; \
-        ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
+        base=;  [ $$i = "crypto" ] && base=-Wl,--image-base,0xFE00000; \
+        ( set -x; ${CC} ${SHARED_LDFLAGS} \
                 -shared $$base -o $$shlib \
                 -Wl,-Bsymbolic \
                 -Wl,--whole-archive lib$$i.a \
                 -Wl,--out-implib,lib$$i.dll.a \
                 -Wl,--no-whole-archive $$libs ${EX_LIBS} ) || exit 1; \
         cp -p $$shlib apps/; cp -p $$shlib test/; \
-        touch -c lib$$i.dll.a; \
         libs="-l$$i $$libs"; \
         done
 
@@ -371,10 +358,10 @@ do_alpha-osf1-shared:
                 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
                         libs="$(LIBKRB5) $$libs"; \
                 fi; \
-                ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
+                ( set -x; ${CC} ${SHARED_LDFLAGS} \
                         -shared -o lib$$i.so \
                         -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
-                        -all lib$$i.a -none $$libs ${EX_LIBS} ) || exit 1; \
+                        -all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \
                 libs="-l$$i $$libs"; \
                 done; \
         fi
@@ -390,10 +377,10 @@ do_tru64-shared:
                 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
                         libs="$(LIBKRB5) $$libs"; \
                 fi; \
-                ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
+                ( set -x; ${CC} ${SHARED_LDFLAGS} \
                         -shared -msym -o lib$$i.so \
                         -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
-                        -all lib$$i.a -none $$libs ${EX_LIBS} ) || exit 1; \
+                        -all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \
                 libs="-l$$i $$libs"; \
                 done; \
         fi
@@ -409,11 +396,11 @@ do_tru64-shared-rpath:
                 if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
                         libs="$(LIBKRB5) $$libs"; \
                 fi; \
-                ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
+                ( set -x; ${CC} ${SHARED_LDFLAGS} \
                         -shared -msym -o lib$$i.so \
                         -rpath  ${INSTALLTOP}/lib \
                         -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
-                        -all lib$$i.a -none $$libs ${EX_LIBS} ) || exit 1; \
+                        -all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \
                 libs="-l$$i $$libs"; \
                 done; \
         fi
@@ -431,12 +418,12 @@ do_solaris-shared:
                 ( PATH=/usr/ccs/bin:$$PATH ; export PATH; \
                   MINUSZ='-z '; \
                   (${CC} -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \
-                  set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
+                  set -x; ${CC} ${SHARED_LDFLAGS} -G -dy -z text \
                         -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
                         -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
                         -Wl,-Bsymbolic \
                         $${MINUSZ}allextract lib$$i.a $${MINUSZ}defaultextract \
-                        $$libs ${EX_LIBS} ) || exit 1; \
+                        $$libs ${EX_LIBS} -lc ) || exit 1; \
                 libs="-l$$i $$libs"; \
                 done; \
         fi
@@ -456,7 +443,7 @@ do_svr3-shared:
                   for obj in `ar t lib$$i.a` ; do \
                     OBJS="$${OBJS} `grep /$$obj allobjs`" ; \
                   done ; \
-                  set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
+                  set -x; ${CC} ${SHARED_LDFLAGS} \
                         -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
                         -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
                         $${OBJS} $$libs ${EX_LIBS} ) || exit 1; \
@@ -482,7 +469,7 @@ do_svr5-shared:
                     OBJS="$${OBJS} `grep /$$obj allobjs`" ; \
                   done ; \
                   set -x; LD_LIBRARY_PATH=.:$$LD_LIBRARY_PATH \
-                        $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
+                        ${CC} ${SHARED_LDFLAGS} \
                         $${SHARE_FLAG} -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
                         -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
                         $${OBJS} $$libs ${EX_LIBS} ) || exit 1; \
@@ -501,15 +488,24 @@ do_irix-shared:
                 fi; \
                 ( WHOLELIB="-all lib$$i.a -none"; \
                   (${CC} -v 2>&1 | grep gcc) > /dev/null && WHOLELIB="-Wl,-all,lib$$i.a,-none"; \
-                  set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
+                  set -x; ${CC} ${SHARED_LDFLAGS} \
                         -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
                         -Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-                        $${WHOLELIB} $$libs ${EX_LIBS}) || exit 1; \
+                        $${WHOLELIB} $$libs ${EX_LIBS} -lc) || exit 1; \
                 libs="-l$$i $$libs"; \
                 done; \
         fi
 
 # This assumes that GNU utilities are *not* used
+# HP-UX includes the full pathname of libs we depend on, so we would get
+# ./libcrypto (with ./ as path information) compiled into libssl, hence
+# we omit the SHLIBDEPS. Applications must be linked with -lssl -lcrypto
+# anyway.
+# The object modules are loaded from lib$i.a using the undocumented -Fl
+# option.
+#
+# WARNING: Until DSO is fixed to support a search path, we support SHLIB_PATH
+#          by temporarily specifying "+s"!
 #
 do_hpux-shared:
         for i in ${SHLIBDIRS}; do \
@@ -522,11 +518,38 @@ do_hpux-shared:
                 shlib=lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
         fi; \
         [ -f $$shlib ] && rm -f $$shlib; \
-        ALLSYMSFLAGS='-Wl,-Fl'; \
-        expr $(PLATFORM) : 'hpux64' > /dev/null && ALLSYMSFLAGS='-Wl,+forceload'; \
-        ( set -x; $${FIPSLD:-${CC}} ${SHARED_LDFLAGS} \
-                -Wl,-B,symbolic,+vnocompatwarnings,-z,+h,$$shlib \
-                -o $$shlib $$ALLSYMSFLAGS,lib$$i.a -ldld ) || exit 1; \
+        ( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \
+                +vnocompatwarnings \
+                -b -z +s \
+                -o $$shlib +h $$shlib \
+                -Fl lib$$i.a -ldld -lc ) || exit 1; \
+        chmod a=rx $$shlib; \
+        done
+
+# This assumes that GNU utilities are *not* used
+# HP-UX includes the full pathname of libs we depend on, so we would get
+# ./libcrypto (with ./ as path information) compiled into libssl, hence
+# we omit the SHLIBDEPS. Applications must be linked with -lssl -lcrypto
+# anyway.
+#
+# HP-UX in 64bit mode has "+s" enabled by default; it will search for
+# shared libraries along LD_LIBRARY_PATH _and_ SHLIB_PATH.
+#
+do_hpux64-shared:
+        for i in ${SHLIBDIRS}; do \
+        if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
+                libs="$(LIBKRB5) $$libs"; \
+        fi; \
+        if expr $(PLATFORM) : '.*ia64' > /dev/null; then \
+                shlib=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
+        else \
+                shlib=lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
+        fi; \
+        [ -f $$shlib ] && rm -f $$shlib; \
+        ( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \
+                -b -z \
+                -o $$shlib +h $$shlib \
+                +forceload lib$$i.a -ldl -lc ) || exit 1; \
         chmod a=rx $$shlib; \
         done
 
@@ -572,7 +595,7 @@ do_aix-shared:
           OBJECT_MODE=$${OBJECT_MODE:-32}; export OBJECT_MODE; \
           ld -r -o lib$$i.o $(ALLSYMSFLAG) lib$$i.a && \
           ( nm -Pg lib$$i.o | grep ' [BD] ' | cut -f1 -d' ' > lib$$i.exp; \
-            $${FIPSLD:-${CC}} $(SHAREDFLAGS) \
+            $(SHAREDCMD) $(SHAREDFLAGS) \
                 -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} lib$$i.o \
                 $$libs ${EX_LIBS} ) ) \
         || exit 1; \
@@ -588,7 +611,7 @@ do_reliantunix-shared:
         ( set -x; \
           ( Opwd=`pwd` ; mkdir $$tmpdir || exit 1; \
             cd $$tmpdir || exit 1 ; ar x $$Opwd/lib$$i.a ; \
-            $${FIPSLD:-${CC}} -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} *.o \
+            ${CC} -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} *.o \
           ) || exit 1; \
           cp $$tmpdir/lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} . ; \
         ) || exit 1; \
@@ -734,15 +757,11 @@ crypto/objects/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt c
 apps/openssl-vms.cnf: apps/openssl.cnf
         $(PERL) VMS/VMSify-conf.pl < apps/openssl.cnf > apps/openssl-vms.cnf
 
-crypto/bn/bn_prime.h: crypto/bn/bn_prime.pl
-        $(PERL) crypto/bn/bn_prime.pl >crypto/bn/bn_prime.h
-
-
 TABLE: Configure
         (echo 'Output of `Configure TABLE'"':"; \
         $(PERL) Configure TABLE) > TABLE
 
-update: errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h apps/openssl-vms.cnf crypto/bn/bn_prime.h TABLE depend
+update: depend errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h apps/openssl-vms.cnf TABLE
 
 # Build distribution tar-file. As the list of files returned by "find" is
 # pretty long, on several platforms a "too many arguments" error or similar
@@ -847,6 +866,15 @@ install_sw:
                         sed -e '1,/^$$/d' doc/openssl-shared.txt; \
                 fi; \
         fi
+        @for i in $(SIGS) ;\
+        do \
+                if [ -f "$$i" ]; then \
+                (       echo installing $$i; \
+                        cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
+                        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
+                        mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \
+                fi; \
+        done;
         cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
         chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/openssl.pc
 
@@ -872,8 +900,8 @@ install_docs:
                         --release=$(VERSION) `basename $$i`") \
                         >  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
                 $(PERL) util/extract-names.pl < $$i | \
-                        (grep -v $$filecase "^$$fn\$$"; true) | \
-                        (grep -v "[     ]"; true) | \
+                        grep -v $$filecase "^$$fn\$$" | \
+                        grep -v "[      ]" | \
                         (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
                          while read n; do \
                                 $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
@@ -889,8 +917,8 @@ install_docs:
                         --release=$(VERSION) `basename $$i`") \
                         >  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
                 $(PERL) util/extract-names.pl < $$i | \
-                        (grep -v $$filecase "^$$fn\$$"; true) | \
-                        (grep -v "[     ]"; true) | \
+                        grep -v $$filecase "^$$fn\$$" | \
+                        grep -v "[      ]" | \
                         (cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
                          while read n; do \
                                 $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
diff --git a/src/lib/libssl/src/NEWS b/src/lib/libssl/src/NEWS
index 49b443ed4d..8e1ce65a5f 100644
--- a/src/lib/libssl/src/NEWS
+++ b/src/lib/libssl/src/NEWS
@@ -5,20 +5,6 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
-  Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j:
-
-      o Update Windows build system for FIPS.
-
-  Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i:
-
-      o Give EVP_MAX_MD_SIZE it's old value, except for a FIPS build.
-
-  Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h:
-
-      o Fix SSL 2.0 Rollback, CAN-2005-2969
-      o Allow use of fixed-length exponent on DSA signing
-      o Default fixed-window RSA, DSA, DH private-key operations
-
   Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g:
 
       o More compilation issues fixed.
diff --git a/src/lib/libssl/src/PROBLEMS b/src/lib/libssl/src/PROBLEMS
deleted file mode 100644
index 6f39eb345d..0000000000
--- a/src/lib/libssl/src/PROBLEMS
+++ /dev/null
@@ -1,164 +0,0 @@
-* System libcrypto.dylib and libssl.dylib are used by system ld on MacOS X.
-
-
-    NOTE: The problem described here only applies when OpenSSL isn't built
-    with shared library support (i.e. without the "shared" configuration
-    option).  If you build with shared library support, you will have no
-    problems as long as you set up DYLD_LIBRARY_PATH properly at all times.
-
-
-This is really a misfeature in ld, which seems to look for .dylib libraries
-along the whole library path before it bothers looking for .a libraries.  This
-means that -L switches won't matter unless OpenSSL is built with shared
-library support.
-
-The workaround may be to change the following lines in apps/Makefile and
-test/Makefile:
-
-  LIBCRYPTO=-L.. -lcrypto
-  LIBSSL=-L.. -lssl
-
-to:
-
-  LIBCRYPTO=../libcrypto.a
-  LIBSSL=../libssl.a
-
-It's possible that something similar is needed for shared library support
-as well.  That hasn't been well tested yet.
-
-
-Another solution that many seem to recommend is to move the libraries
-/usr/lib/libcrypto.0.9.dylib, /usr/lib/libssl.0.9.dylib to a different
-directory, build and install OpenSSL and anything that depends on your
-build, then move libcrypto.0.9.dylib and libssl.0.9.dylib back to their
-original places.  Note that the version numbers on those two libraries
-may differ on your machine.
-
-
-As long as Apple doesn't fix the problem with ld, this problem building
-OpenSSL will remain as is.
-
-
-* Parallell make leads to errors
-
-While running tests, running a parallell make is a bad idea.  Many test
-scripts use the same name for output and input files, which means different
-will interfere with each other and lead to test failure.
-
-The solution is simple for now: don't run parallell make when testing.
-
-
-* Bugs in gcc triggered
-
-- According to a problem report, there are bugs in gcc 3.0 that are
-  triggered by some of the code in OpenSSL, more specifically in
-  PEM_get_EVP_CIPHER_INFO().  The triggering code is the following:
-
-        header+=11;
-        if (*header != '4') return(0); header++;
-        if (*header != ',') return(0); header++;
-
-  What happens is that gcc might optimize a little too agressively, and
-  you end up with an extra incrementation when *header != '4'.
-
-  We recommend that you upgrade gcc to as high a 3.x version as you can.
-
-- According to multiple problem reports, some of our message digest
-  implementations trigger bug[s] in code optimizer in gcc 3.3 for sparc64
-  and gcc 2.96 for ppc. Former fails to complete RIPEMD160 test, while
-  latter - SHA one.
-
-  The recomendation is to upgrade your compiler. This naturally applies to
-  other similar cases.
-
-* solaris64-sparcv9-cc SHA-1 performance with WorkShop 6 compiler.
-
-As subject suggests SHA-1 might perform poorly (4 times slower)
-if compiled with WorkShop 6 compiler and -xarch=v9. The cause for
-this seems to be the fact that compiler emits multiplication to
-perform shift operations:-( To work the problem around configure
-with './Configure solaris64-sparcv9-cc -DMD32_REG_T=int'.
-
-* Problems with hp-parisc2-cc target when used with "no-asm" flag
-
-When using the hp-parisc2-cc target, wrong bignum code is generated.
-This is due to the SIXTY_FOUR_BIT build being compiled with the +O3
-aggressive optimization.
-The problem manifests itself by the BN_kronecker test hanging in an
-endless loop. Reason: the BN_kronecker test calls BN_generate_prime()
-which itself hangs. The reason could be tracked down to the bn_mul_comba8()
-function in bn_asm.c. At some occasions the higher 32bit value of r[7]
-is off by 1 (meaning: calculated=shouldbe+1). Further analysis failed,
-as no debugger support possible at +O3 and additional fprintf()'s
-introduced fixed the bug, therefore it is most likely a bug in the
-optimizer.
-The bug was found in the BN_kronecker test but may also lead to
-failures in other parts of the code.
-(See Ticket #426.)
-
-Workaround: modify the target to +O2 when building with no-asm.
-
-* Problems building shared libraries on SCO OpenServer Release 5.0.6
-  with gcc 2.95.3
-
-The symptoms appear when running the test suite, more specifically
-test/ectest, with the following result:
-
-OSSL_LIBPATH="`cd ..; pwd`"; LD_LIBRARY_PATH="$OSSL_LIBPATH:$LD_LIBRARY_PATH"; DYLD_LIBRARY_PATH="$OSSL_LIBPATH:$DYLD_LIBRARY_PATH"; SHLIB_PATH="$OSSL_LIBPATH:$SHLIB_PATH"; LIBPATH="$OSSL_LIBPATH:$LIBPATH"; if [ "debug-sco5-gcc" = "Cygwin" ]; then PATH="${LIBPATH}:$PATH"; fi; export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; ./ectest
-ectest.c:186: ABORT
-
-The cause of the problem seems to be that isxdigit(), called from
-BN_hex2bn(), returns 0 on a perfectly legitimate hex digit.  Further
-investigation shows that any of the isxxx() macros return 0 on any
-input.  A direct look in the information array that the isxxx() use,
-called __ctype, shows that it contains all zeroes...
-
-Taking a look at the newly created libcrypto.so with nm, one can see
-that the variable __ctype is defined in libcrypto's .bss (which
-explains why it is filled with zeroes):
-
-$ nm -Pg libcrypto.so | grep __ctype
-__ctype B 0011659c
-__ctype2 U         
-
-Curiously, __ctype2 is undefined, in spite of being declared in
-/usr/include/ctype.h in exactly the same way as __ctype.
-
-Any information helping to solve this issue would be deeply
-appreciated.
-
-NOTE: building non-shared doesn't come with this problem.
-
-* ULTRIX build fails with shell errors, such as "bad substitution"
-  and "test: argument expected"
-
-The problem is caused by ULTRIX /bin/sh supporting only original
-Bourne shell syntax/semantics, and the trouble is that the vast
-majority is so accustomed to more modern syntax, that very few
-people [if any] would recognize the ancient syntax even as valid.
-This inevitably results in non-trivial scripts breaking on ULTRIX,
-and OpenSSL isn't an exclusion. Fortunately there is workaround,
-hire /bin/ksh to do the job /bin/sh fails to do.
-
-1. Trick make(1) to use /bin/ksh by setting up following environ-
-   ment variables *prior* you execute ./Configure and make:
-
-        PROG_ENV=POSIX
-        MAKESHELL=/bin/ksh
-        export PROG_ENV MAKESHELL
-
-   or if your shell is csh-compatible:
-
-        setenv PROG_ENV POSIX
-        setenv MAKESHELL /bin/ksh
-
-2. Trick /bin/sh to use alternative expression evaluator. Create
-   following 'test' script for example in /tmp:
-
-        #!/bin/ksh
-        ${0##*/} "$@"
-
-   Then 'chmod a+x /tmp/test; ln /tmp/test /tmp/[' and *prepend*
-   your $PATH with chosen location, e.g. PATH=/tmp:$PATH. Alter-
-   natively just replace system /bin/test and /bin/[ with the
-   above script.
diff --git a/src/lib/libssl/src/README b/src/lib/libssl/src/README
index a6a97c8858..c52c2d94bd 100644
--- a/src/lib/libssl/src/README
+++ b/src/lib/libssl/src/README
@@ -1,5 +1,5 @@
 
- OpenSSL 0.9.7j 04 May 2006
+ OpenSSL 0.9.7g 11 April 2005
 
  Copyright (c) 1998-2005 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
@@ -14,13 +14,13 @@
  protocols as well as a full-strength general purpose cryptography library.
  The project is managed by a worldwide community of volunteers that use the
  Internet to communicate, plan, and develop the OpenSSL toolkit and its
- related documentation.
+ related documentation. 
 
  OpenSSL is based on the excellent SSLeay library developed from Eric A. Young
  and Tim J. Hudson.  The OpenSSL toolkit is licensed under a dual-license (the
  OpenSSL license plus the SSLeay license) situation, which basically means
  that you are free to get and use it for commercial and non-commercial
- purposes as long as you fulfill the conditions of both licenses.
+ purposes as long as you fulfill the conditions of both licenses. 
 
  OVERVIEW
  --------
@@ -53,11 +53,11 @@
         MDC2 message digest. A DES based hash that is popular on smart cards.
 
      Public Key
-        RSA encryption/decryption/generation.
+        RSA encryption/decryption/generation.  
             There is no limit on the number of bits.
-        DSA encryption/decryption/generation.
+        DSA encryption/decryption/generation.   
             There is no limit on the number of bits.
-        Diffie-Hellman key-exchange/key generation.
+        Diffie-Hellman key-exchange/key generation.  
             There is no limit on the number of bits.
 
      X.509v3 certificates
@@ -80,16 +80,16 @@
         A simple stack.
         A Configuration loader that uses a format similar to MS .ini files.
 
- openssl:
+ openssl: 
      A command line tool that can be used for:
         Creation of RSA, DH and DSA key parameters
-        Creation of X.509 certificates, CSRs and CRLs
+        Creation of X.509 certificates, CSRs and CRLs 
         Calculation of Message Digests
         Encryption and Decryption with Ciphers
         SSL/TLS Client and Server Tests
         Handling of S/MIME signed or encrypted mail
 
-
+        
  PATENTS
  -------
 
@@ -104,15 +104,13 @@
  licensing conditions. Their web page is http://www.rsasecurity.com/.
 
  RC4 is a trademark of RSA Security, so use of this label should perhaps
- only be used with RSA Security's permission.
+ only be used with RSA Security's permission. 
 
  The IDEA algorithm is patented by Ascom in Austria, France, Germany, Italy,
  Japan, the Netherlands, Spain, Sweden, Switzerland, UK and the USA.  They
  should be contacted if that algorithm is to be used; their web page is
  http://www.ascom.ch/.
 
- The MDC2 algorithm is patented by IBM.
-
  INSTALLATION
  ------------
 
@@ -131,7 +129,7 @@
  or application author.  We try to collect those in doc/PROBLEMS, with current
  thoughts on how they should be solved in a future of OpenSSL.
 
- SUPPORT
+ SUPPORT 
  -------
 
  If you have any problems with OpenSSL then please take the following steps
@@ -140,7 +138,7 @@
     - Download the current snapshot from ftp://ftp.openssl.org/snapshot/
       to see if the problem has already been addressed
     - Remove ASM versions of libraries
-    - Remove compiler optimisation flags
+    - Remove compiler optimisation flags 
 
  If you wish to report a bug then please include the following information in
  any bug report:
@@ -193,4 +191,3 @@
  # ./Configure dist; make clean
  # cd ..
  # diff -ur openssl-orig openssl-work > mydiffs.patch
-
diff --git a/src/lib/libssl/src/apps/CA.pl b/src/lib/libssl/src/apps/CA.pl
deleted file mode 100644
index 9f06cd0232..0000000000
--- a/src/lib/libssl/src/apps/CA.pl
+++ /dev/null
@@ -1,183 +0,0 @@
-#!/usr/bin/perl
-#
-# CA - wrapper around ca to make it easier to use ... basically ca requires
-#      some setup stuff to be done before you can use it and this makes
-#      things easier between now and when Eric is convinced to fix it :-)
-#
-# CA -newca ... will setup the right stuff
-# CA -newreq[-nodes] ... will generate a certificate request 
-# CA -sign ... will sign the generated request and output 
-#
-# At the end of that grab newreq.pem and newcert.pem (one has the key 
-# and the other the certificate) and cat them together and that is what
-# you want/need ... I'll make even this a little cleaner later.
-#
-#
-# 12-Jan-96 tjh    Added more things ... including CA -signcert which
-#                  converts a certificate to a request and then signs it.
-# 10-Jan-96 eay    Fixed a few more bugs and added the SSLEAY_CONFIG
-#                  environment variable so this can be driven from
-#                  a script.
-# 25-Jul-96 eay    Cleaned up filenames some more.
-# 11-Jun-96 eay    Fixed a few filename missmatches.
-# 03-May-96 eay    Modified to use 'ssleay cmd' instead of 'cmd'.
-# 18-Apr-96 tjh    Original hacking
-#
-# Tim Hudson
-# tjh@cryptsoft.com
-#
-
-# 27-Apr-98 snh    Translation into perl, fix existing CA bug.
-#
-#
-# Steve Henson
-# shenson@bigfoot.com
-
-# default openssl.cnf file has setup as per the following
-# demoCA ... where everything is stored
-
-my $openssl;
-if(defined $ENV{OPENSSL}) {
-        $openssl = $ENV{OPENSSL};
-} else {
-        $openssl = "openssl";
-        $ENV{OPENSSL} = $openssl;
-}
-
-$SSLEAY_CONFIG=$ENV{"SSLEAY_CONFIG"};
-$DAYS="-days 365";
-$REQ="$openssl req $SSLEAY_CONFIG";
-$CA="$openssl ca $SSLEAY_CONFIG";
-$VERIFY="$openssl verify";
-$X509="$openssl x509";
-$PKCS12="$openssl pkcs12";
-
-$CATOP="./demoCA";
-$CAKEY="cakey.pem";
-$CACERT="cacert.pem";
-
-$DIRMODE = 0777;
-
-$RET = 0;
-
-foreach (@ARGV) {
-        if ( /^(-\?|-h|-help)$/ ) {
-            print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
-            exit 0;
-        } elsif (/^-newcert$/) {
-            # create a certificate
-            system ("$REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS");
-            $RET=$?;
-            print "Certificate is in newcert.pem, private key is in newkey.pem\n"
-        } elsif (/^-newreq$/) {
-            # create a certificate request
-            system ("$REQ -new -keyout newkey.pem -out newreq.pem $DAYS");
-            $RET=$?;
-            print "Request is in newreq.pem, private key is in newkey.pem\n";
-        } elsif (/^-newreq-nodes$/) {
-            # create a certificate request
-            system ("$REQ -new -nodes -keyout newkey.pem -out newreq.pem $DAYS");
-            $RET=$?;
-            print "Request is in newreq.pem, private key is in newkey.pem\n";
-        } elsif (/^-newca$/) {
-                # if explicitly asked for or it doesn't exist then setup the
-                # directory structure that Eric likes to manage things 
-            $NEW="1";
-            if ( "$NEW" || ! -f "${CATOP}/serial" ) {
-                # create the directory hierarchy
-                mkdir $CATOP, $DIRMODE;
-                mkdir "${CATOP}/certs", $DIRMODE;
-                mkdir "${CATOP}/crl", $DIRMODE ;
-                mkdir "${CATOP}/newcerts", $DIRMODE;
-                mkdir "${CATOP}/private", $DIRMODE;
-                open OUT, ">${CATOP}/index.txt";
-                close OUT;
-            }
-            if ( ! -f "${CATOP}/private/$CAKEY" ) {
-                print "CA certificate filename (or enter to create)\n";
-                $FILE = <STDIN>;
-
-                chop $FILE;
-
-                # ask user for existing CA certificate
-                if ($FILE) {
-                    cp_pem($FILE,"${CATOP}/private/$CAKEY", "PRIVATE");
-                    cp_pem($FILE,"${CATOP}/$CACERT", "CERTIFICATE");
-                    $RET=$?;
-                } else {
-                    print "Making CA certificate ...\n";
-                    system ("$REQ -new -x509 -keyout " .
-                        "${CATOP}/private/$CAKEY -out ${CATOP}/$CACERT $DAYS");
-                    $RET=$?;
-                }
-            }
-            if (! -f "${CATOP}/serial" ) {
-                system ("$X509 -in ${CATOP}/$CACERT -noout "
-                        . "-next_serial -out ${CATOP}/serial");
-            }
-        } elsif (/^-pkcs12$/) {
-            my $cname = $ARGV[1];
-            $cname = "My Certificate" unless defined $cname;
-            system ("$PKCS12 -in newcert.pem -inkey newkey.pem " .
-                        "-certfile ${CATOP}/$CACERT -out newcert.p12 " .
-                        "-export -name \"$cname\"");
-            $RET=$?;
-            print "PKCS #12 file is in newcert.p12\n";
-            exit $RET;
-        } elsif (/^-xsign$/) {
-            system ("$CA -policy policy_anything -infiles newreq.pem");
-            $RET=$?;
-        } elsif (/^(-sign|-signreq)$/) {
-            system ("$CA -policy policy_anything -out newcert.pem " .
-                                                        "-infiles newreq.pem");
-            $RET=$?;
-            print "Signed certificate is in newcert.pem\n";
-        } elsif (/^(-signCA)$/) {
-            system ("$CA -policy policy_anything -out newcert.pem " .
-                                        "-extensions v3_ca -infiles newreq.pem");
-            $RET=$?;
-            print "Signed CA certificate is in newcert.pem\n";
-        } elsif (/^-signcert$/) {
-            system ("$X509 -x509toreq -in newreq.pem -signkey newreq.pem " .
-                                                                "-out tmp.pem");
-            system ("$CA -policy policy_anything -out newcert.pem " .
-                                                        "-infiles tmp.pem");
-            $RET = $?;
-            print "Signed certificate is in newcert.pem\n";
-        } elsif (/^-verify$/) {
-            if (shift) {
-                foreach $j (@ARGV) {
-                    system ("$VERIFY -CAfile $CATOP/$CACERT $j");
-                    $RET=$? if ($? != 0);
-                }
-                exit $RET;
-            } else {
-                    system ("$VERIFY -CAfile $CATOP/$CACERT newcert.pem");
-                    $RET=$?;
-                    exit 0;
-            }
-        } else {
-            print STDERR "Unknown arg $_\n";
-            print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
-            exit 1;
-        }
-}
-
-exit $RET;
-
-sub cp_pem {
-my ($infile, $outfile, $bound) = @_;
-open IN, $infile;
-open OUT, ">$outfile";
-my $flag = 0;
-while (<IN>) {
-        $flag = 1 if (/^-----BEGIN.*$bound/) ;
-        print OUT $_ if ($flag);
-        if (/^-----END.*$bound/) {
-                close IN;
-                close OUT;
-                return;
-        }
-}
-}
-
diff --git a/src/lib/libssl/src/apps/CA.pl.in b/src/lib/libssl/src/apps/CA.pl.in
index 9c99739092..39f267d313 100644
--- a/src/lib/libssl/src/apps/CA.pl.in
+++ b/src/lib/libssl/src/apps/CA.pl.in
@@ -66,19 +66,19 @@ foreach (@ARGV) {
             exit 0;
         } elsif (/^-newcert$/) {
             # create a certificate
-            system ("$REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS");
+            system ("$REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS");
             $RET=$?;
-            print "Certificate is in newcert.pem, private key is in newkey.pem\n"
+            print "Certificate (and private key) is in newreq.pem\n"
         } elsif (/^-newreq$/) {
             # create a certificate request
-            system ("$REQ -new -keyout newkey.pem -out newreq.pem $DAYS");
+            system ("$REQ -new -keyout newreq.pem -out newreq.pem $DAYS");
             $RET=$?;
-            print "Request is in newreq.pem, private key is in newkey.pem\n";
+            print "Request (and private key) is in newreq.pem\n";
         } elsif (/^-newreq-nodes$/) {
             # create a certificate request
-            system ("$REQ -new -nodes -keyout newkey.pem -out newreq.pem $DAYS");
+            system ("$REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS");
             $RET=$?;
-            print "Request is in newreq.pem, private key is in newkey.pem\n";
+            print "Request (and private key) is in newreq.pem\n";
         } elsif (/^-newca$/) {
                 # if explicitly asked for or it doesn't exist then setup the
                 # directory structure that Eric likes to manage things 
@@ -118,11 +118,10 @@ foreach (@ARGV) {
         } elsif (/^-pkcs12$/) {
             my $cname = $ARGV[1];
             $cname = "My Certificate" unless defined $cname;
-            system ("$PKCS12 -in newcert.pem -inkey newkey.pem " .
+            system ("$PKCS12 -in newcert.pem -inkey newreq.pem " .
                         "-certfile ${CATOP}/$CACERT -out newcert.p12 " .
                         "-export -name \"$cname\"");
             $RET=$?;
-            print "PKCS #12 file is in newcert.p12\n";
             exit $RET;
         } elsif (/^-xsign$/) {
             system ("$CA -policy policy_anything -infiles newreq.pem");
diff --git a/src/lib/libssl/src/apps/CA.sh b/src/lib/libssl/src/apps/CA.sh
index 84d7ec0b33..030a11fc25 100644
--- a/src/lib/libssl/src/apps/CA.sh
+++ b/src/lib/libssl/src/apps/CA.sh
@@ -51,15 +51,15 @@ case $i in
     ;;
 -newcert) 
     # create a certificate
-    $REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS
+    $REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS
     RET=$?
-    echo "Certificate is in newcert.pem, private key is in newkey.pem"
+    echo "Certificate (and private key) is in newreq.pem"
     ;;
 -newreq) 
     # create a certificate request
-    $REQ -new -keyout newkey.pem -out newreq.pem $DAYS
+    $REQ -new -keyout newreq.pem -out newreq.pem $DAYS
     RET=$?
-    echo "Request is in newreq.pem, private key is in newkey.pem"
+    echo "Request (and private key) is in newreq.pem"
     ;;
 -newca)     
     # if explicitly asked for or it doesn't exist then setup the directory
diff --git a/src/lib/libssl/src/apps/Makefile.ssl b/src/lib/libssl/src/apps/Makefile.ssl
new file mode 100644
index 0000000000..7068286204
--- /dev/null
+++ b/src/lib/libssl/src/apps/Makefile.ssl
@@ -0,0 +1,1146 @@
+#
+#  apps/Makefile.ssl
+#
+
+DIR=            apps
+TOP=            ..
+CC=             cc
+INCLUDES=       -I$(TOP) -I../include $(KRB5_INCLUDES)
+CFLAG=          -g -static
+INSTALL_PREFIX=
+INSTALLTOP=     /usr/local/ssl
+OPENSSLDIR=     /usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+PERL=           perl
+RM=             rm -f
+# KRB5 stuff
+KRB5_INCLUDES=
+LIBKRB5=
+
+PEX_LIBS=
+EX_LIBS= 
+EXE_EXT= 
+
+SHLIB_TARGET=
+
+CFLAGS= -DMONOLITH $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile makeapps.com install.com
+
+DLIBCRYPTO=../libcrypto.a
+DLIBSSL=../libssl.a
+LIBCRYPTO=-L.. -lcrypto
+LIBSSL=-L.. -lssl
+
+PROGRAM= openssl
+
+SCRIPTS=CA.sh CA.pl der_chop
+
+EXE= $(PROGRAM)$(EXE_EXT)
+
+E_EXE=  verify asn1pars req dgst dh dhparam enc passwd gendh errstr \
+        ca crl rsa rsautl dsa dsaparam \
+        x509 genrsa gendsa s_server s_client speed \
+        s_time version pkcs7 crl2pkcs7 sess_id ciphers nseq pkcs12 \
+        pkcs8 spkac smime rand engine ocsp
+
+PROGS= $(PROGRAM).c
+
+A_OBJ=apps.o
+A_SRC=apps.c
+S_OBJ=  s_cb.o s_socket.o
+S_SRC=  s_cb.c s_socket.c
+RAND_OBJ=app_rand.o
+RAND_SRC=app_rand.c
+
+E_OBJ=  verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o \
+        ca.o pkcs7.o crl2p7.o crl.o \
+        rsa.o rsautl.o dsa.o dsaparam.o \
+        x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \
+        s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \
+        ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o rand.o engine.o ocsp.o
+
+E_SRC=  verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \
+        pkcs7.c crl2p7.c crl.c \
+        rsa.c rsautl.c dsa.c dsaparam.c \
+        x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \
+        s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \
+        ciphers.c nseq.c pkcs12.c pkcs8.c spkac.c smime.c rand.c engine.c ocsp.c
+
+SRC=$(E_SRC)
+
+EXHEADER=
+HEADER= apps.h progs.h s_apps.h \
+        testdsa.h testrsa.h \
+        $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        @(cd ..; $(MAKE) DIRS=$(DIR) all)
+
+all:    exe
+
+exe:    $(PROGRAM)
+
+req: sreq.o $(A_OBJ) $(DLIBCRYPTO)
+        LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+        $(CC) -o req $(CFLAG) sreq.o $(A_OBJ) $(RAND_OBJ) $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+sreq.o: req.c 
+        $(CC) -c $(INCLUDES) $(CFLAG) -o sreq.o req.c
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+install:
+        @for i in $(EXE); \
+        do  \
+        (echo installing $$i; \
+         cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+         chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+         mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
+         done;
+        @for i in $(SCRIPTS); \
+        do  \
+        (echo installing $$i; \
+         cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
+         chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
+         mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \
+         done
+        @cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
+        chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
+        mv -f  $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE)
+        rm -f req
+
+$(DLIBSSL):
+        (cd ..; $(MAKE) DIRS=ssl all)
+
+$(DLIBCRYPTO):
+        (cd ..; $(MAKE) DIRS=crypto all)
+
+$(PROGRAM): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
+        $(RM) $(PROGRAM)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+        -(cd ..; OPENSSL="`pwd`/apps/openssl"; export OPENSSL; \
+                LD_LIBRARY_PATH="`pwd`:$$LD_LIBRARY_PATH"; \
+                DYLD_LIBRARY_PATH="`pwd`:$$DYLD_LIBRARY_PATH"; \
+                SHLIB_PATH="`pwd`:$$SHLIB_PATH"; \
+                LIBPATH="`pwd`:$$LIBPATH"; \
+                if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
+                export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
+                $(PERL) tools/c_rehash certs)
+
+progs.h: progs.pl
+        $(PERL) progs.pl $(E_EXE) >progs.h
+        $(RM) $(PROGRAM).o
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+app_rand.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+app_rand.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+app_rand.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+app_rand.o: ../include/openssl/cast.h ../include/openssl/conf.h
+app_rand.o: ../include/openssl/crypto.h ../include/openssl/des.h
+app_rand.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+app_rand.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+app_rand.o: ../include/openssl/engine.h ../include/openssl/err.h
+app_rand.o: ../include/openssl/evp.h ../include/openssl/idea.h
+app_rand.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+app_rand.o: ../include/openssl/md4.h ../include/openssl/md5.h
+app_rand.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+app_rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+app_rand.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+app_rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+app_rand.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+app_rand.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+app_rand.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+app_rand.o: ../include/openssl/sha.h ../include/openssl/stack.h
+app_rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+app_rand.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+app_rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h app_rand.c
+app_rand.o: apps.h
+apps.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+apps.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+apps.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+apps.o: ../include/openssl/cast.h ../include/openssl/conf.h
+apps.o: ../include/openssl/crypto.h ../include/openssl/des.h
+apps.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+apps.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+apps.o: ../include/openssl/engine.h ../include/openssl/err.h
+apps.o: ../include/openssl/evp.h ../include/openssl/idea.h
+apps.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+apps.o: ../include/openssl/md4.h ../include/openssl/md5.h
+apps.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+apps.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+apps.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+apps.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+apps.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
+apps.o: ../include/openssl/rand.h ../include/openssl/rc2.h
+apps.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+apps.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+apps.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+apps.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+apps.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+apps.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+apps.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.c apps.h
+asn1pars.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+asn1pars.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+asn1pars.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+asn1pars.o: ../include/openssl/cast.h ../include/openssl/conf.h
+asn1pars.o: ../include/openssl/crypto.h ../include/openssl/des.h
+asn1pars.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+asn1pars.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+asn1pars.o: ../include/openssl/engine.h ../include/openssl/err.h
+asn1pars.o: ../include/openssl/evp.h ../include/openssl/idea.h
+asn1pars.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+asn1pars.o: ../include/openssl/md4.h ../include/openssl/md5.h
+asn1pars.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+asn1pars.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+asn1pars.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+asn1pars.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+asn1pars.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+asn1pars.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+asn1pars.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+asn1pars.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+asn1pars.o: ../include/openssl/sha.h ../include/openssl/stack.h
+asn1pars.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+asn1pars.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+asn1pars.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
+asn1pars.o: asn1pars.c
+ca.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+ca.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+ca.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ca.o: ../include/openssl/cast.h ../include/openssl/conf.h
+ca.o: ../include/openssl/crypto.h ../include/openssl/des.h
+ca.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+ca.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+ca.o: ../include/openssl/engine.h ../include/openssl/err.h
+ca.o: ../include/openssl/evp.h ../include/openssl/idea.h
+ca.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+ca.o: ../include/openssl/md4.h ../include/openssl/md5.h
+ca.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+ca.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+ca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ca.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ca.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ca.o: ../include/openssl/rand.h ../include/openssl/rc2.h
+ca.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+ca.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+ca.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ca.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ca.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+ca.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+ca.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ca.c
+ciphers.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+ciphers.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+ciphers.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ciphers.o: ../include/openssl/cast.h ../include/openssl/comp.h
+ciphers.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+ciphers.o: ../include/openssl/des.h ../include/openssl/des_old.h
+ciphers.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+ciphers.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+ciphers.o: ../include/openssl/err.h ../include/openssl/evp.h
+ciphers.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+ciphers.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+ciphers.o: ../include/openssl/md4.h ../include/openssl/md5.h
+ciphers.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+ciphers.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ciphers.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ciphers.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ciphers.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+ciphers.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+ciphers.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+ciphers.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+ciphers.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+ciphers.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ciphers.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ciphers.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ciphers.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+ciphers.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+ciphers.o: ../include/openssl/x509_vfy.h apps.h ciphers.c
+crl.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+crl.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+crl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+crl.o: ../include/openssl/cast.h ../include/openssl/conf.h
+crl.o: ../include/openssl/crypto.h ../include/openssl/des.h
+crl.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+crl.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+crl.o: ../include/openssl/engine.h ../include/openssl/err.h
+crl.o: ../include/openssl/evp.h ../include/openssl/idea.h
+crl.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+crl.o: ../include/openssl/md4.h ../include/openssl/md5.h
+crl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+crl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+crl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+crl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+crl.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+crl.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+crl.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+crl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+crl.o: ../include/openssl/sha.h ../include/openssl/stack.h
+crl.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+crl.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+crl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+crl.o: ../include/openssl/x509v3.h apps.h crl.c
+crl2p7.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+crl2p7.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+crl2p7.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+crl2p7.o: ../include/openssl/cast.h ../include/openssl/conf.h
+crl2p7.o: ../include/openssl/crypto.h ../include/openssl/des.h
+crl2p7.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+crl2p7.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+crl2p7.o: ../include/openssl/engine.h ../include/openssl/err.h
+crl2p7.o: ../include/openssl/evp.h ../include/openssl/idea.h
+crl2p7.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+crl2p7.o: ../include/openssl/md4.h ../include/openssl/md5.h
+crl2p7.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+crl2p7.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+crl2p7.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+crl2p7.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+crl2p7.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+crl2p7.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+crl2p7.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+crl2p7.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+crl2p7.o: ../include/openssl/sha.h ../include/openssl/stack.h
+crl2p7.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+crl2p7.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+crl2p7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
+crl2p7.o: crl2p7.c
+dgst.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+dgst.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+dgst.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+dgst.o: ../include/openssl/cast.h ../include/openssl/conf.h
+dgst.o: ../include/openssl/crypto.h ../include/openssl/des.h
+dgst.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+dgst.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+dgst.o: ../include/openssl/engine.h ../include/openssl/err.h
+dgst.o: ../include/openssl/evp.h ../include/openssl/idea.h
+dgst.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+dgst.o: ../include/openssl/md4.h ../include/openssl/md5.h
+dgst.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+dgst.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+dgst.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+dgst.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+dgst.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+dgst.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+dgst.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+dgst.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+dgst.o: ../include/openssl/sha.h ../include/openssl/stack.h
+dgst.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+dgst.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+dgst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h dgst.c
+dh.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+dh.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+dh.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+dh.o: ../include/openssl/cast.h ../include/openssl/conf.h
+dh.o: ../include/openssl/crypto.h ../include/openssl/des.h
+dh.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+dh.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+dh.o: ../include/openssl/engine.h ../include/openssl/err.h
+dh.o: ../include/openssl/evp.h ../include/openssl/idea.h
+dh.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+dh.o: ../include/openssl/md4.h ../include/openssl/md5.h
+dh.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+dh.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+dh.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+dh.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+dh.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+dh.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+dh.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+dh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+dh.o: ../include/openssl/sha.h ../include/openssl/stack.h
+dh.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+dh.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+dh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h dh.c
+dsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+dsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+dsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+dsa.o: ../include/openssl/cast.h ../include/openssl/conf.h
+dsa.o: ../include/openssl/crypto.h ../include/openssl/des.h
+dsa.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+dsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+dsa.o: ../include/openssl/engine.h ../include/openssl/err.h
+dsa.o: ../include/openssl/evp.h ../include/openssl/idea.h
+dsa.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+dsa.o: ../include/openssl/md4.h ../include/openssl/md5.h
+dsa.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+dsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+dsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+dsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+dsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+dsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+dsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+dsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+dsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
+dsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+dsa.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+dsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h dsa.c
+dsaparam.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+dsaparam.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+dsaparam.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+dsaparam.o: ../include/openssl/cast.h ../include/openssl/conf.h
+dsaparam.o: ../include/openssl/crypto.h ../include/openssl/des.h
+dsaparam.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+dsaparam.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+dsaparam.o: ../include/openssl/engine.h ../include/openssl/err.h
+dsaparam.o: ../include/openssl/evp.h ../include/openssl/idea.h
+dsaparam.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+dsaparam.o: ../include/openssl/md4.h ../include/openssl/md5.h
+dsaparam.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+dsaparam.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+dsaparam.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+dsaparam.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+dsaparam.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+dsaparam.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+dsaparam.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+dsaparam.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+dsaparam.o: ../include/openssl/sha.h ../include/openssl/stack.h
+dsaparam.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+dsaparam.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+dsaparam.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
+dsaparam.o: dsaparam.c
+enc.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+enc.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+enc.o: ../include/openssl/cast.h ../include/openssl/conf.h
+enc.o: ../include/openssl/crypto.h ../include/openssl/des.h
+enc.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+enc.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+enc.o: ../include/openssl/engine.h ../include/openssl/err.h
+enc.o: ../include/openssl/evp.h ../include/openssl/idea.h
+enc.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+enc.o: ../include/openssl/md4.h ../include/openssl/md5.h
+enc.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+enc.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+enc.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+enc.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+enc.o: ../include/openssl/sha.h ../include/openssl/stack.h
+enc.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+enc.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h enc.c
+engine.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+engine.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+engine.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+engine.o: ../include/openssl/cast.h ../include/openssl/comp.h
+engine.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+engine.o: ../include/openssl/des.h ../include/openssl/des_old.h
+engine.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+engine.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+engine.o: ../include/openssl/err.h ../include/openssl/evp.h
+engine.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+engine.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+engine.o: ../include/openssl/md4.h ../include/openssl/md5.h
+engine.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+engine.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+engine.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+engine.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+engine.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+engine.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+engine.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+engine.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+engine.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+engine.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+engine.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+engine.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+engine.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+engine.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+engine.o: ../include/openssl/x509_vfy.h apps.h engine.c
+errstr.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+errstr.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+errstr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+errstr.o: ../include/openssl/cast.h ../include/openssl/comp.h
+errstr.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+errstr.o: ../include/openssl/des.h ../include/openssl/des_old.h
+errstr.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+errstr.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+errstr.o: ../include/openssl/err.h ../include/openssl/evp.h
+errstr.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+errstr.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+errstr.o: ../include/openssl/md4.h ../include/openssl/md5.h
+errstr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+errstr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+errstr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+errstr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+errstr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+errstr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+errstr.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+errstr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+errstr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+errstr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+errstr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+errstr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+errstr.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+errstr.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+errstr.o: ../include/openssl/x509_vfy.h apps.h errstr.c
+gendh.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+gendh.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+gendh.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+gendh.o: ../include/openssl/cast.h ../include/openssl/conf.h
+gendh.o: ../include/openssl/crypto.h ../include/openssl/des.h
+gendh.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+gendh.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+gendh.o: ../include/openssl/engine.h ../include/openssl/err.h
+gendh.o: ../include/openssl/evp.h ../include/openssl/idea.h
+gendh.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+gendh.o: ../include/openssl/md4.h ../include/openssl/md5.h
+gendh.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+gendh.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+gendh.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+gendh.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+gendh.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+gendh.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+gendh.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+gendh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+gendh.o: ../include/openssl/sha.h ../include/openssl/stack.h
+gendh.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+gendh.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+gendh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h gendh.c
+gendsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+gendsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+gendsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+gendsa.o: ../include/openssl/cast.h ../include/openssl/conf.h
+gendsa.o: ../include/openssl/crypto.h ../include/openssl/des.h
+gendsa.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+gendsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+gendsa.o: ../include/openssl/engine.h ../include/openssl/err.h
+gendsa.o: ../include/openssl/evp.h ../include/openssl/idea.h
+gendsa.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+gendsa.o: ../include/openssl/md4.h ../include/openssl/md5.h
+gendsa.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+gendsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+gendsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+gendsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+gendsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+gendsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+gendsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+gendsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+gendsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
+gendsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+gendsa.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+gendsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
+gendsa.o: gendsa.c
+genrsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+genrsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+genrsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+genrsa.o: ../include/openssl/cast.h ../include/openssl/conf.h
+genrsa.o: ../include/openssl/crypto.h ../include/openssl/des.h
+genrsa.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+genrsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+genrsa.o: ../include/openssl/engine.h ../include/openssl/err.h
+genrsa.o: ../include/openssl/evp.h ../include/openssl/idea.h
+genrsa.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+genrsa.o: ../include/openssl/md4.h ../include/openssl/md5.h
+genrsa.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+genrsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+genrsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+genrsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+genrsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+genrsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+genrsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+genrsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+genrsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
+genrsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+genrsa.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+genrsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
+genrsa.o: genrsa.c
+nseq.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+nseq.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+nseq.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+nseq.o: ../include/openssl/cast.h ../include/openssl/conf.h
+nseq.o: ../include/openssl/crypto.h ../include/openssl/des.h
+nseq.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+nseq.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+nseq.o: ../include/openssl/engine.h ../include/openssl/err.h
+nseq.o: ../include/openssl/evp.h ../include/openssl/idea.h
+nseq.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+nseq.o: ../include/openssl/md4.h ../include/openssl/md5.h
+nseq.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+nseq.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+nseq.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+nseq.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+nseq.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+nseq.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+nseq.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+nseq.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+nseq.o: ../include/openssl/sha.h ../include/openssl/stack.h
+nseq.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+nseq.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+nseq.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h nseq.c
+ocsp.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+ocsp.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+ocsp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ocsp.o: ../include/openssl/cast.h ../include/openssl/comp.h
+ocsp.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+ocsp.o: ../include/openssl/des.h ../include/openssl/des_old.h
+ocsp.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+ocsp.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+ocsp.o: ../include/openssl/err.h ../include/openssl/evp.h
+ocsp.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+ocsp.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+ocsp.o: ../include/openssl/md4.h ../include/openssl/md5.h
+ocsp.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+ocsp.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+ocsp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ocsp.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ocsp.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ocsp.o: ../include/openssl/rand.h ../include/openssl/rc2.h
+ocsp.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+ocsp.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+ocsp.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ocsp.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ocsp.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ocsp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ocsp.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
+ocsp.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+ocsp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ocsp.o: ../include/openssl/x509v3.h apps.h ocsp.c
+openssl.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+openssl.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+openssl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+openssl.o: ../include/openssl/cast.h ../include/openssl/comp.h
+openssl.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+openssl.o: ../include/openssl/des.h ../include/openssl/des_old.h
+openssl.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+openssl.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+openssl.o: ../include/openssl/err.h ../include/openssl/evp.h
+openssl.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+openssl.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+openssl.o: ../include/openssl/md4.h ../include/openssl/md5.h
+openssl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+openssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+openssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+openssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+openssl.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+openssl.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+openssl.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+openssl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+openssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+openssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+openssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+openssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+openssl.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+openssl.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+openssl.o: ../include/openssl/x509_vfy.h apps.h openssl.c progs.h s_apps.h
+passwd.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+passwd.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+passwd.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+passwd.o: ../include/openssl/cast.h ../include/openssl/conf.h
+passwd.o: ../include/openssl/crypto.h ../include/openssl/des.h
+passwd.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+passwd.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+passwd.o: ../include/openssl/engine.h ../include/openssl/err.h
+passwd.o: ../include/openssl/evp.h ../include/openssl/idea.h
+passwd.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+passwd.o: ../include/openssl/md4.h ../include/openssl/md5.h
+passwd.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+passwd.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+passwd.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+passwd.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+passwd.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+passwd.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+passwd.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+passwd.o: ../include/openssl/sha.h ../include/openssl/stack.h
+passwd.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+passwd.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+passwd.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
+passwd.o: passwd.c
+pkcs12.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+pkcs12.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+pkcs12.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+pkcs12.o: ../include/openssl/cast.h ../include/openssl/conf.h
+pkcs12.o: ../include/openssl/crypto.h ../include/openssl/des.h
+pkcs12.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+pkcs12.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+pkcs12.o: ../include/openssl/engine.h ../include/openssl/err.h
+pkcs12.o: ../include/openssl/evp.h ../include/openssl/idea.h
+pkcs12.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+pkcs12.o: ../include/openssl/md4.h ../include/openssl/md5.h
+pkcs12.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+pkcs12.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+pkcs12.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+pkcs12.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+pkcs12.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
+pkcs12.o: ../include/openssl/rand.h ../include/openssl/rc2.h
+pkcs12.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+pkcs12.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+pkcs12.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+pkcs12.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+pkcs12.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+pkcs12.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+pkcs12.o: ../include/openssl/x509_vfy.h apps.h pkcs12.c
+pkcs7.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+pkcs7.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+pkcs7.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+pkcs7.o: ../include/openssl/cast.h ../include/openssl/conf.h
+pkcs7.o: ../include/openssl/crypto.h ../include/openssl/des.h
+pkcs7.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+pkcs7.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+pkcs7.o: ../include/openssl/engine.h ../include/openssl/err.h
+pkcs7.o: ../include/openssl/evp.h ../include/openssl/idea.h
+pkcs7.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+pkcs7.o: ../include/openssl/md4.h ../include/openssl/md5.h
+pkcs7.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+pkcs7.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+pkcs7.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+pkcs7.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+pkcs7.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+pkcs7.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+pkcs7.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+pkcs7.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+pkcs7.o: ../include/openssl/sha.h ../include/openssl/stack.h
+pkcs7.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+pkcs7.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+pkcs7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h pkcs7.c
+pkcs8.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+pkcs8.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+pkcs8.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+pkcs8.o: ../include/openssl/cast.h ../include/openssl/conf.h
+pkcs8.o: ../include/openssl/crypto.h ../include/openssl/des.h
+pkcs8.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+pkcs8.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+pkcs8.o: ../include/openssl/engine.h ../include/openssl/err.h
+pkcs8.o: ../include/openssl/evp.h ../include/openssl/idea.h
+pkcs8.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+pkcs8.o: ../include/openssl/md4.h ../include/openssl/md5.h
+pkcs8.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+pkcs8.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+pkcs8.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+pkcs8.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+pkcs8.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
+pkcs8.o: ../include/openssl/rand.h ../include/openssl/rc2.h
+pkcs8.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+pkcs8.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+pkcs8.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+pkcs8.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+pkcs8.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+pkcs8.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+pkcs8.o: ../include/openssl/x509_vfy.h apps.h pkcs8.c
+rand.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+rand.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+rand.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+rand.o: ../include/openssl/cast.h ../include/openssl/conf.h
+rand.o: ../include/openssl/crypto.h ../include/openssl/des.h
+rand.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+rand.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+rand.o: ../include/openssl/engine.h ../include/openssl/err.h
+rand.o: ../include/openssl/evp.h ../include/openssl/idea.h
+rand.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+rand.o: ../include/openssl/md4.h ../include/openssl/md5.h
+rand.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+rand.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+rand.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+rand.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+rand.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+rand.o: ../include/openssl/sha.h ../include/openssl/stack.h
+rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+rand.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h rand.c
+req.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h
+req.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+req.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
+req.o: ../include/openssl/buffer.h ../include/openssl/cast.h
+req.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+req.o: ../include/openssl/des.h ../include/openssl/des_old.h
+req.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+req.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+req.o: ../include/openssl/err.h ../include/openssl/evp.h
+req.o: ../include/openssl/idea.h ../include/openssl/lhash.h
+req.o: ../include/openssl/md2.h ../include/openssl/md4.h
+req.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+req.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+req.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+req.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+req.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+req.o: ../include/openssl/rand.h ../include/openssl/rc2.h
+req.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+req.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+req.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+req.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+req.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+req.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+req.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h req.c
+rsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+rsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+rsa.o: ../include/openssl/cast.h ../include/openssl/conf.h
+rsa.o: ../include/openssl/crypto.h ../include/openssl/des.h
+rsa.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+rsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+rsa.o: ../include/openssl/engine.h ../include/openssl/err.h
+rsa.o: ../include/openssl/evp.h ../include/openssl/idea.h
+rsa.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+rsa.o: ../include/openssl/md4.h ../include/openssl/md5.h
+rsa.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+rsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+rsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+rsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+rsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+rsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+rsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+rsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+rsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
+rsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+rsa.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h rsa.c
+rsautl.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+rsautl.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+rsautl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+rsautl.o: ../include/openssl/cast.h ../include/openssl/conf.h
+rsautl.o: ../include/openssl/crypto.h ../include/openssl/des.h
+rsautl.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+rsautl.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+rsautl.o: ../include/openssl/engine.h ../include/openssl/err.h
+rsautl.o: ../include/openssl/evp.h ../include/openssl/idea.h
+rsautl.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+rsautl.o: ../include/openssl/md4.h ../include/openssl/md5.h
+rsautl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+rsautl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+rsautl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+rsautl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+rsautl.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+rsautl.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+rsautl.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+rsautl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+rsautl.o: ../include/openssl/sha.h ../include/openssl/stack.h
+rsautl.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+rsautl.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+rsautl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
+rsautl.o: rsautl.c
+s_cb.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s_cb.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s_cb.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s_cb.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s_cb.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+s_cb.o: ../include/openssl/des.h ../include/openssl/des_old.h
+s_cb.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+s_cb.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+s_cb.o: ../include/openssl/err.h ../include/openssl/evp.h
+s_cb.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s_cb.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s_cb.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s_cb.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s_cb.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s_cb.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s_cb.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s_cb.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+s_cb.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+s_cb.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+s_cb.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s_cb.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s_cb.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s_cb.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s_cb.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s_cb.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+s_cb.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+s_cb.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_cb.c
+s_client.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s_client.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s_client.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s_client.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s_client.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+s_client.o: ../include/openssl/des.h ../include/openssl/des_old.h
+s_client.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+s_client.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+s_client.o: ../include/openssl/err.h ../include/openssl/evp.h
+s_client.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s_client.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s_client.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s_client.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s_client.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s_client.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s_client.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s_client.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+s_client.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+s_client.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+s_client.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s_client.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s_client.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s_client.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s_client.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s_client.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+s_client.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+s_client.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_client.c
+s_server.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s_server.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s_server.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s_server.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s_server.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+s_server.o: ../include/openssl/des.h ../include/openssl/des_old.h
+s_server.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+s_server.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+s_server.o: ../include/openssl/err.h ../include/openssl/evp.h
+s_server.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s_server.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s_server.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s_server.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s_server.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s_server.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s_server.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s_server.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+s_server.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+s_server.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+s_server.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s_server.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s_server.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s_server.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s_server.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s_server.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+s_server.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+s_server.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_server.c
+s_socket.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s_socket.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s_socket.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s_socket.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s_socket.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+s_socket.o: ../include/openssl/des.h ../include/openssl/des_old.h
+s_socket.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+s_socket.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+s_socket.o: ../include/openssl/err.h ../include/openssl/evp.h
+s_socket.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s_socket.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s_socket.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s_socket.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s_socket.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s_socket.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s_socket.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s_socket.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+s_socket.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+s_socket.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+s_socket.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s_socket.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s_socket.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s_socket.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s_socket.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s_socket.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+s_socket.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+s_socket.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_socket.c
+s_time.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s_time.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s_time.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s_time.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s_time.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+s_time.o: ../include/openssl/des.h ../include/openssl/des_old.h
+s_time.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+s_time.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+s_time.o: ../include/openssl/err.h ../include/openssl/evp.h
+s_time.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s_time.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s_time.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s_time.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s_time.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s_time.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s_time.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s_time.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+s_time.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+s_time.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+s_time.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s_time.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s_time.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s_time.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s_time.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s_time.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+s_time.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+s_time.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_time.c
+sess_id.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+sess_id.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+sess_id.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+sess_id.o: ../include/openssl/cast.h ../include/openssl/comp.h
+sess_id.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+sess_id.o: ../include/openssl/des.h ../include/openssl/des_old.h
+sess_id.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+sess_id.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+sess_id.o: ../include/openssl/err.h ../include/openssl/evp.h
+sess_id.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+sess_id.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+sess_id.o: ../include/openssl/md4.h ../include/openssl/md5.h
+sess_id.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+sess_id.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+sess_id.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+sess_id.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+sess_id.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+sess_id.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+sess_id.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+sess_id.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+sess_id.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+sess_id.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+sess_id.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+sess_id.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+sess_id.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+sess_id.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+sess_id.o: ../include/openssl/x509_vfy.h apps.h sess_id.c
+smime.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+smime.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+smime.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+smime.o: ../include/openssl/cast.h ../include/openssl/conf.h
+smime.o: ../include/openssl/crypto.h ../include/openssl/des.h
+smime.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+smime.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+smime.o: ../include/openssl/engine.h ../include/openssl/err.h
+smime.o: ../include/openssl/evp.h ../include/openssl/idea.h
+smime.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+smime.o: ../include/openssl/md4.h ../include/openssl/md5.h
+smime.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+smime.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+smime.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+smime.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+smime.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+smime.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+smime.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+smime.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+smime.o: ../include/openssl/sha.h ../include/openssl/stack.h
+smime.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+smime.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+smime.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h smime.c
+speed.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+speed.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+speed.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+speed.o: ../include/openssl/cast.h ../include/openssl/conf.h
+speed.o: ../include/openssl/crypto.h ../include/openssl/des.h
+speed.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+speed.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+speed.o: ../include/openssl/engine.h ../include/openssl/err.h
+speed.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+speed.o: ../include/openssl/idea.h ../include/openssl/lhash.h
+speed.o: ../include/openssl/md2.h ../include/openssl/md4.h
+speed.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+speed.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+speed.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+speed.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+speed.o: ../include/openssl/rand.h ../include/openssl/rc2.h
+speed.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+speed.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+speed.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+speed.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+speed.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+speed.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+speed.o: ../include/openssl/x509_vfy.h apps.h speed.c testdsa.h testrsa.h
+spkac.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+spkac.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+spkac.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+spkac.o: ../include/openssl/cast.h ../include/openssl/conf.h
+spkac.o: ../include/openssl/crypto.h ../include/openssl/des.h
+spkac.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+spkac.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+spkac.o: ../include/openssl/engine.h ../include/openssl/err.h
+spkac.o: ../include/openssl/evp.h ../include/openssl/idea.h
+spkac.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+spkac.o: ../include/openssl/md4.h ../include/openssl/md5.h
+spkac.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+spkac.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+spkac.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+spkac.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+spkac.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+spkac.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+spkac.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+spkac.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+spkac.o: ../include/openssl/sha.h ../include/openssl/stack.h
+spkac.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+spkac.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+spkac.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h spkac.c
+verify.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+verify.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+verify.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+verify.o: ../include/openssl/cast.h ../include/openssl/conf.h
+verify.o: ../include/openssl/crypto.h ../include/openssl/des.h
+verify.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+verify.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+verify.o: ../include/openssl/engine.h ../include/openssl/err.h
+verify.o: ../include/openssl/evp.h ../include/openssl/idea.h
+verify.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+verify.o: ../include/openssl/md4.h ../include/openssl/md5.h
+verify.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+verify.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+verify.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+verify.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+verify.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+verify.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+verify.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+verify.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+verify.o: ../include/openssl/sha.h ../include/openssl/stack.h
+verify.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+verify.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+verify.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+verify.o: ../include/openssl/x509v3.h apps.h verify.c
+version.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+version.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+version.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+version.o: ../include/openssl/cast.h ../include/openssl/conf.h
+version.o: ../include/openssl/crypto.h ../include/openssl/des.h
+version.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+version.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+version.o: ../include/openssl/engine.h ../include/openssl/err.h
+version.o: ../include/openssl/evp.h ../include/openssl/idea.h
+version.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+version.o: ../include/openssl/md4.h ../include/openssl/md5.h
+version.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+version.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+version.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+version.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+version.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+version.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+version.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+version.o: ../include/openssl/sha.h ../include/openssl/stack.h
+version.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+version.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+version.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
+version.o: version.c
+x509.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+x509.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+x509.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+x509.o: ../include/openssl/cast.h ../include/openssl/conf.h
+x509.o: ../include/openssl/crypto.h ../include/openssl/des.h
+x509.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+x509.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+x509.o: ../include/openssl/engine.h ../include/openssl/err.h
+x509.o: ../include/openssl/evp.h ../include/openssl/idea.h
+x509.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+x509.o: ../include/openssl/md4.h ../include/openssl/md5.h
+x509.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+x509.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+x509.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+x509.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+x509.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+x509.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+x509.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+x509.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+x509.o: ../include/openssl/sha.h ../include/openssl/stack.h
+x509.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+x509.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+x509.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+x509.o: ../include/openssl/x509v3.h apps.h x509.c
diff --git a/src/lib/libssl/src/apps/apps.c b/src/lib/libssl/src/apps/apps.c
index 9b07e913c5..9157cdfcdc 100644
--- a/src/lib/libssl/src/apps/apps.c
+++ b/src/lib/libssl/src/apps/apps.c
@@ -361,17 +361,10 @@ int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
                 /* The start of something good :-) */
                 if (num >= arg->count)
                         {
-                        char **tmp_p;
-                        int tlen = arg->count + 20;
-                        tmp_p = (char **)OPENSSL_realloc(arg->data,
-                                sizeof(char *)*tlen);
-                        if (tmp_p == NULL)
-                                return 0;
-                        arg->data  = tmp_p;
-                        arg->count = tlen;
-                        /* initialize newly allocated data */
-                        for (i = num; i < arg->count; i++)
-                                arg->data[i] = NULL;
+                        arg->count+=20;
+                        arg->data=(char **)OPENSSL_realloc(arg->data,
+                                sizeof(char *)*arg->count);
+                        if (argc == 0) return(0);
                         }
                 arg->data[num++]=p;
 
@@ -1598,9 +1591,8 @@ int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix)
                 {
                 if (errno != ENOENT 
 #ifdef ENOTDIR
-                        && errno != ENOTDIR
+                        && errno != ENOTDIR)
 #endif
-                   )
                         goto err;
                 }
         else
@@ -1901,9 +1893,8 @@ int rotate_index(char *dbfile, char *new_suffix, char *old_suffix)
                 {
                 if (errno != ENOENT 
 #ifdef ENOTDIR
-                        && errno != ENOTDIR
+                        && errno != ENOTDIR)
 #endif
-                   )
                         goto err;
                 }
         else
@@ -1938,9 +1929,8 @@ int rotate_index(char *dbfile, char *new_suffix, char *old_suffix)
                 {
                 if (errno != ENOENT 
 #ifdef ENOTDIR
-                        && errno != ENOTDIR
+                        && errno != ENOTDIR)
 #endif
-                   )
                         goto err;
                 }
         else
diff --git a/src/lib/libssl/src/apps/asn1pars.c b/src/lib/libssl/src/apps/asn1pars.c
index a6b6c41f13..c89b358b23 100644
--- a/src/lib/libssl/src/apps/asn1pars.c
+++ b/src/lib/libssl/src/apps/asn1pars.c
@@ -182,7 +182,7 @@ int MAIN(int argc, char **argv)
 bad:
                 BIO_printf(bio_err,"%s [options] <infile\n",prog);
                 BIO_printf(bio_err,"where options are\n");
-                BIO_printf(bio_err," -inform arg   input format - one of DER PEM\n");
+                BIO_printf(bio_err," -inform arg   input format - one of DER TXT PEM\n");
                 BIO_printf(bio_err," -in arg       input file\n");
                 BIO_printf(bio_err," -out arg      output file (output format is always DER\n");
                 BIO_printf(bio_err," -noout arg    don't produce any output\n");
diff --git a/src/lib/libssl/src/apps/ca.c b/src/lib/libssl/src/apps/ca.c
index 928c6f7f24..44c1679a17 100644
--- a/src/lib/libssl/src/apps/ca.c
+++ b/src/lib/libssl/src/apps/ca.c
@@ -943,6 +943,7 @@ bad:
                         if (verbose) BIO_printf(bio_err,
                                 "Done. %d entries marked as expired\n",i); 
                         }
+                        goto err;
                 }
 
         /*****************************************************************/
@@ -1257,7 +1258,7 @@ bad:
                                 goto err;
                                 }
 
-                        strcpy(buf[2],outdir);
+                        strlcpy(buf[2],outdir,sizeof(buf[2]));
 
 #ifndef OPENSSL_SYS_VMS
                         BUF_strlcat(buf[2],"/",sizeof(buf[2]));
@@ -1904,7 +1905,7 @@ again2:
                         p="Valid";
                 else
                         p="\ninvalid type, Data base error\n";
-                BIO_printf(bio_err,"Type          :%s\n",p);;
+                BIO_printf(bio_err,"Type          :%s\n",p);
                 if (rrow[DB_type][0] == 'R')
                         {
                         p=rrow[DB_exp_date]; if (p == NULL) p="undef";
diff --git a/src/lib/libssl/src/apps/der_chop.in b/src/lib/libssl/src/apps/der_chop.in
new file mode 100644
index 0000000000..9070b032fc
--- /dev/null
+++ b/src/lib/libssl/src/apps/der_chop.in
@@ -0,0 +1,305 @@
+#!/usr/local/bin/perl
+#
+# der_chop ... this is one total hack that Eric is really not proud of
+#              so don't look at it and don't ask for support
+#
+# The "documentation" for this (i.e. all the comments) are my fault --tjh
+#
+# This program takes the "raw" output of derparse/asn1parse and 
+# converts it into tokens and then runs regular expression matches
+# to try to figure out what to grab to get the things that are needed
+# and it is possible that this will do the wrong thing as it is a *hack*
+#
+# SSLeay 0.5.2+ should have direct read support for x509 (via -inform NET)
+# [I know ... promises promises :-)]
+#
+# To convert a Netscape Certificate:
+#    der_chop < ServerCert.der > cert.pem
+# To convert a Netscape Key (and encrypt it again to protect it)
+#    rsa -inform NET -in ServerKey.der -des > key.pem
+#
+# 23-Apr-96 eay    Added the extra ASN.1 string types, I still think this
+#                  is an evil hack.  If nothing else the parsing should
+#                  be relative, not absolute.
+# 19-Apr-96 tjh    hacked (with eay) into 0.5.x format
+#
+# Tim Hudson
+# tjh@cryptsoft.com
+#
+
+
+require 'getopts.pl';
+
+$debug=0;
+
+# this was the 0.4.x way of doing things ...
+$cmd="derparse";
+$x509_cmd="x509";
+$crl_cmd="crl";
+$rc4_cmd="rc4";
+$md2_cmd="md2";
+$md4_cmd="md4";
+$rsa_cmd="rsa -des -inform der ";
+
+# this was the 0.5.x way of doing things ...
+$cmd="openssl asn1parse";
+$x509_cmd="openssl x509";
+$crl_cmd="openssl crl";
+$rc4_cmd="openssl rc4";
+$md2_cmd="openssl md2";
+$md4_cmd="openssl md4";
+$rsa_cmd="openssl rsa -des -inform der ";
+
+&Getopts('vd:') || die "usage:$0 [-v] [-d num] file";
+$depth=($opt_d =~ /^\d+$/)?$opt_d:0;
+
+&init_der();
+
+if ($#ARGV != -1)
+        {
+        foreach $file (@ARGV)
+                {
+                print STDERR "doing $file\n";
+                &dofile($file);
+                }
+        }
+else
+        {
+        $file="/tmp/a$$.DER";
+        open(OUT,">$file") || die "unable to open $file:$!\n";
+        for (;;)
+                {
+                $i=sysread(STDIN,$b,1024*10);
+                last if ($i <= 0);
+                $i=syswrite(OUT,$b,$i);
+                }
+        &dofile($file);
+        unlink($file);
+        }
+        
+sub dofile
+        {
+        local($file)=@_;
+        local(@p);
+
+        $b=&load_file($file);
+        @p=&load_file_parse($file);
+
+        foreach $_ (@p)
+                {
+                ($off,$d,$hl,$len)=&parse_line($_);
+                $d-=$depth;
+                next if ($d != 0);
+                next if ($len == 0);
+
+                $o=substr($b,$off,$len+$hl);
+                ($str,@data)=&der_str($o);
+                print "$str\n" if ($opt_v);
+                if ($str =~ /^$crl/)
+                        {
+                        open(OUT,"|$crl_cmd -inform d -hash -issuer") ||
+                                die "unable to run $crl_cmd:$!\n";
+                        print OUT $o;
+                        close(OUT);
+                        }
+                elsif ($str =~ /^$x509/)
+                        {
+                        open(OUT,"|$x509_cmd -inform d -hash -subject -issuer")
+                                || die "unable to run $x509_cmd:$!\n";
+                        print OUT $o;
+                        close(OUT);
+                        }
+                elsif ($str =~ /^$rsa/)
+                        {
+                        ($type)=($data[3] =~ /OBJECT_IDENTIFIER :(.*)\s*$/);
+                        next unless ($type eq "rsaEncryption");
+                        ($off,$d,$hl,$len)=&parse_line($data[5]);
+                        $os=substr($o,$off+$hl,$len);
+                        open(OUT,"|$rsa_cmd")
+                                || die "unable to run $rsa_cmd:$!\n";
+                        print OUT $os;
+                        close(OUT);
+                        }
+                elsif ($str =~ /^0G-1D-1G/)
+                        {
+                        ($off,$d,$hl,$len)=&parse_line($data[1]);
+                        $os=substr($o,$off+$hl,$len);
+                        print STDERR "<$os>\n" if $opt_v;
+                        &do_certificate($o,@data)
+                                if (($os eq "certificate") &&
+                                    ($str =! /^0G-1D-1G-2G-3F-3E-2D/));
+                        &do_private_key($o,@data)
+                                if (($os eq "private-key") &&
+                                    ($str =! /^0G-1D-1G-2G-3F-3E-2D/));
+                        }
+                }
+        }
+
+sub der_str
+        {
+        local($str)=@_;
+        local(*OUT,*IN,@a,$t,$d,$ret);
+        local($file)="/tmp/b$$.DER";
+        local(@ret);
+
+        open(OUT,">$file");
+        print OUT $str;
+        close(OUT);
+        open(IN,"$cmd -inform 'd' -in $file |") ||
+                die "unable to run $cmd:$!\n";
+        $ret="";
+        while (<IN>)
+                {
+                chop;
+                push(@ret,$_);
+
+                print STDERR "$_\n" if ($debug);
+
+                @a=split(/\s*:\s*/);
+                ($d)=($a[1] =~ /d=\s*(\d+)/);
+                $a[2] =~ s/\s+$//;
+                $t=$DER_s2i{$a[2]};
+                $ret.="$d$t-";
+                }
+        close(IN);
+        unlink($file);
+        chop $ret;
+        $ret =~ s/(-3H(-4G-5F-5[IJKMQRS])+)+/-NAME/g;
+        $ret =~ s/(-3G-4B-4L)+/-RCERT/g;
+        return($ret,@ret);
+        }
+
+sub init_der
+        {
+        $crl= "0G-1G-2G-3F-3E-2G-NAME-2L-2L-2G-RCERT-1G-2F-2E-1C";
+        $x509="0G-1G-2B-2G-3F-3E-2G-NAME-2G-3L-3L-2G-NAME-2G-3G-4F-4E-3C-1G-2F-2E-1C";
+        $rsa= "0G-1B-1G-2F-2E-1D";
+
+        %DER_i2s=(
+                # SSLeay 0.4.x has this list
+                "A","EOC",
+                "B","INTEGER",
+                "C","BIT STRING",
+                "D","OCTET STRING",
+                "E","NULL",
+                "F","OBJECT",
+                "G","SEQUENCE",
+                "H","SET",
+                "I","PRINTABLESTRING",
+                "J","T61STRING",
+                "K","IA5STRING",
+                "L","UTCTIME",
+                "M","NUMERICSTRING",
+                "N","VIDEOTEXSTRING",
+                "O","GENERALIZEDTIME",
+                "P","GRAPHICSTRING",
+                "Q","ISO64STRING",
+                "R","GENERALSTRING",
+                "S","UNIVERSALSTRING",
+
+                # SSLeay 0.5.x changed some things ... and I'm
+                # leaving in the old stuff but adding in these
+                # to handle the new as well --tjh
+                # - Well I've just taken them out and added the extra new
+                # ones :-) - eay
+                );
+
+        foreach (keys %DER_i2s)
+                { $DER_s2i{$DER_i2s{$_}}=$_; }
+        }
+
+sub parse_line
+        {
+        local($_)=@_;
+
+        return(/\s*(\d+):d=\s*(\d+)\s+hl=\s*(\d+)\s+l=\s*(\d+|inf)\s/);
+        }
+
+#  0:d=0 hl=4 l=377 cons: univ: SEQUENCE          
+#  4:d=1 hl=2 l= 11 prim: univ: OCTET_STRING      
+# 17:d=1 hl=4 l=360 cons: univ: SEQUENCE          
+# 21:d=2 hl=2 l= 12 cons: univ: SEQUENCE          
+# 23:d=3 hl=2 l=  8 prim: univ: OBJECT_IDENTIFIER :rc4
+# 33:d=3 hl=2 l=  0 prim: univ: NULL              
+# 35:d=2 hl=4 l=342 prim: univ: OCTET_STRING
+sub do_private_key
+        {
+        local($data,@struct)=@_;
+        local($file)="/tmp/b$$.DER";
+        local($off,$d,$hl,$len,$_,$b,@p,$s);
+
+        ($type)=($struct[4] =~ /OBJECT_IDENTIFIER :(.*)\s*$/);
+        if ($type eq "rc4")
+                {
+                ($off,$d,$hl,$len)=&parse_line($struct[6]);
+                open(OUT,"|$rc4_cmd >$file") ||
+                        die "unable to run $rc4_cmd:$!\n";
+                print OUT substr($data,$off+$hl,$len);
+                close(OUT);
+
+                $b=&load_file($file);
+                unlink($file);
+
+                ($s,@p)=&der_str($b);
+                die "unknown rsa key type\n$s\n"
+                        if ($s ne '0G-1B-1G-2F-2E-1D');
+                local($off,$d,$hl,$len)=&parse_line($p[5]);
+                $b=substr($b,$off+$hl,$len);
+                ($s,@p)=&der_str($b);
+                open(OUT,"|$rsa_cmd") || die "unable to run $rsa_cmd:$!\n";
+                print OUT $b;
+                close(OUT);
+                }
+        else
+                {
+                print "'$type' is unknown\n";
+                exit(1);
+                }
+        }
+
+sub do_certificate
+        {
+        local($data,@struct)=@_;
+        local($file)="/tmp/b$$.DER";
+        local($off,$d,$hl,$len,$_,$b,@p,$s);
+
+        ($off,$d,$hl,$len)=&parse_line($struct[2]);
+        $b=substr($data,$off,$len+$hl);
+
+        open(OUT,"|$x509_cmd -inform d") || die "unable to run $x509_cmd:$!\n";
+        print OUT $b;
+        close(OUT);
+        }
+
+sub load_file
+        {
+        local($file)=@_;
+        local(*IN,$r,$b,$i);
+
+        $r="";
+        open(IN,"<$file") || die "unable to open $file:$!\n";
+        for (;;)
+                {
+                $i=sysread(IN,$b,10240);
+                last if ($i <= 0);
+                $r.=$b;
+                }
+        close(IN);
+        return($r);
+        }
+
+sub load_file_parse
+        {
+        local($file)=@_;
+        local(*IN,$r,@ret,$_,$i,$n,$b);
+
+        open(IN,"$cmd -inform d -in $file|")
+                || die "unable to run der_parse\n";
+        while (<IN>)
+                {
+                chop;
+                push(@ret,$_);
+                }
+        return($r,@ret);
+        }
+
diff --git a/src/lib/libssl/src/apps/dhparam.c b/src/lib/libssl/src/apps/dhparam.c
index dc00355b95..8fe3f18d7c 100644
--- a/src/lib/libssl/src/apps/dhparam.c
+++ b/src/lib/libssl/src/apps/dhparam.c
@@ -501,7 +501,7 @@ bad:
                 printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n");
                 printf("\t\t{ DH_free(dh); return(NULL); }\n");
                 if (dh->length)
-                        printf("\tdh->length = %ld;\n", dh->length);
+                        printf("\tdh->length = %d;\n", dh->length);
                 printf("\treturn(dh);\n\t}\n");
                 OPENSSL_free(data);
                 }
diff --git a/src/lib/libssl/src/apps/engine.c b/src/lib/libssl/src/apps/engine.c
index e8a599f9e5..12283d0aed 100644
--- a/src/lib/libssl/src/apps/engine.c
+++ b/src/lib/libssl/src/apps/engine.c
@@ -387,15 +387,11 @@ int MAIN(int argc, char **argv)
                 else if (strcmp(*argv,"-pre") == 0)
                         {
                         argc--; argv++;
-                        if (argc == 0)
-                                goto skip_arg_loop;
                         sk_push(pre_cmds,*argv);
                         }
                 else if (strcmp(*argv,"-post") == 0)
                         {
                         argc--; argv++;
-                        if (argc == 0)
-                                goto skip_arg_loop;
                         sk_push(post_cmds,*argv);
                         }
                 else if ((strncmp(*argv,"-h",2) == 0) ||
diff --git a/src/lib/libssl/src/apps/genrsa.c b/src/lib/libssl/src/apps/genrsa.c
index 7dbd0923b6..63be873b7b 100644
--- a/src/lib/libssl/src/apps/genrsa.c
+++ b/src/lib/libssl/src/apps/genrsa.c
@@ -88,9 +88,6 @@ int MAIN(int argc, char **argv)
         RSA *rsa=NULL;
         int i,num=DEFBITS;
         long l;
-#ifdef OPENSSL_FIPS
-        int use_x931 = 0;
-#endif
         const EVP_CIPHER *enc=NULL;
         unsigned long f4=RSA_F4;
         char *outfile=NULL;
@@ -129,10 +126,6 @@ int MAIN(int argc, char **argv)
                         f4=3;
                 else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0)
                         f4=RSA_F4;
-#ifdef OPENSSL_FIPS
-                else if (strcmp(*argv,"-x931") == 0)
-                        use_x931 = 1;
-#endif
 #ifndef OPENSSL_NO_ENGINE
                 else if (strcmp(*argv,"-engine") == 0)
                         {
@@ -240,27 +233,11 @@ bad:
 
         BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
                 num);
-#ifdef OPENSSL_FIPS
-        if (use_x931)
-                {
-                BIGNUM *pubexp;
-                pubexp = BN_new();
-                BN_set_word(pubexp, f4);
-                rsa = RSA_X931_generate_key(num, pubexp, genrsa_cb, bio_err);
-                BN_free(pubexp);
-                }
-        else
-#endif
-                rsa=RSA_generate_key(num,f4,genrsa_cb,bio_err);
+        rsa=RSA_generate_key(num,f4,genrsa_cb,bio_err);
                 
         app_RAND_write_file(NULL, bio_err);
 
-        if (rsa == NULL)
-                {
-                BIO_printf(bio_err, "Key Generation error\n");
-
-                goto err;
-                }
+        if (rsa == NULL) goto err;
         
         /* We need to do the following for when the base number size is <
          * long, esp windows 3.1 :-(. */
diff --git a/src/lib/libssl/src/apps/makeapps.com b/src/lib/libssl/src/apps/makeapps.com
index 7b5ff90c62..2f1af9ec94 100644
--- a/src/lib/libssl/src/apps/makeapps.com
+++ b/src/lib/libssl/src/apps/makeapps.com
@@ -650,7 +650,7 @@ $ CCDEFS = "MONOLITH"
 $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
 $ CCEXTRAFLAGS = ""
 $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
-$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
+$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX"
 $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
         CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
 $!
diff --git a/src/lib/libssl/src/apps/openssl.c b/src/lib/libssl/src/apps/openssl.c
index cb6ee740e7..65a9ee8a66 100644
--- a/src/lib/libssl/src/apps/openssl.c
+++ b/src/lib/libssl/src/apps/openssl.c
@@ -237,12 +237,21 @@ int main(int Argc, char *Argv[])
 
 #ifdef OPENSSL_FIPS
         if(getenv("OPENSSL_FIPS")) {
-                if (!FIPS_mode_set(1)) {
+#if defined(_WIN32)
+                char filename[MAX_PATH] = "";
+                GetModuleFileNameA( NULL, filename, MAX_PATH) ;
+                p = filename;
+#else
+                p = Argv[0];
+#endif
+                if (!FIPS_mode_set(1,p)) {
                         ERR_load_crypto_strings();
                         ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
                         EXIT(1);
                 }
                 in_FIPS_mode = 1;
+                if (getenv("OPENSSL_FIPS_MD5"))
+                        FIPS_allow_md5(1);
                 }
 #endif
         if (bio_err == NULL)
diff --git a/src/lib/libssl/src/apps/passwd.c b/src/lib/libssl/src/apps/passwd.c
index 3ad91d89d6..d78716d1b5 100644
--- a/src/lib/libssl/src/apps/passwd.c
+++ b/src/lib/libssl/src/apps/passwd.c
@@ -320,9 +320,9 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
         out_buf[0] = '$';
         out_buf[1] = 0;
         assert(strlen(magic) <= 4); /* "1" or "apr1" */
-        strncat(out_buf, magic, 4);
-        strncat(out_buf, "$", 1);
-        strncat(out_buf, salt, 8);
+        strlcat(out_buf, magic, sizeof(out_buf));
+        strlcat(out_buf, "$", sizeof(out_buf));
+        strlcat(out_buf, salt, sizeof(out_buf));
         assert(strlen(out_buf) <= 6 + 8); /* "$apr1$..salt.." */
         salt_out = out_buf + 2 + strlen(magic);
         salt_len = strlen(salt_out);
diff --git a/src/lib/libssl/src/apps/rand.c b/src/lib/libssl/src/apps/rand.c
index 63724bc730..e23e84af82 100644
--- a/src/lib/libssl/src/apps/rand.c
+++ b/src/lib/libssl/src/apps/rand.c
@@ -69,6 +69,7 @@
 /* -out file         - write to file
  * -rand file:file   - PRNG seed files
  * -base64           - encode output
+ * -hex              - hex encode output
  * num               - write 'num' bytes
  */
 
@@ -84,6 +85,7 @@ int MAIN(int argc, char **argv)
         char *outfile = NULL;
         char *inrand = NULL;
         int base64 = 0;
+        int hex = 0;
         BIO *out = NULL;
         int num = -1;
 #ifndef OPENSSL_NO_ENGINE
@@ -133,6 +135,13 @@ int MAIN(int argc, char **argv)
                         else
                                 badopt = 1;
                         }
+                else if (strcmp(argv[i], "-hex") == 0)
+                        {
+                        if (!hex)
+                                hex = 1;
+                        else
+                                badopt = 1;
+                        }
                 else if (isdigit((unsigned char)argv[i][0]))
                         {
                         if (num < 0)
@@ -148,6 +157,9 @@ int MAIN(int argc, char **argv)
                         badopt = 1;
                 }
 
+        if (hex && base64)
+                badopt = 1;
+
         if (num < 0)
                 badopt = 1;
         
@@ -161,6 +173,7 @@ int MAIN(int argc, char **argv)
 #endif
                 BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
                 BIO_printf(bio_err, "-base64               - encode output\n");
+                BIO_printf(bio_err, "-hex                  - hex encode output\n");
                 goto err;
                 }
 
@@ -210,7 +223,13 @@ int MAIN(int argc, char **argv)
                 r = RAND_bytes(buf, chunk);
                 if (r <= 0)
                         goto err;
-                BIO_write(out, buf, chunk);
+                if (!hex) 
+                        BIO_write(out, buf, chunk);
+                else {
+                        int i;
+                        for (i = 0; i < chunk; i++)
+                                BIO_printf(out, "%02x", buf[i]);
+                }
                 num -= chunk;
                 }
         BIO_flush(out);
diff --git a/src/lib/libssl/src/apps/rsautl.c b/src/lib/libssl/src/apps/rsautl.c
index bdfbe31c14..5db6fe7cd7 100644
--- a/src/lib/libssl/src/apps/rsautl.c
+++ b/src/lib/libssl/src/apps/rsautl.c
@@ -3,7 +3,7 @@
  * project 2000.
  */
 /* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -147,7 +147,6 @@ int MAIN(int argc, char **argv)
                 else if(!strcmp(*argv, "-oaep")) pad = RSA_PKCS1_OAEP_PADDING;
                 else if(!strcmp(*argv, "-ssl")) pad = RSA_SSLV23_PADDING;
                 else if(!strcmp(*argv, "-pkcs")) pad = RSA_PKCS1_PADDING;
-                else if(!strcmp(*argv, "-x931")) pad = RSA_X931_PADDING;
                 else if(!strcmp(*argv, "-sign")) {
                         rsa_mode = RSA_SIGN;
                         need_priv = 1;
diff --git a/src/lib/libssl/src/apps/s_apps.h b/src/lib/libssl/src/apps/s_apps.h
index 66b6edd442..48e7dbaddc 100644
--- a/src/lib/libssl/src/apps/s_apps.h
+++ b/src/lib/libssl/src/apps/s_apps.h
@@ -154,10 +154,10 @@ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
 #ifdef HEADER_SSL_H
 int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
 #endif
-int init_client(int *sock, char *server, int port);
+int init_client(int *sock, char *server, char *port, int af);
 int should_retry(int i);
 int extract_port(char *str, short *port_ptr);
-int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
+int extract_host_port(char *str,char **host_ptr,unsigned char *ip,char **p);
 
 long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, const char *argp,
         int argi, long argl, long ret);
diff --git a/src/lib/libssl/src/apps/s_client.c b/src/lib/libssl/src/apps/s_client.c
index f72195e02d..a70735b9dc 100644
--- a/src/lib/libssl/src/apps/s_client.c
+++ b/src/lib/libssl/src/apps/s_client.c
@@ -109,6 +109,8 @@
  *
  */
 
+#include <sys/types.h>
+#include <netinet/in.h>
 #include <assert.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -183,6 +185,8 @@ static void sc_usage(void)
         {
         BIO_printf(bio_err,"usage: s_client args\n");
         BIO_printf(bio_err,"\n");
+        BIO_printf(bio_err," -4            - Force IPv4\n");
+        BIO_printf(bio_err," -6            - Force IPv6\n");
         BIO_printf(bio_err," -host host     - use -connect instead\n");
         BIO_printf(bio_err," -port port     - use -connect instead\n");
         BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR);
@@ -235,12 +239,12 @@ int MAIN(int argc, char **argv)
         int off=0;
         SSL *con=NULL,*con2=NULL;
         X509_STORE *store = NULL;
-        int s,k,width,state=0;
+        int s,k,width,state=0, af=AF_UNSPEC;
         char *cbuf=NULL,*sbuf=NULL,*mbuf=NULL;
         int cbuf_len,cbuf_off;
         int sbuf_len,sbuf_off;
         fd_set readfds,writefds;
-        short port=PORT;
+        char *port=PORT_STR;
         int full_log=1;
         char *host=SSL_HOST_NAME;
         char *cert_file=NULL,*key_file=NULL;
@@ -311,8 +315,8 @@ int MAIN(int argc, char **argv)
                 else if (strcmp(*argv,"-port") == 0)
                         {
                         if (--argc < 1) goto bad;
-                        port=atoi(*(++argv));
-                        if (port == 0) goto bad;
+                        port= *(++argv);
+                        if (port == NULL || *port == '\0') goto bad;
                         }
                 else if (strcmp(*argv,"-connect") == 0)
                         {
@@ -436,6 +440,8 @@ int MAIN(int argc, char **argv)
                         if (--argc < 1) goto bad;
                         inrand= *(++argv);
                         }
+                else if (strcmp(*argv,"-4") == 0) { af = AF_INET;}
+                else if (strcmp(*argv,"-6") == 0) { af = AF_INET6;}
                 else
                         {
                         BIO_printf(bio_err,"unknown option %s\n",*argv);
@@ -531,7 +537,7 @@ bad:
 
 re_start:
 
-        if (init_client(&s,host,port) == 0)
+        if (init_client(&s,host,port,af) == 0)
                 {
                 BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
                 SHUTDOWN(s);
@@ -798,7 +804,7 @@ re_start:
                                 /* goto end; */
                                 }
 
-                        sbuf_len-=i;;
+                        sbuf_len-=i;
                         sbuf_off+=i;
                         if (sbuf_len <= 0)
                                 {
diff --git a/src/lib/libssl/src/apps/s_socket.c b/src/lib/libssl/src/apps/s_socket.c
index 9c441b0200..d9fad2d1d7 100644
--- a/src/lib/libssl/src/apps/s_socket.c
+++ b/src/lib/libssl/src/apps/s_socket.c
@@ -86,11 +86,9 @@ static struct hostent *GetHostByName(char *name);
 static void ssl_sock_cleanup(void);
 #endif
 static int ssl_sock_init(void);
-static int init_client_ip(int *sock,unsigned char ip[4], int port);
 static int init_server(int *sock, int port);
 static int init_server_long(int *sock, int port,char *ip);
 static int do_accept(int acc_sock, int *sock, char **host);
-static int host_ip(char *str, unsigned char ip[4]);
 
 #ifdef OPENSSL_SYS_WIN16
 #define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
@@ -184,50 +182,41 @@ static int ssl_sock_init(void)
         return(1);
         }
 
-int init_client(int *sock, char *host, int port)
+int init_client(int *sock, char *host, char *port, int af)
         {
-        unsigned char ip[4];
-        short p=0;
+        struct addrinfo hints, *ai_top, *ai;
+        int i, s;
 
-        if (!host_ip(host,&(ip[0])))
+        memset(&hints, '\0', sizeof(hints));
+        hints.ai_family = af;
+        hints.ai_socktype = SOCK_STREAM;
+
+        if ((i = getaddrinfo(host, port, &hints, &ai_top)) != 0 ||
+            ai_top == NULL || ai_top->ai_addr == NULL)
                 {
-                return(0);
+                BIO_printf(bio_err,"getaddrinfo: %s\n", gai_strerror(i));
+                return (0);
                 }
-        if (p != 0) port=p;
-        return(init_client_ip(sock,ip,port));
-        }
-
-static int init_client_ip(int *sock, unsigned char ip[4], int port)
-        {
-        unsigned long addr;
-        struct sockaddr_in them;
-        int s,i;
-
-        if (!ssl_sock_init()) return(0);
-
-        memset((char *)&them,0,sizeof(them));
-        them.sin_family=AF_INET;
-        them.sin_port=htons((unsigned short)port);
-        addr=(unsigned long)
-                ((unsigned long)ip[0]<<24L)|
-                ((unsigned long)ip[1]<<16L)|
-                ((unsigned long)ip[2]<< 8L)|
-                ((unsigned long)ip[3]);
-        them.sin_addr.s_addr=htonl(addr);
-
-        s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
-        if (s == INVALID_SOCKET) { perror("socket"); return(0); }
 
+        for (ai = ai_top; ai != NULL; ai = ai->ai_next)
+                {
+                s=socket(ai->ai_addr->sa_family, SOCK_STREAM, SOCKET_PROTOCOL);
+                if (s == INVALID_SOCKET) { continue; }
 #ifndef OPENSSL_SYS_MPE
-        i=0;
-        i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
-        if (i < 0) { perror("keepalive"); return(0); }
+                i=0;
+                i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
+                if (i == -1) { close(s); continue; }
 #endif
+                if ((i = connect(s, ai->ai_addr, ai->ai_addr->sa_len)) == 0)
+                        { *sock=s; freeaddrinfo(ai_top); return (1);}
 
-        if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
-                { close(s); perror("connect"); return(0); }
-        *sock=s;
-        return(1);
+                close(s);
+                }
+
+        perror("connect");
+        close(s);
+        freeaddrinfo(ai_top);
+        return(0);
         }
 
 int do_server(int port, int *ret, int (*cb)(), char *context)
@@ -409,12 +398,13 @@ end:
         }
 
 int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
-             short *port_ptr)
+             char **port_ptr)
         {
         char *h,*p;
 
         h=str;
-        p=strchr(str,':');
+        p=strrchr(str,'/'); /* IPv6 host/port */
+        if (p == NULL) { p=strrchr(str,':'); }
         if (p == NULL)
                 {
                 BIO_printf(bio_err,"no port defined\n");
@@ -422,58 +412,11 @@ int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
                 }
         *(p++)='\0';
 
-        if ((ip != NULL) && !host_ip(str,ip))
-                goto err;
         if (host_ptr != NULL) *host_ptr=h;
 
-        if (!extract_port(p,port_ptr))
-                goto err;
-        return(1);
-err:
-        return(0);
-        }
+        if (port_ptr != NULL && p != NULL && *p != '\0')
+                *port_ptr = p;
 
-static int host_ip(char *str, unsigned char ip[4])
-        {
-        unsigned int in[4]; 
-        int i;
-
-        if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
-                {
-                for (i=0; i<4; i++)
-                        if (in[i] > 255)
-                                {
-                                BIO_printf(bio_err,"invalid IP address\n");
-                                goto err;
-                                }
-                ip[0]=in[0];
-                ip[1]=in[1];
-                ip[2]=in[2];
-                ip[3]=in[3];
-                }
-        else
-                { /* do a gethostbyname */
-                struct hostent *he;
-
-                if (!ssl_sock_init()) return(0);
-
-                he=GetHostByName(str);
-                if (he == NULL)
-                        {
-                        BIO_printf(bio_err,"gethostbyname failure\n");
-                        goto err;
-                        }
-                /* cast to short because of win16 winsock definition */
-                if ((short)he->h_addrtype != AF_INET)
-                        {
-                        BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
-                        return(0);
-                        }
-                ip[0]=he->h_addr_list[0][0];
-                ip[1]=he->h_addr_list[0][1];
-                ip[2]=he->h_addr_list[0][2];
-                ip[3]=he->h_addr_list[0][3];
-                }
         return(1);
 err:
         return(0);
@@ -538,7 +481,7 @@ static struct hostent *GetHostByName(char *name)
                 /* else add to cache */
                 if(strlen(name) < sizeof ghbn_cache[0].name)
                         {
-                        strcpy(ghbn_cache[lowi].name,name);
+                        strlcpy(ghbn_cache[lowi].name,name, sizeof(ghbn_cache[0].name));
                         memcpy((char *)&(ghbn_cache[lowi].ent),ret,sizeof(struct hostent));
                         ghbn_cache[lowi].order=ghbn_miss+ghbn_hits;
                         }
diff --git a/src/lib/libssl/src/apps/speed.c b/src/lib/libssl/src/apps/speed.c
index 2fc327c375..5ed510ced6 100644
--- a/src/lib/libssl/src/apps/speed.c
+++ b/src/lib/libssl/src/apps/speed.c
@@ -1706,7 +1706,7 @@ show_res:
                                 k,rsa_bits[k],rsa_results[k][0],
                                 rsa_results[k][1]);
                 else
-                        fprintf(stdout,"rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
+                        fprintf(stdout,"rsa %4u bits %8.4fs %8.4fs %8.1f %8.1f\n",
                                 rsa_bits[k],rsa_results[k][0],rsa_results[k][1],
                                 1.0/rsa_results[k][0],1.0/rsa_results[k][1]);
                 }
@@ -1725,7 +1725,7 @@ show_res:
                         fprintf(stdout,"+F3:%u:%u:%f:%f\n",
                                 k,dsa_bits[k],dsa_results[k][0],dsa_results[k][1]);
                 else
-                        fprintf(stdout,"dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
+                        fprintf(stdout,"dsa %4u bits %8.4fs %8.4fs %8.1f %8.1f\n",
                                 dsa_bits[k],dsa_results[k][0],dsa_results[k][1],
                                 1.0/dsa_results[k][0],1.0/dsa_results[k][1]);
                 }
diff --git a/src/lib/libssl/src/certs/ICE-CA.pem b/src/lib/libssl/src/certs/ICE-CA.pem
new file mode 100644
index 0000000000..75652366c2
--- /dev/null
+++ b/src/lib/libssl/src/certs/ICE-CA.pem
@@ -0,0 +1,59 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: O=European ICE-TEL project, OU=V3-Certification Authority
+        Validity
+            Not Before: Apr  2 17:35:53 1997 GMT
+            Not After : Apr  2 17:35:53 1998 GMT
+        Subject: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt
+        Subject Public Key Info:
+            Public Key Algorithm: rsa
+            RSA Public Key: (512 bit)
+                Modulus (512 bit):
+                    00:82:75:ba:f6:d1:60:b5:f9:15:b3:6a:dd:29:8f:
+                    8b:a4:6f:1a:88:e0:50:43:40:0b:79:41:d5:d3:16:
+                    44:7d:74:65:17:42:06:52:0b:e9:50:c8:10:cd:24:
+                    e2:ae:8d:22:30:73:e6:b4:b7:93:1f:e5:6e:a2:ae:
+                    49:11:a5:c9:45
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Authority Key Identifier: 
+                0.........z.."p......e..
+            X509v3 Subject Key Identifier: 
+                ..~r..:..B.44fu......3
+            X509v3 Key Usage: critical
+                ....
+            X509v3 Certificate Policies: critical
+                0.0...*...
+            X509v3 Subject Alternative Name: 
+                0!..secude-support@darmstadt.gmd.de
+            X509v3 Issuer Alternative Name: 
+                0I..ice-tel-ca@darmstadt.gmd.de.*http://www.darmstadt.gmd.de/ice-tel/euroca
+            X509v3 Basic Constraints: critical
+                0....
+            X509v3 CRL Distribution Points: 
+                0200...,.*http://www.darmstadt.gmd.de/ice-tel/euroca
+    Signature Algorithm: md5WithRSAEncryption
+        17:a2:88:b7:99:5a:05:41:e4:13:34:67:e6:1f:3e:26:ec:4b:
+        69:f9:3e:28:22:be:9d:1c:ab:41:6f:0c:00:85:fe:45:74:f6:
+        98:f0:ce:9b:65:53:4a:50:42:c7:d4:92:bd:d7:a2:a8:3d:98:
+        88:73:cd:60:28:79:a3:fc:48:7a
+-----BEGIN CERTIFICATE-----
+MIICzDCCAnagAwIBAgIBATANBgkqhkiG9w0BAQQFADBIMSEwHwYDVQQKExhFdXJv
+cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
+QXV0aG9yaXR5MB4XDTk3MDQwMjE3MzU1M1oXDTk4MDQwMjE3MzU1M1owXDEhMB8G
+A1UEChMYRXVyb3BlYW4gSUNFLVRFTCBwcm9qZWN0MSMwIQYDVQQLExpWMy1DZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eTESMBAGA1UEBxMJRGFybXN0YWR0MFkwCgYEVQgB
+AQICAgADSwAwSAJBAIJ1uvbRYLX5FbNq3SmPi6RvGojgUENAC3lB1dMWRH10ZRdC
+BlIL6VDIEM0k4q6NIjBz5rS3kx/lbqKuSRGlyUUCAwEAAaOCATgwggE0MB8GA1Ud
+IwQYMBaAFIr3yNUOx3ro1yJw4AuJ1bbsZbzPMB0GA1UdDgQWBBR+cvL4OoacQog0
+NGZ1w9T80aIRMzAOBgNVHQ8BAf8EBAMCAfYwFAYDVR0gAQH/BAowCDAGBgQqAwQF
+MCoGA1UdEQQjMCGBH3NlY3VkZS1zdXBwb3J0QGRhcm1zdGFkdC5nbWQuZGUwUgYD
+VR0SBEswSYEbaWNlLXRlbC1jYUBkYXJtc3RhZHQuZ21kLmRlhipodHRwOi8vd3d3
+LmRhcm1zdGFkdC5nbWQuZGUvaWNlLXRlbC9ldXJvY2EwDwYDVR0TAQH/BAUwAwEB
+/zA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vd3d3LmRhcm1zdGFkdC5nbWQuZGUv
+aWNlLXRlbC9ldXJvY2EwDQYJKoZIhvcNAQEEBQADQQAXooi3mVoFQeQTNGfmHz4m
+7Etp+T4oIr6dHKtBbwwAhf5FdPaY8M6bZVNKUELH1JK916KoPZiIc81gKHmj/Eh6
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/certs/ICE-root.pem b/src/lib/libssl/src/certs/ICE-root.pem
new file mode 100644
index 0000000000..fa991599c9
--- /dev/null
+++ b/src/lib/libssl/src/certs/ICE-root.pem
@@ -0,0 +1,48 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 0 (0x0)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: O=European ICE-TEL project, OU=V3-Certification Authority
+        Validity
+            Not Before: Apr  2 17:33:36 1997 GMT
+            Not After : Apr  2 17:33:36 1998 GMT
+        Subject: O=European ICE-TEL project, OU=V3-Certification Authority
+        Subject Public Key Info:
+            Public Key Algorithm: rsa
+            RSA Public Key: (512 bit)
+                Modulus (512 bit):
+                    00:80:3e:eb:ae:47:a9:fe:10:54:0b:81:8b:9c:2b:
+                    82:ab:3a:61:36:65:8b:f3:73:9f:ac:ac:7a:15:a7:
+                    13:8f:b4:c4:ba:a3:0f:bc:a5:58:8d:cc:b1:93:31:
+                    9e:81:9e:8c:19:61:86:fa:52:73:54:d1:97:76:22:
+                    e7:c7:9f:41:cd
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                ........z.."p......e..
+            X509v3 Key Usage: critical
+                ....
+            X509v3 Subject Alternative Name: 
+                0I.*http://www.darmstadt.gmd.de/ice-tel/euroca..ice-tel-ca@darmstadt.gmd.de
+            X509v3 Basic Constraints: critical
+                0....
+    Signature Algorithm: md5WithRSAEncryption
+        76:69:61:db:b7:cf:8b:06:9e:d8:8c:96:53:d2:4d:a8:23:a6:
+        03:44:e8:8f:24:a5:c0:84:a8:4b:77:d4:2d:2b:7d:37:91:67:
+        f2:2c:ce:02:31:4c:6b:cc:ce:f2:68:a6:11:11:ab:7d:88:b8:
+        7e:22:9f:25:06:60:bd:79:30:3d
+-----BEGIN CERTIFICATE-----
+MIICFjCCAcCgAwIBAgIBADANBgkqhkiG9w0BAQQFADBIMSEwHwYDVQQKExhFdXJv
+cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
+QXV0aG9yaXR5MB4XDTk3MDQwMjE3MzMzNloXDTk4MDQwMjE3MzMzNlowSDEhMB8G
+A1UEChMYRXVyb3BlYW4gSUNFLVRFTCBwcm9qZWN0MSMwIQYDVQQLExpWMy1DZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eTBZMAoGBFUIAQECAgIAA0sAMEgCQQCAPuuuR6n+
+EFQLgYucK4KrOmE2ZYvzc5+srHoVpxOPtMS6ow+8pViNzLGTMZ6BnowZYYb6UnNU
+0Zd2IufHn0HNAgMBAAGjgZcwgZQwHQYDVR0OBBYEFIr3yNUOx3ro1yJw4AuJ1bbs
+ZbzPMA4GA1UdDwEB/wQEAwIB9jBSBgNVHREESzBJhipodHRwOi8vd3d3LmRhcm1z
+dGFkdC5nbWQuZGUvaWNlLXRlbC9ldXJvY2GBG2ljZS10ZWwtY2FAZGFybXN0YWR0
+LmdtZC5kZTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBAUAA0EAdmlh27fP
+iwae2IyWU9JNqCOmA0TojySlwISoS3fULSt9N5Fn8izOAjFMa8zO8mimERGrfYi4
+fiKfJQZgvXkwPQ==
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/certs/ICE-user.pem b/src/lib/libssl/src/certs/ICE-user.pem
new file mode 100644
index 0000000000..28065fd37d
--- /dev/null
+++ b/src/lib/libssl/src/certs/ICE-user.pem
@@ -0,0 +1,63 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt
+        Validity
+            Not Before: Apr  2 17:35:59 1997 GMT
+            Not After : Apr  2 17:35:59 1998 GMT
+        Subject: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt, CN=USER
+        Subject Public Key Info:
+            Public Key Algorithm: rsa
+            RSA Public Key: (512 bit)
+                Modulus (512 bit):
+                    00:a8:a8:53:63:49:1b:93:c3:c3:0b:6c:88:11:55:
+                    de:7e:6a:e2:f9:52:a0:dc:69:25:c4:c8:bf:55:e1:
+                    31:a8:ce:e4:a9:29:85:99:8a:15:9a:de:f6:2f:e1:
+                    b4:50:5f:5e:04:75:a6:f4:76:dc:3c:0e:39:dc:3a:
+                    be:3e:a4:61:8b
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Authority Key Identifier: 
+                0...~r..:..B.44fu......3
+            X509v3 Subject Key Identifier: 
+                ...... .*...1.*.......
+            X509v3 Key Usage: critical
+                ....
+            X509v3 Certificate Policies: critical
+                0.0...*...0.......
+            X509v3 Subject Alternative Name: 
+                0:..user@darmstadt.gmd.de.!http://www.darmstadt.gmd.de/~user
+            X509v3 Issuer Alternative Name: 
+                0....gmdca@gmd.de..http://www.gmd.de..saturn.darmstadt.gmd.de.\1!0...U.
+..European ICE-TEL project1#0!..U....V3-Certification Authority1.0...U....Darmstadt..141.12.62.26
+            X509v3 Basic Constraints: critical
+                0.
+            X509v3 CRL Distribution Points: 
+                0.0.......gmdca@gmd.de
+    Signature Algorithm: md5WithRSAEncryption
+        69:0c:e1:b7:a7:f2:d8:fb:e8:69:c0:13:cd:37:ad:21:06:22:
+        4d:e8:c6:db:f1:04:0b:b7:e0:b3:d6:0c:81:03:ce:c3:6a:3e:
+        c7:e7:24:24:a4:92:64:c2:83:83:06:42:53:0e:6f:09:1e:84:
+        9a:f7:6f:63:9b:94:99:83:d6:a4
+-----BEGIN CERTIFICATE-----
+MIIDTzCCAvmgAwIBAgIBATANBgkqhkiG9w0BAQQFADBcMSEwHwYDVQQKExhFdXJv
+cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
+QXV0aG9yaXR5MRIwEAYDVQQHEwlEYXJtc3RhZHQwHhcNOTcwNDAyMTczNTU5WhcN
+OTgwNDAyMTczNTU5WjBrMSEwHwYDVQQKExhFdXJvcGVhbiBJQ0UtVEVMIHByb2pl
+Y3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24gQXV0aG9yaXR5MRIwEAYDVQQH
+EwlEYXJtc3RhZHQxDTALBgNVBAMTBFVTRVIwWTAKBgRVCAEBAgICAANLADBIAkEA
+qKhTY0kbk8PDC2yIEVXefmri+VKg3GklxMi/VeExqM7kqSmFmYoVmt72L+G0UF9e
+BHWm9HbcPA453Dq+PqRhiwIDAQABo4IBmDCCAZQwHwYDVR0jBBgwFoAUfnLy+DqG
+nEKINDRmdcPU/NGiETMwHQYDVR0OBBYEFJfc4B8gjSoRmLUx4Sq/ucIYiMrPMA4G
+A1UdDwEB/wQEAwIB8DAcBgNVHSABAf8EEjAQMAYGBCoDBAUwBgYECQgHBjBDBgNV
+HREEPDA6gRV1c2VyQGRhcm1zdGFkdC5nbWQuZGWGIWh0dHA6Ly93d3cuZGFybXN0
+YWR0LmdtZC5kZS9+dXNlcjCBsQYDVR0SBIGpMIGmgQxnbWRjYUBnbWQuZGWGEWh0
+dHA6Ly93d3cuZ21kLmRlghdzYXR1cm4uZGFybXN0YWR0LmdtZC5kZaRcMSEwHwYD
+VQQKExhFdXJvcGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5MRIwEAYDVQQHEwlEYXJtc3RhZHSHDDE0MS4xMi42
+Mi4yNjAMBgNVHRMBAf8EAjAAMB0GA1UdHwQWMBQwEqAQoA6BDGdtZGNhQGdtZC5k
+ZTANBgkqhkiG9w0BAQQFAANBAGkM4ben8tj76GnAE803rSEGIk3oxtvxBAu34LPW
+DIEDzsNqPsfnJCSkkmTCg4MGQlMObwkehJr3b2OblJmD1qQ=
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/certs/ICE.crl b/src/lib/libssl/src/certs/ICE.crl
new file mode 100644
index 0000000000..21939e8cc4
--- /dev/null
+++ b/src/lib/libssl/src/certs/ICE.crl
@@ -0,0 +1,9 @@
+-----BEGIN X509 CRL-----
+MIIBNDCBnjANBgkqhkiG9w0BAQIFADBFMSEwHwYDVQQKExhFdXJvcGVhbiBJQ0Ut
+VEVMIFByb2plY3QxIDAeBgNVBAsTF0NlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05
+NzA2MDkxNDQyNDNaFw05NzA3MDkxNDQyNDNaMCgwEgIBChcNOTcwMzAzMTQ0MjU0
+WjASAgEJFw05NjEwMDIxMjI5MjdaMA0GCSqGSIb3DQEBAgUAA4GBAH4vgWo2Tej/
+i7kbiw4Imd30If91iosjClNpBFwvwUDBclPEeMuYimHbLOk4H8Nofc0fw11+U/IO
+KSNouUDcqG7B64oY7c4SXKn+i1MWOb5OJiWeodX3TehHjBlyWzoNMWCnYA8XqFP1
+mOKp8Jla1BibEZf14+/HqCi2hnZUiEXh
+-----END X509 CRL-----
diff --git a/src/lib/libssl/src/certs/RegTP-4R.pem b/src/lib/libssl/src/certs/RegTP-4R.pem
new file mode 100644
index 0000000000..6f2c6abccd
--- /dev/null
+++ b/src/lib/libssl/src/certs/RegTP-4R.pem
@@ -0,0 +1,19 @@
+issuer= CN=4R-CA 1:PN+0.2.262.1.10.7.20=#130131,O=Regulierungsbeh\C3\88orde f\C3\88ur Telekommunikation und Post,C=DE
+notBefore=Jan 21 16:04:53 1999 GMT
+notAfter=Jan 21 16:04:53 2004 GMT
+subject= CN=4R-CA 1:PN+0.2.262.1.10.7.20=#130131,O=Regulierungsbeh\C3\88orde f\C3\88ur Telekommunikation und Post,C=DE
+-----BEGIN CERTIFICATE-----
+MIICZzCCAdOgAwIBAgIEOwVn1DAKBgYrJAMDAQIFADBvMQswCQYDVQQGEwJERTE9
+MDsGA1UEChQ0UmVndWxpZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWth
+dGlvbiB1bmQgUG9zdDEhMAwGBwKCBgEKBxQTATEwEQYDVQQDFAo0Ui1DQSAxOlBO
+MCIYDzE5OTkwMTIxMTYwNDUzWhgPMjAwNDAxMjExNjA0NTNaMG8xCzAJBgNVBAYT
+AkRFMT0wOwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21t
+dW5pa2F0aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjRSLUNB
+IDE6UE4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGAjzHbq2asUlqeWbXTQHso
+aVF6YIPVH3c/B2cbuy9HJ/lnE6x0asOzM2DGDqi47xkdAxPc0LZ0fxO87rkmz7xs
+jJObnVrMXpyUSDSp5Y0wqKJdsFdr6mGFOQZteIti8AJnr8xMkwnWVyuOlEXsFe1h
+5gxwQXrOcPinE6qu1t/3PmECBMAAAAGjEjAQMA4GA1UdDwEB/wQEAwIBBjAKBgYr
+JAMDAQIFAAOBgQA+RdocBmA2VV9E5aKPBcp01tdZAvvW9Tve3docArVKR/4/yvSX
+Z+wvzzk+uu4qBp49HN3nqPYMrzbTmjBFu4ce5fkZ7dHF0W1sSBL0rox5z36Aq2re
+JjfEOEmSnNe0+opuh4FSVOssXblXTE8lEQU0FhhItgDx2ADnWZibaxLG4w==
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/certs/ca-cert.pem b/src/lib/libssl/src/certs/ca-cert.pem
new file mode 100644
index 0000000000..bcba68aefa
--- /dev/null
+++ b/src/lib/libssl/src/certs/ca-cert.pem
@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIC5TCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQQFADBcMQswCQYDVQQGEwJBVTET
+MBEGA1UECBMKUXVlZW5zbGFuZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQx
+HDAaBgNVBAMTE1Rlc3QgUENBICgxMDI0IGJpdCkwHhcNOTkxMjAyMjEzODUxWhcN
+MDUwNzEwMjEzODUxWjBbMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFu
+ZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxGzAZBgNVBAMTElRlc3QgQ0Eg
+KDEwMjQgYml0KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo7ujy3XXpU/p
+yDJtOxkMJmGv3mdiVm7JrdoKLUgqjO2rBaeNuYMUiuI6oYU+tlD6agwRML0Pn2JF
+b90VdK/UXrmRr9djaEuH17EIKjte5RwOzndCndsjcCYyoeODMTyg7dqPIkDMmRNM
+5R5xBTabD+Aji0wzQupYxBLuW5PLj7ECAwEAAaOBtzCBtDAdBgNVHQ4EFgQU1WWA
+U42mkhi3ecgey1dsJjU61+UwgYQGA1UdIwR9MHuAFE0RaEcrj18q1dw+G6nJbsTW
+R213oWCkXjBcMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
+A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxHDAaBgNVBAMTE1Rlc3QgUENBICgxMDI0
+IGJpdCmCAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBb39BRphHL
+6aRAQyymsvBvPSCiG9+kR0R1L23aTpNbhXp2BebyFjbEQYZc2kWGiKKcHkNECA35
+3d4LoqUlVey8DFyafOIJd9hxdZfg+rxlHMxnL7uCJRmx9+xB411Jtsol9/wg1uCK
+sleGpgB4j8cG2SVCz7V2MNZNK+d5QCnR7A==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
+gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
+2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
+AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
+hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
+J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
+HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
+21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
+nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
+MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
+pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
+KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
+XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
+-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/src/certs/dsa-ca.pem b/src/lib/libssl/src/certs/dsa-ca.pem
new file mode 100644
index 0000000000..9eb08f3ddd
--- /dev/null
+++ b/src/lib/libssl/src/certs/dsa-ca.pem
@@ -0,0 +1,43 @@
+-----BEGIN DSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,C5B6C7CC9E1FE2C0
+
+svCXBcBRhMuU22UXOfiKZA+thmz6KYXpt1Yg5Rd+TYQcQ1MdvNy0B0tkP1SxzDq0
+Xh1eMeTML9/9/0rKakgNXXXbpi5RB8t6BmwRSyej89F7nn1mtR3qzoyPRpp15SDl
+Tn67C+2v+HDF3MFk88hiNCYkNbcmi7TWvChsl8N1r7wdZwtIox56yXdgxw6ZIpa/
+par0oUCzN7fiavPgCWz1kfPNSaBQSdxwH7TZi5tMHAr0J3C7a7QRnZfE09R59Uqr
+zslrq+ndIw1BZAxoY0SlBu+iFOVaBVlwToC4AsHkv7j7l8ITtr7f42YbBa44D9TO
+uOhONmkk/v3Fso4RaOEzdKZC+hnmmzvHs6TiTWm6yzJgSFwyOUK0eGmKEeVxpcH5
+rUOlHOwzen+FFtocZDZAfdFnb7QY7L/boQvyA5A+ZbRG4DUpmBQeQsSaICHM5Rxx
+1QaLF413VNPXTLPbW0ilSc2H8x2iZTIVKfd33oSO6NhXPtSYQgfecEF4BvNHY5c4
+HovjT4mckbK95bcBzoCHu43vuSQkmZzdYo/ydSZt6zoPavbBLueTpgSbdXiDi827
+MVqOsYxGCb+kez0FoDSTgw==
+-----END DSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE REQUEST-----
+MIICUjCCAhECAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDELMAkGA1UEAxMCQ0Ew
+ggG0MIIBKQYFKw4DAgwwggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaW
+sxXgUy6P4FmCc5A+dTGZR3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5m
+rmuINvvsKNzC16W75Sw5JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHk
+cJVbUM1JAhUA9wcx7fpsBgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVo
+bzDjaeHls12YuyiGSPzemQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqR
+CZ228U2cVA9YBu5JdAfOVX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxB
+F5WS6wG1c6Vqftgy7Q4CuAOBhAACgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuH
+vSLw9YUrJahcBHmbpvt494lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUq
+AylOVFJJJXuirVJ+o+0TtOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u
+3enxhqnDGaAAMAkGBSsOAwIbBQADMAAwLQIVAJGVuFsG/0DBuSZ0jF7ypdU0/G0v
+AhQfeF5BoMMDbX/kidUVpQ6gadPlZA==
+-----END CERTIFICATE REQUEST-----
+-----BEGIN CERTIFICATE-----
+MIIBrjCCAWwCAQswCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
+U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
+CgYDVQQDEwNQQ0EwHhcNOTcwNjE1MDIxNDI5WhcNOTcwNzE1MDIxNDI5WjBSMQsw
+CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
+ZXQgV2lkZ2l0cyBQdHkgTHRkMQswCQYDVQQDEwJDQTCBkjAJBgUrDgMCDAUAA4GE
+AAKBgBqmWXqKrP1etkWWTYYJVwH4qKHFacfsi4e9IvD1hSslqFwEeZum+3j3iUXi
+ALnDdY8z69cmh9u6yTgahAQSxA0wNpqHibj25SoDKU5UUkkle6KtUn6j7RO04UMh
+MQCX5hllquJc4Pu105I6X1Esw8Lr51ocpL17ry7d6fGGqcMZMAkGBSsOAwIbBQAD
+MQAwLgIVAJ4wtQsANPxHo7Q4IQZYsL12SKdbAhUAjJ9n38zxT+iai2164xS+LIfa
+C1Q=
+-----END CERTIFICATE-----
+
diff --git a/src/lib/libssl/src/certs/dsa-pca.pem b/src/lib/libssl/src/certs/dsa-pca.pem
new file mode 100644
index 0000000000..e3641ad47e
--- /dev/null
+++ b/src/lib/libssl/src/certs/dsa-pca.pem
@@ -0,0 +1,49 @@
+-----BEGIN DSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,F80EEEBEEA7386C4
+
+GZ9zgFcHOlnhPoiSbVi/yXc9mGoj44A6IveD4UlpSEUt6Xbse3Fr0KHIUyQ3oGnS
+mClKoAp/eOTb5Frhto85SzdsxYtac+X1v5XwdzAMy2KowHVk1N8A5jmE2OlkNPNt
+of132MNlo2cyIRYaa35PPYBGNCmUm7YcYS8O90YtkrQZZTf4+2C4kllhMcdkQwkr
+FWSWC8YOQ7w0LHb4cX1FejHHom9Nd/0PN3vn3UyySvfOqoR7nbXkrpHXmPIr0hxX
+RcF0aXcV/CzZ1/nfXWQf4o3+oD0T22SDoVcZY60IzI0oIc3pNCbDV3uKNmgekrFd
+qOUJ+QW8oWp7oefRx62iBfIeC8DZunohMXaWAQCU0sLQOR4yEdeUCnzCSywe0bG1
+diD0KYaEe+Yub1BQH4aLsBgDjardgpJRTQLq0DUvw0/QGO1irKTJzegEDNVBKrVn
+V4AHOKT1CUKqvGNRP1UnccUDTF6miOAtaj/qpzra7sSk7dkGBvIEeFoAg84kfh9h
+hVvF1YyzC9bwZepruoqoUwke/WdNIR5ymOVZ/4Liw0JdIOcq+atbdRX08niqIRkf
+dsZrUj4leo3zdefYUQ7w4N2Ns37yDFq7
+-----END DSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE REQUEST-----
+MIICVTCCAhMCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAxMDUENB
+MIIBtTCCASkGBSsOAwIMMIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2G
+lrMV4FMuj+BZgnOQPnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7O
+Zq5riDb77Cjcwtelu+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR
+5HCVW1DNSQIVAPcHMe36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnl
+aG8w42nh5bNdmLsohkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6
+kQmdtvFNnFQPWAbuSXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15Als
+QReVkusBtXOlan7YMu0OArgDgYUAAoGBAKbtuR5AdW+ICjCFe2ixjUiJJzM2IKwe
+6NZEMXg39+HQ1UTPTmfLZLps+rZfolHDXuRKMXbGFdSF0nXYzotPCzi7GauwEJTZ
+yr27ZZjA1C6apGSQ9GzuwNvZ4rCXystVEagAS8OQ4H3D4dWS17Zg31ICb5o4E5r0
+z09o/Uz46u0VoAAwCQYFKw4DAhsFAAMxADAuAhUArRubTxsbIXy3AhtjQ943AbNB
+nSICFQCu+g1iW3jwF+gOcbroD4S/ZcvB3w==
+-----END CERTIFICATE REQUEST-----
+-----BEGIN CERTIFICATE-----
+MIIC0zCCApECAQAwCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
+U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
+CgYDVQQDEwNQQ0EwHhcNOTcwNjE0MjI1NDQ1WhcNOTcwNzE0MjI1NDQ1WjBTMQsw
+CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
+ZXQgV2lkZ2l0cyBQdHkgTHRkMQwwCgYDVQQDEwNQQ0EwggG1MIIBKQYFKw4DAgww
+ggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaWsxXgUy6P4FmCc5A+dTGZ
+R3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5mrmuINvvsKNzC16W75Sw5
+JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHkcJVbUM1JAhUA9wcx7fps
+BgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVobzDjaeHls12YuyiGSPze
+mQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqRCZ228U2cVA9YBu5JdAfO
+VX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxBF5WS6wG1c6Vqftgy7Q4C
+uAOBhQACgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
+umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
+29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUwCQYFKw4D
+AhsFAAMxADAuAhUAvtv6AkMolix1Jvy3UnVEIUqdCUICFQC+jq8P49mwrY9oJ24n
+5rKUjNBhSg==
+-----END CERTIFICATE-----
+
diff --git a/src/lib/libssl/src/certs/factory.pem b/src/lib/libssl/src/certs/factory.pem
new file mode 100644
index 0000000000..8e28b391b2
--- /dev/null
+++ b/src/lib/libssl/src/certs/factory.pem
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
+MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
+DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
+CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
+amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
+iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
+U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
+zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
+BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
+A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
+/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
+lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
+S7ELuYGtmYgYm9NZOIr7yU0=
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/certs/nortelCA.pem b/src/lib/libssl/src/certs/nortelCA.pem
new file mode 100644
index 0000000000..207f34ab3a
--- /dev/null
+++ b/src/lib/libssl/src/certs/nortelCA.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
+BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
+HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
+IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
+MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
+aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
+GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
+ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
+zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
+YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
+hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
+cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
+YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
+-----END CERTIFICATE-----
+
diff --git a/src/lib/libssl/src/certs/pca-cert.pem b/src/lib/libssl/src/certs/pca-cert.pem
new file mode 100644
index 0000000000..9d754d460d
--- /dev/null
+++ b/src/lib/libssl/src/certs/pca-cert.pem
@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIC5jCCAk+gAwIBAgIBADANBgkqhkiG9w0BAQQFADBcMQswCQYDVQQGEwJBVTET
+MBEGA1UECBMKUXVlZW5zbGFuZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQx
+HDAaBgNVBAMTE1Rlc3QgUENBICgxMDI0IGJpdCkwHhcNOTkxMjAyMjEzNTQ4WhcN
+MDUwNzExMjEzNTQ4WjBcMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFu
+ZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxHDAaBgNVBAMTE1Rlc3QgUENB
+ICgxMDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ2haT/f5Zwy
+V+MiuSDjSR62adBoSiBB7Usty44lXqsp9RICw+DCCxpsn/CfxPEDXLLd4olsWXc6
+JRcxGynbYmnzk+Z6aIPPJQhK3CTvaqGnWKZsA1m+WaUIUqJCuNTK4N+7hMAGaf6S
+S3e9HVgEQ4a34gXJ7VQFVIBNV1EnZRWHAgMBAAGjgbcwgbQwHQYDVR0OBBYEFE0R
+aEcrj18q1dw+G6nJbsTWR213MIGEBgNVHSMEfTB7gBRNEWhHK49fKtXcPhupyW7E
+1kdtd6FgpF4wXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
+BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
+NCBiaXQpggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAUa8B3pho
++Mvxeq9HsEzJxHIFQla05S5J/e/V+DQTYoKiRFchKPrDAdrzYSEvP3h4QJEtsNqQ
+JfOxg5M42uLFq7aPGWkF6ZZqZsYS+zA9IVT14g7gNA6Ne+5QtJqQtH9HA24st0T0
+Tga/lZ9M2ovImovaxSL/kRHbpCWcqWVxpOw=
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
+wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
+vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
+AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
+z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
+xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
+HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
+yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
+xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
+7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
+h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
+QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
+hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
+-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/src/certs/rsa-cca.pem b/src/lib/libssl/src/certs/rsa-cca.pem
new file mode 100644
index 0000000000..69f5c1c84c
--- /dev/null
+++ b/src/lib/libssl/src/certs/rsa-cca.pem
@@ -0,0 +1,19 @@
+subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
+issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
+notBefore=941104185834Z
+notAfter =991103185834Z
+-----BEGIN X509 CERTIFICATE-----
+
+MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
+HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
+Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
+OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
+ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
+IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
+975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
+touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
+7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
+9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
+0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
+MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
+-----END X509 CERTIFICATE-----
diff --git a/src/lib/libssl/src/certs/timCA.pem b/src/lib/libssl/src/certs/timCA.pem
new file mode 100644
index 0000000000..9c8d5bf9c6
--- /dev/null
+++ b/src/lib/libssl/src/certs/timCA.pem
@@ -0,0 +1,16 @@
+Tims test GCI CA
+
+-----BEGIN CERTIFICATE-----
+MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
+cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
+cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
+gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
+cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
+dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
+AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
+OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
+AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
+TfdbFZtAAD2Hx9jUtY3tfdrJOb8= 
+-----END CERTIFICATE-----
+
diff --git a/src/lib/libssl/src/certs/tjhCA.pem b/src/lib/libssl/src/certs/tjhCA.pem
new file mode 100644
index 0000000000..67bee1b200
--- /dev/null
+++ b/src/lib/libssl/src/certs/tjhCA.pem
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
+cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
+IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
+VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
+NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
+EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
+I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
+RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
+KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
+Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
+9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
+WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/certs/vsign2.pem b/src/lib/libssl/src/certs/vsign2.pem
new file mode 100644
index 0000000000..d8bdd8c812
--- /dev/null
+++ b/src/lib/libssl/src/certs/vsign2.pem
@@ -0,0 +1,18 @@
+subject=/C=US/O=VeriSign, Inc./OU=Class 2 Public Primary Certification Authority
+notBefore=Jan 29 00:00:00 1996 GMT
+notAfter=Jan  7 23:59:59 2004 GMT
+-----BEGIN CERTIFICATE-----
+MIICPTCCAaYCEQC6WslMBTuS1qe2307QU5INMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
+c3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
+NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
+VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMiBQdWJsaWMgUHJp
+bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
+jQAwgYkCgYEAtlqLow1qI4OAa885h/QhEzMGTCWi7VUSl8WngLn6g8EgoPovFQ18
+oWBrfnks+gYPOq72G2+x0v8vKFJfg31LxHq3+GYfgFT8t8KOWUoUV0bRmpO+QZED
+uxWAk1zr58wIbD8+s0r8/0tsI9VQgiZEGY4jw3HqGSRHBJ51v8imAB8CAwEAATAN
+BgkqhkiG9w0BAQIFAAOBgQC2AB+TV6QHp0DOZUA/VV7t7/pUSaUw1iF8YYfug5ML
+v7Qz8pisnwa/TqjOFIFMywROWMPPX+5815pvy0GKt3+BuP+EYcYnQ2UdDOyxAArd
+G6S7x3ggKLKi3TaVLuFUT79guXdoEZkj6OpS6KoATmdOu5C1RZtG644W78QzWzM9
+1Q==
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/certs/vsigntca.pem b/src/lib/libssl/src/certs/vsigntca.pem
new file mode 100644
index 0000000000..05acf76e66
--- /dev/null
+++ b/src/lib/libssl/src/certs/vsigntca.pem
@@ -0,0 +1,18 @@
+subject=/O=VeriSign, Inc/OU=www.verisign.com/repository/TestCPS Incorp. By Ref. Liab. LTD./OU=For VeriSign authorized testing only. No assurances (C)VS1997
+notBefore=Mar  4 00:00:00 1997 GMT
+notAfter=Mar  4 23:59:59 2025 GMT
+-----BEGIN CERTIFICATE-----
+MIICTTCCAfcCEEdoCqpuXxnoK27q7d58Qc4wDQYJKoZIhvcNAQEEBQAwgakxFjAU
+BgNVBAoTDVZlcmlTaWduLCBJbmMxRzBFBgNVBAsTPnd3dy52ZXJpc2lnbi5jb20v
+cmVwb3NpdG9yeS9UZXN0Q1BTIEluY29ycC4gQnkgUmVmLiBMaWFiLiBMVEQuMUYw
+RAYDVQQLEz1Gb3IgVmVyaVNpZ24gYXV0aG9yaXplZCB0ZXN0aW5nIG9ubHkuIE5v
+IGFzc3VyYW5jZXMgKEMpVlMxOTk3MB4XDTk3MDMwNDAwMDAwMFoXDTI1MDMwNDIz
+NTk1OVowgakxFjAUBgNVBAoTDVZlcmlTaWduLCBJbmMxRzBFBgNVBAsTPnd3dy52
+ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9UZXN0Q1BTIEluY29ycC4gQnkgUmVmLiBM
+aWFiLiBMVEQuMUYwRAYDVQQLEz1Gb3IgVmVyaVNpZ24gYXV0aG9yaXplZCB0ZXN0
+aW5nIG9ubHkuIE5vIGFzc3VyYW5jZXMgKEMpVlMxOTk3MFwwDQYJKoZIhvcNAQEB
+BQADSwAwSAJBAMak6xImJx44jMKcbkACy5/CyMA2fqXK4PlzTtCxRq5tFkDzne7s
+cI8oFK/J+gFZNE3bjidDxf07O3JOYG9RGx8CAwEAATANBgkqhkiG9w0BAQQFAANB
+ADT523tENOKrEheZFpsJx1UUjPrG7TwYc/C4NBHrZI4gZJcKVFIfNulftVS6UMYW
+ToLEMaUojc3DuNXHG21PDG8=
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/config b/src/lib/libssl/src/config
index c2f504f59e..0715d378d9 100644
--- a/src/lib/libssl/src/config
+++ b/src/lib/libssl/src/config
@@ -54,22 +54,6 @@ SYSTEM=`(uname -s) 2>/dev/null`  || SYSTEM="unknown"
 VERSION=`(uname -v) 2>/dev/null` || VERSION="unknown"
 
 
-
- 
-
-# Check for VC++ presence first.
-#
-#if [ "x$MSVCDIR" != "x" -o "x$VCINSTALLDIR" != "x" ]; then
-#       perl Configure VC-WIN32 $*
-#       cmd /c ms\\do_masm.bat
-#       perl util/mk1mf.pl VC-WIN32-GMAKE >mak.tmp
-#       rm Makefile
-#       mv mak.tmp Makefile
-#       echo "Configured for VC++ using GNU make"
-#       exit 0
-#fi
-#
-
 # Now test for ISC and SCO, since it is has a braindamaged uname.
 #
 # We need to work around FreeBSD 1.1.5.1 
@@ -355,10 +339,6 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
 
     MINGW*)
         echo "${MACHINE}-whatever-mingw"; echo 0;
-        # Save fipslib path so VC++ build can find it
-        (cd /usr/local/ssl/lib ; pwd -W ) > util/fipslib_path.txt
-        # Extract _chkstk.o so VC++ can use it, to avoid __alloca link error
-        (cd ms ; ar x `gcc -print-libgcc-file-name` _chkstk.o)
         ;;
     CYGWIN*)
         case "$RELEASE" in
@@ -427,7 +407,7 @@ if [ "$GCCVER" != "" ]; then
   CC=gcc
   # then strip off whatever prefix egcs prepends the number with...
   # Hopefully, this will work for any future prefixes as well.
-  GCCVER=`echo $GCCVER | LC_ALL=C sed 's/^[a-zA-Z]*\-//'`
+  GCCVER=`echo $GCCVER | sed 's/^[a-zA-Z]*\-//'`
   # Since gcc 3.1 gcc --version behaviour has changed.  gcc -dumpversion
   # does give us what we want though, so we use that.  We just just the
   # major and minor version numbers.
diff --git a/src/lib/libssl/src/crypto/Makefile b/src/lib/libssl/src/crypto/Makefile.ssl
index cda9de0ac9..b9951a4600 100644
--- a/src/lib/libssl/src/crypto/Makefile
+++ b/src/lib/libssl/src/crypto/Makefile.ssl
@@ -1,5 +1,5 @@
 #
-# OpenSSL/crypto/Makefile
+# SSLeay/crypto/Makefile
 #
 
 DIR=            crypto
@@ -11,9 +11,10 @@ CFLAG=		-g
 INSTALL_PREFIX=
 OPENSSLDIR=     /usr/local/ssl
 INSTALLTOP=     /usr/local/ssl
+MAKE=           make -f Makefile.ssl
 MAKEDEPPROG=    makedepend
 MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=       Makefile
+MAKEFILE=       Makefile.ssl
 RM=             rm -f
 AR=             ar r
 
@@ -35,14 +36,14 @@ GENERAL=Makefile README crypto-lib.com install.com
 
 LIB= $(TOP)/libcrypto.a
 SHARED_LIB= libcrypto$(SHLIB_EXT)
-LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c o_str.c
-LIBOBJ= cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o
+LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c
+LIBOBJ= cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o
 
 SRC= $(LIBSRC)
 
 EXHEADER= crypto.h tmdiff.h opensslv.h opensslconf.h ebcdic.h symhacks.h \
         ossl_typ.h
-HEADER= cryptlib.h buildinf.h md32_common.h o_time.h o_str.h $(EXHEADER)
+HEADER= cryptlib.h buildinf.h md32_common.h o_time.h $(EXHEADER)
 
 ALL=    $(GENERAL) $(SRC) $(HEADER)
 
@@ -51,9 +52,9 @@ top:
 
 all: shared
 
-buildinf.h: ../Makefile
+buildinf.h: ../Makefile.ssl
         ( echo "#ifndef MK1MF_BUILD"; \
-        echo '  /* auto-generated by crypto/Makefile for crypto/cversion.c */'; \
+        echo '  /* auto-generated by crypto/Makefile.ssl for crypto/cversion.c */'; \
         echo '  #define CFLAGS "$(CC) $(CFLAG)"'; \
         echo '  #define PLATFORM "$(PLATFORM)"'; \
         echo "  #define DATE \"`LC_ALL=C LC_TIME=C date`\""; \
@@ -72,7 +73,7 @@ subdirs:
         done;
 
 files:
-        $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
         @for i in $(SDIRS) ;\
         do \
         (cd $$i && echo "making 'files' in crypto/$$i..." && \
@@ -80,9 +81,11 @@ files:
         done;
 
 links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
         @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
         @$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
         @$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
         @for i in $(SDIRS); do \
         (cd $$i && echo "making links in crypto/$$i..." && \
         $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PERL='${PERL}' links ); \
@@ -94,8 +97,7 @@ lib:	$(LIBOBJ)
         @touch lib
 
 shared: buildinf.h lib subdirs
-        @if [ -n "$(SHARED_LIBS)" ]; then \
-                egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null || \
+        if [ -n "$(SHARED_LIBS)" ]; then \
                 (cd ..; $(MAKE) $(SHARED_LIB)); \
         fi
 
@@ -114,7 +116,7 @@ tests:
         done;
 
 install:
-        @headerlist="$(EXHEADER)"; for i in $$headerlist ;\
+        @for i in $(EXHEADER) ;\
         do \
         (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
         chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
@@ -201,8 +203,6 @@ mem_dbg.o: ../include/openssl/err.h ../include/openssl/lhash.h
 mem_dbg.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
 mem_dbg.o: ../include/openssl/safestack.h ../include/openssl/stack.h
 mem_dbg.o: ../include/openssl/symhacks.h cryptlib.h mem_dbg.c
-o_str.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
-o_str.o: o_str.c o_str.h
 o_time.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h o_time.c
 o_time.o: o_time.h
 tmdiff.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
diff --git a/src/lib/libssl/src/crypto/acss/acss.h b/src/lib/libssl/src/crypto/acss/acss.h
new file mode 100644
index 0000000000..c2d3550796
--- /dev/null
+++ b/src/lib/libssl/src/crypto/acss/acss.h
@@ -0,0 +1,47 @@
+/*      $OpenBSD: acss.h,v 1.4 2005/04/25 13:20:52 miod Exp $   */
+/*
+ * Copyright (c) 2004 The OpenBSD project
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef _ACSS_H_
+#define _ACSS_H_
+
+#ifdef OPENSSL_NO_ACSS
+#error acss is disabled.
+#endif
+
+/* 40bit key */
+#define ACSS_KEYSIZE            5
+
+/* modes of acss */
+#define ACSS_MODE0              0
+#define ACSS_MODE1              1
+#define ACSS_MODE2              2
+#define ACSS_MODE3              3
+
+typedef struct acss_key_st {
+        unsigned int    lfsr17;         /* current state of lfsrs */
+        unsigned int    lfsr25;
+        unsigned int    lfsrsum;
+        unsigned char   seed[ACSS_KEYSIZE];
+        unsigned char   data[ACSS_KEYSIZE];
+        int             encrypt;
+        int             mode;
+} ACSS_KEY;
+
+void acss_setkey(ACSS_KEY *, const unsigned char *, int, int);
+void acss(ACSS_KEY *, unsigned long, const unsigned char *, unsigned char *);
+
+#endif /* ifndef _ACSS_H_ */
diff --git a/src/lib/libssl/src/crypto/acss/acss_enc.c b/src/lib/libssl/src/crypto/acss/acss_enc.c
new file mode 100644
index 0000000000..829830bc54
--- /dev/null
+++ b/src/lib/libssl/src/crypto/acss/acss_enc.c
@@ -0,0 +1,177 @@
+/*      $OpenBSD: acss_enc.c,v 1.4 2004/02/13 10:05:44 hshoexer Exp $   */
+/*
+ * Copyright (c) 2004 The OpenBSD project
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <openssl/acss.h>
+
+/* decryption sbox */
+static unsigned char sboxdec[] = {
+        0x33, 0x73, 0x3b, 0x26, 0x63, 0x23, 0x6b, 0x76, 
+        0x3e, 0x7e, 0x36, 0x2b, 0x6e, 0x2e, 0x66, 0x7b, 
+        0xd3, 0x93, 0xdb, 0x06, 0x43, 0x03, 0x4b, 0x96, 
+        0xde, 0x9e, 0xd6, 0x0b, 0x4e, 0x0e, 0x46, 0x9b, 
+        0x57, 0x17, 0x5f, 0x82, 0xc7, 0x87, 0xcf, 0x12, 
+        0x5a, 0x1a, 0x52, 0x8f, 0xca, 0x8a, 0xc2, 0x1f, 
+        0xd9, 0x99, 0xd1, 0x00, 0x49, 0x09, 0x41, 0x90, 
+        0xd8, 0x98, 0xd0, 0x01, 0x48, 0x08, 0x40, 0x91, 
+        0x3d, 0x7d, 0x35, 0x24, 0x6d, 0x2d, 0x65, 0x74, 
+        0x3c, 0x7c, 0x34, 0x25, 0x6c, 0x2c, 0x64, 0x75, 
+        0xdd, 0x9d, 0xd5, 0x04, 0x4d, 0x0d, 0x45, 0x94, 
+        0xdc, 0x9c, 0xd4, 0x05, 0x4c, 0x0c, 0x44, 0x95, 
+        0x59, 0x19, 0x51, 0x80, 0xc9, 0x89, 0xc1, 0x10, 
+        0x58, 0x18, 0x50, 0x81, 0xc8, 0x88, 0xc0, 0x11, 
+        0xd7, 0x97, 0xdf, 0x02, 0x47, 0x07, 0x4f, 0x92, 
+        0xda, 0x9a, 0xd2, 0x0f, 0x4a, 0x0a, 0x42, 0x9f, 
+        0x53, 0x13, 0x5b, 0x86, 0xc3, 0x83, 0xcb, 0x16, 
+        0x5e, 0x1e, 0x56, 0x8b, 0xce, 0x8e, 0xc6, 0x1b, 
+        0xb3, 0xf3, 0xbb, 0xa6, 0xe3, 0xa3, 0xeb, 0xf6, 
+        0xbe, 0xfe, 0xb6, 0xab, 0xee, 0xae, 0xe6, 0xfb, 
+        0x37, 0x77, 0x3f, 0x22, 0x67, 0x27, 0x6f, 0x72, 
+        0x3a, 0x7a, 0x32, 0x2f, 0x6a, 0x2a, 0x62, 0x7f, 
+        0xb9, 0xf9, 0xb1, 0xa0, 0xe9, 0xa9, 0xe1, 0xf0, 
+        0xb8, 0xf8, 0xb0, 0xa1, 0xe8, 0xa8, 0xe0, 0xf1, 
+        0x5d, 0x1d, 0x55, 0x84, 0xcd, 0x8d, 0xc5, 0x14, 
+        0x5c, 0x1c, 0x54, 0x85, 0xcc, 0x8c, 0xc4, 0x15, 
+        0xbd, 0xfd, 0xb5, 0xa4, 0xed, 0xad, 0xe5, 0xf4, 
+        0xbc, 0xfc, 0xb4, 0xa5, 0xec, 0xac, 0xe4, 0xf5, 
+        0x39, 0x79, 0x31, 0x20, 0x69, 0x29, 0x61, 0x70, 
+        0x38, 0x78, 0x30, 0x21, 0x68, 0x28, 0x60, 0x71, 
+        0xb7, 0xf7, 0xbf, 0xa2, 0xe7, 0xa7, 0xef, 0xf2, 
+        0xba, 0xfa, 0xb2, 0xaf, 0xea, 0xaa, 0xe2, 0xff
+};
+
+/* encryption sbox */
+static unsigned char sboxenc[] = {
+        0x33, 0x3b, 0x73, 0x15, 0x53, 0x5b, 0x13, 0x75,
+        0x3d, 0x35, 0x7d, 0x1b, 0x5d, 0x55, 0x1d, 0x7b,
+        0x67, 0x6f, 0x27, 0x81, 0xc7, 0xcf, 0x87, 0x21,
+        0x69, 0x61, 0x29, 0x8f, 0xc9, 0xc1, 0x89, 0x2f,
+        0xe3, 0xeb, 0xa3, 0x05, 0x43, 0x4b, 0x03, 0xa5,
+        0xed, 0xe5, 0xad, 0x0b, 0x4d, 0x45, 0x0d, 0xab,
+        0xea, 0xe2, 0xaa, 0x00, 0x4a, 0x42, 0x0a, 0xa0,
+        0xe8, 0xe0, 0xa8, 0x02, 0x48, 0x40, 0x08, 0xa2,
+        0x3e, 0x36, 0x7e, 0x14, 0x5e, 0x56, 0x1e, 0x74,
+        0x3c, 0x34, 0x7c, 0x16, 0x5c, 0x54, 0x1c, 0x76,
+        0x6a, 0x62, 0x2a, 0x80, 0xca, 0xc2, 0x8a, 0x20,
+        0x68, 0x60, 0x28, 0x82, 0xc8, 0xc0, 0x88, 0x22,
+        0xee, 0xe6, 0xae, 0x04, 0x4e, 0x46, 0x0e, 0xa4,
+        0xec, 0xe4, 0xac, 0x06, 0x4c, 0x44, 0x0c, 0xa6,
+        0xe7, 0xef, 0xa7, 0x01, 0x47, 0x4f, 0x07, 0xa1,
+        0xe9, 0xe1, 0xa9, 0x0f, 0x49, 0x41, 0x09, 0xaf,
+        0x63, 0x6b, 0x23, 0x85, 0xc3, 0xcb, 0x83, 0x25,
+        0x6d, 0x65, 0x2d, 0x8b, 0xcd, 0xc5, 0x8d, 0x2b,
+        0x37, 0x3f, 0x77, 0x11, 0x57, 0x5f, 0x17, 0x71,
+        0x39, 0x31, 0x79, 0x1f, 0x59, 0x51, 0x19, 0x7f,
+        0xb3, 0xbb, 0xf3, 0x95, 0xd3, 0xdb, 0x93, 0xf5,
+        0xbd, 0xb5, 0xfd, 0x9b, 0xdd, 0xd5, 0x9d, 0xfb,
+        0xba, 0xb2, 0xfa, 0x90, 0xda, 0xd2, 0x9a, 0xf0,
+        0xb8, 0xb0, 0xf8, 0x92, 0xd8, 0xd0, 0x98, 0xf2,
+        0x6e, 0x66, 0x2e, 0x84, 0xce, 0xc6, 0x8e, 0x24,
+        0x6c, 0x64, 0x2c, 0x86, 0xcc, 0xc4, 0x8c, 0x26,
+        0x3a, 0x32, 0x7a, 0x10, 0x5a, 0x52, 0x1a, 0x70,
+        0x38, 0x30, 0x78, 0x12, 0x58, 0x50, 0x18, 0x72,
+        0xbe, 0xb6, 0xfe, 0x94, 0xde, 0xd6, 0x9e, 0xf4,
+        0xbc, 0xb4, 0xfc, 0x96, 0xdc, 0xd4, 0x9c, 0xf6,
+        0xb7, 0xbf, 0xf7, 0x91, 0xd7, 0xdf, 0x97, 0xf1,
+        0xb9, 0xb1, 0xf9, 0x9f, 0xd9, 0xd1, 0x99, 0xff
+};
+
+/*
+ * Two linear feedback shift registers are used:
+ *
+ * lfsr17:  polynomial of degree 17, primitive modulo 2 (listed in Schneier)
+ *          x^15 + x + 1
+ * lfsr25:  polynomial of degree 25, not know if primitive modulo 2
+ *          x^13 + x^5 + x^4 + x + 1
+ *
+ * Output bits are discarded, instead the feedback bits are added to produce
+ * the cipher stream.  Depending on the mode, feedback bytes may be inverted
+ * bit-wise before addition.
+ *
+ * The lfsrs are seeded with bytes from the raw key:
+ *
+ * lfsr17:  byte 0[0:7] at bit 9
+ *          byte 1[0:7] at bit 0
+ *
+ * lfsr25:  byte 2[0:4] at bit 16
+ *          byte 2[5:7] at bit 22
+ *          byte 3[0:7] at bit 8
+ *          byte 4[0:7] at bit 0
+ *
+ * To prevent 0 cycles, 1's are inject at bit 8 in lfrs17 and bit 21 in
+ * lfsr25.
+ *
+ */
+
+void
+acss(ACSS_KEY *key, unsigned long len, const unsigned char *in,
+    unsigned char *out)
+{
+        unsigned long i;
+        unsigned long lfsr17tmp, lfsr25tmp, lfsrsumtmp;
+
+        lfsrsumtmp = lfsr17tmp = lfsr25tmp = 0;
+
+        /* keystream is sum of lfsrs */
+        for (i = 0; i < len; i++) {
+                lfsr17tmp = key->lfsr17 ^ (key->lfsr17 >> 14);
+                key->lfsr17 = (key->lfsr17 >> 8)
+                        ^ (lfsr17tmp << 9)
+                        ^ (lfsr17tmp << 12)
+                        ^ (lfsr17tmp << 15);
+                key->lfsr17 &= 0x1ffff; /* 17 bit LFSR */
+
+                lfsr25tmp = key->lfsr25
+                        ^ (key->lfsr25 >> 3)
+                        ^ (key->lfsr25 >> 4)
+                        ^ (key->lfsr25 >> 12);
+                key->lfsr25 = (key->lfsr25 >> 8) ^ (lfsr25tmp << 17);
+                key->lfsr25 &= 0x1ffffff;       /* 25 bit LFSR */
+
+                lfsrsumtmp = key->lfsrsum;
+
+                /* addition */
+                switch (key->mode) {
+                case ACSS_MODE3:
+                        key->lfsrsum = 0xff & ~(key->lfsr17 >> 9);
+                        key->lfsrsum += 0xff & ~(key->lfsr25 >> 17);
+                        break;
+                case ACSS_MODE2:
+                        key->lfsrsum = key->lfsr17 >> 9;
+                        key->lfsrsum += 0xff & ~(key->lfsr25 >> 17);
+                        break;
+                case ACSS_MODE1:
+                        key->lfsrsum = 0xff & ~(key->lfsr17 >> 9);
+                        key->lfsrsum += key->lfsr25 >> 17;
+                        break;
+                case ACSS_MODE0:
+                default:
+                        key->lfsrsum = key->lfsr17 >> 9;
+                        key->lfsrsum += key->lfsr25 >> 17;
+                        break;
+                }
+                key->lfsrsum += (lfsrsumtmp >> 8);
+
+                if (in == (unsigned char *)0)
+                        /* generate only a keystream */
+                        out[i] = key->lfsrsum & 0xff;
+                else if (key->encrypt) {
+                        out[i] = sboxenc[(in[i] ^ key->lfsrsum) & 0xff];
+                } else {
+                        out[i] = (sboxdec[in[i]] ^ key->lfsrsum) & 0xff;
+                }
+        }
+}
diff --git a/src/lib/libssl/src/crypto/acss/acss_skey.c b/src/lib/libssl/src/crypto/acss/acss_skey.c
new file mode 100644
index 0000000000..08e5685fcf
--- /dev/null
+++ b/src/lib/libssl/src/crypto/acss/acss_skey.c
@@ -0,0 +1,86 @@
+/*      $OpenBSD: acss_skey.c,v 1.2 2004/01/23 19:23:33 hshoexer Exp $  */
+/*
+ * Copyright (c) 2004 The OpenBSD project
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <openssl/acss.h>
+
+static unsigned char reverse[] = {
+        0x00, 0x80, 0x40, 0xc0, 0x20, 0xa0, 0x60, 0xe0, 
+        0x10, 0x90, 0x50, 0xd0, 0x30, 0xb0, 0x70, 0xf0, 
+        0x08, 0x88, 0x48, 0xc8, 0x28, 0xa8, 0x68, 0xe8, 
+        0x18, 0x98, 0x58, 0xd8, 0x38, 0xb8, 0x78, 0xf8, 
+        0x04, 0x84, 0x44, 0xc4, 0x24, 0xa4, 0x64, 0xe4, 
+        0x14, 0x94, 0x54, 0xd4, 0x34, 0xb4, 0x74, 0xf4, 
+        0x0c, 0x8c, 0x4c, 0xcc, 0x2c, 0xac, 0x6c, 0xec, 
+        0x1c, 0x9c, 0x5c, 0xdc, 0x3c, 0xbc, 0x7c, 0xfc, 
+        0x02, 0x82, 0x42, 0xc2, 0x22, 0xa2, 0x62, 0xe2, 
+        0x12, 0x92, 0x52, 0xd2, 0x32, 0xb2, 0x72, 0xf2, 
+        0x0a, 0x8a, 0x4a, 0xca, 0x2a, 0xaa, 0x6a, 0xea, 
+        0x1a, 0x9a, 0x5a, 0xda, 0x3a, 0xba, 0x7a, 0xfa, 
+        0x06, 0x86, 0x46, 0xc6, 0x26, 0xa6, 0x66, 0xe6, 
+        0x16, 0x96, 0x56, 0xd6, 0x36, 0xb6, 0x76, 0xf6, 
+        0x0e, 0x8e, 0x4e, 0xce, 0x2e, 0xae, 0x6e, 0xee, 
+        0x1e, 0x9e, 0x5e, 0xde, 0x3e, 0xbe, 0x7e, 0xfe, 
+        0x01, 0x81, 0x41, 0xc1, 0x21, 0xa1, 0x61, 0xe1, 
+        0x11, 0x91, 0x51, 0xd1, 0x31, 0xb1, 0x71, 0xf1, 
+        0x09, 0x89, 0x49, 0xc9, 0x29, 0xa9, 0x69, 0xe9, 
+        0x19, 0x99, 0x59, 0xd9, 0x39, 0xb9, 0x79, 0xf9, 
+        0x05, 0x85, 0x45, 0xc5, 0x25, 0xa5, 0x65, 0xe5, 
+        0x15, 0x95, 0x55, 0xd5, 0x35, 0xb5, 0x75, 0xf5, 
+        0x0d, 0x8d, 0x4d, 0xcd, 0x2d, 0xad, 0x6d, 0xed, 
+        0x1d, 0x9d, 0x5d, 0xdd, 0x3d, 0xbd, 0x7d, 0xfd, 
+        0x03, 0x83, 0x43, 0xc3, 0x23, 0xa3, 0x63, 0xe3, 
+        0x13, 0x93, 0x53, 0xd3, 0x33, 0xb3, 0x73, 0xf3, 
+        0x0b, 0x8b, 0x4b, 0xcb, 0x2b, 0xab, 0x6b, 0xeb, 
+        0x1b, 0x9b, 0x5b, 0xdb, 0x3b, 0xbb, 0x7b, 0xfb, 
+        0x07, 0x87, 0x47, 0xc7, 0x27, 0xa7, 0x67, 0xe7, 
+        0x17, 0x97, 0x57, 0xd7, 0x37, 0xb7, 0x77, 0xf7, 
+        0x0f, 0x8f, 0x4f, 0xcf, 0x2f, 0xaf, 0x6f, 0xef, 
+        0x1f, 0x9f, 0x5f, 0xdf, 0x3f, 0xbf, 0x7f, 0xff 
+};
+
+static void
+acss_seed(ACSS_KEY *key)
+{
+        int i;
+
+        for (i = 0; i < ACSS_KEYSIZE; i++)
+                key->seed[i] = reverse[key->data[i]];
+
+        /* seed lfsrs */
+        key->lfsr17 = key->seed[1]
+                | (key->seed[0] << 9)
+                | (1 << 8);     /* inject 1 at bit 9 */
+        key->lfsr25 = key->seed[4]
+                | (key->seed[3] << 8)
+                | ((key->seed[2] & 0x1f) << 16)
+                | ((key->seed[2] & 0xe0) << 17)
+                        | (1 << 21);    /* inject 1 at bit 22 */
+
+        key->lfsrsum = 0;
+}
+
+void
+acss_setkey(ACSS_KEY *key, const unsigned char *data, int enc, int mode)
+{
+        memcpy(key->data, data, sizeof(key->data));
+
+        if (enc != -1)
+                key->encrypt = enc;
+        key->mode = mode;
+
+        acss_seed(key);
+}
diff --git a/src/lib/libssl/src/crypto/aes/Makefile.ssl b/src/lib/libssl/src/crypto/aes/Makefile.ssl
new file mode 100644
index 0000000000..f353aeb697
--- /dev/null
+++ b/src/lib/libssl/src/crypto/aes/Makefile.ssl
@@ -0,0 +1,103 @@
+#
+# crypto/aes/Makefile
+#
+
+DIR=    aes
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=     /usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+# CFLAGS= -mpentiumpro $(INCLUDES) $(CFLAG) -O3 -fexpensive-optimizations -funroll-loops -fforce-addr
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+#TEST=aestest.c
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=aes_core.c aes_misc.c aes_ecb.c aes_cbc.c aes_cfb.c aes_ofb.c aes_ctr.c
+LIBOBJ=aes_core.o aes_misc.o aes_ecb.o aes_cbc.o aes_cfb.o aes_ofb.o aes_ctr.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= aes.h
+HEADER= aes_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+$(LIBOBJ): $(LIBSRC)
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install: installs
+
+installs:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+aes_cbc.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
+aes_cbc.o: ../../include/openssl/opensslconf.h aes_cbc.c aes_locl.h
+aes_cfb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
+aes_cfb.o: ../../include/openssl/opensslconf.h aes_cfb.c aes_locl.h
+aes_core.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
+aes_core.o: ../../include/openssl/opensslconf.h aes_core.c aes_locl.h
+aes_ctr.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
+aes_ctr.o: ../../include/openssl/opensslconf.h aes_ctr.c aes_locl.h
+aes_ecb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
+aes_ecb.o: ../../include/openssl/opensslconf.h aes_ecb.c aes_locl.h
+aes_misc.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
+aes_misc.o: ../../include/openssl/opensslconf.h
+aes_misc.o: ../../include/openssl/opensslv.h aes_locl.h aes_misc.c
+aes_ofb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
+aes_ofb.o: ../../include/openssl/opensslconf.h aes_locl.h aes_ofb.c
diff --git a/src/lib/libssl/src/crypto/aes/aes_cbc.c b/src/lib/libssl/src/crypto/aes/aes_cbc.c
index 373864cd4b..d2ba6bcdb4 100644
--- a/src/lib/libssl/src/crypto/aes/aes_cbc.c
+++ b/src/lib/libssl/src/crypto/aes/aes_cbc.c
@@ -59,7 +59,6 @@
 #include <openssl/aes.h>
 #include "aes_locl.h"
 
-#if !defined(OPENSSL_FIPS_AES_ASM)
 void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
                      const unsigned long length, const AES_KEY *key,
                      unsigned char *ivec, const int enc) {
@@ -130,4 +129,3 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
                 }
         }
 }
-#endif
diff --git a/src/lib/libssl/src/crypto/aes/asm/aes-586.pl b/src/lib/libssl/src/crypto/aes/asm/aes-586.pl
new file mode 100644
index 0000000000..688fda21ff
--- /dev/null
+++ b/src/lib/libssl/src/crypto/aes/asm/aes-586.pl
@@ -0,0 +1,1541 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. Rights for redistribution and usage in source and binary
+# forms are granted according to the OpenSSL license.
+# ====================================================================
+#
+# Version 2.0.
+#
+# You might fail to appreciate this module performance from the first
+# try. If compared to "vanilla" linux-ia32-icc target, i.e. considered
+# to be *the* best Intel C compiler without -KPIC, performance appears
+# to be virtually identical... But try to re-configure with shared
+# library support... Aha! Intel compiler "suddenly" lags behind by 30%
+# [on P4, more on others]:-) And if compared to position-independent
+# code generated by GNU C, this code performs *more* than *twice* as
+# fast! Yes, all this buzz about PIC means that unlike other hand-
+# coded implementations, this one was explicitly designed to be safe
+# to use even in shared library context... This also means that this
+# code isn't necessarily absolutely fastest "ever," because in order
+# to achieve position independence an extra register has to be
+# off-loaded to stack, which affects the benchmark result.
+#
+# Special note about instruction choice. Do you recall RC4_INT code
+# performing poorly on P4? It might be the time to figure out why.
+# RC4_INT code implies effective address calculations in base+offset*4
+# form. Trouble is that it seems that offset scaling turned to be
+# critical path... At least eliminating scaling resulted in 2.8x RC4
+# performance improvement [as you might recall]. As AES code is hungry
+# for scaling too, I [try to] avoid the latter by favoring off-by-2
+# shifts and masking the result with 0xFF<<2 instead of "boring" 0xFF.
+#
+# As was shown by Dean Gaudet <dean@arctic.org>, the above note turned
+# void. Performance improvement with off-by-2 shifts was observed on
+# intermediate implementation, which was spilling yet another register
+# to stack... Final offset*4 code below runs just a tad faster on P4,
+# but exhibits up to 10% improvement on other cores.
+#
+# Second version is "monolithic" replacement for aes_core.c, which in
+# addition to AES_[de|en]crypt implements AES_set_[de|en]cryption_key.
+# This made it possible to implement little-endian variant of the
+# algorithm without modifying the base C code. Motivating factor for
+# the undertaken effort was that it appeared that in tight IA-32
+# register window little-endian flavor could achieve slightly higher
+# Instruction Level Parallelism, and it indeed resulted in up to 15%
+# better performance on most recent µ-archs...
+#
+# Current ECB performance numbers for 128-bit key in cycles per byte
+# [measure commonly used by AES benchmarkers] are:
+#
+#               small footprint         fully unrolled
+# P4[-3]        23[24]                  22[23]
+# AMD K8        19                      18
+# PIII          26(*)                   23
+# Pentium       63(*)                   52
+#
+# (*)   Performance difference between small footprint code and fully
+#       unrolled in more commonly used CBC mode is not as big, 7% for
+#       PIII and 15% for Pentium, which I consider tolerable.
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"aes-586.pl",$ARGV[$#ARGV] eq "386");
+
+$small_footprint=1;     # $small_footprint=1 code is ~5% slower [on
+                        # recent µ-archs], but ~5 times smaller!
+                        # I favor compact code, because it minimizes
+                        # cache contention...
+$vertical_spin=0;       # shift "verticaly" defaults to 0, because of
+                        # its proof-of-concept status, see below...
+
+$s0="eax";
+$s1="ebx";
+$s2="ecx";
+$s3="edx";
+$key="esi";
+$acc="edi";
+
+if ($vertical_spin) {
+        # I need high parts of volatile registers to be accessible...
+        $s1="esi";      $key="ebx";
+        $s2="edi";      $acc="ecx";
+}
+# Note that there is no decvert(), as well as last encryption round is
+# performed with "horizontal" shifts. This is because this "vertical"
+# implementation [one which groups shifts on a given $s[i] to form a
+# "column," unlike "horizontal" one, which groups shifts on different
+# $s[i] to form a "row"] is work in progress. It was observed to run
+# few percents faster on Intel cores, but not AMD. On AMD K8 core it's
+# whole 12% slower:-( So we face a trade-off... Shall it be resolved
+# some day? Till then the code is considered experimental and by
+# default remains dormant...
+
+sub encvert()
+{ my ($te,@s) = @_;
+  my $v0 = $acc, $v1 = $key;
+
+        &mov    ($v0,$s[3]);                            # copy s3
+        &mov    (&DWP(0,"esp"),$s[2]);                  # save s2
+        &mov    ($v1,$s[0]);                            # copy s0
+        &mov    (&DWP(4,"esp"),$s[1]);                  # save s1
+
+        &movz   ($s[2],&HB($s[0]));
+        &and    ($s[0],0xFF);
+        &mov    ($s[0],&DWP(1024*0,$te,$s[0],4));       # s0>>0
+        &shr    ($v1,16);
+        &mov    ($s[3],&DWP(1024*1,$te,$s[2],4));       # s0>>8
+        &movz   ($s[1],&HB($v1));
+        &and    ($v1,0xFF);
+        &mov    ($s[2],&DWP(1024*2,$te,$v1,4));         # s0>>16
+         &mov   ($v1,$v0);
+        &mov    ($s[1],&DWP(1024*3,$te,$s[1],4));       # s0>>24
+
+        &and    ($v0,0xFF);
+        &xor    ($s[3],&DWP(1024*0,$te,$v0,4));         # s3>>0
+        &movz   ($v0,&HB($v1));
+        &shr    ($v1,16);
+        &xor    ($s[2],&DWP(1024*1,$te,$v0,4));         # s3>>8
+        &movz   ($v0,&HB($v1));
+        &and    ($v1,0xFF);
+        &xor    ($s[1],&DWP(1024*2,$te,$v1,4));         # s3>>16
+         &mov   ($v1,&DWP(0,"esp"));                    # restore s2
+        &xor    ($s[0],&DWP(1024*3,$te,$v0,4));         # s3>>24
+
+        &mov    ($v0,$v1);
+        &and    ($v1,0xFF);
+        &xor    ($s[2],&DWP(1024*0,$te,$v1,4));         # s2>>0
+        &movz   ($v1,&HB($v0));
+        &shr    ($v0,16);
+        &xor    ($s[1],&DWP(1024*1,$te,$v1,4));         # s2>>8
+        &movz   ($v1,&HB($v0));
+        &and    ($v0,0xFF);
+        &xor    ($s[0],&DWP(1024*2,$te,$v0,4));         # s2>>16
+         &mov   ($v0,&DWP(4,"esp"));                    # restore s1
+        &xor    ($s[3],&DWP(1024*3,$te,$v1,4));         # s2>>24
+
+        &mov    ($v1,$v0);
+        &and    ($v0,0xFF);
+        &xor    ($s[1],&DWP(1024*0,$te,$v0,4));         # s1>>0
+        &movz   ($v0,&HB($v1));
+        &shr    ($v1,16);
+        &xor    ($s[0],&DWP(1024*1,$te,$v0,4));         # s1>>8
+        &movz   ($v0,&HB($v1));
+        &and    ($v1,0xFF);
+        &xor    ($s[3],&DWP(1024*2,$te,$v1,4));         # s1>>16
+         &mov   ($key,&DWP(12,"esp"));                  # reincarnate v1 as key
+        &xor    ($s[2],&DWP(1024*3,$te,$v0,4));         # s1>>24
+}
+
+sub encstep()
+{ my ($i,$te,@s) = @_;
+  my $tmp = $key;
+  my $out = $i==3?$s[0]:$acc;
+
+        # lines marked with #%e?x[i] denote "reordered" instructions...
+        if ($i==3)  {   &mov    ($key,&DWP(12,"esp"));          }##%edx
+        else        {   &mov    ($out,$s[0]);
+                        &and    ($out,0xFF);                    }
+        if ($i==1)  {   &shr    ($s[0],16);                     }#%ebx[1]
+        if ($i==2)  {   &shr    ($s[0],24);                     }#%ecx[2]
+                        &mov    ($out,&DWP(1024*0,$te,$out,4));
+
+        if ($i==3)  {   $tmp=$s[1];                             }##%eax
+                        &movz   ($tmp,&HB($s[1]));
+                        &xor    ($out,&DWP(1024*1,$te,$tmp,4));
+
+        if ($i==3)  {   $tmp=$s[2]; &mov ($s[1],&DWP(0,"esp")); }##%ebx
+        else        {   &mov    ($tmp,$s[2]);
+                        &shr    ($tmp,16);                      }
+        if ($i==2)  {   &and    ($s[1],0xFF);                   }#%edx[2]
+                        &and    ($tmp,0xFF);
+                        &xor    ($out,&DWP(1024*2,$te,$tmp,4));
+
+        if ($i==3)  {   $tmp=$s[3]; &mov ($s[2],&DWP(4,"esp")); }##%ecx
+        elsif($i==2){   &movz   ($tmp,&HB($s[3]));              }#%ebx[2]
+        else        {   &mov    ($tmp,$s[3]); 
+                        &shr    ($tmp,24)                       }
+                        &xor    ($out,&DWP(1024*3,$te,$tmp,4));
+        if ($i<2)   {   &mov    (&DWP(4*$i,"esp"),$out);        }
+        if ($i==3)  {   &mov    ($s[3],$acc);                   }
+                        &comment();
+}
+
+sub enclast()
+{ my ($i,$te,@s)=@_;
+  my $tmp = $key;
+  my $out = $i==3?$s[0]:$acc;
+
+        if ($i==3)  {   &mov    ($key,&DWP(12,"esp"));          }##%edx
+        else        {   &mov    ($out,$s[0]);                   }
+                        &and    ($out,0xFF);
+        if ($i==1)  {   &shr    ($s[0],16);                     }#%ebx[1]
+        if ($i==2)  {   &shr    ($s[0],24);                     }#%ecx[2]
+                        &mov    ($out,&DWP(1024*0,$te,$out,4));
+                        &and    ($out,0x000000ff);
+
+        if ($i==3)  {   $tmp=$s[1];                             }##%eax
+                        &movz   ($tmp,&HB($s[1]));
+                        &mov    ($tmp,&DWP(0,$te,$tmp,4));
+                        &and    ($tmp,0x0000ff00);
+                        &xor    ($out,$tmp);
+
+        if ($i==3)  {   $tmp=$s[2]; &mov ($s[1],&DWP(0,"esp")); }##%ebx
+        else        {   mov     ($tmp,$s[2]);
+                        &shr    ($tmp,16);                      }
+        if ($i==2)  {   &and    ($s[1],0xFF);                   }#%edx[2]
+                        &and    ($tmp,0xFF);
+                        &mov    ($tmp,&DWP(0,$te,$tmp,4));
+                        &and    ($tmp,0x00ff0000);
+                        &xor    ($out,$tmp);
+
+        if ($i==3)  {   $tmp=$s[3]; &mov ($s[2],&DWP(4,"esp")); }##%ecx
+        elsif($i==2){   &movz   ($tmp,&HB($s[3]));              }#%ebx[2]
+        else        {   &mov    ($tmp,$s[3]);
+                        &shr    ($tmp,24);                      }
+                        &mov    ($tmp,&DWP(0,$te,$tmp,4));
+                        &and    ($tmp,0xff000000);
+                        &xor    ($out,$tmp);
+        if ($i<2)   {   &mov    (&DWP(4*$i,"esp"),$out);        }
+        if ($i==3)  {   &mov    ($s[3],$acc);                   }
+}
+
+# void AES_encrypt (const void *inp,void *out,const AES_KEY *key);
+&public_label("AES_Te");
+&function_begin("AES_encrypt");
+        &mov    ($acc,&wparam(0));              # load inp
+        &mov    ($key,&wparam(2));              # load key
+
+        &call   (&label("pic_point"));          # make it PIC!
+        &set_label("pic_point");
+        &blindpop("ebp");
+        &lea    ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp"));
+
+        # allocate aligned stack frame
+        &mov    ($s0,"esp");
+        &sub    ("esp",20);
+        &and    ("esp",-16);
+
+        &mov    (&DWP(12,"esp"),$key);          # save key
+        &mov    (&DWP(16,"esp"),$s0);           # save %esp
+
+        &mov    ($s0,&DWP(0,$acc));             # load input data
+        &mov    ($s1,&DWP(4,$acc));
+        &mov    ($s2,&DWP(8,$acc));
+        &mov    ($s3,&DWP(12,$acc));
+
+        &xor    ($s0,&DWP(0,$key));
+        &xor    ($s1,&DWP(4,$key));
+        &xor    ($s2,&DWP(8,$key));
+        &xor    ($s3,&DWP(12,$key));
+
+        &mov    ($acc,&DWP(240,$key));          # load key->rounds
+
+        if ($small_footprint) {
+            &lea        ($acc,&DWP(-2,$acc,$acc));
+            &lea        ($acc,&DWP(0,$key,$acc,8));
+            &mov        (&DWP(8,"esp"),$acc);   # end of key schedule
+            &align      (4);
+            &set_label("loop");
+                if ($vertical_spin) {
+                    &encvert("ebp",$s0,$s1,$s2,$s3);
+                } else {
+                    &encstep(0,"ebp",$s0,$s1,$s2,$s3);
+                    &encstep(1,"ebp",$s1,$s2,$s3,$s0);
+                    &encstep(2,"ebp",$s2,$s3,$s0,$s1);
+                    &encstep(3,"ebp",$s3,$s0,$s1,$s2);
+                }
+                &add    ($key,16);                      # advance rd_key
+                &xor    ($s0,&DWP(0,$key));
+                &xor    ($s1,&DWP(4,$key));
+                &xor    ($s2,&DWP(8,$key));
+                &xor    ($s3,&DWP(12,$key));
+            &cmp        ($key,&DWP(8,"esp"));
+            &mov        (&DWP(12,"esp"),$key);
+            &jb         (&label("loop"));
+        }
+        else {
+            &cmp        ($acc,10);
+            &jle        (&label("10rounds"));
+            &cmp        ($acc,12);
+            &jle        (&label("12rounds"));
+
+        &set_label("14rounds");
+            for ($i=1;$i<3;$i++) {
+                if ($vertical_spin) {
+                    &encvert("ebp",$s0,$s1,$s2,$s3);
+                } else {
+                    &encstep(0,"ebp",$s0,$s1,$s2,$s3);
+                    &encstep(1,"ebp",$s1,$s2,$s3,$s0);
+                    &encstep(2,"ebp",$s2,$s3,$s0,$s1);
+                    &encstep(3,"ebp",$s3,$s0,$s1,$s2);
+                }
+                &xor    ($s0,&DWP(16*$i+0,$key));
+                &xor    ($s1,&DWP(16*$i+4,$key));
+                &xor    ($s2,&DWP(16*$i+8,$key));
+                &xor    ($s3,&DWP(16*$i+12,$key));
+            }
+            &add        ($key,32);
+            &mov        (&DWP(12,"esp"),$key);          # advance rd_key
+        &set_label("12rounds");
+            for ($i=1;$i<3;$i++) {
+                if ($vertical_spin) {
+                    &encvert("ebp",$s0,$s1,$s2,$s3);
+                } else {
+                    &encstep(0,"ebp",$s0,$s1,$s2,$s3);
+                    &encstep(1,"ebp",$s1,$s2,$s3,$s0);
+                    &encstep(2,"ebp",$s2,$s3,$s0,$s1);
+                    &encstep(3,"ebp",$s3,$s0,$s1,$s2);
+                }
+                &xor    ($s0,&DWP(16*$i+0,$key));
+                &xor    ($s1,&DWP(16*$i+4,$key));
+                &xor    ($s2,&DWP(16*$i+8,$key));
+                &xor    ($s3,&DWP(16*$i+12,$key));
+            }
+            &add        ($key,32);
+            &mov        (&DWP(12,"esp"),$key);          # advance rd_key
+        &set_label("10rounds");
+            for ($i=1;$i<10;$i++) {
+                if ($vertical_spin) {
+                    &encvert("ebp",$s0,$s1,$s2,$s3);
+                } else {
+                    &encstep(0,"ebp",$s0,$s1,$s2,$s3);
+                    &encstep(1,"ebp",$s1,$s2,$s3,$s0);
+                    &encstep(2,"ebp",$s2,$s3,$s0,$s1);
+                    &encstep(3,"ebp",$s3,$s0,$s1,$s2);
+                }
+                &xor    ($s0,&DWP(16*$i+0,$key));
+                &xor    ($s1,&DWP(16*$i+4,$key));
+                &xor    ($s2,&DWP(16*$i+8,$key));
+                &xor    ($s3,&DWP(16*$i+12,$key));
+            }
+        }
+
+        &add    ("ebp",4*1024);                 # skip to Te4
+        if ($vertical_spin) {
+            # "reincarnate" some registers for "horizontal" spin...
+            &mov        ($s1="ebx",$key="esi");
+            &mov        ($s2="ecx",$acc="edi");
+        }
+        &enclast(0,"ebp",$s0,$s1,$s2,$s3);
+        &enclast(1,"ebp",$s1,$s2,$s3,$s0);
+        &enclast(2,"ebp",$s2,$s3,$s0,$s1);
+        &enclast(3,"ebp",$s3,$s0,$s1,$s2);
+
+        &mov    ("esp",&DWP(16,"esp"));         # restore %esp
+        &add    ($key,$small_footprint?16:160);
+        &xor    ($s0,&DWP(0,$key));
+        &xor    ($s1,&DWP(4,$key));
+        &xor    ($s2,&DWP(8,$key));
+        &xor    ($s3,&DWP(12,$key));
+
+        &mov    ($acc,&wparam(1));              # load out
+        &mov    (&DWP(0,$acc),$s0);             # write output data
+        &mov    (&DWP(4,$acc),$s1);
+        &mov    (&DWP(8,$acc),$s2);
+        &mov    (&DWP(12,$acc),$s3);
+
+        &pop    ("edi");
+        &pop    ("esi");
+        &pop    ("ebx");
+        &pop    ("ebp");
+        &ret    ();
+
+&set_label("AES_Te",64);        # Yes! I keep it in the code segment!
+        &data_word(0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6);
+        &data_word(0x0df2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591);
+        &data_word(0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56);
+        &data_word(0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec);
+        &data_word(0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa);
+        &data_word(0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb);
+        &data_word(0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45);
+        &data_word(0xbf9c9c23, 0xf7a4a453, 0x967272e4, 0x5bc0c09b);
+        &data_word(0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c);
+        &data_word(0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83);
+        &data_word(0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9);
+        &data_word(0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a);
+        &data_word(0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d);
+        &data_word(0x28181830, 0xa1969637, 0x0f05050a, 0xb59a9a2f);
+        &data_word(0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df);
+        &data_word(0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea);
+        &data_word(0x1b090912, 0x9e83831d, 0x742c2c58, 0x2e1a1a34);
+        &data_word(0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b);
+        &data_word(0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d);
+        &data_word(0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413);
+        &data_word(0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1);
+        &data_word(0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6);
+        &data_word(0xbe6a6ad4, 0x46cbcb8d, 0xd9bebe67, 0x4b393972);
+        &data_word(0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85);
+        &data_word(0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed);
+        &data_word(0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511);
+        &data_word(0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe);
+        &data_word(0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b);
+        &data_word(0xf35151a2, 0xfea3a35d, 0xc0404080, 0x8a8f8f05);
+        &data_word(0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1);
+        &data_word(0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142);
+        &data_word(0x30101020, 0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf);
+        &data_word(0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3);
+        &data_word(0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e);
+        &data_word(0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a);
+        &data_word(0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6);
+        &data_word(0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3);
+        &data_word(0x66222244, 0x7e2a2a54, 0xab90903b, 0x8388880b);
+        &data_word(0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428);
+        &data_word(0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad);
+        &data_word(0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14);
+        &data_word(0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8);
+        &data_word(0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4);
+        &data_word(0xa8919139, 0xa4959531, 0x37e4e4d3, 0x8b7979f2);
+        &data_word(0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda);
+        &data_word(0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949);
+        &data_word(0xb46c6cd8, 0xfa5656ac, 0x07f4f4f3, 0x25eaeacf);
+        &data_word(0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810);
+        &data_word(0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c);
+        &data_word(0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697);
+        &data_word(0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e);
+        &data_word(0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f);
+        &data_word(0x907070e0, 0x423e3e7c, 0xc4b5b571, 0xaa6666cc);
+        &data_word(0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c);
+        &data_word(0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969);
+        &data_word(0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27);
+        &data_word(0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122);
+        &data_word(0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433);
+        &data_word(0xb69b9b2d, 0x221e1e3c, 0x92878715, 0x20e9e9c9);
+        &data_word(0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5);
+        &data_word(0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a);
+        &data_word(0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0);
+        &data_word(0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e);
+        &data_word(0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c);
+#Te1:
+        &data_word(0x6363c6a5, 0x7c7cf884, 0x7777ee99, 0x7b7bf68d);
+        &data_word(0xf2f2ff0d, 0x6b6bd6bd, 0x6f6fdeb1, 0xc5c59154);
+        &data_word(0x30306050, 0x01010203, 0x6767cea9, 0x2b2b567d);
+        &data_word(0xfefee719, 0xd7d7b562, 0xabab4de6, 0x7676ec9a);
+        &data_word(0xcaca8f45, 0x82821f9d, 0xc9c98940, 0x7d7dfa87);
+        &data_word(0xfafaef15, 0x5959b2eb, 0x47478ec9, 0xf0f0fb0b);
+        &data_word(0xadad41ec, 0xd4d4b367, 0xa2a25ffd, 0xafaf45ea);
+        &data_word(0x9c9c23bf, 0xa4a453f7, 0x7272e496, 0xc0c09b5b);
+        &data_word(0xb7b775c2, 0xfdfde11c, 0x93933dae, 0x26264c6a);
+        &data_word(0x36366c5a, 0x3f3f7e41, 0xf7f7f502, 0xcccc834f);
+        &data_word(0x3434685c, 0xa5a551f4, 0xe5e5d134, 0xf1f1f908);
+        &data_word(0x7171e293, 0xd8d8ab73, 0x31316253, 0x15152a3f);
+        &data_word(0x0404080c, 0xc7c79552, 0x23234665, 0xc3c39d5e);
+        &data_word(0x18183028, 0x969637a1, 0x05050a0f, 0x9a9a2fb5);
+        &data_word(0x07070e09, 0x12122436, 0x80801b9b, 0xe2e2df3d);
+        &data_word(0xebebcd26, 0x27274e69, 0xb2b27fcd, 0x7575ea9f);
+        &data_word(0x0909121b, 0x83831d9e, 0x2c2c5874, 0x1a1a342e);
+        &data_word(0x1b1b362d, 0x6e6edcb2, 0x5a5ab4ee, 0xa0a05bfb);
+        &data_word(0x5252a4f6, 0x3b3b764d, 0xd6d6b761, 0xb3b37dce);
+        &data_word(0x2929527b, 0xe3e3dd3e, 0x2f2f5e71, 0x84841397);
+        &data_word(0x5353a6f5, 0xd1d1b968, 0x00000000, 0xededc12c);
+        &data_word(0x20204060, 0xfcfce31f, 0xb1b179c8, 0x5b5bb6ed);
+        &data_word(0x6a6ad4be, 0xcbcb8d46, 0xbebe67d9, 0x3939724b);
+        &data_word(0x4a4a94de, 0x4c4c98d4, 0x5858b0e8, 0xcfcf854a);
+        &data_word(0xd0d0bb6b, 0xefefc52a, 0xaaaa4fe5, 0xfbfbed16);
+        &data_word(0x434386c5, 0x4d4d9ad7, 0x33336655, 0x85851194);
+        &data_word(0x45458acf, 0xf9f9e910, 0x02020406, 0x7f7ffe81);
+        &data_word(0x5050a0f0, 0x3c3c7844, 0x9f9f25ba, 0xa8a84be3);
+        &data_word(0x5151a2f3, 0xa3a35dfe, 0x404080c0, 0x8f8f058a);
+        &data_word(0x92923fad, 0x9d9d21bc, 0x38387048, 0xf5f5f104);
+        &data_word(0xbcbc63df, 0xb6b677c1, 0xdadaaf75, 0x21214263);
+        &data_word(0x10102030, 0xffffe51a, 0xf3f3fd0e, 0xd2d2bf6d);
+        &data_word(0xcdcd814c, 0x0c0c1814, 0x13132635, 0xececc32f);
+        &data_word(0x5f5fbee1, 0x979735a2, 0x444488cc, 0x17172e39);
+        &data_word(0xc4c49357, 0xa7a755f2, 0x7e7efc82, 0x3d3d7a47);
+        &data_word(0x6464c8ac, 0x5d5dbae7, 0x1919322b, 0x7373e695);
+        &data_word(0x6060c0a0, 0x81811998, 0x4f4f9ed1, 0xdcdca37f);
+        &data_word(0x22224466, 0x2a2a547e, 0x90903bab, 0x88880b83);
+        &data_word(0x46468cca, 0xeeeec729, 0xb8b86bd3, 0x1414283c);
+        &data_word(0xdedea779, 0x5e5ebce2, 0x0b0b161d, 0xdbdbad76);
+        &data_word(0xe0e0db3b, 0x32326456, 0x3a3a744e, 0x0a0a141e);
+        &data_word(0x494992db, 0x06060c0a, 0x2424486c, 0x5c5cb8e4);
+        &data_word(0xc2c29f5d, 0xd3d3bd6e, 0xacac43ef, 0x6262c4a6);
+        &data_word(0x919139a8, 0x959531a4, 0xe4e4d337, 0x7979f28b);
+        &data_word(0xe7e7d532, 0xc8c88b43, 0x37376e59, 0x6d6ddab7);
+        &data_word(0x8d8d018c, 0xd5d5b164, 0x4e4e9cd2, 0xa9a949e0);
+        &data_word(0x6c6cd8b4, 0x5656acfa, 0xf4f4f307, 0xeaeacf25);
+        &data_word(0x6565caaf, 0x7a7af48e, 0xaeae47e9, 0x08081018);
+        &data_word(0xbaba6fd5, 0x7878f088, 0x25254a6f, 0x2e2e5c72);
+        &data_word(0x1c1c3824, 0xa6a657f1, 0xb4b473c7, 0xc6c69751);
+        &data_word(0xe8e8cb23, 0xdddda17c, 0x7474e89c, 0x1f1f3e21);
+        &data_word(0x4b4b96dd, 0xbdbd61dc, 0x8b8b0d86, 0x8a8a0f85);
+        &data_word(0x7070e090, 0x3e3e7c42, 0xb5b571c4, 0x6666ccaa);
+        &data_word(0x484890d8, 0x03030605, 0xf6f6f701, 0x0e0e1c12);
+        &data_word(0x6161c2a3, 0x35356a5f, 0x5757aef9, 0xb9b969d0);
+        &data_word(0x86861791, 0xc1c19958, 0x1d1d3a27, 0x9e9e27b9);
+        &data_word(0xe1e1d938, 0xf8f8eb13, 0x98982bb3, 0x11112233);
+        &data_word(0x6969d2bb, 0xd9d9a970, 0x8e8e0789, 0x949433a7);
+        &data_word(0x9b9b2db6, 0x1e1e3c22, 0x87871592, 0xe9e9c920);
+        &data_word(0xcece8749, 0x5555aaff, 0x28285078, 0xdfdfa57a);
+        &data_word(0x8c8c038f, 0xa1a159f8, 0x89890980, 0x0d0d1a17);
+        &data_word(0xbfbf65da, 0xe6e6d731, 0x424284c6, 0x6868d0b8);
+        &data_word(0x414182c3, 0x999929b0, 0x2d2d5a77, 0x0f0f1e11);
+        &data_word(0xb0b07bcb, 0x5454a8fc, 0xbbbb6dd6, 0x16162c3a);
+#Te2:
+        &data_word(0x63c6a563, 0x7cf8847c, 0x77ee9977, 0x7bf68d7b);
+        &data_word(0xf2ff0df2, 0x6bd6bd6b, 0x6fdeb16f, 0xc59154c5);
+        &data_word(0x30605030, 0x01020301, 0x67cea967, 0x2b567d2b);
+        &data_word(0xfee719fe, 0xd7b562d7, 0xab4de6ab, 0x76ec9a76);
+        &data_word(0xca8f45ca, 0x821f9d82, 0xc98940c9, 0x7dfa877d);
+        &data_word(0xfaef15fa, 0x59b2eb59, 0x478ec947, 0xf0fb0bf0);
+        &data_word(0xad41ecad, 0xd4b367d4, 0xa25ffda2, 0xaf45eaaf);
+        &data_word(0x9c23bf9c, 0xa453f7a4, 0x72e49672, 0xc09b5bc0);
+        &data_word(0xb775c2b7, 0xfde11cfd, 0x933dae93, 0x264c6a26);
+        &data_word(0x366c5a36, 0x3f7e413f, 0xf7f502f7, 0xcc834fcc);
+        &data_word(0x34685c34, 0xa551f4a5, 0xe5d134e5, 0xf1f908f1);
+        &data_word(0x71e29371, 0xd8ab73d8, 0x31625331, 0x152a3f15);
+        &data_word(0x04080c04, 0xc79552c7, 0x23466523, 0xc39d5ec3);
+        &data_word(0x18302818, 0x9637a196, 0x050a0f05, 0x9a2fb59a);
+        &data_word(0x070e0907, 0x12243612, 0x801b9b80, 0xe2df3de2);
+        &data_word(0xebcd26eb, 0x274e6927, 0xb27fcdb2, 0x75ea9f75);
+        &data_word(0x09121b09, 0x831d9e83, 0x2c58742c, 0x1a342e1a);
+        &data_word(0x1b362d1b, 0x6edcb26e, 0x5ab4ee5a, 0xa05bfba0);
+        &data_word(0x52a4f652, 0x3b764d3b, 0xd6b761d6, 0xb37dceb3);
+        &data_word(0x29527b29, 0xe3dd3ee3, 0x2f5e712f, 0x84139784);
+        &data_word(0x53a6f553, 0xd1b968d1, 0x00000000, 0xedc12ced);
+        &data_word(0x20406020, 0xfce31ffc, 0xb179c8b1, 0x5bb6ed5b);
+        &data_word(0x6ad4be6a, 0xcb8d46cb, 0xbe67d9be, 0x39724b39);
+        &data_word(0x4a94de4a, 0x4c98d44c, 0x58b0e858, 0xcf854acf);
+        &data_word(0xd0bb6bd0, 0xefc52aef, 0xaa4fe5aa, 0xfbed16fb);
+        &data_word(0x4386c543, 0x4d9ad74d, 0x33665533, 0x85119485);
+        &data_word(0x458acf45, 0xf9e910f9, 0x02040602, 0x7ffe817f);
+        &data_word(0x50a0f050, 0x3c78443c, 0x9f25ba9f, 0xa84be3a8);
+        &data_word(0x51a2f351, 0xa35dfea3, 0x4080c040, 0x8f058a8f);
+        &data_word(0x923fad92, 0x9d21bc9d, 0x38704838, 0xf5f104f5);
+        &data_word(0xbc63dfbc, 0xb677c1b6, 0xdaaf75da, 0x21426321);
+        &data_word(0x10203010, 0xffe51aff, 0xf3fd0ef3, 0xd2bf6dd2);
+        &data_word(0xcd814ccd, 0x0c18140c, 0x13263513, 0xecc32fec);
+        &data_word(0x5fbee15f, 0x9735a297, 0x4488cc44, 0x172e3917);
+        &data_word(0xc49357c4, 0xa755f2a7, 0x7efc827e, 0x3d7a473d);
+        &data_word(0x64c8ac64, 0x5dbae75d, 0x19322b19, 0x73e69573);
+        &data_word(0x60c0a060, 0x81199881, 0x4f9ed14f, 0xdca37fdc);
+        &data_word(0x22446622, 0x2a547e2a, 0x903bab90, 0x880b8388);
+        &data_word(0x468cca46, 0xeec729ee, 0xb86bd3b8, 0x14283c14);
+        &data_word(0xdea779de, 0x5ebce25e, 0x0b161d0b, 0xdbad76db);
+        &data_word(0xe0db3be0, 0x32645632, 0x3a744e3a, 0x0a141e0a);
+        &data_word(0x4992db49, 0x060c0a06, 0x24486c24, 0x5cb8e45c);
+        &data_word(0xc29f5dc2, 0xd3bd6ed3, 0xac43efac, 0x62c4a662);
+        &data_word(0x9139a891, 0x9531a495, 0xe4d337e4, 0x79f28b79);
+        &data_word(0xe7d532e7, 0xc88b43c8, 0x376e5937, 0x6ddab76d);
+        &data_word(0x8d018c8d, 0xd5b164d5, 0x4e9cd24e, 0xa949e0a9);
+        &data_word(0x6cd8b46c, 0x56acfa56, 0xf4f307f4, 0xeacf25ea);
+        &data_word(0x65caaf65, 0x7af48e7a, 0xae47e9ae, 0x08101808);
+        &data_word(0xba6fd5ba, 0x78f08878, 0x254a6f25, 0x2e5c722e);
+        &data_word(0x1c38241c, 0xa657f1a6, 0xb473c7b4, 0xc69751c6);
+        &data_word(0xe8cb23e8, 0xdda17cdd, 0x74e89c74, 0x1f3e211f);
+        &data_word(0x4b96dd4b, 0xbd61dcbd, 0x8b0d868b, 0x8a0f858a);
+        &data_word(0x70e09070, 0x3e7c423e, 0xb571c4b5, 0x66ccaa66);
+        &data_word(0x4890d848, 0x03060503, 0xf6f701f6, 0x0e1c120e);
+        &data_word(0x61c2a361, 0x356a5f35, 0x57aef957, 0xb969d0b9);
+        &data_word(0x86179186, 0xc19958c1, 0x1d3a271d, 0x9e27b99e);
+        &data_word(0xe1d938e1, 0xf8eb13f8, 0x982bb398, 0x11223311);
+        &data_word(0x69d2bb69, 0xd9a970d9, 0x8e07898e, 0x9433a794);
+        &data_word(0x9b2db69b, 0x1e3c221e, 0x87159287, 0xe9c920e9);
+        &data_word(0xce8749ce, 0x55aaff55, 0x28507828, 0xdfa57adf);
+        &data_word(0x8c038f8c, 0xa159f8a1, 0x89098089, 0x0d1a170d);
+        &data_word(0xbf65dabf, 0xe6d731e6, 0x4284c642, 0x68d0b868);
+        &data_word(0x4182c341, 0x9929b099, 0x2d5a772d, 0x0f1e110f);
+        &data_word(0xb07bcbb0, 0x54a8fc54, 0xbb6dd6bb, 0x162c3a16);
+#Te3:
+        &data_word(0xc6a56363, 0xf8847c7c, 0xee997777, 0xf68d7b7b);
+        &data_word(0xff0df2f2, 0xd6bd6b6b, 0xdeb16f6f, 0x9154c5c5);
+        &data_word(0x60503030, 0x02030101, 0xcea96767, 0x567d2b2b);
+        &data_word(0xe719fefe, 0xb562d7d7, 0x4de6abab, 0xec9a7676);
+        &data_word(0x8f45caca, 0x1f9d8282, 0x8940c9c9, 0xfa877d7d);
+        &data_word(0xef15fafa, 0xb2eb5959, 0x8ec94747, 0xfb0bf0f0);
+        &data_word(0x41ecadad, 0xb367d4d4, 0x5ffda2a2, 0x45eaafaf);
+        &data_word(0x23bf9c9c, 0x53f7a4a4, 0xe4967272, 0x9b5bc0c0);
+        &data_word(0x75c2b7b7, 0xe11cfdfd, 0x3dae9393, 0x4c6a2626);
+        &data_word(0x6c5a3636, 0x7e413f3f, 0xf502f7f7, 0x834fcccc);
+        &data_word(0x685c3434, 0x51f4a5a5, 0xd134e5e5, 0xf908f1f1);
+        &data_word(0xe2937171, 0xab73d8d8, 0x62533131, 0x2a3f1515);
+        &data_word(0x080c0404, 0x9552c7c7, 0x46652323, 0x9d5ec3c3);
+        &data_word(0x30281818, 0x37a19696, 0x0a0f0505, 0x2fb59a9a);
+        &data_word(0x0e090707, 0x24361212, 0x1b9b8080, 0xdf3de2e2);
+        &data_word(0xcd26ebeb, 0x4e692727, 0x7fcdb2b2, 0xea9f7575);
+        &data_word(0x121b0909, 0x1d9e8383, 0x58742c2c, 0x342e1a1a);
+        &data_word(0x362d1b1b, 0xdcb26e6e, 0xb4ee5a5a, 0x5bfba0a0);
+        &data_word(0xa4f65252, 0x764d3b3b, 0xb761d6d6, 0x7dceb3b3);
+        &data_word(0x527b2929, 0xdd3ee3e3, 0x5e712f2f, 0x13978484);
+        &data_word(0xa6f55353, 0xb968d1d1, 0x00000000, 0xc12ceded);
+        &data_word(0x40602020, 0xe31ffcfc, 0x79c8b1b1, 0xb6ed5b5b);
+        &data_word(0xd4be6a6a, 0x8d46cbcb, 0x67d9bebe, 0x724b3939);
+        &data_word(0x94de4a4a, 0x98d44c4c, 0xb0e85858, 0x854acfcf);
+        &data_word(0xbb6bd0d0, 0xc52aefef, 0x4fe5aaaa, 0xed16fbfb);
+        &data_word(0x86c54343, 0x9ad74d4d, 0x66553333, 0x11948585);
+        &data_word(0x8acf4545, 0xe910f9f9, 0x04060202, 0xfe817f7f);
+        &data_word(0xa0f05050, 0x78443c3c, 0x25ba9f9f, 0x4be3a8a8);
+        &data_word(0xa2f35151, 0x5dfea3a3, 0x80c04040, 0x058a8f8f);
+        &data_word(0x3fad9292, 0x21bc9d9d, 0x70483838, 0xf104f5f5);
+        &data_word(0x63dfbcbc, 0x77c1b6b6, 0xaf75dada, 0x42632121);
+        &data_word(0x20301010, 0xe51affff, 0xfd0ef3f3, 0xbf6dd2d2);
+        &data_word(0x814ccdcd, 0x18140c0c, 0x26351313, 0xc32fecec);
+        &data_word(0xbee15f5f, 0x35a29797, 0x88cc4444, 0x2e391717);
+        &data_word(0x9357c4c4, 0x55f2a7a7, 0xfc827e7e, 0x7a473d3d);
+        &data_word(0xc8ac6464, 0xbae75d5d, 0x322b1919, 0xe6957373);
+        &data_word(0xc0a06060, 0x19988181, 0x9ed14f4f, 0xa37fdcdc);
+        &data_word(0x44662222, 0x547e2a2a, 0x3bab9090, 0x0b838888);
+        &data_word(0x8cca4646, 0xc729eeee, 0x6bd3b8b8, 0x283c1414);
+        &data_word(0xa779dede, 0xbce25e5e, 0x161d0b0b, 0xad76dbdb);
+        &data_word(0xdb3be0e0, 0x64563232, 0x744e3a3a, 0x141e0a0a);
+        &data_word(0x92db4949, 0x0c0a0606, 0x486c2424, 0xb8e45c5c);
+        &data_word(0x9f5dc2c2, 0xbd6ed3d3, 0x43efacac, 0xc4a66262);
+        &data_word(0x39a89191, 0x31a49595, 0xd337e4e4, 0xf28b7979);
+        &data_word(0xd532e7e7, 0x8b43c8c8, 0x6e593737, 0xdab76d6d);
+        &data_word(0x018c8d8d, 0xb164d5d5, 0x9cd24e4e, 0x49e0a9a9);
+        &data_word(0xd8b46c6c, 0xacfa5656, 0xf307f4f4, 0xcf25eaea);
+        &data_word(0xcaaf6565, 0xf48e7a7a, 0x47e9aeae, 0x10180808);
+        &data_word(0x6fd5baba, 0xf0887878, 0x4a6f2525, 0x5c722e2e);
+        &data_word(0x38241c1c, 0x57f1a6a6, 0x73c7b4b4, 0x9751c6c6);
+        &data_word(0xcb23e8e8, 0xa17cdddd, 0xe89c7474, 0x3e211f1f);
+        &data_word(0x96dd4b4b, 0x61dcbdbd, 0x0d868b8b, 0x0f858a8a);
+        &data_word(0xe0907070, 0x7c423e3e, 0x71c4b5b5, 0xccaa6666);
+        &data_word(0x90d84848, 0x06050303, 0xf701f6f6, 0x1c120e0e);
+        &data_word(0xc2a36161, 0x6a5f3535, 0xaef95757, 0x69d0b9b9);
+        &data_word(0x17918686, 0x9958c1c1, 0x3a271d1d, 0x27b99e9e);
+        &data_word(0xd938e1e1, 0xeb13f8f8, 0x2bb39898, 0x22331111);
+        &data_word(0xd2bb6969, 0xa970d9d9, 0x07898e8e, 0x33a79494);
+        &data_word(0x2db69b9b, 0x3c221e1e, 0x15928787, 0xc920e9e9);
+        &data_word(0x8749cece, 0xaaff5555, 0x50782828, 0xa57adfdf);
+        &data_word(0x038f8c8c, 0x59f8a1a1, 0x09808989, 0x1a170d0d);
+        &data_word(0x65dabfbf, 0xd731e6e6, 0x84c64242, 0xd0b86868);
+        &data_word(0x82c34141, 0x29b09999, 0x5a772d2d, 0x1e110f0f);
+        &data_word(0x7bcbb0b0, 0xa8fc5454, 0x6dd6bbbb, 0x2c3a1616);
+#Te4:
+        &data_word(0x63636363, 0x7c7c7c7c, 0x77777777, 0x7b7b7b7b);
+        &data_word(0xf2f2f2f2, 0x6b6b6b6b, 0x6f6f6f6f, 0xc5c5c5c5);
+        &data_word(0x30303030, 0x01010101, 0x67676767, 0x2b2b2b2b);
+        &data_word(0xfefefefe, 0xd7d7d7d7, 0xabababab, 0x76767676);
+        &data_word(0xcacacaca, 0x82828282, 0xc9c9c9c9, 0x7d7d7d7d);
+        &data_word(0xfafafafa, 0x59595959, 0x47474747, 0xf0f0f0f0);
+        &data_word(0xadadadad, 0xd4d4d4d4, 0xa2a2a2a2, 0xafafafaf);
+        &data_word(0x9c9c9c9c, 0xa4a4a4a4, 0x72727272, 0xc0c0c0c0);
+        &data_word(0xb7b7b7b7, 0xfdfdfdfd, 0x93939393, 0x26262626);
+        &data_word(0x36363636, 0x3f3f3f3f, 0xf7f7f7f7, 0xcccccccc);
+        &data_word(0x34343434, 0xa5a5a5a5, 0xe5e5e5e5, 0xf1f1f1f1);
+        &data_word(0x71717171, 0xd8d8d8d8, 0x31313131, 0x15151515);
+        &data_word(0x04040404, 0xc7c7c7c7, 0x23232323, 0xc3c3c3c3);
+        &data_word(0x18181818, 0x96969696, 0x05050505, 0x9a9a9a9a);
+        &data_word(0x07070707, 0x12121212, 0x80808080, 0xe2e2e2e2);
+        &data_word(0xebebebeb, 0x27272727, 0xb2b2b2b2, 0x75757575);
+        &data_word(0x09090909, 0x83838383, 0x2c2c2c2c, 0x1a1a1a1a);
+        &data_word(0x1b1b1b1b, 0x6e6e6e6e, 0x5a5a5a5a, 0xa0a0a0a0);
+        &data_word(0x52525252, 0x3b3b3b3b, 0xd6d6d6d6, 0xb3b3b3b3);
+        &data_word(0x29292929, 0xe3e3e3e3, 0x2f2f2f2f, 0x84848484);
+        &data_word(0x53535353, 0xd1d1d1d1, 0x00000000, 0xedededed);
+        &data_word(0x20202020, 0xfcfcfcfc, 0xb1b1b1b1, 0x5b5b5b5b);
+        &data_word(0x6a6a6a6a, 0xcbcbcbcb, 0xbebebebe, 0x39393939);
+        &data_word(0x4a4a4a4a, 0x4c4c4c4c, 0x58585858, 0xcfcfcfcf);
+        &data_word(0xd0d0d0d0, 0xefefefef, 0xaaaaaaaa, 0xfbfbfbfb);
+        &data_word(0x43434343, 0x4d4d4d4d, 0x33333333, 0x85858585);
+        &data_word(0x45454545, 0xf9f9f9f9, 0x02020202, 0x7f7f7f7f);
+        &data_word(0x50505050, 0x3c3c3c3c, 0x9f9f9f9f, 0xa8a8a8a8);
+        &data_word(0x51515151, 0xa3a3a3a3, 0x40404040, 0x8f8f8f8f);
+        &data_word(0x92929292, 0x9d9d9d9d, 0x38383838, 0xf5f5f5f5);
+        &data_word(0xbcbcbcbc, 0xb6b6b6b6, 0xdadadada, 0x21212121);
+        &data_word(0x10101010, 0xffffffff, 0xf3f3f3f3, 0xd2d2d2d2);
+        &data_word(0xcdcdcdcd, 0x0c0c0c0c, 0x13131313, 0xecececec);
+        &data_word(0x5f5f5f5f, 0x97979797, 0x44444444, 0x17171717);
+        &data_word(0xc4c4c4c4, 0xa7a7a7a7, 0x7e7e7e7e, 0x3d3d3d3d);
+        &data_word(0x64646464, 0x5d5d5d5d, 0x19191919, 0x73737373);
+        &data_word(0x60606060, 0x81818181, 0x4f4f4f4f, 0xdcdcdcdc);
+        &data_word(0x22222222, 0x2a2a2a2a, 0x90909090, 0x88888888);
+        &data_word(0x46464646, 0xeeeeeeee, 0xb8b8b8b8, 0x14141414);
+        &data_word(0xdededede, 0x5e5e5e5e, 0x0b0b0b0b, 0xdbdbdbdb);
+        &data_word(0xe0e0e0e0, 0x32323232, 0x3a3a3a3a, 0x0a0a0a0a);
+        &data_word(0x49494949, 0x06060606, 0x24242424, 0x5c5c5c5c);
+        &data_word(0xc2c2c2c2, 0xd3d3d3d3, 0xacacacac, 0x62626262);
+        &data_word(0x91919191, 0x95959595, 0xe4e4e4e4, 0x79797979);
+        &data_word(0xe7e7e7e7, 0xc8c8c8c8, 0x37373737, 0x6d6d6d6d);
+        &data_word(0x8d8d8d8d, 0xd5d5d5d5, 0x4e4e4e4e, 0xa9a9a9a9);
+        &data_word(0x6c6c6c6c, 0x56565656, 0xf4f4f4f4, 0xeaeaeaea);
+        &data_word(0x65656565, 0x7a7a7a7a, 0xaeaeaeae, 0x08080808);
+        &data_word(0xbabababa, 0x78787878, 0x25252525, 0x2e2e2e2e);
+        &data_word(0x1c1c1c1c, 0xa6a6a6a6, 0xb4b4b4b4, 0xc6c6c6c6);
+        &data_word(0xe8e8e8e8, 0xdddddddd, 0x74747474, 0x1f1f1f1f);
+        &data_word(0x4b4b4b4b, 0xbdbdbdbd, 0x8b8b8b8b, 0x8a8a8a8a);
+        &data_word(0x70707070, 0x3e3e3e3e, 0xb5b5b5b5, 0x66666666);
+        &data_word(0x48484848, 0x03030303, 0xf6f6f6f6, 0x0e0e0e0e);
+        &data_word(0x61616161, 0x35353535, 0x57575757, 0xb9b9b9b9);
+        &data_word(0x86868686, 0xc1c1c1c1, 0x1d1d1d1d, 0x9e9e9e9e);
+        &data_word(0xe1e1e1e1, 0xf8f8f8f8, 0x98989898, 0x11111111);
+        &data_word(0x69696969, 0xd9d9d9d9, 0x8e8e8e8e, 0x94949494);
+        &data_word(0x9b9b9b9b, 0x1e1e1e1e, 0x87878787, 0xe9e9e9e9);
+        &data_word(0xcececece, 0x55555555, 0x28282828, 0xdfdfdfdf);
+        &data_word(0x8c8c8c8c, 0xa1a1a1a1, 0x89898989, 0x0d0d0d0d);
+        &data_word(0xbfbfbfbf, 0xe6e6e6e6, 0x42424242, 0x68686868);
+        &data_word(0x41414141, 0x99999999, 0x2d2d2d2d, 0x0f0f0f0f);
+        &data_word(0xb0b0b0b0, 0x54545454, 0xbbbbbbbb, 0x16161616);
+#rcon:
+        &data_word(0x00000001, 0x00000002, 0x00000004, 0x00000008);
+        &data_word(0x00000010, 0x00000020, 0x00000040, 0x00000080);
+        &data_word(0x0000001b, 0x00000036);
+&function_end_B("AES_encrypt");
+
+#------------------------------------------------------------------#
+
+$s0="eax";
+$s1="ebx";
+$s2="ecx";
+$s3="edx";
+$key="edi";
+$acc="esi";
+
+sub decstep()
+{ my ($i,$td,@s) = @_;
+  my $tmp = $key;
+  my $out = $i==3?$s[0]:$acc;
+
+        # no instructions are reordered, as performance appears
+        # optimal... or rather that all attempts to reorder didn't
+        # result in better performance [which by the way is not a
+        # bit lower than ecryption].
+        if($i==3)   {   &mov    ($key,&DWP(12,"esp"));          }
+        else        {   &mov    ($out,$s[0]);                   }
+                        &and    ($out,0xFF);
+                        &mov    ($out,&DWP(1024*0,$td,$out,4));
+
+        if ($i==3)  {   $tmp=$s[1];                             }
+                        &movz   ($tmp,&HB($s[1]));
+                        &xor    ($out,&DWP(1024*1,$td,$tmp,4));
+
+        if ($i==3)  {   $tmp=$s[2]; &mov ($s[1],$acc);          }
+        else        {   &mov    ($tmp,$s[2]);                   }
+                        &shr    ($tmp,16);
+                        &and    ($tmp,0xFF);
+                        &xor    ($out,&DWP(1024*2,$td,$tmp,4));
+
+        if ($i==3)  {   $tmp=$s[3]; &mov ($s[2],&DWP(4,"esp")); }
+        else        {   &mov    ($tmp,$s[3]);                   }
+                        &shr    ($tmp,24);
+                        &xor    ($out,&DWP(1024*3,$td,$tmp,4));
+        if ($i<2)   {   &mov    (&DWP(4*$i,"esp"),$out);        }
+        if ($i==3)  {   &mov    ($s[3],&DWP(0,"esp"));          }
+                        &comment();
+}
+
+sub declast()
+{ my ($i,$td,@s)=@_;
+  my $tmp = $key;
+  my $out = $i==3?$s[0]:$acc;
+
+        if($i==3)   {   &mov    ($key,&DWP(12,"esp"));          }
+        else        {   &mov    ($out,$s[0]);                   }
+                        &and    ($out,0xFF);
+                        &mov    ($out,&DWP(0,$td,$out,4));
+                        &and    ($out,0x000000ff);
+
+        if ($i==3)  {   $tmp=$s[1];                             }
+                        &movz   ($tmp,&HB($s[1]));
+                        &mov    ($tmp,&DWP(0,$td,$tmp,4));
+                        &and    ($tmp,0x0000ff00);
+                        &xor    ($out,$tmp);
+
+        if ($i==3)  {   $tmp=$s[2]; &mov ($s[1],$acc);          }
+        else        {   mov     ($tmp,$s[2]);                   }
+                        &shr    ($tmp,16);
+                        &and    ($tmp,0xFF);
+                        &mov    ($tmp,&DWP(0,$td,$tmp,4));
+                        &and    ($tmp,0x00ff0000);
+                        &xor    ($out,$tmp);
+
+        if ($i==3)  {   $tmp=$s[3]; &mov ($s[2],&DWP(4,"esp")); }
+        else        {   &mov    ($tmp,$s[3]);                   }
+                        &shr    ($tmp,24);
+                        &mov    ($tmp,&DWP(0,$td,$tmp,4));
+                        &and    ($tmp,0xff000000);
+                        &xor    ($out,$tmp);
+        if ($i<2)   {   &mov    (&DWP(4*$i,"esp"),$out);        }
+        if ($i==3)  {   &mov    ($s[3],&DWP(0,"esp"));          }
+}
+
+# void AES_decrypt (const void *inp,void *out,const AES_KEY *key);
+&public_label("AES_Td");
+&function_begin("AES_decrypt");
+        &mov    ($acc,&wparam(0));              # load inp
+        &mov    ($key,&wparam(2));              # load key
+
+        &call   (&label("pic_point"));          # make it PIC!
+        &set_label("pic_point");
+        &blindpop("ebp");
+        &lea    ("ebp",&DWP(&label("AES_Td")."-".&label("pic_point"),"ebp"));
+
+        # allocate aligned stack frame
+        &mov    ($s0,"esp");
+        &sub    ("esp",20);
+        &and    ("esp",-16);
+
+        &mov    (&DWP(12,"esp"),$key);          # save key
+        &mov    (&DWP(16,"esp"),$s0);           # save %esp
+
+        &mov    ($s0,&DWP(0,$acc));             # load input data
+        &mov    ($s1,&DWP(4,$acc));
+        &mov    ($s2,&DWP(8,$acc));
+        &mov    ($s3,&DWP(12,$acc));
+
+        &xor    ($s0,&DWP(0,$key));
+        &xor    ($s1,&DWP(4,$key));
+        &xor    ($s2,&DWP(8,$key));
+        &xor    ($s3,&DWP(12,$key));
+
+        &mov    ($acc,&DWP(240,$key));          # load key->rounds
+
+        if ($small_footprint) {
+            &lea        ($acc,&DWP(-2,$acc,$acc));
+            &lea        ($acc,&DWP(0,$key,$acc,8));
+            &mov        (&DWP(8,"esp"),$acc);   # end of key schedule
+            &align      (4);
+            &set_label("loop");
+                &decstep(0,"ebp",$s0,$s3,$s2,$s1);
+                &decstep(1,"ebp",$s1,$s0,$s3,$s2);
+                &decstep(2,"ebp",$s2,$s1,$s0,$s3);
+                &decstep(3,"ebp",$s3,$s2,$s1,$s0);
+                &add    ($key,16);                      # advance rd_key
+                &xor    ($s0,&DWP(0,$key));
+                &xor    ($s1,&DWP(4,$key));
+                &xor    ($s2,&DWP(8,$key));
+                &xor    ($s3,&DWP(12,$key));
+            &cmp        ($key,&DWP(8,"esp"));
+            &mov        (&DWP(12,"esp"),$key);
+            &jb         (&label("loop"));
+        }
+        else {
+            &cmp        ($acc,10);
+            &jle        (&label("10rounds"));
+            &cmp        ($acc,12);
+            &jle        (&label("12rounds"));
+
+        &set_label("14rounds");
+            for ($i=1;$i<3;$i++) {
+                &decstep(0,"ebp",$s0,$s3,$s2,$s1);
+                &decstep(1,"ebp",$s1,$s0,$s3,$s2);
+                &decstep(2,"ebp",$s2,$s1,$s0,$s3);
+                &decstep(3,"ebp",$s3,$s2,$s1,$s0);
+                &xor    ($s0,&DWP(16*$i+0,$key));
+                &xor    ($s1,&DWP(16*$i+4,$key));
+                &xor    ($s2,&DWP(16*$i+8,$key));
+                &xor    ($s3,&DWP(16*$i+12,$key));
+            }
+            &add        ($key,32);
+            &mov        (&DWP(12,"esp"),$key);          # advance rd_key
+        &set_label("12rounds");
+            for ($i=1;$i<3;$i++) {
+                &decstep(0,"ebp",$s0,$s3,$s2,$s1);
+                &decstep(1,"ebp",$s1,$s0,$s3,$s2);
+                &decstep(2,"ebp",$s2,$s1,$s0,$s3);
+                &decstep(3,"ebp",$s3,$s2,$s1,$s0);
+                &xor    ($s0,&DWP(16*$i+0,$key));
+                &xor    ($s1,&DWP(16*$i+4,$key));
+                &xor    ($s2,&DWP(16*$i+8,$key));
+                &xor    ($s3,&DWP(16*$i+12,$key));
+            }
+            &add        ($key,32);
+            &mov        (&DWP(12,"esp"),$key);          # advance rd_key
+        &set_label("10rounds");
+            for ($i=1;$i<10;$i++) {
+                &decstep(0,"ebp",$s0,$s3,$s2,$s1);
+                &decstep(1,"ebp",$s1,$s0,$s3,$s2);
+                &decstep(2,"ebp",$s2,$s1,$s0,$s3);
+                &decstep(3,"ebp",$s3,$s2,$s1,$s0);
+                &xor    ($s0,&DWP(16*$i+0,$key));
+                &xor    ($s1,&DWP(16*$i+4,$key));
+                &xor    ($s2,&DWP(16*$i+8,$key));
+                &xor    ($s3,&DWP(16*$i+12,$key));
+            }
+        }
+
+        &add    ("ebp",4*1024);                 # skip to Te4
+        &declast(0,"ebp",$s0,$s3,$s2,$s1);
+        &declast(1,"ebp",$s1,$s0,$s3,$s2);
+        &declast(2,"ebp",$s2,$s1,$s0,$s3);
+        &declast(3,"ebp",$s3,$s2,$s1,$s0);
+
+        &mov    ("esp",&DWP(16,"esp"));         # restore %esp
+        &add    ($key,$small_footprint?16:160);
+        &xor    ($s0,&DWP(0,$key));
+        &xor    ($s1,&DWP(4,$key));
+        &xor    ($s2,&DWP(8,$key));
+        &xor    ($s3,&DWP(12,$key));
+
+        &mov    ($key,&wparam(1));              # load out
+        &mov    (&DWP(0,$key),$s0);             # write output data
+        &mov    (&DWP(4,$key),$s1);
+        &mov    (&DWP(8,$key),$s2);
+        &mov    (&DWP(12,$key),$s3);
+
+        &pop    ("edi");
+        &pop    ("esi");
+        &pop    ("ebx");
+        &pop    ("ebp");
+        &ret    ();
+
+&set_label("AES_Td",64);        # Yes! I keep it in the code segment!
+        &data_word(0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a);
+        &data_word(0xcb6bab3b, 0xf1459d1f, 0xab58faac, 0x9303e34b);
+        &data_word(0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5);
+        &data_word(0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5);
+        &data_word(0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d);
+        &data_word(0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b);
+        &data_word(0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295);
+        &data_word(0x2d83bed4, 0xd3217458, 0x2969e049, 0x44c8c98e);
+        &data_word(0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927);
+        &data_word(0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d);
+        &data_word(0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362);
+        &data_word(0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9);
+        &data_word(0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52);
+        &data_word(0x23d373ab, 0xe2024b72, 0x578f1fe3, 0x2aab5566);
+        &data_word(0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3);
+        &data_word(0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed);
+        &data_word(0x2b1ccf8a, 0x92b479a7, 0xf0f207f3, 0xa1e2694e);
+        &data_word(0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4);
+        &data_word(0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4);
+        &data_word(0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd);
+        &data_word(0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d);
+        &data_word(0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060);
+        &data_word(0x24fb9819, 0x97e9bdd6, 0xcc434089, 0x779ed967);
+        &data_word(0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879);
+        &data_word(0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000);
+        &data_word(0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c);
+        &data_word(0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36);
+        &data_word(0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624);
+        &data_word(0xb1670a0c, 0x0fe75793, 0xd296eeb4, 0x9e919b1b);
+        &data_word(0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c);
+        &data_word(0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12);
+        &data_word(0x0b0d090e, 0xadc78bf2, 0xb9a8b62d, 0xc8a91e14);
+        &data_word(0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3);
+        &data_word(0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b);
+        &data_word(0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8);
+        &data_word(0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684);
+        &data_word(0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7);
+        &data_word(0x4b2f9e1d, 0xf330b2dc, 0xec52860d, 0xd0e3c177);
+        &data_word(0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947);
+        &data_word(0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322);
+        &data_word(0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498);
+        &data_word(0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f);
+        &data_word(0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54);
+        &data_word(0xc2138df6, 0xe8b8d890, 0x5ef7392e, 0xf5afc382);
+        &data_word(0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf);
+        &data_word(0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb);
+        &data_word(0x097826cd, 0xf418596e, 0x01b79aec, 0xa89a4f83);
+        &data_word(0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef);
+        &data_word(0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029);
+        &data_word(0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235);
+        &data_word(0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733);
+        &data_word(0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117);
+        &data_word(0x8dd64d76, 0x4db0ef43, 0x544daacc, 0xdf0496e4);
+        &data_word(0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546);
+        &data_word(0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb);
+        &data_word(0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d);
+        &data_word(0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb);
+        &data_word(0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a);
+        &data_word(0x59dfd29c, 0x3f73f255, 0x79ce1418, 0xbf37c773);
+        &data_word(0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478);
+        &data_word(0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2);
+        &data_word(0x72c31d16, 0x0c25e2bc, 0x8b493c28, 0x41950dff);
+        &data_word(0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664);
+        &data_word(0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0);
+#Td1:
+        &data_word(0xa7f45150, 0x65417e53, 0xa4171ac3, 0x5e273a96);
+        &data_word(0x6bab3bcb, 0x459d1ff1, 0x58faacab, 0x03e34b93);
+        &data_word(0xfa302055, 0x6d76adf6, 0x76cc8891, 0x4c02f525);
+        &data_word(0xd7e54ffc, 0xcb2ac5d7, 0x44352680, 0xa362b58f);
+        &data_word(0x5ab1de49, 0x1bba2567, 0x0eea4598, 0xc0fe5de1);
+        &data_word(0x752fc302, 0xf04c8112, 0x97468da3, 0xf9d36bc6);
+        &data_word(0x5f8f03e7, 0x9c921595, 0x7a6dbfeb, 0x595295da);
+        &data_word(0x83bed42d, 0x217458d3, 0x69e04929, 0xc8c98e44);
+        &data_word(0x89c2756a, 0x798ef478, 0x3e58996b, 0x71b927dd);
+        &data_word(0x4fe1beb6, 0xad88f017, 0xac20c966, 0x3ace7db4);
+        &data_word(0x4adf6318, 0x311ae582, 0x33519760, 0x7f536245);
+        &data_word(0x7764b1e0, 0xae6bbb84, 0xa081fe1c, 0x2b08f994);
+        &data_word(0x68487058, 0xfd458f19, 0x6cde9487, 0xf87b52b7);
+        &data_word(0xd373ab23, 0x024b72e2, 0x8f1fe357, 0xab55662a);
+        &data_word(0x28ebb207, 0xc2b52f03, 0x7bc5869a, 0x0837d3a5);
+        &data_word(0x872830f2, 0xa5bf23b2, 0x6a0302ba, 0x8216ed5c);
+        &data_word(0x1ccf8a2b, 0xb479a792, 0xf207f3f0, 0xe2694ea1);
+        &data_word(0xf4da65cd, 0xbe0506d5, 0x6234d11f, 0xfea6c48a);
+        &data_word(0x532e349d, 0x55f3a2a0, 0xe18a0532, 0xebf6a475);
+        &data_word(0xec830b39, 0xef6040aa, 0x9f715e06, 0x106ebd51);
+        &data_word(0x8a213ef9, 0x06dd963d, 0x053eddae, 0xbde64d46);
+        &data_word(0x8d5491b5, 0x5dc47105, 0xd406046f, 0x155060ff);
+        &data_word(0xfb981924, 0xe9bdd697, 0x434089cc, 0x9ed96777);
+        &data_word(0x42e8b0bd, 0x8b890788, 0x5b19e738, 0xeec879db);
+        &data_word(0x0a7ca147, 0x0f427ce9, 0x1e84f8c9, 0x00000000);
+        &data_word(0x86800983, 0xed2b3248, 0x70111eac, 0x725a6c4e);
+        &data_word(0xff0efdfb, 0x38850f56, 0xd5ae3d1e, 0x392d3627);
+        &data_word(0xd90f0a64, 0xa65c6821, 0x545b9bd1, 0x2e36243a);
+        &data_word(0x670a0cb1, 0xe757930f, 0x96eeb4d2, 0x919b1b9e);
+        &data_word(0xc5c0804f, 0x20dc61a2, 0x4b775a69, 0x1a121c16);
+        &data_word(0xba93e20a, 0x2aa0c0e5, 0xe0223c43, 0x171b121d);
+        &data_word(0x0d090e0b, 0xc78bf2ad, 0xa8b62db9, 0xa91e14c8);
+        &data_word(0x19f15785, 0x0775af4c, 0xdd99eebb, 0x607fa3fd);
+        &data_word(0x2601f79f, 0xf5725cbc, 0x3b6644c5, 0x7efb5b34);
+        &data_word(0x29438b76, 0xc623cbdc, 0xfcedb668, 0xf1e4b863);
+        &data_word(0xdc31d7ca, 0x85634210, 0x22971340, 0x11c68420);
+        &data_word(0x244a857d, 0x3dbbd2f8, 0x32f9ae11, 0xa129c76d);
+        &data_word(0x2f9e1d4b, 0x30b2dcf3, 0x52860dec, 0xe3c177d0);
+        &data_word(0x16b32b6c, 0xb970a999, 0x489411fa, 0x64e94722);
+        &data_word(0x8cfca8c4, 0x3ff0a01a, 0x2c7d56d8, 0x903322ef);
+        &data_word(0x4e4987c7, 0xd138d9c1, 0xa2ca8cfe, 0x0bd49836);
+        &data_word(0x81f5a6cf, 0xde7aa528, 0x8eb7da26, 0xbfad3fa4);
+        &data_word(0x9d3a2ce4, 0x9278500d, 0xcc5f6a9b, 0x467e5462);
+        &data_word(0x138df6c2, 0xb8d890e8, 0xf7392e5e, 0xafc382f5);
+        &data_word(0x805d9fbe, 0x93d0697c, 0x2dd56fa9, 0x1225cfb3);
+        &data_word(0x99acc83b, 0x7d1810a7, 0x639ce86e, 0xbb3bdb7b);
+        &data_word(0x7826cd09, 0x18596ef4, 0xb79aec01, 0x9a4f83a8);
+        &data_word(0x6e95e665, 0xe6ffaa7e, 0xcfbc2108, 0xe815efe6);
+        &data_word(0x9be7bad9, 0x366f4ace, 0x099fead4, 0x7cb029d6);
+        &data_word(0xb2a431af, 0x233f2a31, 0x94a5c630, 0x66a235c0);
+        &data_word(0xbc4e7437, 0xca82fca6, 0xd090e0b0, 0xd8a73315);
+        &data_word(0x9804f14a, 0xdaec41f7, 0x50cd7f0e, 0xf691172f);
+        &data_word(0xd64d768d, 0xb0ef434d, 0x4daacc54, 0x0496e4df);
+        &data_word(0xb5d19ee3, 0x886a4c1b, 0x1f2cc1b8, 0x5165467f);
+        &data_word(0xea5e9d04, 0x358c015d, 0x7487fa73, 0x410bfb2e);
+        &data_word(0x1d67b35a, 0xd2db9252, 0x5610e933, 0x47d66d13);
+        &data_word(0x61d79a8c, 0x0ca1377a, 0x14f8598e, 0x3c13eb89);
+        &data_word(0x27a9ceee, 0xc961b735, 0xe51ce1ed, 0xb1477a3c);
+        &data_word(0xdfd29c59, 0x73f2553f, 0xce141879, 0x37c773bf);
+        &data_word(0xcdf753ea, 0xaafd5f5b, 0x6f3ddf14, 0xdb447886);
+        &data_word(0xf3afca81, 0xc468b93e, 0x3424382c, 0x40a3c25f);
+        &data_word(0xc31d1672, 0x25e2bc0c, 0x493c288b, 0x950dff41);
+        &data_word(0x01a83971, 0xb30c08de, 0xe4b4d89c, 0xc1566490);
+        &data_word(0x84cb7b61, 0xb632d570, 0x5c6c4874, 0x57b8d042);
+#Td2:
+        &data_word(0xf45150a7, 0x417e5365, 0x171ac3a4, 0x273a965e);
+        &data_word(0xab3bcb6b, 0x9d1ff145, 0xfaacab58, 0xe34b9303);
+        &data_word(0x302055fa, 0x76adf66d, 0xcc889176, 0x02f5254c);
+        &data_word(0xe54ffcd7, 0x2ac5d7cb, 0x35268044, 0x62b58fa3);
+        &data_word(0xb1de495a, 0xba25671b, 0xea45980e, 0xfe5de1c0);
+        &data_word(0x2fc30275, 0x4c8112f0, 0x468da397, 0xd36bc6f9);
+        &data_word(0x8f03e75f, 0x9215959c, 0x6dbfeb7a, 0x5295da59);
+        &data_word(0xbed42d83, 0x7458d321, 0xe0492969, 0xc98e44c8);
+        &data_word(0xc2756a89, 0x8ef47879, 0x58996b3e, 0xb927dd71);
+        &data_word(0xe1beb64f, 0x88f017ad, 0x20c966ac, 0xce7db43a);
+        &data_word(0xdf63184a, 0x1ae58231, 0x51976033, 0x5362457f);
+        &data_word(0x64b1e077, 0x6bbb84ae, 0x81fe1ca0, 0x08f9942b);
+        &data_word(0x48705868, 0x458f19fd, 0xde94876c, 0x7b52b7f8);
+        &data_word(0x73ab23d3, 0x4b72e202, 0x1fe3578f, 0x55662aab);
+        &data_word(0xebb20728, 0xb52f03c2, 0xc5869a7b, 0x37d3a508);
+        &data_word(0x2830f287, 0xbf23b2a5, 0x0302ba6a, 0x16ed5c82);
+        &data_word(0xcf8a2b1c, 0x79a792b4, 0x07f3f0f2, 0x694ea1e2);
+        &data_word(0xda65cdf4, 0x0506d5be, 0x34d11f62, 0xa6c48afe);
+        &data_word(0x2e349d53, 0xf3a2a055, 0x8a0532e1, 0xf6a475eb);
+        &data_word(0x830b39ec, 0x6040aaef, 0x715e069f, 0x6ebd5110);
+        &data_word(0x213ef98a, 0xdd963d06, 0x3eddae05, 0xe64d46bd);
+        &data_word(0x5491b58d, 0xc471055d, 0x06046fd4, 0x5060ff15);
+        &data_word(0x981924fb, 0xbdd697e9, 0x4089cc43, 0xd967779e);
+        &data_word(0xe8b0bd42, 0x8907888b, 0x19e7385b, 0xc879dbee);
+        &data_word(0x7ca1470a, 0x427ce90f, 0x84f8c91e, 0x00000000);
+        &data_word(0x80098386, 0x2b3248ed, 0x111eac70, 0x5a6c4e72);
+        &data_word(0x0efdfbff, 0x850f5638, 0xae3d1ed5, 0x2d362739);
+        &data_word(0x0f0a64d9, 0x5c6821a6, 0x5b9bd154, 0x36243a2e);
+        &data_word(0x0a0cb167, 0x57930fe7, 0xeeb4d296, 0x9b1b9e91);
+        &data_word(0xc0804fc5, 0xdc61a220, 0x775a694b, 0x121c161a);
+        &data_word(0x93e20aba, 0xa0c0e52a, 0x223c43e0, 0x1b121d17);
+        &data_word(0x090e0b0d, 0x8bf2adc7, 0xb62db9a8, 0x1e14c8a9);
+        &data_word(0xf1578519, 0x75af4c07, 0x99eebbdd, 0x7fa3fd60);
+        &data_word(0x01f79f26, 0x725cbcf5, 0x6644c53b, 0xfb5b347e);
+        &data_word(0x438b7629, 0x23cbdcc6, 0xedb668fc, 0xe4b863f1);
+        &data_word(0x31d7cadc, 0x63421085, 0x97134022, 0xc6842011);
+        &data_word(0x4a857d24, 0xbbd2f83d, 0xf9ae1132, 0x29c76da1);
+        &data_word(0x9e1d4b2f, 0xb2dcf330, 0x860dec52, 0xc177d0e3);
+        &data_word(0xb32b6c16, 0x70a999b9, 0x9411fa48, 0xe9472264);
+        &data_word(0xfca8c48c, 0xf0a01a3f, 0x7d56d82c, 0x3322ef90);
+        &data_word(0x4987c74e, 0x38d9c1d1, 0xca8cfea2, 0xd498360b);
+        &data_word(0xf5a6cf81, 0x7aa528de, 0xb7da268e, 0xad3fa4bf);
+        &data_word(0x3a2ce49d, 0x78500d92, 0x5f6a9bcc, 0x7e546246);
+        &data_word(0x8df6c213, 0xd890e8b8, 0x392e5ef7, 0xc382f5af);
+        &data_word(0x5d9fbe80, 0xd0697c93, 0xd56fa92d, 0x25cfb312);
+        &data_word(0xacc83b99, 0x1810a77d, 0x9ce86e63, 0x3bdb7bbb);
+        &data_word(0x26cd0978, 0x596ef418, 0x9aec01b7, 0x4f83a89a);
+        &data_word(0x95e6656e, 0xffaa7ee6, 0xbc2108cf, 0x15efe6e8);
+        &data_word(0xe7bad99b, 0x6f4ace36, 0x9fead409, 0xb029d67c);
+        &data_word(0xa431afb2, 0x3f2a3123, 0xa5c63094, 0xa235c066);
+        &data_word(0x4e7437bc, 0x82fca6ca, 0x90e0b0d0, 0xa73315d8);
+        &data_word(0x04f14a98, 0xec41f7da, 0xcd7f0e50, 0x91172ff6);
+        &data_word(0x4d768dd6, 0xef434db0, 0xaacc544d, 0x96e4df04);
+        &data_word(0xd19ee3b5, 0x6a4c1b88, 0x2cc1b81f, 0x65467f51);
+        &data_word(0x5e9d04ea, 0x8c015d35, 0x87fa7374, 0x0bfb2e41);
+        &data_word(0x67b35a1d, 0xdb9252d2, 0x10e93356, 0xd66d1347);
+        &data_word(0xd79a8c61, 0xa1377a0c, 0xf8598e14, 0x13eb893c);
+        &data_word(0xa9ceee27, 0x61b735c9, 0x1ce1ede5, 0x477a3cb1);
+        &data_word(0xd29c59df, 0xf2553f73, 0x141879ce, 0xc773bf37);
+        &data_word(0xf753eacd, 0xfd5f5baa, 0x3ddf146f, 0x447886db);
+        &data_word(0xafca81f3, 0x68b93ec4, 0x24382c34, 0xa3c25f40);
+        &data_word(0x1d1672c3, 0xe2bc0c25, 0x3c288b49, 0x0dff4195);
+        &data_word(0xa8397101, 0x0c08deb3, 0xb4d89ce4, 0x566490c1);
+        &data_word(0xcb7b6184, 0x32d570b6, 0x6c48745c, 0xb8d04257);
+#Td3:
+        &data_word(0x5150a7f4, 0x7e536541, 0x1ac3a417, 0x3a965e27);
+        &data_word(0x3bcb6bab, 0x1ff1459d, 0xacab58fa, 0x4b9303e3);
+        &data_word(0x2055fa30, 0xadf66d76, 0x889176cc, 0xf5254c02);
+        &data_word(0x4ffcd7e5, 0xc5d7cb2a, 0x26804435, 0xb58fa362);
+        &data_word(0xde495ab1, 0x25671bba, 0x45980eea, 0x5de1c0fe);
+        &data_word(0xc302752f, 0x8112f04c, 0x8da39746, 0x6bc6f9d3);
+        &data_word(0x03e75f8f, 0x15959c92, 0xbfeb7a6d, 0x95da5952);
+        &data_word(0xd42d83be, 0x58d32174, 0x492969e0, 0x8e44c8c9);
+        &data_word(0x756a89c2, 0xf478798e, 0x996b3e58, 0x27dd71b9);
+        &data_word(0xbeb64fe1, 0xf017ad88, 0xc966ac20, 0x7db43ace);
+        &data_word(0x63184adf, 0xe582311a, 0x97603351, 0x62457f53);
+        &data_word(0xb1e07764, 0xbb84ae6b, 0xfe1ca081, 0xf9942b08);
+        &data_word(0x70586848, 0x8f19fd45, 0x94876cde, 0x52b7f87b);
+        &data_word(0xab23d373, 0x72e2024b, 0xe3578f1f, 0x662aab55);
+        &data_word(0xb20728eb, 0x2f03c2b5, 0x869a7bc5, 0xd3a50837);
+        &data_word(0x30f28728, 0x23b2a5bf, 0x02ba6a03, 0xed5c8216);
+        &data_word(0x8a2b1ccf, 0xa792b479, 0xf3f0f207, 0x4ea1e269);
+        &data_word(0x65cdf4da, 0x06d5be05, 0xd11f6234, 0xc48afea6);
+        &data_word(0x349d532e, 0xa2a055f3, 0x0532e18a, 0xa475ebf6);
+        &data_word(0x0b39ec83, 0x40aaef60, 0x5e069f71, 0xbd51106e);
+        &data_word(0x3ef98a21, 0x963d06dd, 0xddae053e, 0x4d46bde6);
+        &data_word(0x91b58d54, 0x71055dc4, 0x046fd406, 0x60ff1550);
+        &data_word(0x1924fb98, 0xd697e9bd, 0x89cc4340, 0x67779ed9);
+        &data_word(0xb0bd42e8, 0x07888b89, 0xe7385b19, 0x79dbeec8);
+        &data_word(0xa1470a7c, 0x7ce90f42, 0xf8c91e84, 0x00000000);
+        &data_word(0x09838680, 0x3248ed2b, 0x1eac7011, 0x6c4e725a);
+        &data_word(0xfdfbff0e, 0x0f563885, 0x3d1ed5ae, 0x3627392d);
+        &data_word(0x0a64d90f, 0x6821a65c, 0x9bd1545b, 0x243a2e36);
+        &data_word(0x0cb1670a, 0x930fe757, 0xb4d296ee, 0x1b9e919b);
+        &data_word(0x804fc5c0, 0x61a220dc, 0x5a694b77, 0x1c161a12);
+        &data_word(0xe20aba93, 0xc0e52aa0, 0x3c43e022, 0x121d171b);
+        &data_word(0x0e0b0d09, 0xf2adc78b, 0x2db9a8b6, 0x14c8a91e);
+        &data_word(0x578519f1, 0xaf4c0775, 0xeebbdd99, 0xa3fd607f);
+        &data_word(0xf79f2601, 0x5cbcf572, 0x44c53b66, 0x5b347efb);
+        &data_word(0x8b762943, 0xcbdcc623, 0xb668fced, 0xb863f1e4);
+        &data_word(0xd7cadc31, 0x42108563, 0x13402297, 0x842011c6);
+        &data_word(0x857d244a, 0xd2f83dbb, 0xae1132f9, 0xc76da129);
+        &data_word(0x1d4b2f9e, 0xdcf330b2, 0x0dec5286, 0x77d0e3c1);
+        &data_word(0x2b6c16b3, 0xa999b970, 0x11fa4894, 0x472264e9);
+        &data_word(0xa8c48cfc, 0xa01a3ff0, 0x56d82c7d, 0x22ef9033);
+        &data_word(0x87c74e49, 0xd9c1d138, 0x8cfea2ca, 0x98360bd4);
+        &data_word(0xa6cf81f5, 0xa528de7a, 0xda268eb7, 0x3fa4bfad);
+        &data_word(0x2ce49d3a, 0x500d9278, 0x6a9bcc5f, 0x5462467e);
+        &data_word(0xf6c2138d, 0x90e8b8d8, 0x2e5ef739, 0x82f5afc3);
+        &data_word(0x9fbe805d, 0x697c93d0, 0x6fa92dd5, 0xcfb31225);
+        &data_word(0xc83b99ac, 0x10a77d18, 0xe86e639c, 0xdb7bbb3b);
+        &data_word(0xcd097826, 0x6ef41859, 0xec01b79a, 0x83a89a4f);
+        &data_word(0xe6656e95, 0xaa7ee6ff, 0x2108cfbc, 0xefe6e815);
+        &data_word(0xbad99be7, 0x4ace366f, 0xead4099f, 0x29d67cb0);
+        &data_word(0x31afb2a4, 0x2a31233f, 0xc63094a5, 0x35c066a2);
+        &data_word(0x7437bc4e, 0xfca6ca82, 0xe0b0d090, 0x3315d8a7);
+        &data_word(0xf14a9804, 0x41f7daec, 0x7f0e50cd, 0x172ff691);
+        &data_word(0x768dd64d, 0x434db0ef, 0xcc544daa, 0xe4df0496);
+        &data_word(0x9ee3b5d1, 0x4c1b886a, 0xc1b81f2c, 0x467f5165);
+        &data_word(0x9d04ea5e, 0x015d358c, 0xfa737487, 0xfb2e410b);
+        &data_word(0xb35a1d67, 0x9252d2db, 0xe9335610, 0x6d1347d6);
+        &data_word(0x9a8c61d7, 0x377a0ca1, 0x598e14f8, 0xeb893c13);
+        &data_word(0xceee27a9, 0xb735c961, 0xe1ede51c, 0x7a3cb147);
+        &data_word(0x9c59dfd2, 0x553f73f2, 0x1879ce14, 0x73bf37c7);
+        &data_word(0x53eacdf7, 0x5f5baafd, 0xdf146f3d, 0x7886db44);
+        &data_word(0xca81f3af, 0xb93ec468, 0x382c3424, 0xc25f40a3);
+        &data_word(0x1672c31d, 0xbc0c25e2, 0x288b493c, 0xff41950d);
+        &data_word(0x397101a8, 0x08deb30c, 0xd89ce4b4, 0x6490c156);
+        &data_word(0x7b6184cb, 0xd570b632, 0x48745c6c, 0xd04257b8);
+#Td4:
+        &data_word(0x52525252, 0x09090909, 0x6a6a6a6a, 0xd5d5d5d5);
+        &data_word(0x30303030, 0x36363636, 0xa5a5a5a5, 0x38383838);
+        &data_word(0xbfbfbfbf, 0x40404040, 0xa3a3a3a3, 0x9e9e9e9e);
+        &data_word(0x81818181, 0xf3f3f3f3, 0xd7d7d7d7, 0xfbfbfbfb);
+        &data_word(0x7c7c7c7c, 0xe3e3e3e3, 0x39393939, 0x82828282);
+        &data_word(0x9b9b9b9b, 0x2f2f2f2f, 0xffffffff, 0x87878787);
+        &data_word(0x34343434, 0x8e8e8e8e, 0x43434343, 0x44444444);
+        &data_word(0xc4c4c4c4, 0xdededede, 0xe9e9e9e9, 0xcbcbcbcb);
+        &data_word(0x54545454, 0x7b7b7b7b, 0x94949494, 0x32323232);
+        &data_word(0xa6a6a6a6, 0xc2c2c2c2, 0x23232323, 0x3d3d3d3d);
+        &data_word(0xeeeeeeee, 0x4c4c4c4c, 0x95959595, 0x0b0b0b0b);
+        &data_word(0x42424242, 0xfafafafa, 0xc3c3c3c3, 0x4e4e4e4e);
+        &data_word(0x08080808, 0x2e2e2e2e, 0xa1a1a1a1, 0x66666666);
+        &data_word(0x28282828, 0xd9d9d9d9, 0x24242424, 0xb2b2b2b2);
+        &data_word(0x76767676, 0x5b5b5b5b, 0xa2a2a2a2, 0x49494949);
+        &data_word(0x6d6d6d6d, 0x8b8b8b8b, 0xd1d1d1d1, 0x25252525);
+        &data_word(0x72727272, 0xf8f8f8f8, 0xf6f6f6f6, 0x64646464);
+        &data_word(0x86868686, 0x68686868, 0x98989898, 0x16161616);
+        &data_word(0xd4d4d4d4, 0xa4a4a4a4, 0x5c5c5c5c, 0xcccccccc);
+        &data_word(0x5d5d5d5d, 0x65656565, 0xb6b6b6b6, 0x92929292);
+        &data_word(0x6c6c6c6c, 0x70707070, 0x48484848, 0x50505050);
+        &data_word(0xfdfdfdfd, 0xedededed, 0xb9b9b9b9, 0xdadadada);
+        &data_word(0x5e5e5e5e, 0x15151515, 0x46464646, 0x57575757);
+        &data_word(0xa7a7a7a7, 0x8d8d8d8d, 0x9d9d9d9d, 0x84848484);
+        &data_word(0x90909090, 0xd8d8d8d8, 0xabababab, 0x00000000);
+        &data_word(0x8c8c8c8c, 0xbcbcbcbc, 0xd3d3d3d3, 0x0a0a0a0a);
+        &data_word(0xf7f7f7f7, 0xe4e4e4e4, 0x58585858, 0x05050505);
+        &data_word(0xb8b8b8b8, 0xb3b3b3b3, 0x45454545, 0x06060606);
+        &data_word(0xd0d0d0d0, 0x2c2c2c2c, 0x1e1e1e1e, 0x8f8f8f8f);
+        &data_word(0xcacacaca, 0x3f3f3f3f, 0x0f0f0f0f, 0x02020202);
+        &data_word(0xc1c1c1c1, 0xafafafaf, 0xbdbdbdbd, 0x03030303);
+        &data_word(0x01010101, 0x13131313, 0x8a8a8a8a, 0x6b6b6b6b);
+        &data_word(0x3a3a3a3a, 0x91919191, 0x11111111, 0x41414141);
+        &data_word(0x4f4f4f4f, 0x67676767, 0xdcdcdcdc, 0xeaeaeaea);
+        &data_word(0x97979797, 0xf2f2f2f2, 0xcfcfcfcf, 0xcececece);
+        &data_word(0xf0f0f0f0, 0xb4b4b4b4, 0xe6e6e6e6, 0x73737373);
+        &data_word(0x96969696, 0xacacacac, 0x74747474, 0x22222222);
+        &data_word(0xe7e7e7e7, 0xadadadad, 0x35353535, 0x85858585);
+        &data_word(0xe2e2e2e2, 0xf9f9f9f9, 0x37373737, 0xe8e8e8e8);
+        &data_word(0x1c1c1c1c, 0x75757575, 0xdfdfdfdf, 0x6e6e6e6e);
+        &data_word(0x47474747, 0xf1f1f1f1, 0x1a1a1a1a, 0x71717171);
+        &data_word(0x1d1d1d1d, 0x29292929, 0xc5c5c5c5, 0x89898989);
+        &data_word(0x6f6f6f6f, 0xb7b7b7b7, 0x62626262, 0x0e0e0e0e);
+        &data_word(0xaaaaaaaa, 0x18181818, 0xbebebebe, 0x1b1b1b1b);
+        &data_word(0xfcfcfcfc, 0x56565656, 0x3e3e3e3e, 0x4b4b4b4b);
+        &data_word(0xc6c6c6c6, 0xd2d2d2d2, 0x79797979, 0x20202020);
+        &data_word(0x9a9a9a9a, 0xdbdbdbdb, 0xc0c0c0c0, 0xfefefefe);
+        &data_word(0x78787878, 0xcdcdcdcd, 0x5a5a5a5a, 0xf4f4f4f4);
+        &data_word(0x1f1f1f1f, 0xdddddddd, 0xa8a8a8a8, 0x33333333);
+        &data_word(0x88888888, 0x07070707, 0xc7c7c7c7, 0x31313131);
+        &data_word(0xb1b1b1b1, 0x12121212, 0x10101010, 0x59595959);
+        &data_word(0x27272727, 0x80808080, 0xecececec, 0x5f5f5f5f);
+        &data_word(0x60606060, 0x51515151, 0x7f7f7f7f, 0xa9a9a9a9);
+        &data_word(0x19191919, 0xb5b5b5b5, 0x4a4a4a4a, 0x0d0d0d0d);
+        &data_word(0x2d2d2d2d, 0xe5e5e5e5, 0x7a7a7a7a, 0x9f9f9f9f);
+        &data_word(0x93939393, 0xc9c9c9c9, 0x9c9c9c9c, 0xefefefef);
+        &data_word(0xa0a0a0a0, 0xe0e0e0e0, 0x3b3b3b3b, 0x4d4d4d4d);
+        &data_word(0xaeaeaeae, 0x2a2a2a2a, 0xf5f5f5f5, 0xb0b0b0b0);
+        &data_word(0xc8c8c8c8, 0xebebebeb, 0xbbbbbbbb, 0x3c3c3c3c);
+        &data_word(0x83838383, 0x53535353, 0x99999999, 0x61616161);
+        &data_word(0x17171717, 0x2b2b2b2b, 0x04040404, 0x7e7e7e7e);
+        &data_word(0xbabababa, 0x77777777, 0xd6d6d6d6, 0x26262626);
+        &data_word(0xe1e1e1e1, 0x69696969, 0x14141414, 0x63636363);
+        &data_word(0x55555555, 0x21212121, 0x0c0c0c0c, 0x7d7d7d7d);
+&function_end_B("AES_decrypt");
+
+sub enckey()
+{
+        &movz   ("esi",&LB("edx"));             # rk[i]>>0
+        &mov    ("ebx",&DWP(0,"ebp","esi",4));
+        &movz   ("esi",&HB("edx"));             # rk[i]>>8
+        &and    ("ebx",0xFF000000);
+        &xor    ("eax","ebx");
+
+        &mov    ("ebx",&DWP(0,"ebp","esi",4));
+        &shr    ("edx",16);
+        &and    ("ebx",0x000000FF);
+        &movz   ("esi",&LB("edx"));             # rk[i]>>16
+        &xor    ("eax","ebx");
+
+        &mov    ("ebx",&DWP(0,"ebp","esi",4));
+        &movz   ("esi",&HB("edx"));             # rk[i]>>24
+        &and    ("ebx",0x0000FF00);
+        &xor    ("eax","ebx");
+
+        &mov    ("ebx",&DWP(0,"ebp","esi",4));
+        &and    ("ebx",0x00FF0000);
+        &xor    ("eax","ebx");
+
+        &xor    ("eax",&DWP(1024,"ebp","ecx",4));       # rcon
+}
+
+# int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+#                        AES_KEY *key)
+&public_label("AES_Te");
+&function_begin("AES_set_encrypt_key");
+        &mov    ("esi",&wparam(0));             # user supplied key
+        &mov    ("edi",&wparam(2));             # private key schedule
+
+        &test   ("esi",-1);
+        &jz     (&label("badpointer"));
+        &test   ("edi",-1);
+        &jz     (&label("badpointer"));
+
+        &call   (&label("pic_point"));
+        &set_label("pic_point");
+        &blindpop("ebp");
+        &lea    ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp"));
+        &add    ("ebp",1024*4);                 # skip to Te4
+
+        &mov    ("ecx",&wparam(1));             # number of bits in key
+        &cmp    ("ecx",128);
+        &je     (&label("10rounds"));
+        &cmp    ("ecx",192);
+        &je     (&label("12rounds"));
+        &cmp    ("ecx",256);
+        &je     (&label("14rounds"));
+        &mov    ("eax",-2);                     # invalid number of bits
+        &jmp    (&label("exit"));
+
+    &set_label("10rounds");
+        &mov    ("eax",&DWP(0,"esi"));          # copy first 4 dwords
+        &mov    ("ebx",&DWP(4,"esi"));
+        &mov    ("ecx",&DWP(8,"esi"));
+        &mov    ("edx",&DWP(12,"esi"));
+        &mov    (&DWP(0,"edi"),"eax");
+        &mov    (&DWP(4,"edi"),"ebx");
+        &mov    (&DWP(8,"edi"),"ecx");
+        &mov    (&DWP(12,"edi"),"edx");
+
+        &xor    ("ecx","ecx");
+        &jmp    (&label("10shortcut"));
+
+        &align  (4);
+        &set_label("10loop");
+                &mov    ("eax",&DWP(0,"edi"));          # rk[0]
+                &mov    ("edx",&DWP(12,"edi"));         # rk[3]
+        &set_label("10shortcut");
+                &enckey ();
+
+                &mov    (&DWP(16,"edi"),"eax");         # rk[4]
+                &xor    ("eax",&DWP(4,"edi"));
+                &mov    (&DWP(20,"edi"),"eax");         # rk[5]
+                &xor    ("eax",&DWP(8,"edi"));
+                &mov    (&DWP(24,"edi"),"eax");         # rk[6]
+                &xor    ("eax",&DWP(12,"edi"));
+                &mov    (&DWP(28,"edi"),"eax");         # rk[7]
+                &inc    ("ecx");
+                &add    ("edi",16);
+                &cmp    ("ecx",10);
+        &jl     (&label("10loop"));
+
+        &mov    (&DWP(80,"edi"),10);            # setup number of rounds
+        &xor    ("eax","eax");
+        &jmp    (&label("exit"));
+                
+    &set_label("12rounds");
+        &mov    ("eax",&DWP(0,"esi"));          # copy first 6 dwords
+        &mov    ("ebx",&DWP(4,"esi"));
+        &mov    ("ecx",&DWP(8,"esi"));
+        &mov    ("edx",&DWP(12,"esi"));
+        &mov    (&DWP(0,"edi"),"eax");
+        &mov    (&DWP(4,"edi"),"ebx");
+        &mov    (&DWP(8,"edi"),"ecx");
+        &mov    (&DWP(12,"edi"),"edx");
+        &mov    ("ecx",&DWP(16,"esi"));
+        &mov    ("edx",&DWP(20,"esi"));
+        &mov    (&DWP(16,"edi"),"ecx");
+        &mov    (&DWP(20,"edi"),"edx");
+
+        &xor    ("ecx","ecx");
+        &jmp    (&label("12shortcut"));
+
+        &align  (4);
+        &set_label("12loop");
+                &mov    ("eax",&DWP(0,"edi"));          # rk[0]
+                &mov    ("edx",&DWP(20,"edi"));         # rk[5]
+        &set_label("12shortcut");
+                &enckey ();
+
+                &mov    (&DWP(24,"edi"),"eax");         # rk[6]
+                &xor    ("eax",&DWP(4,"edi"));
+                &mov    (&DWP(28,"edi"),"eax");         # rk[7]
+                &xor    ("eax",&DWP(8,"edi"));
+                &mov    (&DWP(32,"edi"),"eax");         # rk[8]
+                &xor    ("eax",&DWP(12,"edi"));
+                &mov    (&DWP(36,"edi"),"eax");         # rk[9]
+
+                &cmp    ("ecx",7);
+                &je     (&label("12break"));
+                &inc    ("ecx");
+
+                &xor    ("eax",&DWP(16,"edi"));
+                &mov    (&DWP(40,"edi"),"eax");         # rk[10]
+                &xor    ("eax",&DWP(20,"edi"));
+                &mov    (&DWP(44,"edi"),"eax");         # rk[11]
+
+                &add    ("edi",24);
+        &jmp    (&label("12loop"));
+
+        &set_label("12break");
+        &mov    (&DWP(72,"edi"),12);            # setup number of rounds
+        &xor    ("eax","eax");
+        &jmp    (&label("exit"));
+
+    &set_label("14rounds");
+        &mov    ("eax",&DWP(0,"esi"));          # copy first 8 dwords
+        &mov    ("ebx",&DWP(4,"esi"));
+        &mov    ("ecx",&DWP(8,"esi"));
+        &mov    ("edx",&DWP(12,"esi"));
+        &mov    (&DWP(0,"edi"),"eax");
+        &mov    (&DWP(4,"edi"),"ebx");
+        &mov    (&DWP(8,"edi"),"ecx");
+        &mov    (&DWP(12,"edi"),"edx");
+        &mov    ("eax",&DWP(16,"esi"));
+        &mov    ("ebx",&DWP(20,"esi"));
+        &mov    ("ecx",&DWP(24,"esi"));
+        &mov    ("edx",&DWP(28,"esi"));
+        &mov    (&DWP(16,"edi"),"eax");
+        &mov    (&DWP(20,"edi"),"ebx");
+        &mov    (&DWP(24,"edi"),"ecx");
+        &mov    (&DWP(28,"edi"),"edx");
+
+        &xor    ("ecx","ecx");
+        &jmp    (&label("14shortcut"));
+
+        &align  (4);
+        &set_label("14loop");
+                &mov    ("edx",&DWP(28,"edi"));         # rk[7]
+        &set_label("14shortcut");
+                &mov    ("eax",&DWP(0,"edi"));          # rk[0]
+
+                &enckey ();
+
+                &mov    (&DWP(32,"edi"),"eax");         # rk[8]
+                &xor    ("eax",&DWP(4,"edi"));
+                &mov    (&DWP(36,"edi"),"eax");         # rk[9]
+                &xor    ("eax",&DWP(8,"edi"));
+                &mov    (&DWP(40,"edi"),"eax");         # rk[10]
+                &xor    ("eax",&DWP(12,"edi"));
+                &mov    (&DWP(44,"edi"),"eax");         # rk[11]
+
+                &cmp    ("ecx",6);
+                &je     (&label("14break"));
+                &inc    ("ecx");
+
+                &mov    ("edx","eax");
+                &mov    ("eax",&DWP(16,"edi"));         # rk[4]
+                &movz   ("esi",&LB("edx"));             # rk[11]>>0
+                &mov    ("ebx",&DWP(0,"ebp","esi",4));
+                &movz   ("esi",&HB("edx"));             # rk[11]>>8
+                &and    ("ebx",0x000000FF);
+                &xor    ("eax","ebx");
+
+                &mov    ("ebx",&DWP(0,"ebp","esi",4));
+                &shr    ("edx",16);
+                &and    ("ebx",0x0000FF00);
+                &movz   ("esi",&LB("edx"));             # rk[11]>>16
+                &xor    ("eax","ebx");
+
+                &mov    ("ebx",&DWP(0,"ebp","esi",4));
+                &movz   ("esi",&HB("edx"));             # rk[11]>>24
+                &and    ("ebx",0x00FF0000);
+                &xor    ("eax","ebx");
+
+                &mov    ("ebx",&DWP(0,"ebp","esi",4));
+                &and    ("ebx",0xFF000000);
+                &xor    ("eax","ebx");
+
+                &mov    (&DWP(48,"edi"),"eax");         # rk[12]
+                &xor    ("eax",&DWP(20,"edi"));
+                &mov    (&DWP(52,"edi"),"eax");         # rk[13]
+                &xor    ("eax",&DWP(24,"edi"));
+                &mov    (&DWP(56,"edi"),"eax");         # rk[14]
+                &xor    ("eax",&DWP(28,"edi"));
+                &mov    (&DWP(60,"edi"),"eax");         # rk[15]
+
+                &add    ("edi",32);
+        &jmp    (&label("14loop"));
+
+        &set_label("14break");
+        &mov    (&DWP(48,"edi"),14);            # setup number of rounds
+        &xor    ("eax","eax");
+        &jmp    (&label("exit"));
+
+    &set_label("badpointer");
+        &mov    ("eax",-1);
+    &set_label("exit");
+&function_end("AES_set_encrypt_key");
+
+sub deckey()
+{ my ($i,$ptr,$te4,$td) = @_;
+
+        &mov    ("eax",&DWP($i,$ptr));
+        &mov    ("edx","eax");
+        &movz   ("ebx",&HB("eax"));
+        &shr    ("edx",16);
+        &and    ("eax",0xFF);
+        &movz   ("eax",&BP(0,$te4,"eax",4));
+        &movz   ("ebx",&BP(0,$te4,"ebx",4));
+        &mov    ("eax",&DWP(1024*0,$td,"eax",4));
+        &xor    ("eax",&DWP(1024*1,$td,"ebx",4));
+        &movz   ("ebx",&HB("edx"));
+        &and    ("edx",0xFF);
+        &movz   ("edx",&BP(0,$te4,"edx",4));
+        &movz   ("ebx",&BP(0,$te4,"ebx",4));
+        &xor    ("eax",&DWP(1024*2,$td,"edx",4));
+        &xor    ("eax",&DWP(1024*3,$td,"ebx",4));
+        &mov    (&DWP($i,$ptr),"eax");
+}
+
+# int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+#                        AES_KEY *key)
+&public_label("AES_Td");
+&public_label("AES_Te");
+&function_begin_B("AES_set_decrypt_key");
+        &mov    ("eax",&wparam(0));
+        &mov    ("ecx",&wparam(1));
+        &mov    ("edx",&wparam(2));
+        &sub    ("esp",12);
+        &mov    (&DWP(0,"esp"),"eax");
+        &mov    (&DWP(4,"esp"),"ecx");
+        &mov    (&DWP(8,"esp"),"edx");
+        &call   ("AES_set_encrypt_key");
+        &add    ("esp",12);
+        &cmp    ("eax",0);
+        &je     (&label("proceed"));
+        &ret    ();
+
+    &set_label("proceed");
+        &push   ("ebp");
+        &push   ("ebx");
+        &push   ("esi");
+        &push   ("edi");
+
+        &mov    ("esi",&wparam(2));
+        &mov    ("ecx",&DWP(240,"esi"));        # pull number of rounds
+        &lea    ("ecx",&DWP(0,"","ecx",4));
+        &lea    ("edi",&DWP(0,"esi","ecx",4));  # pointer to last chunk
+
+        &align  (4);
+        &set_label("invert");                   # invert order of chunks
+                &mov    ("eax",&DWP(0,"esi"));
+                &mov    ("ebx",&DWP(4,"esi"));
+                &mov    ("ecx",&DWP(0,"edi"));
+                &mov    ("edx",&DWP(4,"edi"));
+                &mov    (&DWP(0,"edi"),"eax");
+                &mov    (&DWP(4,"edi"),"ebx");
+                &mov    (&DWP(0,"esi"),"ecx");
+                &mov    (&DWP(4,"esi"),"edx");
+                &mov    ("eax",&DWP(8,"esi"));
+                &mov    ("ebx",&DWP(12,"esi"));
+                &mov    ("ecx",&DWP(8,"edi"));
+                &mov    ("edx",&DWP(12,"edi"));
+                &mov    (&DWP(8,"edi"),"eax");
+                &mov    (&DWP(12,"edi"),"ebx");
+                &mov    (&DWP(8,"esi"),"ecx");
+                &mov    (&DWP(12,"esi"),"edx");
+                &add    ("esi",16);
+                &sub    ("edi",16);
+                &cmp    ("esi","edi");
+        &jne    (&label("invert"));
+
+        &call   (&label("pic_point"));
+        &set_label("pic_point");
+        blindpop("ebp");
+        &lea    ("edi",&DWP(&label("AES_Td")."-".&label("pic_point"),"ebp"));
+        &lea    ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp"));
+        &add    ("ebp",1024*4);                 # skip to Te4
+
+        &mov    ("esi",&wparam(2));
+        &mov    ("ecx",&DWP(240,"esi"));        # pull number of rounds
+        &dec    ("ecx");
+        &align  (4);
+        &set_label("permute");                  # permute the key schedule
+                &add    ("esi",16);
+                &deckey (0,"esi","ebp","edi");
+                &deckey (4,"esi","ebp","edi");
+                &deckey (8,"esi","ebp","edi");
+                &deckey (12,"esi","ebp","edi");
+                &dec    ("ecx");
+        &jnz    (&label("permute"));
+
+        &xor    ("eax","eax");                  # return success
+&function_end("AES_set_decrypt_key");
+
+&asm_finish();
diff --git a/src/lib/libssl/src/crypto/asn1/Makefile.ssl b/src/lib/libssl/src/crypto/asn1/Makefile.ssl
new file mode 100644
index 0000000000..cb45194d48
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/Makefile.ssl
@@ -0,0 +1,1152 @@
+#
+# SSLeay/crypto/asn1/Makefile
+#
+
+DIR=    asn1
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \
+        a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c \
+        a_enum.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \
+        x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_bignum.c \
+        x_long.c x_name.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \
+        d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\
+        t_req.c t_x509.c t_x509a.c t_crl.c t_pkey.c t_spki.c t_bitst.c \
+        tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \
+        f_int.c f_string.c n_pkey.c \
+        f_enum.c a_hdr.c x_pkey.c a_bool.c x_exten.c \
+        asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c a_strnid.c \
+        evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c asn_moid.c
+LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \
+        a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \
+        a_enum.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \
+        x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_bignum.o \
+        x_long.o x_name.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \
+        d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \
+        t_req.o t_x509.o t_x509a.o t_crl.o t_pkey.o t_spki.o t_bitst.o \
+        tasn_new.o tasn_fre.o tasn_enc.o tasn_dec.o tasn_utl.o tasn_typ.o \
+        f_int.o f_string.o n_pkey.o \
+        f_enum.o a_hdr.o x_pkey.o a_bool.o x_exten.o \
+        asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o a_strnid.o \
+        evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o asn_moid.o
+
+SRC= $(LIBSRC)
+
+EXHEADER=  asn1.h asn1_mac.h asn1t.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:   test.c
+        cc -g -I../../include -c test.c
+        cc -g -I../../include -o test test.o -L../.. -lcrypto
+
+pk:     pk.c
+        cc -g -I../../include -c pk.c
+        cc -g -I../../include -o pk pk.o -L../.. -lcrypto
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+a_bitstr.o: ../../e_os.h ../../include/openssl/asn1.h
+a_bitstr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+a_bitstr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_bitstr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_bitstr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_bitstr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_bitstr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_bitstr.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bitstr.c
+a_bool.o: ../../e_os.h ../../include/openssl/asn1.h
+a_bool.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+a_bool.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_bool.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_bool.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_bool.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_bool.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_bool.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_bool.o: ../cryptlib.h a_bool.c
+a_bytes.o: ../../e_os.h ../../include/openssl/asn1.h
+a_bytes.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+a_bytes.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_bytes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_bytes.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_bytes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_bytes.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_bytes.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bytes.c
+a_d2i_fp.o: ../../e_os.h ../../include/openssl/asn1.h
+a_d2i_fp.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+a_d2i_fp.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_d2i_fp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_d2i_fp.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_d2i_fp.o: ../../include/openssl/opensslconf.h
+a_d2i_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_d2i_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_d2i_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_d2i_fp.c
+a_digest.o: ../../e_os.h ../../include/openssl/aes.h
+a_digest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_digest.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+a_digest.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+a_digest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+a_digest.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+a_digest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+a_digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+a_digest.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+a_digest.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+a_digest.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+a_digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+a_digest.o: ../../include/openssl/opensslconf.h
+a_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+a_digest.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+a_digest.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+a_digest.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+a_digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_digest.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+a_digest.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+a_digest.o: ../cryptlib.h a_digest.c
+a_dup.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_dup.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_dup.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_dup.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_dup.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_dup.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_dup.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_dup.o: ../cryptlib.h a_dup.c
+a_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_enum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_enum.o: ../cryptlib.h a_enum.c
+a_gentm.o: ../../e_os.h ../../include/openssl/asn1.h
+a_gentm.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+a_gentm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_gentm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_gentm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_gentm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_gentm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_gentm.o: ../../include/openssl/symhacks.h ../cryptlib.h ../o_time.h a_gentm.c
+a_hdr.o: ../../e_os.h ../../include/openssl/asn1.h
+a_hdr.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+a_hdr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_hdr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_hdr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_hdr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_hdr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_hdr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_hdr.o: ../cryptlib.h a_hdr.c
+a_i2d_fp.o: ../../e_os.h ../../include/openssl/asn1.h
+a_i2d_fp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+a_i2d_fp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_i2d_fp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_i2d_fp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_i2d_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_i2d_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_i2d_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_i2d_fp.c
+a_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_int.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_int.o: ../cryptlib.h a_int.c
+a_mbstr.o: ../../e_os.h ../../include/openssl/asn1.h
+a_mbstr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+a_mbstr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_mbstr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_mbstr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_mbstr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_mbstr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_mbstr.o: ../../include/openssl/symhacks.h ../cryptlib.h a_mbstr.c
+a_meth.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_meth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_meth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_meth.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_meth.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_meth.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_meth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_meth.o: ../cryptlib.h a_meth.c
+a_object.o: ../../e_os.h ../../include/openssl/asn1.h
+a_object.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+a_object.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_object.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_object.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_object.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+a_object.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_object.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_object.o: ../../include/openssl/symhacks.h ../cryptlib.h a_object.c
+a_octet.o: ../../e_os.h ../../include/openssl/asn1.h
+a_octet.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+a_octet.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_octet.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_octet.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_octet.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_octet.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_octet.o: ../../include/openssl/symhacks.h ../cryptlib.h a_octet.c
+a_print.o: ../../e_os.h ../../include/openssl/asn1.h
+a_print.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+a_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_print.o: ../../include/openssl/symhacks.h ../cryptlib.h a_print.c
+a_set.o: ../../e_os.h ../../include/openssl/asn1.h
+a_set.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+a_set.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_set.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_set.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_set.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_set.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_set.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_set.o: ../cryptlib.h a_set.c
+a_sign.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+a_sign.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+a_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_sign.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+a_sign.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+a_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+a_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_sign.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+a_sign.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+a_sign.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+a_sign.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+a_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+a_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+a_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+a_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+a_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+a_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+a_sign.o: ../cryptlib.h a_sign.c
+a_strex.o: ../../e_os.h ../../include/openssl/aes.h
+a_strex.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_strex.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+a_strex.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+a_strex.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+a_strex.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+a_strex.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+a_strex.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+a_strex.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+a_strex.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+a_strex.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+a_strex.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_strex.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+a_strex.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+a_strex.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+a_strex.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+a_strex.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+a_strex.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_strex.c charmap.h
+a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h
+a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+a_strnid.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_strnid.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_strnid.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_strnid.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+a_strnid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_strnid.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_strnid.o: ../../include/openssl/symhacks.h ../cryptlib.h a_strnid.c
+a_time.o: ../../e_os.h ../../include/openssl/asn1.h
+a_time.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+a_time.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_time.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_time.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_time.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_time.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_time.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_time.o: ../cryptlib.h ../o_time.h a_time.c
+a_type.o: ../../e_os.h ../../include/openssl/asn1.h
+a_type.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+a_type.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_type.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_type.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_type.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_type.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_type.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_type.o: ../cryptlib.h a_type.c
+a_utctm.o: ../../e_os.h ../../include/openssl/asn1.h
+a_utctm.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+a_utctm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_utctm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_utctm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_utctm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_utctm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_utctm.o: ../../include/openssl/symhacks.h ../cryptlib.h ../o_time.h a_utctm.c
+a_utf8.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_utf8.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_utf8.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_utf8.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_utf8.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_utf8.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_utf8.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_utf8.o: ../cryptlib.h a_utf8.c
+a_verify.o: ../../e_os.h ../../include/openssl/aes.h
+a_verify.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_verify.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+a_verify.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+a_verify.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+a_verify.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+a_verify.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+a_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+a_verify.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+a_verify.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+a_verify.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+a_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+a_verify.o: ../../include/openssl/opensslconf.h
+a_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+a_verify.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+a_verify.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+a_verify.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+a_verify.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_verify.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+a_verify.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+a_verify.o: ../cryptlib.h a_verify.c
+asn1_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+asn1_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+asn1_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+asn1_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+asn1_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn1_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+asn1_err.o: ../../include/openssl/symhacks.h asn1_err.c
+asn1_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+asn1_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+asn1_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+asn1_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+asn1_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+asn1_lib.o: ../../include/openssl/opensslconf.h
+asn1_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn1_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+asn1_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_lib.c
+asn1_par.o: ../../e_os.h ../../include/openssl/asn1.h
+asn1_par.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+asn1_par.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+asn1_par.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+asn1_par.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+asn1_par.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+asn1_par.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn1_par.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+asn1_par.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_par.c
+asn_moid.o: ../../e_os.h ../../include/openssl/aes.h
+asn_moid.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+asn_moid.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+asn_moid.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+asn_moid.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+asn_moid.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+asn_moid.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+asn_moid.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+asn_moid.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+asn_moid.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+asn_moid.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+asn_moid.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+asn_moid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+asn_moid.o: ../../include/openssl/opensslconf.h
+asn_moid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn_moid.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+asn_moid.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+asn_moid.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+asn_moid.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+asn_moid.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+asn_moid.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+asn_moid.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+asn_moid.o: ../cryptlib.h asn_moid.c
+asn_pack.o: ../../e_os.h ../../include/openssl/asn1.h
+asn_pack.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+asn_pack.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+asn_pack.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+asn_pack.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+asn_pack.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn_pack.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+asn_pack.o: ../../include/openssl/symhacks.h ../cryptlib.h asn_pack.c
+d2i_pr.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+d2i_pr.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+d2i_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+d2i_pr.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+d2i_pr.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+d2i_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+d2i_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+d2i_pr.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+d2i_pr.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+d2i_pr.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+d2i_pr.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+d2i_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+d2i_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+d2i_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+d2i_pr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+d2i_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+d2i_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+d2i_pr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+d2i_pr.o: ../../include/openssl/ui_compat.h ../cryptlib.h d2i_pr.c
+d2i_pu.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+d2i_pu.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+d2i_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+d2i_pu.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+d2i_pu.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+d2i_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+d2i_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+d2i_pu.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+d2i_pu.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+d2i_pu.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+d2i_pu.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+d2i_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+d2i_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+d2i_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+d2i_pu.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+d2i_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+d2i_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+d2i_pu.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+d2i_pu.o: ../../include/openssl/ui_compat.h ../cryptlib.h d2i_pu.c
+evp_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_asn1.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+evp_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+evp_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+evp_asn1.o: ../../include/openssl/opensslconf.h
+evp_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_asn1.c
+f_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+f_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+f_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+f_enum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+f_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+f_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+f_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+f_enum.o: ../cryptlib.h f_enum.c
+f_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+f_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+f_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+f_int.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+f_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+f_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+f_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+f_int.o: ../cryptlib.h f_int.c
+f_string.o: ../../e_os.h ../../include/openssl/asn1.h
+f_string.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+f_string.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+f_string.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+f_string.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+f_string.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+f_string.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+f_string.o: ../../include/openssl/symhacks.h ../cryptlib.h f_string.c
+i2d_pr.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+i2d_pr.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+i2d_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+i2d_pr.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+i2d_pr.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+i2d_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+i2d_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+i2d_pr.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+i2d_pr.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+i2d_pr.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+i2d_pr.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+i2d_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+i2d_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+i2d_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+i2d_pr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+i2d_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+i2d_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+i2d_pr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+i2d_pr.o: ../../include/openssl/ui_compat.h ../cryptlib.h i2d_pr.c
+i2d_pu.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+i2d_pu.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+i2d_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+i2d_pu.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+i2d_pu.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+i2d_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+i2d_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+i2d_pu.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+i2d_pu.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+i2d_pu.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+i2d_pu.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+i2d_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+i2d_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+i2d_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+i2d_pu.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+i2d_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+i2d_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+i2d_pu.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+i2d_pu.o: ../../include/openssl/ui_compat.h ../cryptlib.h i2d_pu.c
+n_pkey.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+n_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/asn1t.h
+n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+n_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+n_pkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+n_pkey.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+n_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+n_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+n_pkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+n_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+n_pkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+n_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+n_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+n_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+n_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+n_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+n_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+n_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+n_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+n_pkey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+n_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+n_pkey.o: ../cryptlib.h n_pkey.c
+nsseq.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+nsseq.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+nsseq.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+nsseq.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+nsseq.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+nsseq.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+nsseq.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+nsseq.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+nsseq.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+nsseq.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+nsseq.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+nsseq.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+nsseq.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+nsseq.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+nsseq.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+nsseq.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+nsseq.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+nsseq.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+nsseq.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+nsseq.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h nsseq.c
+p5_pbe.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+p5_pbe.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+p5_pbe.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+p5_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+p5_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+p5_pbe.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+p5_pbe.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p5_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p5_pbe.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+p5_pbe.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+p5_pbe.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+p5_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p5_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p5_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p5_pbe.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+p5_pbe.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+p5_pbe.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+p5_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p5_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p5_pbe.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+p5_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p5_pbe.o: ../cryptlib.h p5_pbe.c
+p5_pbev2.o: ../../e_os.h ../../include/openssl/aes.h
+p5_pbev2.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+p5_pbev2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+p5_pbev2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+p5_pbev2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+p5_pbev2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+p5_pbev2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+p5_pbev2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p5_pbev2.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+p5_pbev2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+p5_pbev2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+p5_pbev2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+p5_pbev2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p5_pbev2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p5_pbev2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+p5_pbev2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+p5_pbev2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+p5_pbev2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p5_pbev2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p5_pbev2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+p5_pbev2.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+p5_pbev2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_pbev2.c
+p8_pkey.o: ../../e_os.h ../../include/openssl/aes.h
+p8_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+p8_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+p8_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+p8_pkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+p8_pkey.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+p8_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+p8_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p8_pkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+p8_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+p8_pkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+p8_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+p8_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p8_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p8_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+p8_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+p8_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+p8_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p8_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p8_pkey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+p8_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p8_pkey.o: ../cryptlib.h p8_pkey.c
+t_bitst.o: ../../e_os.h ../../include/openssl/aes.h
+t_bitst.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_bitst.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+t_bitst.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+t_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+t_bitst.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+t_bitst.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+t_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+t_bitst.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+t_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+t_bitst.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+t_bitst.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+t_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+t_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+t_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+t_bitst.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+t_bitst.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+t_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_bitst.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+t_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h t_bitst.c
+t_crl.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+t_crl.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+t_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_crl.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+t_crl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+t_crl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+t_crl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+t_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+t_crl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+t_crl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+t_crl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+t_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_crl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+t_crl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+t_crl.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+t_crl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+t_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+t_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+t_crl.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+t_crl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+t_crl.o: ../cryptlib.h t_crl.c
+t_pkey.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+t_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+t_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+t_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
+t_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+t_pkey.o: ../../include/openssl/symhacks.h ../cryptlib.h t_pkey.c
+t_req.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+t_req.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+t_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_req.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+t_req.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+t_req.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+t_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+t_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+t_req.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+t_req.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+t_req.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+t_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+t_req.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+t_req.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+t_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+t_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+t_req.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+t_req.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+t_req.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+t_req.o: ../cryptlib.h t_req.c
+t_spki.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+t_spki.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_spki.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+t_spki.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+t_spki.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+t_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+t_spki.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+t_spki.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+t_spki.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+t_spki.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+t_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+t_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+t_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+t_spki.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+t_spki.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+t_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_spki.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+t_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_spki.o: ../cryptlib.h t_spki.c
+t_x509.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+t_x509.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+t_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_x509.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+t_x509.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+t_x509.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+t_x509.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+t_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+t_x509.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+t_x509.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+t_x509.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+t_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_x509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+t_x509.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+t_x509.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+t_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+t_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+t_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+t_x509.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+t_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+t_x509.o: ../cryptlib.h t_x509.c
+t_x509a.o: ../../e_os.h ../../include/openssl/aes.h
+t_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_x509a.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+t_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+t_x509a.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+t_x509a.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+t_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+t_x509a.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+t_x509a.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+t_x509a.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+t_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_x509a.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+t_x509a.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+t_x509a.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+t_x509a.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+t_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+t_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+t_x509a.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+t_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h t_x509a.c
+tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tasn_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+tasn_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+tasn_dec.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tasn_dec.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_dec.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_dec.o: ../../include/openssl/symhacks.h tasn_dec.c
+tasn_enc.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_enc.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tasn_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tasn_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tasn_enc.o: ../../include/openssl/opensslconf.h
+tasn_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_enc.o: ../../include/openssl/symhacks.h tasn_enc.c
+tasn_fre.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_fre.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tasn_fre.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tasn_fre.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tasn_fre.o: ../../include/openssl/opensslconf.h
+tasn_fre.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_fre.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_fre.o: ../../include/openssl/symhacks.h tasn_fre.c
+tasn_new.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_new.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tasn_new.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tasn_new.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+tasn_new.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tasn_new.o: ../../include/openssl/opensslconf.h
+tasn_new.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_new.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_new.o: ../../include/openssl/symhacks.h tasn_new.c
+tasn_typ.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_typ.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tasn_typ.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tasn_typ.o: ../../include/openssl/opensslconf.h
+tasn_typ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_typ.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_typ.o: ../../include/openssl/symhacks.h tasn_typ.c
+tasn_utl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_utl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tasn_utl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tasn_utl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+tasn_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tasn_utl.o: ../../include/openssl/opensslconf.h
+tasn_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_utl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_utl.o: ../../include/openssl/symhacks.h tasn_utl.c
+x_algor.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+x_algor.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_algor.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x_algor.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x_algor.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x_algor.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+x_algor.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_algor.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+x_algor.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+x_algor.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+x_algor.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+x_algor.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_algor.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_algor.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x_algor.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x_algor.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x_algor.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_algor.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_algor.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x_algor.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_algor.o: x_algor.c
+x_attrib.o: ../../e_os.h ../../include/openssl/aes.h
+x_attrib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+x_attrib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+x_attrib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+x_attrib.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+x_attrib.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+x_attrib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+x_attrib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_attrib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+x_attrib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+x_attrib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+x_attrib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+x_attrib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_attrib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_attrib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x_attrib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x_attrib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x_attrib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_attrib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_attrib.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x_attrib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_attrib.o: ../cryptlib.h x_attrib.c
+x_bignum.o: ../../e_os.h ../../include/openssl/asn1.h
+x_bignum.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_bignum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+x_bignum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_bignum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+x_bignum.o: ../../include/openssl/opensslconf.h
+x_bignum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_bignum.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+x_bignum.o: ../../include/openssl/symhacks.h ../cryptlib.h x_bignum.c
+x_crl.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+x_crl.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_crl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x_crl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x_crl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x_crl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+x_crl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x_crl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x_crl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x_crl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_crl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_crl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+x_crl.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+x_crl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+x_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+x_crl.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+x_crl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_crl.c
+x_exten.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+x_exten.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_exten.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x_exten.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x_exten.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x_exten.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+x_exten.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_exten.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+x_exten.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+x_exten.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+x_exten.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+x_exten.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_exten.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_exten.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x_exten.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x_exten.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x_exten.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_exten.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_exten.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x_exten.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_exten.o: x_exten.c
+x_info.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+x_info.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+x_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+x_info.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+x_info.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+x_info.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+x_info.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_info.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+x_info.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+x_info.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+x_info.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+x_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x_info.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x_info.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_info.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_info.o: ../cryptlib.h x_info.c
+x_long.o: ../../e_os.h ../../include/openssl/asn1.h
+x_long.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_long.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+x_long.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_long.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+x_long.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_long.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+x_long.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_long.o: ../cryptlib.h x_long.c
+x_name.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+x_name.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_name.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x_name.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x_name.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x_name.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+x_name.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_name.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x_name.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x_name.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x_name.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x_name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_name.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_name.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_name.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+x_name.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+x_name.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+x_name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_name.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+x_name.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+x_name.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_name.c
+x_pkey.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+x_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+x_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x_pkey.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+x_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x_pkey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x_pkey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x_pkey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+x_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+x_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+x_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+x_pkey.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+x_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_pkey.c
+x_pubkey.o: ../../e_os.h ../../include/openssl/aes.h
+x_pubkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+x_pubkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+x_pubkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+x_pubkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+x_pubkey.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+x_pubkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+x_pubkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_pubkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+x_pubkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+x_pubkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+x_pubkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+x_pubkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_pubkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_pubkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x_pubkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x_pubkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x_pubkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_pubkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_pubkey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x_pubkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_pubkey.o: ../cryptlib.h x_pubkey.c
+x_req.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+x_req.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_req.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x_req.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x_req.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x_req.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+x_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x_req.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x_req.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x_req.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_req.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+x_req.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+x_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+x_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_req.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+x_req.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+x_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_req.c
+x_sig.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+x_sig.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_sig.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x_sig.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x_sig.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x_sig.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+x_sig.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_sig.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x_sig.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x_sig.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x_sig.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x_sig.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_sig.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_sig.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_sig.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+x_sig.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+x_sig.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+x_sig.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_sig.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+x_sig.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+x_sig.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_sig.c
+x_spki.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+x_spki.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_spki.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x_spki.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x_spki.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x_spki.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+x_spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x_spki.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x_spki.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x_spki.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_spki.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_spki.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+x_spki.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+x_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+x_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+x_spki.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+x_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_spki.c
+x_val.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+x_val.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_val.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x_val.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x_val.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x_val.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+x_val.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_val.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x_val.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x_val.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x_val.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x_val.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_val.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_val.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_val.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+x_val.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+x_val.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+x_val.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_val.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+x_val.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+x_val.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_val.c
+x_x509.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+x_x509.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_x509.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x_x509.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x_x509.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+x_x509.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+x_x509.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_x509.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+x_x509.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+x_x509.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+x_x509.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+x_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x_x509.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x_x509.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_x509.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h x_x509.c
+x_x509a.o: ../../e_os.h ../../include/openssl/aes.h
+x_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+x_x509a.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+x_x509a.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+x_x509a.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+x_x509a.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+x_x509a.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+x_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_x509a.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+x_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+x_x509a.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+x_x509a.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+x_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x_x509a.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x_x509a.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_x509a.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_x509a.o: ../cryptlib.h x_x509a.c
diff --git a/src/lib/libssl/src/crypto/asn1/a_bytes.c b/src/lib/libssl/src/crypto/asn1/a_bytes.c
index afd27b80e1..2407f7c87a 100644
--- a/src/lib/libssl/src/crypto/asn1/a_bytes.c
+++ b/src/lib/libssl/src/crypto/asn1/a_bytes.c
@@ -78,7 +78,7 @@ ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, unsigned char **pp,
 
         if (tag >= 32)
                 {
-                i=ASN1_R_TAG_VALUE_TOO_HIGH;;
+                i=ASN1_R_TAG_VALUE_TOO_HIGH;
                 goto err;
                 }
         if (!(ASN1_tag2bit(tag) & type))
diff --git a/src/lib/libssl/src/crypto/asn1/asn1.h b/src/lib/libssl/src/crypto/asn1/asn1.h
index 0184b475a7..ceaeb4cbe3 100644
--- a/src/lib/libssl/src/crypto/asn1/asn1.h
+++ b/src/lib/libssl/src/crypto/asn1/asn1.h
@@ -962,7 +962,6 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_F_ASN1_DUP                                  111
 #define ASN1_F_ASN1_ENUMERATED_SET                       112
 #define ASN1_F_ASN1_ENUMERATED_TO_BN                     113
-#define ASN1_F_ASN1_FIND_END                             182
 #define ASN1_F_ASN1_GENERALIZEDTIME_SET                  178
 #define ASN1_F_ASN1_GET_OBJECT                           114
 #define ASN1_F_ASN1_HEADER_NEW                           115
@@ -1076,7 +1075,6 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_R_MISSING_SECOND_NUMBER                     138
 #define ASN1_R_MSTRING_NOT_UNIVERSAL                     139
 #define ASN1_R_MSTRING_WRONG_TAG                         140
-#define ASN1_R_NESTED_ASN1_STRING                        174
 #define ASN1_R_NON_HEX_CHARACTERS                        141
 #define ASN1_R_NOT_ENOUGH_DATA                           142
 #define ASN1_R_NO_MATCHING_CHOICE_TYPE                   143
diff --git a/src/lib/libssl/src/crypto/asn1/asn1_err.c b/src/lib/libssl/src/crypto/asn1/asn1_err.c
index 315d0a0807..3b57c8fbae 100644
--- a/src/lib/libssl/src/crypto/asn1/asn1_err.c
+++ b/src/lib/libssl/src/crypto/asn1/asn1_err.c
@@ -1,6 +1,6 @@
 /* crypto/asn1/asn1_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,175 +64,169 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ASN1,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ASN1,0,reason)
-
 static ERR_STRING_DATA ASN1_str_functs[]=
         {
-{ERR_FUNC(ASN1_F_A2D_ASN1_OBJECT),      "a2d_ASN1_OBJECT"},
-{ERR_FUNC(ASN1_F_A2I_ASN1_ENUMERATED),  "a2i_ASN1_ENUMERATED"},
-{ERR_FUNC(ASN1_F_A2I_ASN1_INTEGER),     "a2i_ASN1_INTEGER"},
-{ERR_FUNC(ASN1_F_A2I_ASN1_STRING),      "a2i_ASN1_STRING"},
-{ERR_FUNC(ASN1_F_ASN1_BIT_STRING_SET_BIT),      "ASN1_BIT_STRING_set_bit"},
-{ERR_FUNC(ASN1_F_ASN1_CHECK_TLEN),      "ASN1_CHECK_TLEN"},
-{ERR_FUNC(ASN1_F_ASN1_COLLATE_PRIMITIVE),       "ASN1_COLLATE_PRIMITIVE"},
-{ERR_FUNC(ASN1_F_ASN1_COLLECT), "ASN1_COLLECT"},
-{ERR_FUNC(ASN1_F_ASN1_D2I_BIO), "ASN1_d2i_bio"},
-{ERR_FUNC(ASN1_F_ASN1_D2I_EX_PRIMITIVE),        "ASN1_D2I_EX_PRIMITIVE"},
-{ERR_FUNC(ASN1_F_ASN1_D2I_FP),  "ASN1_d2i_fp"},
-{ERR_FUNC(ASN1_F_ASN1_DIGEST),  "ASN1_digest"},
-{ERR_FUNC(ASN1_F_ASN1_DO_ADB),  "ASN1_DO_ADB"},
-{ERR_FUNC(ASN1_F_ASN1_DUP),     "ASN1_dup"},
-{ERR_FUNC(ASN1_F_ASN1_ENUMERATED_SET),  "ASN1_ENUMERATED_set"},
-{ERR_FUNC(ASN1_F_ASN1_ENUMERATED_TO_BN),        "ASN1_ENUMERATED_to_BN"},
-{ERR_FUNC(ASN1_F_ASN1_FIND_END),        "ASN1_FIND_END"},
-{ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_SET),     "ASN1_GENERALIZEDTIME_set"},
-{ERR_FUNC(ASN1_F_ASN1_GET_OBJECT),      "ASN1_get_object"},
-{ERR_FUNC(ASN1_F_ASN1_HEADER_NEW),      "ASN1_HEADER_new"},
-{ERR_FUNC(ASN1_F_ASN1_I2D_BIO), "ASN1_i2d_bio"},
-{ERR_FUNC(ASN1_F_ASN1_I2D_FP),  "ASN1_i2d_fp"},
-{ERR_FUNC(ASN1_F_ASN1_INTEGER_SET),     "ASN1_INTEGER_set"},
-{ERR_FUNC(ASN1_F_ASN1_INTEGER_TO_BN),   "ASN1_INTEGER_to_BN"},
-{ERR_FUNC(ASN1_F_ASN1_ITEM_EX_D2I),     "ASN1_ITEM_EX_D2I"},
-{ERR_FUNC(ASN1_F_ASN1_ITEM_NEW),        "ASN1_item_new"},
-{ERR_FUNC(ASN1_F_ASN1_MBSTRING_COPY),   "ASN1_mbstring_copy"},
-{ERR_FUNC(ASN1_F_ASN1_OBJECT_NEW),      "ASN1_OBJECT_new"},
-{ERR_FUNC(ASN1_F_ASN1_PACK_STRING),     "ASN1_pack_string"},
-{ERR_FUNC(ASN1_F_ASN1_PBE_SET), "ASN1_PBE_SET"},
-{ERR_FUNC(ASN1_F_ASN1_SEQ_PACK),        "ASN1_seq_pack"},
-{ERR_FUNC(ASN1_F_ASN1_SEQ_UNPACK),      "ASN1_seq_unpack"},
-{ERR_FUNC(ASN1_F_ASN1_SIGN),    "ASN1_sign"},
-{ERR_FUNC(ASN1_F_ASN1_STRING_SET),      "ASN1_STRING_set"},
-{ERR_FUNC(ASN1_F_ASN1_STRING_TABLE_ADD),        "ASN1_STRING_TABLE_add"},
-{ERR_FUNC(ASN1_F_ASN1_STRING_TYPE_NEW), "ASN1_STRING_type_new"},
-{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_D2I),    "ASN1_TEMPLATE_D2I"},
-{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_EX_D2I), "ASN1_TEMPLATE_EX_D2I"},
-{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW),    "ASN1_TEMPLATE_NEW"},
-{ERR_FUNC(ASN1_F_ASN1_TIME_SET),        "ASN1_TIME_set"},
-{ERR_FUNC(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING),        "ASN1_TYPE_get_int_octetstring"},
-{ERR_FUNC(ASN1_F_ASN1_TYPE_GET_OCTETSTRING),    "ASN1_TYPE_get_octetstring"},
-{ERR_FUNC(ASN1_F_ASN1_UNPACK_STRING),   "ASN1_unpack_string"},
-{ERR_FUNC(ASN1_F_ASN1_UTCTIME_SET),     "ASN1_UTCTIME_set"},
-{ERR_FUNC(ASN1_F_ASN1_VERIFY),  "ASN1_verify"},
-{ERR_FUNC(ASN1_F_BN_TO_ASN1_ENUMERATED),        "BN_to_ASN1_ENUMERATED"},
-{ERR_FUNC(ASN1_F_BN_TO_ASN1_INTEGER),   "BN_to_ASN1_INTEGER"},
-{ERR_FUNC(ASN1_F_COLLECT_DATA), "COLLECT_DATA"},
-{ERR_FUNC(ASN1_F_D2I_ASN1_BIT_STRING),  "D2I_ASN1_BIT_STRING"},
-{ERR_FUNC(ASN1_F_D2I_ASN1_BOOLEAN),     "d2i_ASN1_BOOLEAN"},
-{ERR_FUNC(ASN1_F_D2I_ASN1_BYTES),       "d2i_ASN1_bytes"},
-{ERR_FUNC(ASN1_F_D2I_ASN1_GENERALIZEDTIME),     "D2I_ASN1_GENERALIZEDTIME"},
-{ERR_FUNC(ASN1_F_D2I_ASN1_HEADER),      "d2i_ASN1_HEADER"},
-{ERR_FUNC(ASN1_F_D2I_ASN1_INTEGER),     "D2I_ASN1_INTEGER"},
-{ERR_FUNC(ASN1_F_D2I_ASN1_OBJECT),      "d2i_ASN1_OBJECT"},
-{ERR_FUNC(ASN1_F_D2I_ASN1_SET), "d2i_ASN1_SET"},
-{ERR_FUNC(ASN1_F_D2I_ASN1_TYPE_BYTES),  "d2i_ASN1_type_bytes"},
-{ERR_FUNC(ASN1_F_D2I_ASN1_UINTEGER),    "d2i_ASN1_UINTEGER"},
-{ERR_FUNC(ASN1_F_D2I_ASN1_UTCTIME),     "D2I_ASN1_UTCTIME"},
-{ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA),     "d2i_Netscape_RSA"},
-{ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA_2),   "D2I_NETSCAPE_RSA_2"},
-{ERR_FUNC(ASN1_F_D2I_PRIVATEKEY),       "d2i_PrivateKey"},
-{ERR_FUNC(ASN1_F_D2I_PUBLICKEY),        "d2i_PublicKey"},
-{ERR_FUNC(ASN1_F_D2I_X509),     "D2I_X509"},
-{ERR_FUNC(ASN1_F_D2I_X509_CINF),        "D2I_X509_CINF"},
-{ERR_FUNC(ASN1_F_D2I_X509_NAME),        "D2I_X509_NAME"},
-{ERR_FUNC(ASN1_F_D2I_X509_PKEY),        "d2i_X509_PKEY"},
-{ERR_FUNC(ASN1_F_I2D_ASN1_SET), "i2d_ASN1_SET"},
-{ERR_FUNC(ASN1_F_I2D_ASN1_TIME),        "I2D_ASN1_TIME"},
-{ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY),       "i2d_DSA_PUBKEY"},
-{ERR_FUNC(ASN1_F_I2D_NETSCAPE_RSA),     "i2d_Netscape_RSA"},
-{ERR_FUNC(ASN1_F_I2D_PRIVATEKEY),       "i2d_PrivateKey"},
-{ERR_FUNC(ASN1_F_I2D_PUBLICKEY),        "i2d_PublicKey"},
-{ERR_FUNC(ASN1_F_I2D_RSA_PUBKEY),       "i2d_RSA_PUBKEY"},
-{ERR_FUNC(ASN1_F_LONG_C2I),     "LONG_C2I"},
-{ERR_FUNC(ASN1_F_OID_MODULE_INIT),      "OID_MODULE_INIT"},
-{ERR_FUNC(ASN1_F_PKCS5_PBE2_SET),       "PKCS5_pbe2_set"},
-{ERR_FUNC(ASN1_F_X509_CINF_NEW),        "X509_CINF_NEW"},
-{ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED),        "X509_CRL_add0_revoked"},
-{ERR_FUNC(ASN1_F_X509_INFO_NEW),        "X509_INFO_new"},
-{ERR_FUNC(ASN1_F_X509_NAME_NEW),        "X509_NAME_NEW"},
-{ERR_FUNC(ASN1_F_X509_NEW),     "X509_NEW"},
-{ERR_FUNC(ASN1_F_X509_PKEY_NEW),        "X509_PKEY_new"},
+{ERR_PACK(0,ASN1_F_A2D_ASN1_OBJECT,0),  "a2d_ASN1_OBJECT"},
+{ERR_PACK(0,ASN1_F_A2I_ASN1_ENUMERATED,0),      "a2i_ASN1_ENUMERATED"},
+{ERR_PACK(0,ASN1_F_A2I_ASN1_INTEGER,0), "a2i_ASN1_INTEGER"},
+{ERR_PACK(0,ASN1_F_A2I_ASN1_STRING,0),  "a2i_ASN1_STRING"},
+{ERR_PACK(0,ASN1_F_ASN1_BIT_STRING_SET_BIT,0),  "ASN1_BIT_STRING_set_bit"},
+{ERR_PACK(0,ASN1_F_ASN1_CHECK_TLEN,0),  "ASN1_CHECK_TLEN"},
+{ERR_PACK(0,ASN1_F_ASN1_COLLATE_PRIMITIVE,0),   "ASN1_COLLATE_PRIMITIVE"},
+{ERR_PACK(0,ASN1_F_ASN1_COLLECT,0),     "ASN1_COLLECT"},
+{ERR_PACK(0,ASN1_F_ASN1_D2I_BIO,0),     "ASN1_d2i_bio"},
+{ERR_PACK(0,ASN1_F_ASN1_D2I_EX_PRIMITIVE,0),    "ASN1_D2I_EX_PRIMITIVE"},
+{ERR_PACK(0,ASN1_F_ASN1_D2I_FP,0),      "ASN1_d2i_fp"},
+{ERR_PACK(0,ASN1_F_ASN1_DIGEST,0),      "ASN1_digest"},
+{ERR_PACK(0,ASN1_F_ASN1_DO_ADB,0),      "ASN1_DO_ADB"},
+{ERR_PACK(0,ASN1_F_ASN1_DUP,0), "ASN1_dup"},
+{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_SET,0),      "ASN1_ENUMERATED_set"},
+{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_TO_BN,0),    "ASN1_ENUMERATED_to_BN"},
+{ERR_PACK(0,ASN1_F_ASN1_GENERALIZEDTIME_SET,0), "ASN1_GENERALIZEDTIME_set"},
+{ERR_PACK(0,ASN1_F_ASN1_GET_OBJECT,0),  "ASN1_get_object"},
+{ERR_PACK(0,ASN1_F_ASN1_HEADER_NEW,0),  "ASN1_HEADER_new"},
+{ERR_PACK(0,ASN1_F_ASN1_I2D_BIO,0),     "ASN1_i2d_bio"},
+{ERR_PACK(0,ASN1_F_ASN1_I2D_FP,0),      "ASN1_i2d_fp"},
+{ERR_PACK(0,ASN1_F_ASN1_INTEGER_SET,0), "ASN1_INTEGER_set"},
+{ERR_PACK(0,ASN1_F_ASN1_INTEGER_TO_BN,0),       "ASN1_INTEGER_to_BN"},
+{ERR_PACK(0,ASN1_F_ASN1_ITEM_EX_D2I,0), "ASN1_ITEM_EX_D2I"},
+{ERR_PACK(0,ASN1_F_ASN1_ITEM_NEW,0),    "ASN1_item_new"},
+{ERR_PACK(0,ASN1_F_ASN1_MBSTRING_COPY,0),       "ASN1_mbstring_copy"},
+{ERR_PACK(0,ASN1_F_ASN1_OBJECT_NEW,0),  "ASN1_OBJECT_new"},
+{ERR_PACK(0,ASN1_F_ASN1_PACK_STRING,0), "ASN1_pack_string"},
+{ERR_PACK(0,ASN1_F_ASN1_PBE_SET,0),     "ASN1_PBE_SET"},
+{ERR_PACK(0,ASN1_F_ASN1_SEQ_PACK,0),    "ASN1_seq_pack"},
+{ERR_PACK(0,ASN1_F_ASN1_SEQ_UNPACK,0),  "ASN1_seq_unpack"},
+{ERR_PACK(0,ASN1_F_ASN1_SIGN,0),        "ASN1_sign"},
+{ERR_PACK(0,ASN1_F_ASN1_STRING_SET,0),  "ASN1_STRING_set"},
+{ERR_PACK(0,ASN1_F_ASN1_STRING_TABLE_ADD,0),    "ASN1_STRING_TABLE_add"},
+{ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0),     "ASN1_STRING_type_new"},
+{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_D2I,0),        "ASN1_TEMPLATE_D2I"},
+{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_EX_D2I,0),     "ASN1_TEMPLATE_EX_D2I"},
+{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_NEW,0),        "ASN1_TEMPLATE_NEW"},
+{ERR_PACK(0,ASN1_F_ASN1_TIME_SET,0),    "ASN1_TIME_set"},
+{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0),    "ASN1_TYPE_get_int_octetstring"},
+{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0),        "ASN1_TYPE_get_octetstring"},
+{ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0),       "ASN1_unpack_string"},
+{ERR_PACK(0,ASN1_F_ASN1_UTCTIME_SET,0), "ASN1_UTCTIME_set"},
+{ERR_PACK(0,ASN1_F_ASN1_VERIFY,0),      "ASN1_verify"},
+{ERR_PACK(0,ASN1_F_BN_TO_ASN1_ENUMERATED,0),    "BN_to_ASN1_ENUMERATED"},
+{ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0),       "BN_to_ASN1_INTEGER"},
+{ERR_PACK(0,ASN1_F_COLLECT_DATA,0),     "COLLECT_DATA"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0),      "D2I_ASN1_BIT_STRING"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0), "d2i_ASN1_BOOLEAN"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0),   "d2i_ASN1_bytes"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_GENERALIZEDTIME,0), "D2I_ASN1_GENERALIZEDTIME"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0),  "d2i_ASN1_HEADER"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_INTEGER,0), "D2I_ASN1_INTEGER"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_OBJECT,0),  "d2i_ASN1_OBJECT"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_SET,0),     "d2i_ASN1_SET"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE_BYTES,0),      "d2i_ASN1_type_bytes"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_UINTEGER,0),        "d2i_ASN1_UINTEGER"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0), "D2I_ASN1_UTCTIME"},
+{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA,0), "d2i_Netscape_RSA"},
+{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0),       "D2I_NETSCAPE_RSA_2"},
+{ERR_PACK(0,ASN1_F_D2I_PRIVATEKEY,0),   "d2i_PrivateKey"},
+{ERR_PACK(0,ASN1_F_D2I_PUBLICKEY,0),    "d2i_PublicKey"},
+{ERR_PACK(0,ASN1_F_D2I_X509,0), "D2I_X509"},
+{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0),    "D2I_X509_CINF"},
+{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0),    "D2I_X509_NAME"},
+{ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0),    "d2i_X509_PKEY"},
+{ERR_PACK(0,ASN1_F_I2D_ASN1_SET,0),     "i2d_ASN1_SET"},
+{ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0),    "I2D_ASN1_TIME"},
+{ERR_PACK(0,ASN1_F_I2D_DSA_PUBKEY,0),   "i2d_DSA_PUBKEY"},
+{ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0), "i2d_Netscape_RSA"},
+{ERR_PACK(0,ASN1_F_I2D_PRIVATEKEY,0),   "i2d_PrivateKey"},
+{ERR_PACK(0,ASN1_F_I2D_PUBLICKEY,0),    "i2d_PublicKey"},
+{ERR_PACK(0,ASN1_F_I2D_RSA_PUBKEY,0),   "i2d_RSA_PUBKEY"},
+{ERR_PACK(0,ASN1_F_LONG_C2I,0), "LONG_C2I"},
+{ERR_PACK(0,ASN1_F_OID_MODULE_INIT,0),  "OID_MODULE_INIT"},
+{ERR_PACK(0,ASN1_F_PKCS5_PBE2_SET,0),   "PKCS5_pbe2_set"},
+{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0),    "X509_CINF_NEW"},
+{ERR_PACK(0,ASN1_F_X509_CRL_ADD0_REVOKED,0),    "X509_CRL_add0_revoked"},
+{ERR_PACK(0,ASN1_F_X509_INFO_NEW,0),    "X509_INFO_new"},
+{ERR_PACK(0,ASN1_F_X509_NAME_NEW,0),    "X509_NAME_NEW"},
+{ERR_PACK(0,ASN1_F_X509_NEW,0), "X509_NEW"},
+{ERR_PACK(0,ASN1_F_X509_PKEY_NEW,0),    "X509_PKEY_new"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA ASN1_str_reasons[]=
         {
-{ERR_REASON(ASN1_R_ADDING_OBJECT)        ,"adding object"},
-{ERR_REASON(ASN1_R_AUX_ERROR)            ,"aux error"},
-{ERR_REASON(ASN1_R_BAD_CLASS)            ,"bad class"},
-{ERR_REASON(ASN1_R_BAD_OBJECT_HEADER)    ,"bad object header"},
-{ERR_REASON(ASN1_R_BAD_PASSWORD_READ)    ,"bad password read"},
-{ERR_REASON(ASN1_R_BAD_TAG)              ,"bad tag"},
-{ERR_REASON(ASN1_R_BN_LIB)               ,"bn lib"},
-{ERR_REASON(ASN1_R_BOOLEAN_IS_WRONG_LENGTH),"boolean is wrong length"},
-{ERR_REASON(ASN1_R_BUFFER_TOO_SMALL)     ,"buffer too small"},
-{ERR_REASON(ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),"cipher has no object identifier"},
-{ERR_REASON(ASN1_R_DATA_IS_WRONG)        ,"data is wrong"},
-{ERR_REASON(ASN1_R_DECODE_ERROR)         ,"decode error"},
-{ERR_REASON(ASN1_R_DECODING_ERROR)       ,"decoding error"},
-{ERR_REASON(ASN1_R_ENCODE_ERROR)         ,"encode error"},
-{ERR_REASON(ASN1_R_ERROR_GETTING_TIME)   ,"error getting time"},
-{ERR_REASON(ASN1_R_ERROR_LOADING_SECTION),"error loading section"},
-{ERR_REASON(ASN1_R_ERROR_PARSING_SET_ELEMENT),"error parsing set element"},
-{ERR_REASON(ASN1_R_ERROR_SETTING_CIPHER_PARAMS),"error setting cipher params"},
-{ERR_REASON(ASN1_R_EXPECTING_AN_INTEGER) ,"expecting an integer"},
-{ERR_REASON(ASN1_R_EXPECTING_AN_OBJECT)  ,"expecting an object"},
-{ERR_REASON(ASN1_R_EXPECTING_A_BOOLEAN)  ,"expecting a boolean"},
-{ERR_REASON(ASN1_R_EXPECTING_A_TIME)     ,"expecting a time"},
-{ERR_REASON(ASN1_R_EXPLICIT_LENGTH_MISMATCH),"explicit length mismatch"},
-{ERR_REASON(ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED),"explicit tag not constructed"},
-{ERR_REASON(ASN1_R_FIELD_MISSING)        ,"field missing"},
-{ERR_REASON(ASN1_R_FIRST_NUM_TOO_LARGE)  ,"first num too large"},
-{ERR_REASON(ASN1_R_HEADER_TOO_LONG)      ,"header too long"},
-{ERR_REASON(ASN1_R_ILLEGAL_CHARACTERS)   ,"illegal characters"},
-{ERR_REASON(ASN1_R_ILLEGAL_NULL)         ,"illegal null"},
-{ERR_REASON(ASN1_R_ILLEGAL_OPTIONAL_ANY) ,"illegal optional any"},
-{ERR_REASON(ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE),"illegal options on item template"},
-{ERR_REASON(ASN1_R_ILLEGAL_TAGGED_ANY)   ,"illegal tagged any"},
-{ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG),"integer too large for long"},
-{ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH),"invalid bmpstring length"},
-{ERR_REASON(ASN1_R_INVALID_DIGIT)        ,"invalid digit"},
-{ERR_REASON(ASN1_R_INVALID_SEPARATOR)    ,"invalid separator"},
-{ERR_REASON(ASN1_R_INVALID_TIME_FORMAT)  ,"invalid time format"},
-{ERR_REASON(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH),"invalid universalstring length"},
-{ERR_REASON(ASN1_R_INVALID_UTF8STRING)   ,"invalid utf8string"},
-{ERR_REASON(ASN1_R_IV_TOO_LARGE)         ,"iv too large"},
-{ERR_REASON(ASN1_R_LENGTH_ERROR)         ,"length error"},
-{ERR_REASON(ASN1_R_MISSING_EOC)          ,"missing eoc"},
-{ERR_REASON(ASN1_R_MISSING_SECOND_NUMBER),"missing second number"},
-{ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL),"mstring not universal"},
-{ERR_REASON(ASN1_R_MSTRING_WRONG_TAG)    ,"mstring wrong tag"},
-{ERR_REASON(ASN1_R_NESTED_ASN1_STRING)   ,"nested asn1 string"},
-{ERR_REASON(ASN1_R_NON_HEX_CHARACTERS)   ,"non hex characters"},
-{ERR_REASON(ASN1_R_NOT_ENOUGH_DATA)      ,"not enough data"},
-{ERR_REASON(ASN1_R_NO_MATCHING_CHOICE_TYPE),"no matching choice type"},
-{ERR_REASON(ASN1_R_NULL_IS_WRONG_LENGTH) ,"null is wrong length"},
-{ERR_REASON(ASN1_R_ODD_NUMBER_OF_CHARS)  ,"odd number of chars"},
-{ERR_REASON(ASN1_R_PRIVATE_KEY_HEADER_MISSING),"private key header missing"},
-{ERR_REASON(ASN1_R_SECOND_NUMBER_TOO_LARGE),"second number too large"},
-{ERR_REASON(ASN1_R_SEQUENCE_LENGTH_MISMATCH),"sequence length mismatch"},
-{ERR_REASON(ASN1_R_SEQUENCE_NOT_CONSTRUCTED),"sequence not constructed"},
-{ERR_REASON(ASN1_R_SHORT_LINE)           ,"short line"},
-{ERR_REASON(ASN1_R_STRING_TOO_LONG)      ,"string too long"},
-{ERR_REASON(ASN1_R_STRING_TOO_SHORT)     ,"string too short"},
-{ERR_REASON(ASN1_R_TAG_VALUE_TOO_HIGH)   ,"tag value too high"},
-{ERR_REASON(ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),"the asn1 object identifier is not known for this md"},
-{ERR_REASON(ASN1_R_TOO_LONG)             ,"too long"},
-{ERR_REASON(ASN1_R_TYPE_NOT_CONSTRUCTED) ,"type not constructed"},
-{ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY),"unable to decode rsa key"},
-{ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY),"unable to decode rsa private key"},
-{ERR_REASON(ASN1_R_UNEXPECTED_EOC)       ,"unexpected eoc"},
-{ERR_REASON(ASN1_R_UNKNOWN_FORMAT)       ,"unknown format"},
-{ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM),"unknown message digest algorithm"},
-{ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE)  ,"unknown object type"},
-{ERR_REASON(ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE),"unknown public key type"},
-{ERR_REASON(ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE),"unsupported any defined by type"},
-{ERR_REASON(ASN1_R_UNSUPPORTED_CIPHER)   ,"unsupported cipher"},
-{ERR_REASON(ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM),"unsupported encryption algorithm"},
-{ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE),"unsupported public key type"},
-{ERR_REASON(ASN1_R_WRONG_TAG)            ,"wrong tag"},
-{ERR_REASON(ASN1_R_WRONG_TYPE)           ,"wrong type"},
+{ASN1_R_ADDING_OBJECT                    ,"adding object"},
+{ASN1_R_AUX_ERROR                        ,"aux error"},
+{ASN1_R_BAD_CLASS                        ,"bad class"},
+{ASN1_R_BAD_OBJECT_HEADER                ,"bad object header"},
+{ASN1_R_BAD_PASSWORD_READ                ,"bad password read"},
+{ASN1_R_BAD_TAG                          ,"bad tag"},
+{ASN1_R_BN_LIB                           ,"bn lib"},
+{ASN1_R_BOOLEAN_IS_WRONG_LENGTH          ,"boolean is wrong length"},
+{ASN1_R_BUFFER_TOO_SMALL                 ,"buffer too small"},
+{ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER  ,"cipher has no object identifier"},
+{ASN1_R_DATA_IS_WRONG                    ,"data is wrong"},
+{ASN1_R_DECODE_ERROR                     ,"decode error"},
+{ASN1_R_DECODING_ERROR                   ,"decoding error"},
+{ASN1_R_ENCODE_ERROR                     ,"encode error"},
+{ASN1_R_ERROR_GETTING_TIME               ,"error getting time"},
+{ASN1_R_ERROR_LOADING_SECTION            ,"error loading section"},
+{ASN1_R_ERROR_PARSING_SET_ELEMENT        ,"error parsing set element"},
+{ASN1_R_ERROR_SETTING_CIPHER_PARAMS      ,"error setting cipher params"},
+{ASN1_R_EXPECTING_AN_INTEGER             ,"expecting an integer"},
+{ASN1_R_EXPECTING_AN_OBJECT              ,"expecting an object"},
+{ASN1_R_EXPECTING_A_BOOLEAN              ,"expecting a boolean"},
+{ASN1_R_EXPECTING_A_TIME                 ,"expecting a time"},
+{ASN1_R_EXPLICIT_LENGTH_MISMATCH         ,"explicit length mismatch"},
+{ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED     ,"explicit tag not constructed"},
+{ASN1_R_FIELD_MISSING                    ,"field missing"},
+{ASN1_R_FIRST_NUM_TOO_LARGE              ,"first num too large"},
+{ASN1_R_HEADER_TOO_LONG                  ,"header too long"},
+{ASN1_R_ILLEGAL_CHARACTERS               ,"illegal characters"},
+{ASN1_R_ILLEGAL_NULL                     ,"illegal null"},
+{ASN1_R_ILLEGAL_OPTIONAL_ANY             ,"illegal optional any"},
+{ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE ,"illegal options on item template"},
+{ASN1_R_ILLEGAL_TAGGED_ANY               ,"illegal tagged any"},
+{ASN1_R_INTEGER_TOO_LARGE_FOR_LONG       ,"integer too large for long"},
+{ASN1_R_INVALID_BMPSTRING_LENGTH         ,"invalid bmpstring length"},
+{ASN1_R_INVALID_DIGIT                    ,"invalid digit"},
+{ASN1_R_INVALID_SEPARATOR                ,"invalid separator"},
+{ASN1_R_INVALID_TIME_FORMAT              ,"invalid time format"},
+{ASN1_R_INVALID_UNIVERSALSTRING_LENGTH   ,"invalid universalstring length"},
+{ASN1_R_INVALID_UTF8STRING               ,"invalid utf8string"},
+{ASN1_R_IV_TOO_LARGE                     ,"iv too large"},
+{ASN1_R_LENGTH_ERROR                     ,"length error"},
+{ASN1_R_MISSING_EOC                      ,"missing eoc"},
+{ASN1_R_MISSING_SECOND_NUMBER            ,"missing second number"},
+{ASN1_R_MSTRING_NOT_UNIVERSAL            ,"mstring not universal"},
+{ASN1_R_MSTRING_WRONG_TAG                ,"mstring wrong tag"},
+{ASN1_R_NON_HEX_CHARACTERS               ,"non hex characters"},
+{ASN1_R_NOT_ENOUGH_DATA                  ,"not enough data"},
+{ASN1_R_NO_MATCHING_CHOICE_TYPE          ,"no matching choice type"},
+{ASN1_R_NULL_IS_WRONG_LENGTH             ,"null is wrong length"},
+{ASN1_R_ODD_NUMBER_OF_CHARS              ,"odd number of chars"},
+{ASN1_R_PRIVATE_KEY_HEADER_MISSING       ,"private key header missing"},
+{ASN1_R_SECOND_NUMBER_TOO_LARGE          ,"second number too large"},
+{ASN1_R_SEQUENCE_LENGTH_MISMATCH         ,"sequence length mismatch"},
+{ASN1_R_SEQUENCE_NOT_CONSTRUCTED         ,"sequence not constructed"},
+{ASN1_R_SHORT_LINE                       ,"short line"},
+{ASN1_R_STRING_TOO_LONG                  ,"string too long"},
+{ASN1_R_STRING_TOO_SHORT                 ,"string too short"},
+{ASN1_R_TAG_VALUE_TOO_HIGH               ,"tag value too high"},
+{ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
+{ASN1_R_TOO_LONG                         ,"too long"},
+{ASN1_R_TYPE_NOT_CONSTRUCTED             ,"type not constructed"},
+{ASN1_R_UNABLE_TO_DECODE_RSA_KEY         ,"unable to decode rsa key"},
+{ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY ,"unable to decode rsa private key"},
+{ASN1_R_UNEXPECTED_EOC                   ,"unexpected eoc"},
+{ASN1_R_UNKNOWN_FORMAT                   ,"unknown format"},
+{ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM ,"unknown message digest algorithm"},
+{ASN1_R_UNKNOWN_OBJECT_TYPE              ,"unknown object type"},
+{ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE          ,"unknown public key type"},
+{ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE  ,"unsupported any defined by type"},
+{ASN1_R_UNSUPPORTED_CIPHER               ,"unsupported cipher"},
+{ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM ,"unsupported encryption algorithm"},
+{ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE      ,"unsupported public key type"},
+{ASN1_R_WRONG_TAG                        ,"wrong tag"},
+{ASN1_R_WRONG_TYPE                       ,"wrong type"},
 {0,NULL}
         };
 
@@ -246,8 +240,8 @@ void ERR_load_ASN1_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,ASN1_str_functs);
-                ERR_load_strings(0,ASN1_str_reasons);
+                ERR_load_strings(ERR_LIB_ASN1,ASN1_str_functs);
+                ERR_load_strings(ERR_LIB_ASN1,ASN1_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/crypto/asn1/f.c b/src/lib/libssl/src/crypto/asn1/f.c
new file mode 100644
index 0000000000..82bccdfd51
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/f.c
@@ -0,0 +1,80 @@
+/* crypto/asn1/f.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include <openssl/asn1.h>
+#include <openssl/err.h>
+
+main()
+        {
+        ASN1_TYPE *at;
+        char buf[512];
+        int n;
+        long l;
+
+        at=ASN1_TYPE_new();
+
+        n=ASN1_TYPE_set_int_octetstring(at,98736,"01234567",8);
+        printf("%d\n",n);
+        n=ASN1_TYPE_get_int_octetstring(at,&l,buf,8);
+        buf[8]='\0';
+        printf("%ld %d %d\n",l,n,buf[8]);
+        buf[8]='\0';
+        printf("%s\n",buf);
+        ERR_load_crypto_strings();
+        ERR_print_errors_fp(stderr);
+        }
diff --git a/src/lib/libssl/src/crypto/asn1/t_x509.c b/src/lib/libssl/src/crypto/asn1/t_x509.c
index d1034c47f8..30f68561b7 100644
--- a/src/lib/libssl/src/crypto/asn1/t_x509.c
+++ b/src/lib/libssl/src/crypto/asn1/t_x509.c
@@ -321,7 +321,7 @@ int X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig)
 int ASN1_STRING_print(BIO *bp, ASN1_STRING *v)
         {
         int i,n;
-        char buf[80],*p;;
+        char buf[80],*p;
 
         if (v == NULL) return(0);
         n=0;
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_dec.c b/src/lib/libssl/src/crypto/asn1/tasn_dec.c
index c22501fc63..2426cb6253 100644
--- a/src/lib/libssl/src/crypto/asn1/tasn_dec.c
+++ b/src/lib/libssl/src/crypto/asn1/tasn_dec.c
@@ -66,7 +66,6 @@
 #include <openssl/err.h>
 
 static int asn1_check_eoc(unsigned char **in, long len);
-static int asn1_find_end(unsigned char **in, long len, char inf);
 static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass);
 static int collect_data(BUF_MEM *buf, unsigned char **p, long plen);
 static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst,
@@ -645,7 +644,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inl
                 cont = *in;
                 /* If indefinite length constructed find the real end */
                 if(inf) {
-                        if(!asn1_find_end(&p, plen, inf)) goto err;
+                        if(!asn1_collect(NULL, &p, plen, inf, -1, -1)) goto err;
                         len = p - cont;
                 } else {
                         len = p - cont + plen;
@@ -808,66 +807,12 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char
         return ret;
 }
 
-/* This function finds the end of an ASN1 structure when passed its maximum
- * length, whether it is indefinite length and a pointer to the content.
- * This is more efficient than calling asn1_collect because it does not
- * recurse on each indefinite length header.
- */
-
-static int asn1_find_end(unsigned char **in, long len, char inf)
-        {
-        int expected_eoc;
-        long plen;
-        unsigned char *p = *in, *q;
-        /* If not indefinite length constructed just add length */
-        if (inf == 0)
-                {
-                *in += len;
-                return 1;
-                }
-        expected_eoc = 1;
-        /* Indefinite length constructed form. Find the end when enough EOCs
-         * are found. If more indefinite length constructed headers
-         * are encountered increment the expected eoc count otherwise justi
-         * skip to the end of the data.
-         */
-        while (len > 0)
-                {
-                if(asn1_check_eoc(&p, len))
-                        {
-                        expected_eoc--;
-                        if (expected_eoc == 0)
-                                break;
-                        len -= 2;
-                        continue;
-                        }
-                q = p;
-                /* Just read in a header: only care about the length */
-                if(!asn1_check_tlen(&plen, NULL, NULL, &inf, NULL, &p, len,
-                                -1, 0, 0, NULL))
-                        {
-                        ASN1err(ASN1_F_ASN1_FIND_END, ERR_R_NESTED_ASN1_ERROR);
-                        return 0;
-                        }
-                if (inf)
-                        expected_eoc++;
-                else
-                        p += plen;
-                len -= p - q;
-                }
-        if (expected_eoc)
-                {
-                ASN1err(ASN1_F_ASN1_FIND_END, ASN1_R_MISSING_EOC);
-                return 0;
-                }
-        *in = p;
-        return 1;
-        }
-
 /* This function collects the asn1 data from a constructred string
  * type into a buffer. The values of 'in' and 'len' should refer
  * to the contents of the constructed type and 'inf' should be set
- * if it is indefinite length.
+ * if it is indefinite length. If 'buf' is NULL then we just want
+ * to find the end of the current structure: useful for indefinite
+ * length constructed stuff.
  */
 
 static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass)
@@ -877,6 +822,11 @@ static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, in
         char cst, ininf;
         p = *in;
         inf &= 1;
+        /* If no buffer and not indefinite length constructed just pass over the encoded data */
+        if(!buf && !inf) {
+                *in += len;
+                return 1;
+        }
         while(len > 0) {
                 q = p;
                 /* Check for EOC */
@@ -895,15 +845,9 @@ static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, in
                 }
                 /* If indefinite length constructed update max length */
                 if(cst) {
-#ifdef OPENSSL_ALLOW_NESTED_ASN1_STRINGS
-                        if (!asn1_collect(buf, &p, plen, ininf, tag, aclass))
-                                return 0;
-#else
-                        ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_NESTED_ASN1_STRING);
-                        return 0;
-#endif
+                        if(!asn1_collect(buf, &p, plen, ininf, tag, aclass)) return 0;
                 } else {
-                        if(plen && !collect_data(buf, &p, plen)) return 0;
+                        if(!collect_data(buf, &p, plen)) return 0;
                 }
                 len -= p - q;
         }
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_enc.c b/src/lib/libssl/src/crypto/asn1/tasn_enc.c
index c675c3c832..f6c8ddef0a 100644
--- a/src/lib/libssl/src/crypto/asn1/tasn_enc.c
+++ b/src/lib/libssl/src/crypto/asn1/tasn_enc.c
@@ -445,12 +445,9 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_
                 case V_ASN1_BOOLEAN:
                 tbool = (ASN1_BOOLEAN *)pval;
                 if(*tbool == -1) return -1;
-                if (it->utype != V_ASN1_ANY)
-                        {
-                        /* Default handling if value == size field then omit */
-                        if(*tbool && (it->size > 0)) return -1;
-                        if(!*tbool && !it->size) return -1;
-                        }
+                /* Default handling if value == size field then omit */
+                if(*tbool && (it->size > 0)) return -1;
+                if(!*tbool && !it->size) return -1;
                 c = (unsigned char)*tbool;
                 cont = &c;
                 len = 1;
diff --git a/src/lib/libssl/src/crypto/asn1/x_cinf.c b/src/lib/libssl/src/crypto/asn1/x_cinf.c
new file mode 100644
index 0000000000..339a110eef
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/x_cinf.c
@@ -0,0 +1,201 @@
+/* crypto/asn1/x_cinf.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1_mac.h>
+#include <openssl/x509.h>
+
+int i2d_X509_CINF(X509_CINF *a, unsigned char **pp)
+        {
+        int v1=0,v2=0;
+        M_ASN1_I2D_vars(a);
+
+        M_ASN1_I2D_len_EXP_opt(a->version,i2d_ASN1_INTEGER,0,v1);
+        M_ASN1_I2D_len(a->serialNumber,         i2d_ASN1_INTEGER);
+        M_ASN1_I2D_len(a->signature,            i2d_X509_ALGOR);
+        M_ASN1_I2D_len(a->issuer,               i2d_X509_NAME);
+        M_ASN1_I2D_len(a->validity,             i2d_X509_VAL);
+        M_ASN1_I2D_len(a->subject,              i2d_X509_NAME);
+        M_ASN1_I2D_len(a->key,                  i2d_X509_PUBKEY);
+        M_ASN1_I2D_len_IMP_opt(a->issuerUID,    i2d_ASN1_BIT_STRING);
+        M_ASN1_I2D_len_IMP_opt(a->subjectUID,   i2d_ASN1_BIT_STRING);
+        M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
+                                             i2d_X509_EXTENSION,3,
+                                             V_ASN1_SEQUENCE,v2);
+
+        M_ASN1_I2D_seq_total();
+
+        M_ASN1_I2D_put_EXP_opt(a->version,i2d_ASN1_INTEGER,0,v1);
+        M_ASN1_I2D_put(a->serialNumber,         i2d_ASN1_INTEGER);
+        M_ASN1_I2D_put(a->signature,            i2d_X509_ALGOR);
+        M_ASN1_I2D_put(a->issuer,               i2d_X509_NAME);
+        M_ASN1_I2D_put(a->validity,             i2d_X509_VAL);
+        M_ASN1_I2D_put(a->subject,              i2d_X509_NAME);
+        M_ASN1_I2D_put(a->key,                  i2d_X509_PUBKEY);
+        M_ASN1_I2D_put_IMP_opt(a->issuerUID,    i2d_ASN1_BIT_STRING,1);
+        M_ASN1_I2D_put_IMP_opt(a->subjectUID,   i2d_ASN1_BIT_STRING,2);
+        M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
+                                             i2d_X509_EXTENSION,3,
+                                             V_ASN1_SEQUENCE,v2);
+
+        M_ASN1_I2D_finish();
+        }
+
+X509_CINF *d2i_X509_CINF(X509_CINF **a, unsigned char **pp, long length)
+        {
+        int ver=0;
+        M_ASN1_D2I_vars(a,X509_CINF *,X509_CINF_new);
+
+        M_ASN1_D2I_Init();
+        M_ASN1_D2I_start_sequence();
+        /* we have the optional version field */
+        if (M_ASN1_next == (V_ASN1_CONTEXT_SPECIFIC | V_ASN1_CONSTRUCTED | 0))
+                {
+                M_ASN1_D2I_get_EXP_opt(ret->version,d2i_ASN1_INTEGER,0);
+                if (ret->version->data != NULL)
+                        ver=ret->version->data[0];
+                }
+        else
+                {
+                if (ret->version != NULL)
+                        {
+                        M_ASN1_INTEGER_free(ret->version);
+                        ret->version=NULL;
+                        }
+                }
+        M_ASN1_D2I_get(ret->serialNumber,d2i_ASN1_INTEGER);
+        M_ASN1_D2I_get(ret->signature,d2i_X509_ALGOR);
+        M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME);
+        M_ASN1_D2I_get(ret->validity,d2i_X509_VAL);
+        M_ASN1_D2I_get(ret->subject,d2i_X509_NAME);
+        M_ASN1_D2I_get(ret->key,d2i_X509_PUBKEY);
+        if (ver >= 1) /* version 2 extensions */
+                {
+                if (ret->issuerUID != NULL)
+                        {
+                        M_ASN1_BIT_STRING_free(ret->issuerUID);
+                        ret->issuerUID=NULL;
+                        }
+                if (ret->subjectUID != NULL)
+                        {
+                        M_ASN1_BIT_STRING_free(ret->subjectUID);
+                        ret->subjectUID=NULL;
+                        }
+                M_ASN1_D2I_get_IMP_opt(ret->issuerUID,d2i_ASN1_BIT_STRING,  1,
+                        V_ASN1_BIT_STRING);
+                M_ASN1_D2I_get_IMP_opt(ret->subjectUID,d2i_ASN1_BIT_STRING, 2,
+                        V_ASN1_BIT_STRING);
+                }
+/* Note: some broken certificates include extensions but don't set
+ * the version number properly. By bypassing this check they can
+ * be parsed.
+ */
+
+#ifdef VERSION_EXT_CHECK
+        if (ver >= 2) /* version 3 extensions */
+#endif
+                {
+                if (ret->extensions != NULL)
+                        while (sk_X509_EXTENSION_num(ret->extensions))
+                                X509_EXTENSION_free(
+                                      sk_X509_EXTENSION_pop(ret->extensions));
+                M_ASN1_D2I_get_EXP_set_opt_type(X509_EXTENSION,ret->extensions,
+                                                d2i_X509_EXTENSION,
+                                                X509_EXTENSION_free,3,
+                                                V_ASN1_SEQUENCE);
+                }
+        M_ASN1_D2I_Finish(a,X509_CINF_free,ASN1_F_D2I_X509_CINF);
+        }
+
+X509_CINF *X509_CINF_new(void)
+        {
+        X509_CINF *ret=NULL;
+        ASN1_CTX c;
+
+        M_ASN1_New_Malloc(ret,X509_CINF);
+        ret->version=NULL;
+        M_ASN1_New(ret->serialNumber,M_ASN1_INTEGER_new);
+        M_ASN1_New(ret->signature,X509_ALGOR_new);
+        M_ASN1_New(ret->issuer,X509_NAME_new);
+        M_ASN1_New(ret->validity,X509_VAL_new);
+        M_ASN1_New(ret->subject,X509_NAME_new);
+        M_ASN1_New(ret->key,X509_PUBKEY_new);
+        ret->issuerUID=NULL;
+        ret->subjectUID=NULL;
+        ret->extensions=NULL;
+        return(ret);
+        M_ASN1_New_Error(ASN1_F_X509_CINF_NEW);
+        }
+
+void X509_CINF_free(X509_CINF *a)
+        {
+        if (a == NULL) return;
+        M_ASN1_INTEGER_free(a->version);
+        M_ASN1_INTEGER_free(a->serialNumber);
+        X509_ALGOR_free(a->signature);
+        X509_NAME_free(a->issuer);
+        X509_VAL_free(a->validity);
+        X509_NAME_free(a->subject);
+        X509_PUBKEY_free(a->key);
+        M_ASN1_BIT_STRING_free(a->issuerUID);
+        M_ASN1_BIT_STRING_free(a->subjectUID);
+        sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free);
+        OPENSSL_free(a);
+        }
+
diff --git a/src/lib/libssl/src/crypto/bf/Makefile.ssl b/src/lib/libssl/src/crypto/bf/Makefile.ssl
new file mode 100644
index 0000000000..be3ad77a05
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bf/Makefile.ssl
@@ -0,0 +1,115 @@
+#
+# SSLeay/crypto/blowfish/Makefile
+#
+
+DIR=    bf
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+BF_ENC=         bf_enc.o
+# or use
+#DES_ENC=       bx86-elf.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+
+GENERAL=Makefile
+TEST=bftest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c 
+LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cfb64.o bf_ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= blowfish.h
+HEADER= bf_pi.h bf_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+# elf
+asm/bx86-elf.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+        (cd asm; $(PERL) bf-586.pl elf $(CFLAGS) $(PROCESSOR) > bx86-elf.s)
+
+# a.out
+asm/bx86-out.o: asm/bx86unix.cpp
+        $(CPP) -DOUT asm/bx86unix.cpp | as -o asm/bx86-out.o
+
+# bsdi
+asm/bx86bsdi.o: asm/bx86unix.cpp
+        $(CPP) -DBSDI asm/bx86unix.cpp | sed 's/ :/:/' | as -o asm/bx86bsdi.o
+
+asm/bx86unix.cpp: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+        (cd asm; $(PERL) bf-586.pl cpp $(PROCESSOR) >bx86unix.cpp)
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install: installs
+
+installs:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f asm/bx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bf_cfb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
+bf_cfb64.o: ../../include/openssl/opensslconf.h bf_cfb64.c bf_locl.h
+bf_ecb.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
+bf_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bf_ecb.o: bf_ecb.c bf_locl.h
+bf_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
+bf_enc.o: ../../include/openssl/opensslconf.h bf_enc.c bf_locl.h
+bf_ofb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
+bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h bf_ofb64.c
+bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
+bf_skey.o: ../../include/openssl/opensslconf.h bf_locl.h bf_pi.h bf_skey.c
diff --git a/src/lib/libssl/src/crypto/bf/asm/bf-586.pl b/src/lib/libssl/src/crypto/bf/asm/bf-586.pl
index b556642c94..b5a4760d09 100644
--- a/src/lib/libssl/src/crypto/bf/asm/bf-586.pl
+++ b/src/lib/libssl/src/crypto/bf/asm/bf-586.pl
@@ -18,7 +18,7 @@ $tmp4="edx";
 
 &BF_encrypt("BF_encrypt",1);
 &BF_encrypt("BF_decrypt",0);
-&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1);
+&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1) unless $main'openbsd;
 &asm_finish();
 
 sub BF_encrypt
diff --git a/src/lib/libssl/src/crypto/bf/bf_skey.c b/src/lib/libssl/src/crypto/bf/bf_skey.c
index 1931aba83f..fc5bebefce 100644
--- a/src/lib/libssl/src/crypto/bf/bf_skey.c
+++ b/src/lib/libssl/src/crypto/bf/bf_skey.c
@@ -60,7 +60,6 @@
 #include <string.h>
 #include <openssl/crypto.h>
 #include <openssl/blowfish.h>
-#include <openssl/fips.h>
 #include "bf_locl.h"
 #include "bf_pi.h"
 
diff --git a/src/lib/libssl/src/crypto/bio/Makefile.ssl b/src/lib/libssl/src/crypto/bio/Makefile.ssl
new file mode 100644
index 0000000000..d0b9e297b0
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bio/Makefile.ssl
@@ -0,0 +1,216 @@
+#
+# SSLeay/crypto/bio/Makefile
+#
+
+DIR=    bio
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= bio_lib.c bio_cb.c bio_err.c \
+        bss_mem.c bss_null.c bss_fd.c \
+        bss_file.c bss_sock.c bss_conn.c \
+        bf_null.c bf_buff.c b_print.c b_dump.c \
+        b_sock.c bss_acpt.c bf_nbio.c bss_log.c bss_bio.c
+#       bf_lbuf.c
+LIBOBJ= bio_lib.o bio_cb.o bio_err.o \
+        bss_mem.o bss_null.o bss_fd.o \
+        bss_file.o bss_sock.o bss_conn.o \
+        bf_null.o bf_buff.o b_print.o b_dump.o \
+        b_sock.o bss_acpt.o bf_nbio.o bss_log.o bss_bio.o
+#       bf_lbuf.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= bio.h
+HEADER= bss_file.c $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER); \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+b_dump.o: ../../e_os.h ../../include/openssl/bio.h
+b_dump.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+b_dump.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+b_dump.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+b_dump.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+b_dump.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+b_dump.o: ../cryptlib.h b_dump.c
+b_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+b_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+b_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+b_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+b_print.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+b_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+b_print.o: ../cryptlib.h b_print.c
+b_sock.o: ../../e_os.h ../../include/openssl/bio.h
+b_sock.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+b_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+b_sock.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+b_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+b_sock.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+b_sock.o: ../cryptlib.h b_sock.c
+bf_buff.o: ../../e_os.h ../../include/openssl/bio.h
+bf_buff.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bf_buff.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bf_buff.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bf_buff.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bf_buff.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bf_buff.o: ../cryptlib.h bf_buff.c
+bf_nbio.o: ../../e_os.h ../../include/openssl/bio.h
+bf_nbio.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bf_nbio.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bf_nbio.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bf_nbio.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bf_nbio.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+bf_nbio.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bf_nbio.o: ../cryptlib.h bf_nbio.c
+bf_null.o: ../../e_os.h ../../include/openssl/bio.h
+bf_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bf_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bf_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bf_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bf_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bf_null.o: ../cryptlib.h bf_null.c
+bio_cb.o: ../../e_os.h ../../include/openssl/bio.h
+bio_cb.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bio_cb.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_cb.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bio_cb.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bio_cb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bio_cb.o: ../cryptlib.h bio_cb.c
+bio_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+bio_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bio_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bio_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bio_err.o: bio_err.c
+bio_lib.o: ../../e_os.h ../../include/openssl/bio.h
+bio_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bio_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bio_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bio_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bio_lib.o: ../cryptlib.h bio_lib.c
+bss_acpt.o: ../../e_os.h ../../include/openssl/bio.h
+bss_acpt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_acpt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_acpt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_acpt.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bss_acpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bss_acpt.o: ../cryptlib.h bss_acpt.c
+bss_bio.o: ../../e_os.h ../../include/openssl/bio.h
+bss_bio.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bss_bio.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+bss_bio.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bss_bio.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_bio.o: ../../include/openssl/symhacks.h bss_bio.c
+bss_conn.o: ../../e_os.h ../../include/openssl/bio.h
+bss_conn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_conn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_conn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_conn.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bss_conn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bss_conn.o: ../cryptlib.h bss_conn.c
+bss_fd.o: ../../e_os.h ../../include/openssl/bio.h
+bss_fd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_fd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_fd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_fd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bss_fd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bss_fd.o: ../cryptlib.h bss_fd.c
+bss_file.o: ../../e_os.h ../../include/openssl/bio.h
+bss_file.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_file.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_file.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_file.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bss_file.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bss_file.o: ../cryptlib.h bss_file.c
+bss_log.o: ../../e_os.h ../../include/openssl/bio.h
+bss_log.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_log.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_log.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_log.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bss_log.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bss_log.o: ../cryptlib.h bss_log.c
+bss_mem.o: ../../e_os.h ../../include/openssl/bio.h
+bss_mem.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_mem.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_mem.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_mem.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bss_mem.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bss_mem.o: ../cryptlib.h bss_mem.c
+bss_null.o: ../../e_os.h ../../include/openssl/bio.h
+bss_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bss_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bss_null.o: ../cryptlib.h bss_null.c
+bss_sock.o: ../../e_os.h ../../include/openssl/bio.h
+bss_sock.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_sock.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bss_sock.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bss_sock.o: ../cryptlib.h bss_sock.c
diff --git a/src/lib/libssl/src/crypto/bio/b_print.c b/src/lib/libssl/src/crypto/bio/b_print.c
index 165f046295..8b753e7ca0 100644
--- a/src/lib/libssl/src/crypto/bio/b_print.c
+++ b/src/lib/libssl/src/crypto/bio/b_print.c
@@ -576,7 +576,7 @@ abs_val(LDOUBLE value)
 }
 
 static LDOUBLE
-pow_10(int in_exp)
+pow10(int in_exp)
 {
     LDOUBLE result = 1;
     while (in_exp) {
@@ -639,11 +639,11 @@ fmtfp(
 
     /* we "cheat" by converting the fractional part to integer by
        multiplying by a factor of 10 */
-    fracpart = roundv((pow_10(max)) * (ufvalue - intpart));
+    fracpart = roundv((pow10(max)) * (ufvalue - intpart));
 
-    if (fracpart >= (long)pow_10(max)) {
+    if (fracpart >= (long)pow10(max)) {
         intpart++;
-        fracpart -= (long)pow_10(max);
+        fracpart -= (long)pow10(max);
     }
 
     /* convert integer part */
@@ -806,6 +806,7 @@ int BIO_vprintf (BIO *bio, const char *format, va_list args)
         }
 
 /* As snprintf is not available everywhere, we provide our own implementation.
+ * In case of overflow or error, this returns -1.
  * This function has nothing to do with BIOs, but it's closely related
  * to BIO_printf, and we need *some* name prefix ...
  * (XXX  the function should be renamed, but to what?) */
@@ -830,10 +831,10 @@ int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
         _dopr(&buf, NULL, &n, &retlen, &truncated, format, args);
 
         if (truncated)
-                /* In case of truncation, return -1 like traditional snprintf.
+                /* In case of truncation, return -1 unlike traditional snprintf.
                  * (Current drafts for ISO/IEC 9899 say snprintf should return
                  * the number of characters that would have been written,
-                 * had the buffer been large enough.) */
+                 * had the buffer been large enough, as it did historically.) */
                 return -1;
         else
                 return (retlen <= INT_MAX) ? (int)retlen : -1;
diff --git a/src/lib/libssl/src/crypto/bio/bio_err.c b/src/lib/libssl/src/crypto/bio/bio_err.c
index 8859a58ae4..68a119d895 100644
--- a/src/lib/libssl/src/crypto/bio/bio_err.c
+++ b/src/lib/libssl/src/crypto/bio/bio_err.c
@@ -1,6 +1,6 @@
 /* crypto/bio/bio_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,77 +64,73 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_BIO,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_BIO,0,reason)
-
 static ERR_STRING_DATA BIO_str_functs[]=
         {
-{ERR_FUNC(BIO_F_ACPT_STATE),    "ACPT_STATE"},
-{ERR_FUNC(BIO_F_BIO_ACCEPT),    "BIO_accept"},
-{ERR_FUNC(BIO_F_BIO_BER_GET_HEADER),    "BIO_BER_GET_HEADER"},
-{ERR_FUNC(BIO_F_BIO_CTRL),      "BIO_ctrl"},
-{ERR_FUNC(BIO_F_BIO_GETHOSTBYNAME),     "BIO_gethostbyname"},
-{ERR_FUNC(BIO_F_BIO_GETS),      "BIO_gets"},
-{ERR_FUNC(BIO_F_BIO_GET_ACCEPT_SOCKET), "BIO_get_accept_socket"},
-{ERR_FUNC(BIO_F_BIO_GET_HOST_IP),       "BIO_get_host_ip"},
-{ERR_FUNC(BIO_F_BIO_GET_PORT),  "BIO_get_port"},
-{ERR_FUNC(BIO_F_BIO_MAKE_PAIR), "BIO_MAKE_PAIR"},
-{ERR_FUNC(BIO_F_BIO_NEW),       "BIO_new"},
-{ERR_FUNC(BIO_F_BIO_NEW_FILE),  "BIO_new_file"},
-{ERR_FUNC(BIO_F_BIO_NEW_MEM_BUF),       "BIO_new_mem_buf"},
-{ERR_FUNC(BIO_F_BIO_NREAD),     "BIO_nread"},
-{ERR_FUNC(BIO_F_BIO_NREAD0),    "BIO_nread0"},
-{ERR_FUNC(BIO_F_BIO_NWRITE),    "BIO_nwrite"},
-{ERR_FUNC(BIO_F_BIO_NWRITE0),   "BIO_nwrite0"},
-{ERR_FUNC(BIO_F_BIO_PUTS),      "BIO_puts"},
-{ERR_FUNC(BIO_F_BIO_READ),      "BIO_read"},
-{ERR_FUNC(BIO_F_BIO_SOCK_INIT), "BIO_sock_init"},
-{ERR_FUNC(BIO_F_BIO_WRITE),     "BIO_write"},
-{ERR_FUNC(BIO_F_BUFFER_CTRL),   "BUFFER_CTRL"},
-{ERR_FUNC(BIO_F_CONN_CTRL),     "CONN_CTRL"},
-{ERR_FUNC(BIO_F_CONN_STATE),    "CONN_STATE"},
-{ERR_FUNC(BIO_F_FILE_CTRL),     "FILE_CTRL"},
-{ERR_FUNC(BIO_F_FILE_READ),     "FILE_READ"},
-{ERR_FUNC(BIO_F_LINEBUFFER_CTRL),       "LINEBUFFER_CTRL"},
-{ERR_FUNC(BIO_F_MEM_READ),      "MEM_READ"},
-{ERR_FUNC(BIO_F_MEM_WRITE),     "MEM_WRITE"},
-{ERR_FUNC(BIO_F_SSL_NEW),       "SSL_new"},
-{ERR_FUNC(BIO_F_WSASTARTUP),    "WSASTARTUP"},
+{ERR_PACK(0,BIO_F_ACPT_STATE,0),        "ACPT_STATE"},
+{ERR_PACK(0,BIO_F_BIO_ACCEPT,0),        "BIO_accept"},
+{ERR_PACK(0,BIO_F_BIO_BER_GET_HEADER,0),        "BIO_BER_GET_HEADER"},
+{ERR_PACK(0,BIO_F_BIO_CTRL,0),  "BIO_ctrl"},
+{ERR_PACK(0,BIO_F_BIO_GETHOSTBYNAME,0), "BIO_gethostbyname"},
+{ERR_PACK(0,BIO_F_BIO_GETS,0),  "BIO_gets"},
+{ERR_PACK(0,BIO_F_BIO_GET_ACCEPT_SOCKET,0),     "BIO_get_accept_socket"},
+{ERR_PACK(0,BIO_F_BIO_GET_HOST_IP,0),   "BIO_get_host_ip"},
+{ERR_PACK(0,BIO_F_BIO_GET_PORT,0),      "BIO_get_port"},
+{ERR_PACK(0,BIO_F_BIO_MAKE_PAIR,0),     "BIO_MAKE_PAIR"},
+{ERR_PACK(0,BIO_F_BIO_NEW,0),   "BIO_new"},
+{ERR_PACK(0,BIO_F_BIO_NEW_FILE,0),      "BIO_new_file"},
+{ERR_PACK(0,BIO_F_BIO_NEW_MEM_BUF,0),   "BIO_new_mem_buf"},
+{ERR_PACK(0,BIO_F_BIO_NREAD,0), "BIO_nread"},
+{ERR_PACK(0,BIO_F_BIO_NREAD0,0),        "BIO_nread0"},
+{ERR_PACK(0,BIO_F_BIO_NWRITE,0),        "BIO_nwrite"},
+{ERR_PACK(0,BIO_F_BIO_NWRITE0,0),       "BIO_nwrite0"},
+{ERR_PACK(0,BIO_F_BIO_PUTS,0),  "BIO_puts"},
+{ERR_PACK(0,BIO_F_BIO_READ,0),  "BIO_read"},
+{ERR_PACK(0,BIO_F_BIO_SOCK_INIT,0),     "BIO_sock_init"},
+{ERR_PACK(0,BIO_F_BIO_WRITE,0), "BIO_write"},
+{ERR_PACK(0,BIO_F_BUFFER_CTRL,0),       "BUFFER_CTRL"},
+{ERR_PACK(0,BIO_F_CONN_CTRL,0), "CONN_CTRL"},
+{ERR_PACK(0,BIO_F_CONN_STATE,0),        "CONN_STATE"},
+{ERR_PACK(0,BIO_F_FILE_CTRL,0), "FILE_CTRL"},
+{ERR_PACK(0,BIO_F_FILE_READ,0), "FILE_READ"},
+{ERR_PACK(0,BIO_F_LINEBUFFER_CTRL,0),   "LINEBUFFER_CTRL"},
+{ERR_PACK(0,BIO_F_MEM_READ,0),  "MEM_READ"},
+{ERR_PACK(0,BIO_F_MEM_WRITE,0), "MEM_WRITE"},
+{ERR_PACK(0,BIO_F_SSL_NEW,0),   "SSL_new"},
+{ERR_PACK(0,BIO_F_WSASTARTUP,0),        "WSASTARTUP"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA BIO_str_reasons[]=
         {
-{ERR_REASON(BIO_R_ACCEPT_ERROR)          ,"accept error"},
-{ERR_REASON(BIO_R_BAD_FOPEN_MODE)        ,"bad fopen mode"},
-{ERR_REASON(BIO_R_BAD_HOSTNAME_LOOKUP)   ,"bad hostname lookup"},
-{ERR_REASON(BIO_R_BROKEN_PIPE)           ,"broken pipe"},
-{ERR_REASON(BIO_R_CONNECT_ERROR)         ,"connect error"},
-{ERR_REASON(BIO_R_EOF_ON_MEMORY_BIO)     ,"EOF on memory BIO"},
-{ERR_REASON(BIO_R_ERROR_SETTING_NBIO)    ,"error setting nbio"},
-{ERR_REASON(BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET),"error setting nbio on accepted socket"},
-{ERR_REASON(BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET),"error setting nbio on accept socket"},
-{ERR_REASON(BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET),"gethostbyname addr is not af inet"},
-{ERR_REASON(BIO_R_INVALID_ARGUMENT)      ,"invalid argument"},
-{ERR_REASON(BIO_R_INVALID_IP_ADDRESS)    ,"invalid ip address"},
-{ERR_REASON(BIO_R_IN_USE)                ,"in use"},
-{ERR_REASON(BIO_R_KEEPALIVE)             ,"keepalive"},
-{ERR_REASON(BIO_R_NBIO_CONNECT_ERROR)    ,"nbio connect error"},
-{ERR_REASON(BIO_R_NO_ACCEPT_PORT_SPECIFIED),"no accept port specified"},
-{ERR_REASON(BIO_R_NO_HOSTNAME_SPECIFIED) ,"no hostname specified"},
-{ERR_REASON(BIO_R_NO_PORT_DEFINED)       ,"no port defined"},
-{ERR_REASON(BIO_R_NO_PORT_SPECIFIED)     ,"no port specified"},
-{ERR_REASON(BIO_R_NO_SUCH_FILE)          ,"no such file"},
-{ERR_REASON(BIO_R_NULL_PARAMETER)        ,"null parameter"},
-{ERR_REASON(BIO_R_TAG_MISMATCH)          ,"tag mismatch"},
-{ERR_REASON(BIO_R_UNABLE_TO_BIND_SOCKET) ,"unable to bind socket"},
-{ERR_REASON(BIO_R_UNABLE_TO_CREATE_SOCKET),"unable to create socket"},
-{ERR_REASON(BIO_R_UNABLE_TO_LISTEN_SOCKET),"unable to listen socket"},
-{ERR_REASON(BIO_R_UNINITIALIZED)         ,"uninitialized"},
-{ERR_REASON(BIO_R_UNSUPPORTED_METHOD)    ,"unsupported method"},
-{ERR_REASON(BIO_R_WRITE_TO_READ_ONLY_BIO),"write to read only BIO"},
-{ERR_REASON(BIO_R_WSASTARTUP)            ,"WSAStartup"},
+{BIO_R_ACCEPT_ERROR                      ,"accept error"},
+{BIO_R_BAD_FOPEN_MODE                    ,"bad fopen mode"},
+{BIO_R_BAD_HOSTNAME_LOOKUP               ,"bad hostname lookup"},
+{BIO_R_BROKEN_PIPE                       ,"broken pipe"},
+{BIO_R_CONNECT_ERROR                     ,"connect error"},
+{BIO_R_EOF_ON_MEMORY_BIO                 ,"EOF on memory BIO"},
+{BIO_R_ERROR_SETTING_NBIO                ,"error setting nbio"},
+{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET,"error setting nbio on accepted socket"},
+{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET,"error setting nbio on accept socket"},
+{BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET ,"gethostbyname addr is not af inet"},
+{BIO_R_INVALID_ARGUMENT                  ,"invalid argument"},
+{BIO_R_INVALID_IP_ADDRESS                ,"invalid ip address"},
+{BIO_R_IN_USE                            ,"in use"},
+{BIO_R_KEEPALIVE                         ,"keepalive"},
+{BIO_R_NBIO_CONNECT_ERROR                ,"nbio connect error"},
+{BIO_R_NO_ACCEPT_PORT_SPECIFIED          ,"no accept port specified"},
+{BIO_R_NO_HOSTNAME_SPECIFIED             ,"no hostname specified"},
+{BIO_R_NO_PORT_DEFINED                   ,"no port defined"},
+{BIO_R_NO_PORT_SPECIFIED                 ,"no port specified"},
+{BIO_R_NO_SUCH_FILE                      ,"no such file"},
+{BIO_R_NULL_PARAMETER                    ,"null parameter"},
+{BIO_R_TAG_MISMATCH                      ,"tag mismatch"},
+{BIO_R_UNABLE_TO_BIND_SOCKET             ,"unable to bind socket"},
+{BIO_R_UNABLE_TO_CREATE_SOCKET           ,"unable to create socket"},
+{BIO_R_UNABLE_TO_LISTEN_SOCKET           ,"unable to listen socket"},
+{BIO_R_UNINITIALIZED                     ,"uninitialized"},
+{BIO_R_UNSUPPORTED_METHOD                ,"unsupported method"},
+{BIO_R_WRITE_TO_READ_ONLY_BIO            ,"write to read only BIO"},
+{BIO_R_WSASTARTUP                        ,"WSAStartup"},
 {0,NULL}
         };
 
@@ -148,8 +144,8 @@ void ERR_load_BIO_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,BIO_str_functs);
-                ERR_load_strings(0,BIO_str_reasons);
+                ERR_load_strings(ERR_LIB_BIO,BIO_str_functs);
+                ERR_load_strings(ERR_LIB_BIO,BIO_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/crypto/bio/bss_conn.c b/src/lib/libssl/src/crypto/bio/bss_conn.c
index 216780ed5e..f5d0e759e2 100644
--- a/src/lib/libssl/src/crypto/bio/bss_conn.c
+++ b/src/lib/libssl/src/crypto/bio/bss_conn.c
@@ -469,7 +469,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
                 break;
         case BIO_C_DO_STATE_MACHINE:
                 /* use this one to start the connection */
-                if (data->state != BIO_CONN_S_OK)
+                if (!data->state != BIO_CONN_S_OK)
                         ret=(long)conn_state(b,data);
                 else
                         ret=1;
diff --git a/src/lib/libssl/src/crypto/bn/Makefile.ssl b/src/lib/libssl/src/crypto/bn/Makefile.ssl
new file mode 100644
index 0000000000..50892ef44c
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/Makefile.ssl
@@ -0,0 +1,326 @@
+#
+# SSLeay/crypto/bn/Makefile
+#
+
+DIR=    bn
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+BN_ASM=         bn_asm.o
+# or use
+#BN_ASM=        bn86-elf.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+
+GENERAL=Makefile
+TEST=bntest.c exptest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \
+        bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
+        bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
+        bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c
+
+LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \
+        bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
+        bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \
+        bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= bn.h
+HEADER= bn_lcl.h bn_prime.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+bn_prime.h: bn_prime.pl
+        $(PERL) bn_prime.pl >bn_prime.h
+
+divtest: divtest.c ../../libcrypto.a
+        cc -I../../include divtest.c -o divtest ../../libcrypto.a
+
+bnbug: bnbug.c ../../libcrypto.a top
+        cc -g -I../../include bnbug.c -o bnbug ../../libcrypto.a
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+# elf
+asm/bn86-elf.s: asm/bn-586.pl ../perlasm/x86asm.pl
+        (cd asm; $(PERL) bn-586.pl elf $(CFLAGS) > bn86-elf.s)
+
+asm/co86-elf.s: asm/co-586.pl ../perlasm/x86asm.pl
+        (cd asm; $(PERL) co-586.pl elf $(CFLAGS) > co86-elf.s)
+
+# a.out
+asm/bn86-out.o: asm/bn86unix.cpp
+        $(CPP) -DOUT asm/bn86unix.cpp | as -o asm/bn86-out.o
+
+asm/co86-out.o: asm/co86unix.cpp
+        $(CPP) -DOUT asm/co86unix.cpp | as -o asm/co86-out.o
+
+# bsdi
+asm/bn86bsdi.o: asm/bn86unix.cpp
+        $(CPP) -DBSDI asm/bn86unix.cpp | sed 's/ :/:/' | as -o asm/bn86bsdi.o
+
+asm/co86bsdi.o: asm/co86unix.cpp
+        $(CPP) -DBSDI asm/co86unix.cpp | sed 's/ :/:/' | as -o asm/co86bsdi.o
+
+asm/bn86unix.cpp: asm/bn-586.pl ../perlasm/x86asm.pl
+        (cd asm; $(PERL) bn-586.pl cpp >bn86unix.cpp )
+
+asm/co86unix.cpp: asm/co-586.pl ../perlasm/x86asm.pl
+        (cd asm; $(PERL) co-586.pl cpp >co86unix.cpp )
+
+asm/sparcv8.o: asm/sparcv8.S
+
+asm/sparcv8plus.o: asm/sparcv8plus.S
+
+# Old GNU assembler doesn't understand V9 instructions, so we
+# hire /usr/ccs/bin/as to do the job. Note that option is called
+# *-gcc27, but even gcc 2>=8 users may experience similar problem
+# if they didn't bother to upgrade GNU assembler. Such users should
+# not choose this option, but be adviced to *remove* GNU assembler
+# or upgrade it.
+asm/sparcv8plus-gcc27.o: asm/sparcv8plus.S
+        $(CC) $(ASFLAGS) -E asm/sparcv8plus.S | \
+                /usr/ccs/bin/as -xarch=v8plus - -o asm/sparcv8plus-gcc27.o
+
+
+asm/ia64.o:     asm/ia64.S
+
+# Some compiler drivers (most notably HP-UX and Intel C++) don't
+# understand .S extension:-( I wish I could pipe output from cc -E,
+# but it's too compiler driver/ABI dependent to cover with a single
+# rule...       <appro@fy.chalmers.se>
+asm/ia64-cpp.o: asm/ia64.S
+        $(CC) $(ASFLAGS) -E asm/ia64.S > /tmp/ia64.$$$$.s &&    \
+        $(CC) $(ASFLAGS) -c -o asm/ia64-cpp.o /tmp/ia64.$$$$.s; \
+        rm -f /tmp/ia64.$$$$.s
+
+asm/x86_64-gcc.o: asm/x86_64-gcc.c
+
+asm/pa-risc2W.o: asm/pa-risc2W.s
+        /usr/ccs/bin/as -o asm/pa-rics2W.o asm/pa-risc2W.s
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+exptest:
+        rm -f exptest
+        gcc -I../../include -g2 -ggdb -o exptest exptest.c ../../libcrypto.a
+
+div:
+        rm -f a.out
+        gcc -I.. -g div.c ../../libcrypto.a
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f asm/co86unix.cpp asm/bn86unix.cpp asm/*-elf.* *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_asm.s
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bn_add.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_add.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_add.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_add.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_add.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bn_add.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_add.o: ../cryptlib.h bn_add.c bn_lcl.h
+bn_asm.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_asm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_asm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_asm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_asm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bn_asm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_asm.o: ../cryptlib.h bn_asm.c bn_lcl.h
+bn_blind.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_blind.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_blind.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_blind.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bn_blind.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_blind.o: ../cryptlib.h bn_blind.c bn_lcl.h
+bn_ctx.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_ctx.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bn_ctx.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_ctx.o: ../cryptlib.h bn_ctx.c bn_lcl.h
+bn_div.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_div.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_div.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_div.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bn_div.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_div.o: ../cryptlib.h bn_div.c bn_lcl.h
+bn_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bn_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+bn_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bn_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_err.o: ../../include/openssl/symhacks.h bn_err.c
+bn_exp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_exp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_exp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_exp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_exp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bn_exp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_exp.o: ../cryptlib.h bn_exp.c bn_lcl.h
+bn_exp2.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_exp2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_exp2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_exp2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_exp2.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bn_exp2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_exp2.o: ../cryptlib.h bn_exp2.c bn_lcl.h
+bn_gcd.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_gcd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_gcd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_gcd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_gcd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bn_gcd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_gcd.o: ../cryptlib.h bn_gcd.c bn_lcl.h
+bn_kron.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h
+bn_kron.o: ../../include/openssl/opensslconf.h bn_kron.c bn_lcl.h
+bn_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bn_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_lib.o: ../cryptlib.h bn_lcl.h bn_lib.c
+bn_mod.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_mod.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_mod.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bn_mod.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_mod.o: ../cryptlib.h bn_lcl.h bn_mod.c
+bn_mont.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bn_mont.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_mont.o: ../cryptlib.h bn_lcl.h bn_mont.c
+bn_mpi.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_mpi.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_mpi.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_mpi.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_mpi.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bn_mpi.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_mpi.o: ../cryptlib.h bn_lcl.h bn_mpi.c
+bn_mul.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_mul.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_mul.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_mul.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_mul.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bn_mul.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_mul.o: ../cryptlib.h bn_lcl.h bn_mul.c
+bn_prime.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_prime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_prime.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_prime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_prime.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+bn_prime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_prime.o: ../cryptlib.h bn_lcl.h bn_prime.c bn_prime.h
+bn_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_print.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bn_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_print.o: ../cryptlib.h bn_lcl.h bn_print.c
+bn_rand.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_rand.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+bn_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_rand.o: ../cryptlib.h bn_lcl.h bn_rand.c
+bn_recp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_recp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_recp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_recp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_recp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bn_recp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_recp.o: ../cryptlib.h bn_lcl.h bn_recp.c
+bn_shift.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_shift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_shift.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_shift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_shift.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bn_shift.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_shift.o: ../cryptlib.h bn_lcl.h bn_shift.c
+bn_sqr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_sqr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_sqr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_sqr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_sqr.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bn_sqr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_sqr.o: ../cryptlib.h bn_lcl.h bn_sqr.c
+bn_sqrt.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_sqrt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_sqrt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_sqrt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_sqrt.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bn_sqrt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_sqrt.o: ../cryptlib.h bn_lcl.h bn_sqrt.c
+bn_word.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_word.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bn_word.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_word.o: ../cryptlib.h bn_lcl.h bn_word.c
diff --git a/src/lib/libssl/src/crypto/bn/asm/sparcv8plus.S b/src/lib/libssl/src/crypto/bn/asm/sparcv8plus.S
index 8c56e2e7e7..0074dfdb75 100644
--- a/src/lib/libssl/src/crypto/bn/asm/sparcv8plus.S
+++ b/src/lib/libssl/src/crypto/bn/asm/sparcv8plus.S
@@ -162,14 +162,10 @@
  * BN_ULONG w;
  */
 bn_mul_add_words:
-        sra     %o2,%g0,%o2     ! signx %o2
         brgz,a  %o2,.L_bn_mul_add_words_proceed
         lduw    [%o1],%g2
         retl
         clr     %o0
-        nop
-        nop
-        nop
 
 .L_bn_mul_add_words_proceed:
         srl     %o3,%g0,%o3     ! clruw %o3
@@ -264,14 +260,10 @@ bn_mul_add_words:
  * BN_ULONG w;
  */
 bn_mul_words:
-        sra     %o2,%g0,%o2     ! signx %o2
         brgz,a  %o2,.L_bn_mul_words_proceeed
         lduw    [%o1],%g2
         retl
         clr     %o0
-        nop
-        nop
-        nop
 
 .L_bn_mul_words_proceeed:
         srl     %o3,%g0,%o3     ! clruw %o3
@@ -352,14 +344,10 @@ bn_mul_words:
  * int n;
  */
 bn_sqr_words:
-        sra     %o2,%g0,%o2     ! signx %o2
         brgz,a  %o2,.L_bn_sqr_words_proceeed
         lduw    [%o1],%g2
         retl
         clr     %o0
-        nop
-        nop
-        nop
 
 .L_bn_sqr_words_proceeed:
         andcc   %o2,-4,%g0
@@ -457,7 +445,6 @@ bn_div_words:
  * int n;
  */
 bn_add_words:
-        sra     %o3,%g0,%o3     ! signx %o3
         brgz,a  %o3,.L_bn_add_words_proceed
         lduw    [%o1],%o4
         retl
@@ -467,6 +454,7 @@ bn_add_words:
         andcc   %o3,-4,%g0
         bz,pn   %icc,.L_bn_add_words_tail
         addcc   %g0,0,%g0       ! clear carry flag
+        nop
 
 .L_bn_add_words_loop:           ! wow! 32 aligned!
         dec     4,%o3
@@ -535,7 +523,6 @@ bn_add_words:
  * int n;
  */
 bn_sub_words:
-        sra     %o3,%g0,%o3     ! signx %o3
         brgz,a  %o3,.L_bn_sub_words_proceed
         lduw    [%o1],%o4
         retl
@@ -545,6 +532,7 @@ bn_sub_words:
         andcc   %o3,-4,%g0
         bz,pn   %icc,.L_bn_sub_words_tail
         addcc   %g0,0,%g0       ! clear carry flag
+        nop
 
 .L_bn_sub_words_loop:           ! wow! 32 aligned!
         dec     4,%o3
diff --git a/src/lib/libssl/src/crypto/bn/bn.h b/src/lib/libssl/src/crypto/bn/bn.h
index 1251521c54..3da6d8ced9 100644
--- a/src/lib/libssl/src/crypto/bn/bn.h
+++ b/src/lib/libssl/src/crypto/bn/bn.h
@@ -225,23 +225,10 @@ extern "C" {
 
 #define BN_FLG_MALLOCED         0x01
 #define BN_FLG_STATIC_DATA      0x02
-#define BN_FLG_EXP_CONSTTIME    0x04 /* avoid leaking exponent information through timings
-                                      * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */
 #define BN_FLG_FREE             0x8000  /* used for debuging */
 #define BN_set_flags(b,n)       ((b)->flags|=(n))
 #define BN_get_flags(b,n)       ((b)->flags&(n))
 
-/* get a clone of a BIGNUM with changed flags, for *temporary* use only
- * (the two BIGNUMs cannot not be used in parallel!) */
-#define BN_with_flags(dest,b,n)  ((dest)->d=(b)->d, \
-                                  (dest)->top=(b)->top, \
-                                  (dest)->dmax=(b)->dmax, \
-                                  (dest)->neg=(b)->neg, \
-                                  (dest)->flags=(((dest)->flags & BN_FLG_MALLOCED) \
-                                                 |  ((b)->flags & ~BN_FLG_MALLOCED) \
-                                                 |  BN_FLG_STATIC_DATA \
-                                                 |  (n)))
-
 typedef struct bignum_st
         {
         BN_ULONG *d;    /* Pointer to an array of 'BN_BITS2' bit chunks. */
@@ -391,8 +378,6 @@ int	BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
         const BIGNUM *m,BN_CTX *ctx);
 int     BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
         const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
-        const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont);
 int     BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
         const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
 int     BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
@@ -438,19 +423,6 @@ int	BN_is_prime_fasttest(const BIGNUM *p,int nchecks,
         void (*callback)(int,int,void *),BN_CTX *ctx,void *cb_arg,
         int do_trial_division);
 
-#ifdef OPENSSL_FIPS
-int BN_X931_derive_prime(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
-                        void (*cb)(int, int, void *), void *cb_arg,
-                        const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2,
-                        const BIGNUM *e, BN_CTX *ctx);
-int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
-int BN_X931_generate_prime(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
-                        BIGNUM *Xp1, BIGNUM *Xp2,
-                        const BIGNUM *Xp,
-                        const BIGNUM *e, BN_CTX *ctx,
-                        void (*cb)(int, int, void *), void *cb_arg);
-#endif
-
 BN_MONT_CTX *BN_MONT_CTX_new(void );
 void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
 int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,
@@ -462,8 +434,6 @@ int BN_from_montgomery(BIGNUM *r,const BIGNUM *a,
 void BN_MONT_CTX_free(BN_MONT_CTX *mont);
 int BN_MONT_CTX_set(BN_MONT_CTX *mont,const BIGNUM *mod,BN_CTX *ctx);
 BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,BN_MONT_CTX *from);
-BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
-                                        const BIGNUM *mod, BN_CTX *ctx);
 
 BN_BLINDING *BN_BLINDING_new(BIGNUM *A,BIGNUM *Ai,BIGNUM *mod);
 void BN_BLINDING_free(BN_BLINDING *b);
@@ -540,15 +510,11 @@ void ERR_load_BN_strings(void);
 #define BN_F_BN_CTX_GET                                  116
 #define BN_F_BN_CTX_NEW                                  106
 #define BN_F_BN_DIV                                      107
-#define BN_F_BN_EXP                                      123
 #define BN_F_BN_EXPAND2                                  108
 #define BN_F_BN_EXPAND_INTERNAL                          120
 #define BN_F_BN_MOD_EXP2_MONT                            118
 #define BN_F_BN_MOD_EXP_MONT                             109
-#define BN_F_BN_MOD_EXP_MONT_CONSTTIME                   124
 #define BN_F_BN_MOD_EXP_MONT_WORD                        117
-#define BN_F_BN_MOD_EXP_RECP                             125
-#define BN_F_BN_MOD_EXP_SIMPLE                           126
 #define BN_F_BN_MOD_INVERSE                              110
 #define BN_F_BN_MOD_LSHIFT_QUICK                         119
 #define BN_F_BN_MOD_MUL_RECIPROCAL                       111
diff --git a/src/lib/libssl/src/crypto/bn/bn_asm.c b/src/lib/libssl/src/crypto/bn/bn_asm.c
index 19978085b2..be8aa3ffc5 100644
--- a/src/lib/libssl/src/crypto/bn/bn_asm.c
+++ b/src/lib/libssl/src/crypto/bn/bn_asm.c
@@ -237,7 +237,7 @@ BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
         if (d == 0) return(BN_MASK2);
 
         i=BN_num_bits_word(d);
-        assert((i == BN_BITS2) || (h <= (BN_ULONG)1<<i));
+        assert((i == BN_BITS2) || (h > (BN_ULONG)1<<i));
 
         i=BN_BITS2-i;
         if (h >= d) h-=d;
diff --git a/src/lib/libssl/src/crypto/bn/bn_err.c b/src/lib/libssl/src/crypto/bn/bn_err.c
index 5dfac00c88..fb84ee96d8 100644
--- a/src/lib/libssl/src/crypto/bn/bn_err.c
+++ b/src/lib/libssl/src/crypto/bn/bn_err.c
@@ -1,6 +1,6 @@
 /* crypto/bn/bn_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,60 +64,52 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_BN,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_BN,0,reason)
-
 static ERR_STRING_DATA BN_str_functs[]=
         {
-{ERR_FUNC(BN_F_BN_BLINDING_CONVERT),    "BN_BLINDING_convert"},
-{ERR_FUNC(BN_F_BN_BLINDING_INVERT),     "BN_BLINDING_invert"},
-{ERR_FUNC(BN_F_BN_BLINDING_NEW),        "BN_BLINDING_new"},
-{ERR_FUNC(BN_F_BN_BLINDING_UPDATE),     "BN_BLINDING_update"},
-{ERR_FUNC(BN_F_BN_BN2DEC),      "BN_bn2dec"},
-{ERR_FUNC(BN_F_BN_BN2HEX),      "BN_bn2hex"},
-{ERR_FUNC(BN_F_BN_CTX_GET),     "BN_CTX_get"},
-{ERR_FUNC(BN_F_BN_CTX_NEW),     "BN_CTX_new"},
-{ERR_FUNC(BN_F_BN_DIV), "BN_div"},
-{ERR_FUNC(BN_F_BN_EXP), "BN_exp"},
-{ERR_FUNC(BN_F_BN_EXPAND2),     "bn_expand2"},
-{ERR_FUNC(BN_F_BN_EXPAND_INTERNAL),     "BN_EXPAND_INTERNAL"},
-{ERR_FUNC(BN_F_BN_MOD_EXP2_MONT),       "BN_mod_exp2_mont"},
-{ERR_FUNC(BN_F_BN_MOD_EXP_MONT),        "BN_mod_exp_mont"},
-{ERR_FUNC(BN_F_BN_MOD_EXP_MONT_CONSTTIME),      "BN_mod_exp_mont_consttime"},
-{ERR_FUNC(BN_F_BN_MOD_EXP_MONT_WORD),   "BN_mod_exp_mont_word"},
-{ERR_FUNC(BN_F_BN_MOD_EXP_RECP),        "BN_mod_exp_recp"},
-{ERR_FUNC(BN_F_BN_MOD_EXP_SIMPLE),      "BN_mod_exp_simple"},
-{ERR_FUNC(BN_F_BN_MOD_INVERSE), "BN_mod_inverse"},
-{ERR_FUNC(BN_F_BN_MOD_LSHIFT_QUICK),    "BN_mod_lshift_quick"},
-{ERR_FUNC(BN_F_BN_MOD_MUL_RECIPROCAL),  "BN_mod_mul_reciprocal"},
-{ERR_FUNC(BN_F_BN_MOD_SQRT),    "BN_mod_sqrt"},
-{ERR_FUNC(BN_F_BN_MPI2BN),      "BN_mpi2bn"},
-{ERR_FUNC(BN_F_BN_NEW), "BN_new"},
-{ERR_FUNC(BN_F_BN_RAND),        "BN_rand"},
-{ERR_FUNC(BN_F_BN_RAND_RANGE),  "BN_rand_range"},
-{ERR_FUNC(BN_F_BN_USUB),        "BN_usub"},
+{ERR_PACK(0,BN_F_BN_BLINDING_CONVERT,0),        "BN_BLINDING_convert"},
+{ERR_PACK(0,BN_F_BN_BLINDING_INVERT,0), "BN_BLINDING_invert"},
+{ERR_PACK(0,BN_F_BN_BLINDING_NEW,0),    "BN_BLINDING_new"},
+{ERR_PACK(0,BN_F_BN_BLINDING_UPDATE,0), "BN_BLINDING_update"},
+{ERR_PACK(0,BN_F_BN_BN2DEC,0),  "BN_bn2dec"},
+{ERR_PACK(0,BN_F_BN_BN2HEX,0),  "BN_bn2hex"},
+{ERR_PACK(0,BN_F_BN_CTX_GET,0), "BN_CTX_get"},
+{ERR_PACK(0,BN_F_BN_CTX_NEW,0), "BN_CTX_new"},
+{ERR_PACK(0,BN_F_BN_DIV,0),     "BN_div"},
+{ERR_PACK(0,BN_F_BN_EXPAND2,0), "bn_expand2"},
+{ERR_PACK(0,BN_F_BN_EXPAND_INTERNAL,0), "BN_EXPAND_INTERNAL"},
+{ERR_PACK(0,BN_F_BN_MOD_EXP2_MONT,0),   "BN_mod_exp2_mont"},
+{ERR_PACK(0,BN_F_BN_MOD_EXP_MONT,0),    "BN_mod_exp_mont"},
+{ERR_PACK(0,BN_F_BN_MOD_EXP_MONT_WORD,0),       "BN_mod_exp_mont_word"},
+{ERR_PACK(0,BN_F_BN_MOD_INVERSE,0),     "BN_mod_inverse"},
+{ERR_PACK(0,BN_F_BN_MOD_LSHIFT_QUICK,0),        "BN_mod_lshift_quick"},
+{ERR_PACK(0,BN_F_BN_MOD_MUL_RECIPROCAL,0),      "BN_mod_mul_reciprocal"},
+{ERR_PACK(0,BN_F_BN_MOD_SQRT,0),        "BN_mod_sqrt"},
+{ERR_PACK(0,BN_F_BN_MPI2BN,0),  "BN_mpi2bn"},
+{ERR_PACK(0,BN_F_BN_NEW,0),     "BN_new"},
+{ERR_PACK(0,BN_F_BN_RAND,0),    "BN_rand"},
+{ERR_PACK(0,BN_F_BN_RAND_RANGE,0),      "BN_rand_range"},
+{ERR_PACK(0,BN_F_BN_USUB,0),    "BN_usub"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA BN_str_reasons[]=
         {
-{ERR_REASON(BN_R_ARG2_LT_ARG3)           ,"arg2 lt arg3"},
-{ERR_REASON(BN_R_BAD_RECIPROCAL)         ,"bad reciprocal"},
-{ERR_REASON(BN_R_BIGNUM_TOO_LONG)        ,"bignum too long"},
-{ERR_REASON(BN_R_CALLED_WITH_EVEN_MODULUS),"called with even modulus"},
-{ERR_REASON(BN_R_DIV_BY_ZERO)            ,"div by zero"},
-{ERR_REASON(BN_R_ENCODING_ERROR)         ,"encoding error"},
-{ERR_REASON(BN_R_EXPAND_ON_STATIC_BIGNUM_DATA),"expand on static bignum data"},
-{ERR_REASON(BN_R_INPUT_NOT_REDUCED)      ,"input not reduced"},
-{ERR_REASON(BN_R_INVALID_LENGTH)         ,"invalid length"},
-{ERR_REASON(BN_R_INVALID_RANGE)          ,"invalid range"},
-{ERR_REASON(BN_R_NOT_A_SQUARE)           ,"not a square"},
-{ERR_REASON(BN_R_NOT_INITIALIZED)        ,"not initialized"},
-{ERR_REASON(BN_R_NO_INVERSE)             ,"no inverse"},
-{ERR_REASON(BN_R_P_IS_NOT_PRIME)         ,"p is not prime"},
-{ERR_REASON(BN_R_TOO_MANY_ITERATIONS)    ,"too many iterations"},
-{ERR_REASON(BN_R_TOO_MANY_TEMPORARY_VARIABLES),"too many temporary variables"},
+{BN_R_ARG2_LT_ARG3                       ,"arg2 lt arg3"},
+{BN_R_BAD_RECIPROCAL                     ,"bad reciprocal"},
+{BN_R_BIGNUM_TOO_LONG                    ,"bignum too long"},
+{BN_R_CALLED_WITH_EVEN_MODULUS           ,"called with even modulus"},
+{BN_R_DIV_BY_ZERO                        ,"div by zero"},
+{BN_R_ENCODING_ERROR                     ,"encoding error"},
+{BN_R_EXPAND_ON_STATIC_BIGNUM_DATA       ,"expand on static bignum data"},
+{BN_R_INPUT_NOT_REDUCED                  ,"input not reduced"},
+{BN_R_INVALID_LENGTH                     ,"invalid length"},
+{BN_R_INVALID_RANGE                      ,"invalid range"},
+{BN_R_NOT_A_SQUARE                       ,"not a square"},
+{BN_R_NOT_INITIALIZED                    ,"not initialized"},
+{BN_R_NO_INVERSE                         ,"no inverse"},
+{BN_R_P_IS_NOT_PRIME                     ,"p is not prime"},
+{BN_R_TOO_MANY_ITERATIONS                ,"too many iterations"},
+{BN_R_TOO_MANY_TEMPORARY_VARIABLES       ,"too many temporary variables"},
 {0,NULL}
         };
 
@@ -131,8 +123,8 @@ void ERR_load_BN_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,BN_str_functs);
-                ERR_load_strings(0,BN_str_reasons);
+                ERR_load_strings(ERR_LIB_BN,BN_str_functs);
+                ERR_load_strings(ERR_LIB_BN,BN_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/crypto/bn/bn_exp.c b/src/lib/libssl/src/crypto/bn/bn_exp.c
index 9e1e88abe8..afdfd580fb 100644
--- a/src/lib/libssl/src/crypto/bn/bn_exp.c
+++ b/src/lib/libssl/src/crypto/bn/bn_exp.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -113,7 +113,6 @@
 #include "cryptlib.h"
 #include "bn_lcl.h"
 
-/* maximum precomputation table size for *variable* sliding windows */
 #define TABLE_SIZE      32
 
 /* this one works - simple but works */
@@ -122,13 +121,6 @@ int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
         int i,bits,ret=0;
         BIGNUM *v,*rr;
 
-        if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0)
-                {
-                /* BN_FLG_EXP_CONSTTIME only supported by BN_mod_exp_mont() */
-                BNerr(BN_F_BN_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-                return -1;
-                }
-
         BN_CTX_start(ctx);
         if ((r == a) || (r == p))
                 rr = BN_CTX_get(ctx);
@@ -212,7 +204,7 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
         if (BN_is_odd(m))
                 {
 #  ifdef MONT_EXP_WORD
-                if (a->top == 1 && !a->neg && (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) == 0))
+                if (a->top == 1 && !a->neg)
                         {
                         BN_ULONG A = a->d[0];
                         ret=BN_mod_exp_mont_word(r,A,p,m,ctx,NULL);
@@ -242,13 +234,6 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
         BIGNUM val[TABLE_SIZE];
         BN_RECP_CTX recp;
 
-        if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0)
-                {
-                /* BN_FLG_EXP_CONSTTIME only supported by BN_mod_exp_mont() */
-                BNerr(BN_F_BN_MOD_EXP_RECP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-                return -1;
-                }
-
         bits=BN_num_bits(p);
 
         if (bits == 0)
@@ -376,11 +361,6 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
         BIGNUM val[TABLE_SIZE];
         BN_MONT_CTX *mont=NULL;
 
-        if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0)
-                {
-                return BN_mod_exp_mont_consttime(rr, a, p, m, ctx, in_mont);
-                }
-
         bn_check_top(a);
         bn_check_top(p);
         bn_check_top(m);
@@ -513,212 +493,6 @@ err:
         return(ret);
         }
 
-
-/* BN_mod_exp_mont_consttime() stores the precomputed powers in a specific layout
- * so that accessing any of these table values shows the same access pattern as far
- * as cache lines are concerned.  The following functions are used to transfer a BIGNUM
- * from/to that table. */
-
-static int MOD_EXP_CTIME_COPY_TO_PREBUF(BIGNUM *b, int top, unsigned char *buf, int idx, int width)
-        {
-        size_t i, j;
-
-        if (bn_wexpand(b, top) == NULL)
-                return 0;
-        while (b->top < top)
-                {
-                b->d[b->top++] = 0;
-                }
-        
-        for (i = 0, j=idx; i < top * sizeof b->d[0]; i++, j+=width)
-                {
-                buf[j] = ((unsigned char*)b->d)[i];
-                }
-
-        bn_fix_top(b);
-        return 1;
-        }
-
-static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top, unsigned char *buf, int idx, int width)
-        {
-        size_t i, j;
-
-        if (bn_wexpand(b, top) == NULL)
-                return 0;
-
-        for (i=0, j=idx; i < top * sizeof b->d[0]; i++, j+=width)
-                {
-                ((unsigned char*)b->d)[i] = buf[j];
-                }
-
-        b->top = top;
-        bn_fix_top(b);
-        return 1;
-        }       
-
-/* Given a pointer value, compute the next address that is a cache line multiple. */
-#define MOD_EXP_CTIME_ALIGN(x_) \
-        ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ULONG)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
-
-/* This variant of BN_mod_exp_mont() uses fixed windows and the special
- * precomputation memory layout to limit data-dependency to a minimum
- * to protect secret exponents (cf. the hyper-threading timing attacks
- * pointed out by Colin Percival,
- * http://www.daemonology.net/hyperthreading-considered-harmful/)
- */
-int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
-                    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
-        {
-        int i,bits,ret=0,idx,window,wvalue;
-        int top;
-        BIGNUM *r;
-        const BIGNUM *aa;
-        BN_MONT_CTX *mont=NULL;
-
-        int numPowers;
-        unsigned char *powerbufFree=NULL;
-        int powerbufLen = 0;
-        unsigned char *powerbuf=NULL;
-        BIGNUM *computeTemp=NULL, *am=NULL;
-
-        bn_check_top(a);
-        bn_check_top(p);
-        bn_check_top(m);
-
-        top = m->top;
-
-        if (!(m->d[0] & 1))
-                {
-                BNerr(BN_F_BN_MOD_EXP_MONT_CONSTTIME,BN_R_CALLED_WITH_EVEN_MODULUS);
-                return(0);
-                }
-        bits=BN_num_bits(p);
-        if (bits == 0)
-                {
-                ret = BN_one(rr);
-                return ret;
-                }
-
-        /* Initialize BIGNUM context and allocate intermediate result */
-        BN_CTX_start(ctx);
-        r = BN_CTX_get(ctx);
-        if (r == NULL) goto err;
-
-        /* Allocate a montgomery context if it was not supplied by the caller.
-         * If this is not done, things will break in the montgomery part.
-         */
-        if (in_mont != NULL)
-                mont=in_mont;
-        else
-                {
-                if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
-                if (!BN_MONT_CTX_set(mont,m,ctx)) goto err;
-                }
-
-        /* Get the window size to use with size of p. */
-        window = BN_window_bits_for_ctime_exponent_size(bits);
-
-        /* Allocate a buffer large enough to hold all of the pre-computed
-         * powers of a.
-         */
-        numPowers = 1 << window;
-        powerbufLen = sizeof(m->d[0])*top*numPowers;
-        if ((powerbufFree=(unsigned char*)OPENSSL_malloc(powerbufLen+MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH)) == NULL)
-                goto err;
-                
-        powerbuf = MOD_EXP_CTIME_ALIGN(powerbufFree);
-        memset(powerbuf, 0, powerbufLen);
-
-        /* Initialize the intermediate result. Do this early to save double conversion,
-         * once each for a^0 and intermediate result.
-         */
-        if (!BN_to_montgomery(r,BN_value_one(),mont,ctx)) goto err;
-        if (!MOD_EXP_CTIME_COPY_TO_PREBUF(r, top, powerbuf, 0, numPowers)) goto err;
-
-        /* Initialize computeTemp as a^1 with montgomery precalcs */
-        computeTemp = BN_CTX_get(ctx);
-        am = BN_CTX_get(ctx);
-        if (computeTemp==NULL || am==NULL) goto err;
-
-        if (a->neg || BN_ucmp(a,m) >= 0)
-                {
-                if (!BN_mod(am,a,m,ctx))
-                        goto err;
-                aa= am;
-                }
-        else
-                aa=a;
-        if (!BN_to_montgomery(am,aa,mont,ctx)) goto err;
-        if (!BN_copy(computeTemp, am)) goto err;
-        if (!MOD_EXP_CTIME_COPY_TO_PREBUF(am, top, powerbuf, 1, numPowers)) goto err;
-
-        /* If the window size is greater than 1, then calculate
-         * val[i=2..2^winsize-1]. Powers are computed as a*a^(i-1)
-         * (even powers could instead be computed as (a^(i/2))^2
-         * to use the slight performance advantage of sqr over mul).
-         */
-        if (window > 1)
-                {
-                for (i=2; i<numPowers; i++)
-                        {
-                        /* Calculate a^i = a^(i-1) * a */
-                        if (!BN_mod_mul_montgomery(computeTemp,am,computeTemp,mont,ctx))
-                                goto err;
-                        if (!MOD_EXP_CTIME_COPY_TO_PREBUF(computeTemp, top, powerbuf, i, numPowers)) goto err;
-                        }
-                }
-
-        /* Adjust the number of bits up to a multiple of the window size.
-         * If the exponent length is not a multiple of the window size, then
-         * this pads the most significant bits with zeros to normalize the
-         * scanning loop to there's no special cases.
-         *
-         * * NOTE: Making the window size a power of two less than the native
-         * * word size ensures that the padded bits won't go past the last
-         * * word in the internal BIGNUM structure. Going past the end will
-         * * still produce the correct result, but causes a different branch
-         * * to be taken in the BN_is_bit_set function.
-         */
-        bits = ((bits+window-1)/window)*window;
-        idx=bits-1;     /* The top bit of the window */
-
-        /* Scan the exponent one window at a time starting from the most
-         * significant bits.
-         */
-        while (idx >= 0)
-                {
-                wvalue=0; /* The 'value' of the window */
-                
-                /* Scan the window, squaring the result as we go */
-                for (i=0; i<window; i++,idx--)
-                        {
-                        if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))     goto err;
-                        wvalue = (wvalue<<1)+BN_is_bit_set(p,idx);
-                        }
-                
-                /* Fetch the appropriate pre-computed value from the pre-buf */
-                if (!MOD_EXP_CTIME_COPY_FROM_PREBUF(computeTemp, top, powerbuf, wvalue, numPowers)) goto err;
-
-                /* Multiply the result into the intermediate result */
-                if (!BN_mod_mul_montgomery(r,r,computeTemp,mont,ctx)) goto err;
-                }
-
-        /* Convert the final result from montgomery to standard format */
-        if (!BN_from_montgomery(rr,r,mont,ctx)) goto err;
-        ret=1;
-err:
-        if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
-        if (powerbuf!=NULL)
-                {
-                OPENSSL_cleanse(powerbuf,powerbufLen);
-                OPENSSL_free(powerbufFree);
-                }
-        if (am!=NULL) BN_clear(am);
-        if (computeTemp!=NULL) BN_clear(computeTemp);
-        BN_CTX_end(ctx);
-        return(ret);
-        }
-
 int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
                          const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
         {
@@ -743,13 +517,6 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
 #define BN_TO_MONTGOMERY_WORD(r, w, mont) \
                 (BN_set_word(r, (w)) && BN_to_montgomery(r, r, (mont), ctx))
 
-        if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0)
-                {
-                /* BN_FLG_EXP_CONSTTIME only supported by BN_mod_exp_mont() */
-                BNerr(BN_F_BN_MOD_EXP_MONT_WORD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-                return -1;
-                }
-
         bn_check_top(p);
         bn_check_top(m);
 
@@ -877,13 +644,6 @@ int BN_mod_exp_simple(BIGNUM *r,
         BIGNUM *d;
         BIGNUM val[TABLE_SIZE];
 
-        if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0)
-                {
-                /* BN_FLG_EXP_CONSTTIME only supported by BN_mod_exp_mont() */
-                BNerr(BN_F_BN_MOD_EXP_SIMPLE,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-                return -1;
-                }
-
         bits=BN_num_bits(p);
 
         if (bits == 0)
diff --git a/src/lib/libssl/src/crypto/bn/bn_lcl.h b/src/lib/libssl/src/crypto/bn/bn_lcl.h
index a84998f2bd..253e195e23 100644
--- a/src/lib/libssl/src/crypto/bn/bn_lcl.h
+++ b/src/lib/libssl/src/crypto/bn/bn_lcl.h
@@ -177,45 +177,6 @@ struct bignum_ctx
 
 
 
-/* BN_mod_exp_mont_conttime is based on the assumption that the
- * L1 data cache line width of the target processor is at least
- * the following value.
- */
-#define MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH      ( 64 )
-#define MOD_EXP_CTIME_MIN_CACHE_LINE_MASK       (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - 1)
-
-/* Window sizes optimized for fixed window size modular exponentiation
- * algorithm (BN_mod_exp_mont_consttime).
- *
- * To achieve the security goals of BN_mode_exp_mont_consttime, the
- * maximum size of the window must not exceed
- * log_2(MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH). 
- *
- * Window size thresholds are defined for cache line sizes of 32 and 64,
- * cache line sizes where log_2(32)=5 and log_2(64)=6 respectively. A
- * window size of 7 should only be used on processors that have a 128
- * byte or greater cache line size.
- */
-#if MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH == 64
-
-#  define BN_window_bits_for_ctime_exponent_size(b) \
-                ((b) > 937 ? 6 : \
-                 (b) > 306 ? 5 : \
-                 (b) >  89 ? 4 : \
-                 (b) >  22 ? 3 : 1)
-#  define BN_MAX_WINDOW_BITS_FOR_CTIME_EXPONENT_SIZE    (6)
-
-#elif MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH == 32
-
-#  define BN_window_bits_for_ctime_exponent_size(b) \
-                ((b) > 306 ? 5 : \
-                 (b) >  89 ? 4 : \
-                 (b) >  22 ? 3 : 1)
-#  define BN_MAX_WINDOW_BITS_FOR_CTIME_EXPONENT_SIZE    (5)
-
-#endif
-
-
 /* Pentium pro 16,16,16,32,64 */
 /* Alpha       16,16,16,16.64 */
 #define BN_MULL_SIZE_NORMAL                     (16) /* 32 */
diff --git a/src/lib/libssl/src/crypto/bn/bn_mont.c b/src/lib/libssl/src/crypto/bn/bn_mont.c
index 3572e5a690..b79b1b60da 100644
--- a/src/lib/libssl/src/crypto/bn/bn_mont.c
+++ b/src/lib/libssl/src/crypto/bn/bn_mont.c
@@ -347,23 +347,3 @@ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from)
         return(to);
         }
 
-BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
-                                        const BIGNUM *mod, BN_CTX *ctx)
-        {
-        if (*pmont)
-                return *pmont;
-        CRYPTO_w_lock(lock);
-        if (!*pmont)
-                {
-                *pmont = BN_MONT_CTX_new();
-                if (*pmont && !BN_MONT_CTX_set(*pmont, mod, ctx))
-                        {
-                        BN_MONT_CTX_free(*pmont);
-                        *pmont = NULL;
-                        }
-                }
-        CRYPTO_w_unlock(lock);
-        return *pmont;
-        }
-                
-
diff --git a/src/lib/libssl/src/crypto/bn/bn_prime.c b/src/lib/libssl/src/crypto/bn/bn_prime.c
index e072d9255c..f422172f16 100644
--- a/src/lib/libssl/src/crypto/bn/bn_prime.c
+++ b/src/lib/libssl/src/crypto/bn/bn_prime.c
@@ -234,7 +234,9 @@ int BN_is_prime_fasttest(const BIGNUM *a, int checks,
 
         /* first look for small factors */
         if (!BN_is_odd(a))
-                return 0;
+                /* a is even => a is prime if and only if a == 2 */
+                return BN_is_word(a, 2);
+
         if (do_trial_division)
                 {
                 for (i = 1; i < NUMPRIMES; i++)
diff --git a/src/lib/libssl/src/crypto/bn/bn_print.c b/src/lib/libssl/src/crypto/bn/bn_print.c
index 0d942603b1..acba7ed7ee 100644
--- a/src/lib/libssl/src/crypto/bn/bn_print.c
+++ b/src/lib/libssl/src/crypto/bn/bn_print.c
@@ -79,7 +79,7 @@ char *BN_bn2hex(const BIGNUM *a)
                 }
         p=buf;
         if (a->neg) *(p++)='-';
-        if (a->top == 0) *(p++)='0';
+        if (BN_is_zero(a)) *(p++)='0';
         for (i=a->top-1; i >=0; i--)
                 {
                 for (j=BN_BITS2-8; j >= 0; j-=8)
@@ -123,7 +123,7 @@ char *BN_bn2dec(const BIGNUM *a)
         p=buf;
         lp=bn_data;
         if (t->neg) *(p++)='-';
-        if (t->top == 0)
+        if (BN_is_zero(t))
                 {
                 *(p++)='0';
                 *(p++)='\0';
@@ -300,7 +300,7 @@ int BN_print(BIO *bp, const BIGNUM *a)
         int ret=0;
 
         if ((a->neg) && (BIO_write(bp,"-",1) != 1)) goto end;
-        if ((a->top == 0) && (BIO_write(bp,"0",1) != 1)) goto end;
+        if ((BN_is_zero(a)) && (BIO_write(bp,"0",1) != 1)) goto end;
         for (i=a->top-1; i >=0; i--)
                 {
                 for (j=BN_BITS2-4; j >= 0; j-=4)
diff --git a/src/lib/libssl/src/crypto/bn/bn_word.c b/src/lib/libssl/src/crypto/bn/bn_word.c
index 988e0ca7b3..de610ce54c 100644
--- a/src/lib/libssl/src/crypto/bn/bn_word.c
+++ b/src/lib/libssl/src/crypto/bn/bn_word.c
@@ -110,6 +110,9 @@ int BN_add_word(BIGNUM *a, BN_ULONG w)
         BN_ULONG l;
         int i;
 
+        if ((w & BN_MASK2) == 0)
+                return(1);
+
         if (a->neg)
                 {
                 a->neg=0;
@@ -143,6 +146,9 @@ int BN_sub_word(BIGNUM *a, BN_ULONG w)
         {
         int i;
 
+        if ((w & BN_MASK2) == 0)
+                return(1);
+
         if (BN_is_zero(a) || a->neg)
                 {
                 a->neg=0;
diff --git a/src/lib/libssl/src/crypto/bn/bn_x931p.c b/src/lib/libssl/src/crypto/bn/bn_x931p.c
new file mode 100644
index 0000000000..c64410dd3a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_x931p.c
@@ -0,0 +1,282 @@
+/* bn_x931p.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/bn.h>
+
+#ifdef OPENSSL_FIPS
+
+/* X9.31 routines for prime derivation */
+
+
+/* X9.31 prime derivation. This is used to generate the primes pi
+ * (p1, p2, q1, q2) from a parameter Xpi by checking successive odd
+ * integers.
+ */
+
+static int bn_x931_derive_pi(BIGNUM *pi, const BIGNUM *Xpi, BN_CTX *ctx,
+                        void (*cb)(int, int, void *), void *cb_arg)
+        {
+        int i = 0;
+        if (!BN_copy(pi, Xpi))
+                return 0;
+        if (!BN_is_odd(pi) && !BN_add_word(pi, 1))
+                return 0;
+        for(;;)
+                {
+                i++;
+                if (cb)
+                        cb(0, i, cb_arg);
+                /* NB 27 MR is specificed in X9.31 */
+                if (BN_is_prime_fasttest(pi, 27, cb, ctx, cb_arg, 1))
+                        break;
+                if (!BN_add_word(pi, 2))
+                        return 0;
+                }
+        if (cb)
+                cb(2, i, cb_arg);
+        return 1;
+        }
+
+/* This is the main X9.31 prime derivation function. From parameters
+ * Xp1, Xp2 and Xp derive the prime p. If the parameters p1 or p2 are
+ * not NULL they will be returned too: this is needed for testing.
+ */
+
+int BN_X931_derive_prime(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
+                        void (*cb)(int, int, void *), void *cb_arg,
+                        const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2,
+                        const BIGNUM *e, BN_CTX *ctx)
+        {
+        int ret = 0;
+
+        BIGNUM *t, *p1p2, *pm1;
+
+        /* Only even e supported */
+        if (!BN_is_odd(e))
+                return 0;
+
+        BN_CTX_start(ctx);
+        if (!p1)
+                p1 = BN_CTX_get(ctx);
+
+        if (!p2)
+                p2 = BN_CTX_get(ctx);
+
+        t = BN_CTX_get(ctx);
+
+        p1p2 = BN_CTX_get(ctx);
+
+        pm1 = BN_CTX_get(ctx);
+
+        if (!bn_x931_derive_pi(p1, Xp1, ctx, cb, cb_arg))
+                goto err;
+
+        if (!bn_x931_derive_pi(p2, Xp2, ctx, cb, cb_arg))
+                goto err;
+
+        if (!BN_mul(p1p2, p1, p2, ctx))
+                goto err;
+
+        /* First set p to value of Rp */
+
+        if (!BN_mod_inverse(p, p2, p1, ctx))
+                goto err;
+
+        if (!BN_mul(p, p, p2, ctx))
+                goto err;
+
+        if (!BN_mod_inverse(t, p1, p2, ctx))
+                goto err;
+
+        if (!BN_mul(t, t, p1, ctx))
+                goto err;
+
+        if (!BN_sub(p, p, t))
+                goto err;
+
+        if (p->neg && !BN_add(p, p, p1p2))
+                goto err;
+
+        /* p now equals Rp */
+
+        if (!BN_mod_sub(p, p, Xp, p1p2, ctx))
+                goto err;
+
+        if (!BN_add(p, p, Xp))
+                goto err;
+
+        /* p now equals Yp0 */
+
+        for (;;)
+                {
+                int i = 1;
+                if (cb)
+                        cb(0, i++, cb_arg);
+                if (!BN_copy(pm1, p))
+                        goto err;
+                if (!BN_sub_word(pm1, 1))
+                        goto err;
+                if (!BN_gcd(t, pm1, e, ctx))
+                        goto err;
+                if (BN_is_one(t)
+                /* X9.31 specifies 8 MR and 1 Lucas test or any prime test
+                 * offering similar or better guarantees 50 MR is considerably 
+                 * better.
+                 */
+                        && BN_is_prime_fasttest(p, 50, cb, ctx, cb_arg, 1))
+                        break;
+                if (!BN_add(p, p, p1p2))
+                        goto err;
+                }
+
+        if (cb)
+                cb(3, 0, cb_arg);
+
+        ret = 1;
+
+        err:
+
+        BN_CTX_end(ctx);
+
+        return ret;
+        }
+
+/* Generate pair of paramters Xp, Xq for X9.31 prime generation.
+ * Note: nbits paramter is sum of number of bits in both.
+ */
+
+int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx)
+        {
+        BIGNUM *t;
+        int i;
+        /* Number of bits for each prime is of the form
+         * 512+128s for s = 0, 1, ...
+         */
+        if ((nbits < 1024) || (nbits & 0xff))
+                return 0;
+        nbits >>= 1;
+        /* The random value Xp must be between sqrt(2) * 2^(nbits-1) and
+         * 2^nbits - 1. By setting the top two bits we ensure that the lower
+         * bound is exceeded.
+         */
+        if (!BN_rand(Xp, nbits, 1, 0))
+                return 0;
+
+        BN_CTX_start(ctx);
+        t = BN_CTX_get(ctx);
+
+        for (i = 0; i < 1000; i++)
+                {
+                if (!BN_rand(Xq, nbits, 1, 0))
+                        return 0;
+                /* Check that |Xp - Xq| > 2^(nbits - 100) */
+                BN_sub(t, Xp, Xq);
+                if (BN_num_bits(t) > (nbits - 100))
+                        break;
+                }
+
+        BN_CTX_end(ctx);
+
+        if (i < 1000)
+                return 1;
+
+        return 0;
+
+        }
+
+/* Generate primes using X9.31 algorithm. Of the values p, p1, p2, Xp1
+ * and Xp2 only 'p' needs to be non-NULL. If any of the others are not NULL
+ * the relevant parameter will be stored in it.
+ *
+ * Due to the fact that |Xp - Xq| > 2^(nbits - 100) must be satisfied Xp and Xq
+ * are generated using the previous function and supplied as input.
+ */
+
+int BN_X931_generate_prime(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
+                        BIGNUM *Xp1, BIGNUM *Xp2,
+                        const BIGNUM *Xp,
+                        const BIGNUM *e, BN_CTX *ctx,
+                        void (*cb)(int, int, void *), void *cb_arg)
+        {
+        int ret = 0;
+
+        BN_CTX_start(ctx);
+        if (!Xp1)
+                Xp1 = BN_CTX_get(ctx);
+        if (!Xp2)
+                Xp2 = BN_CTX_get(ctx);
+
+        if (!BN_rand(Xp1, 101, 0, 0))
+                goto error;
+        if (!BN_rand(Xp2, 101, 0, 0))
+                goto error;
+        if (!BN_X931_derive_prime(p, p1, p2, cb, cb_arg,
+                                                Xp, Xp1, Xp2, e, ctx))
+                goto error;
+
+        ret = 1;
+
+        error:
+        BN_CTX_end(ctx);
+
+        return ret;
+
+        }
+
+#endif
diff --git a/src/lib/libssl/src/crypto/bn/bntest.c b/src/lib/libssl/src/crypto/bn/bntest.c
index 685007d330..79d813d85e 100644
--- a/src/lib/libssl/src/crypto/bn/bntest.c
+++ b/src/lib/libssl/src/crypto/bn/bntest.c
@@ -86,7 +86,6 @@ int test_mont(BIO *bp,BN_CTX *ctx);
 int test_mod(BIO *bp,BN_CTX *ctx);
 int test_mod_mul(BIO *bp,BN_CTX *ctx);
 int test_mod_exp(BIO *bp,BN_CTX *ctx);
-int test_mod_exp_mont_consttime(BIO *bp,BN_CTX *ctx);
 int test_exp(BIO *bp,BN_CTX *ctx);
 int test_kron(BIO *bp,BN_CTX *ctx);
 int test_sqrt(BIO *bp,BN_CTX *ctx);
@@ -214,10 +213,6 @@ int main(int argc, char *argv[])
         if (!test_mod_exp(out,ctx)) goto err;
         BIO_flush(out);
 
-        message(out,"BN_mod_exp_mont_consttime");
-        if (!test_mod_exp_mont_consttime(out,ctx)) goto err;
-        BIO_flush(out);
-
         message(out,"BN_exp");
         if (!test_exp(out,ctx)) goto err;
         BIO_flush(out);
@@ -785,58 +780,7 @@ int test_mod_exp(BIO *bp, BN_CTX *ctx)
                 BN_bntest_rand(b,2+i,0,0); /**/
 
                 if (!BN_mod_exp(d,a,b,c,ctx))
-                        return(00);
-
-                if (bp != NULL)
-                        {
-                        if (!results)
-                                {
-                                BN_print(bp,a);
-                                BIO_puts(bp," ^ ");
-                                BN_print(bp,b);
-                                BIO_puts(bp," % ");
-                                BN_print(bp,c);
-                                BIO_puts(bp," - ");
-                                }
-                        BN_print(bp,d);
-                        BIO_puts(bp,"\n");
-                        }
-                BN_exp(e,a,b,ctx);
-                BN_sub(e,e,d);
-                BN_div(a,b,e,c,ctx);
-                if(!BN_is_zero(b))
-                    {
-                    fprintf(stderr,"Modulo exponentiation test failed!\n");
-                    return 0;
-                    }
-                }
-        BN_free(a);
-        BN_free(b);
-        BN_free(c);
-        BN_free(d);
-        BN_free(e);
-        return(1);
-        }
-
-int test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx)
-        {
-        BIGNUM *a,*b,*c,*d,*e;
-        int i;
-
-        a=BN_new();
-        b=BN_new();
-        c=BN_new();
-        d=BN_new();
-        e=BN_new();
-
-        BN_bntest_rand(c,30,0,1); /* must be odd for montgomery */
-        for (i=0; i<num2; i++)
-                {
-                BN_bntest_rand(a,20+i*5,0,0); /**/
-                BN_bntest_rand(b,2+i,0,0); /**/
-
-                if (!BN_mod_exp_mont_consttime(d,a,b,c,ctx,NULL))
-                        return(00);
+                        return(0);
 
                 if (bp != NULL)
                         {
@@ -887,7 +831,7 @@ int test_exp(BIO *bp, BN_CTX *ctx)
                 BN_bntest_rand(b,2+i,0,0); /**/
 
                 if (!BN_exp(d,a,b,ctx))
-                        return(00);
+                        return(0);
 
                 if (bp != NULL)
                         {
diff --git a/src/lib/libssl/src/crypto/bn/expspeed.c b/src/lib/libssl/src/crypto/bn/expspeed.c
index 4d5f221f33..07a1bcf51c 100644
--- a/src/lib/libssl/src/crypto/bn/expspeed.c
+++ b/src/lib/libssl/src/crypto/bn/expspeed.c
@@ -321,7 +321,7 @@ void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx)
 #else /* TEST_SQRT */
                         "2*sqrt [prime == %d (mod 64)] %4d %4d mod %4d"
 #endif
-                        " -> %8.6fms %5.1f (%ld)\n",
+                        " -> %8.3fms %5.1f (%ld)\n",
 #ifdef TEST_SQRT
                         P_MOD_64,
 #endif
diff --git a/src/lib/libssl/src/crypto/bn/exptest.c b/src/lib/libssl/src/crypto/bn/exptest.c
index 28aaac2ac1..b09cf88705 100644
--- a/src/lib/libssl/src/crypto/bn/exptest.c
+++ b/src/lib/libssl/src/crypto/bn/exptest.c
@@ -77,7 +77,7 @@ int main(int argc, char *argv[])
         BIO *out=NULL;
         int i,ret;
         unsigned char c;
-        BIGNUM *r_mont,*r_mont_const,*r_recp,*r_simple,*a,*b,*m;
+        BIGNUM *r_mont,*r_recp,*r_simple,*a,*b,*m;
 
         RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we don't
                                                * even check its return value
@@ -88,7 +88,6 @@ int main(int argc, char *argv[])
         ctx=BN_CTX_new();
         if (ctx == NULL) EXIT(1);
         r_mont=BN_new();
-        r_mont_const=BN_new();
         r_recp=BN_new();
         r_simple=BN_new();
         a=BN_new();
@@ -144,17 +143,8 @@ int main(int argc, char *argv[])
                         EXIT(1);
                         }
 
-                ret=BN_mod_exp_mont_consttime(r_mont_const,a,b,m,ctx,NULL);
-                if (ret <= 0)
-                        {
-                        printf("BN_mod_exp_mont_consttime() problems\n");
-                        ERR_print_errors(out);
-                        EXIT(1);
-                        }
-
                 if (BN_cmp(r_simple, r_mont) == 0
-                    && BN_cmp(r_simple,r_recp) == 0
-                        && BN_cmp(r_simple,r_mont_const) == 0)
+                    && BN_cmp(r_simple,r_recp) == 0)
                         {
                         printf(".");
                         fflush(stdout);
@@ -163,8 +153,6 @@ int main(int argc, char *argv[])
                         {
                         if (BN_cmp(r_simple,r_mont) != 0)
                                 printf("\nsimple and mont results differ\n");
-                        if (BN_cmp(r_simple,r_mont) != 0)
-                                printf("\nsimple and mont const time results differ\n");
                         if (BN_cmp(r_simple,r_recp) != 0)
                                 printf("\nsimple and recp results differ\n");
 
@@ -174,13 +162,11 @@ int main(int argc, char *argv[])
                         printf("\nsimple   ="); BN_print(out,r_simple);
                         printf("\nrecp     ="); BN_print(out,r_recp);
                         printf("\nmont     ="); BN_print(out,r_mont);
-                        printf("\nmont_ct  ="); BN_print(out,r_mont_const);
                         printf("\n");
                         EXIT(1);
                         }
                 }
         BN_free(r_mont);
-        BN_free(r_mont_const);
         BN_free(r_recp);
         BN_free(r_simple);
         BN_free(a);
diff --git a/src/lib/libssl/src/crypto/buffer/Makefile.ssl b/src/lib/libssl/src/crypto/buffer/Makefile.ssl
new file mode 100644
index 0000000000..b131ca3078
--- /dev/null
+++ b/src/lib/libssl/src/crypto/buffer/Makefile.ssl
@@ -0,0 +1,94 @@
+#
+# SSLeay/crypto/buffer/Makefile
+#
+
+DIR=    buffer
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= buffer.c buf_err.c
+LIBOBJ= buffer.o buf_err.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= buffer.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+buf_err.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+buf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+buf_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+buf_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+buf_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+buf_err.o: ../../include/openssl/symhacks.h buf_err.c
+buffer.o: ../../e_os.h ../../include/openssl/bio.h
+buffer.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+buffer.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+buffer.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+buffer.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+buffer.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+buffer.o: ../cryptlib.h buffer.c
diff --git a/src/lib/libssl/src/crypto/buffer/buf_err.c b/src/lib/libssl/src/crypto/buffer/buf_err.c
index 1fc32a6861..5eee653e14 100644
--- a/src/lib/libssl/src/crypto/buffer/buf_err.c
+++ b/src/lib/libssl/src/crypto/buffer/buf_err.c
@@ -1,6 +1,6 @@
 /* crypto/buffer/buf_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,15 +64,11 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_BUF,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_BUF,0,reason)
-
 static ERR_STRING_DATA BUF_str_functs[]=
         {
-{ERR_FUNC(BUF_F_BUF_MEM_GROW),  "BUF_MEM_grow"},
-{ERR_FUNC(BUF_F_BUF_MEM_NEW),   "BUF_MEM_new"},
-{ERR_FUNC(BUF_F_BUF_STRDUP),    "BUF_strdup"},
+{ERR_PACK(0,BUF_F_BUF_MEM_GROW,0),      "BUF_MEM_grow"},
+{ERR_PACK(0,BUF_F_BUF_MEM_NEW,0),       "BUF_MEM_new"},
+{ERR_PACK(0,BUF_F_BUF_STRDUP,0),        "BUF_strdup"},
 {0,NULL}
         };
 
@@ -91,8 +87,8 @@ void ERR_load_BUF_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,BUF_str_functs);
-                ERR_load_strings(0,BUF_str_reasons);
+                ERR_load_strings(ERR_LIB_BUF,BUF_str_functs);
+                ERR_load_strings(ERR_LIB_BUF,BUF_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/crypto/cast/Makefile.ssl b/src/lib/libssl/src/crypto/cast/Makefile.ssl
new file mode 100644
index 0000000000..98393a37ba
--- /dev/null
+++ b/src/lib/libssl/src/crypto/cast/Makefile.ssl
@@ -0,0 +1,120 @@
+#
+# SSLeay/crypto/cast/Makefile
+#
+
+DIR=    cast
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CAST_ENC=c_enc.o
+# or use
+#CAST_ENC=asm/cx86-elf.o
+#CAST_ENC=asm/cx86-out.o
+#CAST_ENC=asm/cx86-sol.o
+#CAST_ENC=asm/cx86bdsi.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+
+GENERAL=Makefile
+TEST=casttest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c 
+LIBOBJ=c_skey.o c_ecb.o $(CAST_ENC) c_cfb64.o c_ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= cast.h
+HEADER= cast_s.h cast_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+# elf
+asm/cx86-elf.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+        (cd asm; $(PERL) cast-586.pl elf $(CLAGS) $(PROCESSOR) > cx86-elf.s)
+
+# a.out
+asm/cx86-out.o: asm/cx86unix.cpp
+        $(CPP) -DOUT asm/cx86unix.cpp | as -o asm/cx86-out.o
+
+# bsdi
+asm/cx86bsdi.o: asm/cx86unix.cpp
+        $(CPP) -DBSDI asm/cx86unix.cpp | sed 's/ :/:/' | as -o asm/cx86bsdi.o
+
+asm/cx86unix.cpp: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+        (cd asm; $(PERL) cast-586.pl cpp $(PROCESSOR) >cx86unix.cpp)
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f asm/cx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+c_cfb64.o: ../../e_os.h ../../include/openssl/cast.h
+c_cfb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+c_cfb64.o: c_cfb64.c cast_lcl.h
+c_ecb.o: ../../e_os.h ../../include/openssl/cast.h
+c_ecb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+c_ecb.o: ../../include/openssl/opensslv.h c_ecb.c cast_lcl.h
+c_enc.o: ../../e_os.h ../../include/openssl/cast.h
+c_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+c_enc.o: c_enc.c cast_lcl.h
+c_ofb64.o: ../../e_os.h ../../include/openssl/cast.h
+c_ofb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+c_ofb64.o: c_ofb64.c cast_lcl.h
+c_skey.o: ../../e_os.h ../../include/openssl/cast.h
+c_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+c_skey.o: c_skey.c cast_lcl.h cast_s.h
diff --git a/src/lib/libssl/src/crypto/cast/asm/cast-586.pl b/src/lib/libssl/src/crypto/cast/asm/cast-586.pl
index 6be0bfe572..0ed55d1905 100644
--- a/src/lib/libssl/src/crypto/cast/asm/cast-586.pl
+++ b/src/lib/libssl/src/crypto/cast/asm/cast-586.pl
@@ -28,7 +28,7 @@ $S4="CAST_S_table3";
 
 &CAST_encrypt("CAST_encrypt",1);
 &CAST_encrypt("CAST_decrypt",0);
-&cbc("CAST_cbc_encrypt","CAST_encrypt","CAST_decrypt",1,4,5,3,-1,-1);
+&cbc("CAST_cbc_encrypt","CAST_encrypt","CAST_decrypt",1,4,5,3,-1,-1) unless $main'openbsd;
 
 &asm_finish();
 
diff --git a/src/lib/libssl/src/crypto/cast/c_enc.c b/src/lib/libssl/src/crypto/cast/c_enc.c
index 0fe2cffecc..e80f65b698 100644
--- a/src/lib/libssl/src/crypto/cast/c_enc.c
+++ b/src/lib/libssl/src/crypto/cast/c_enc.c
@@ -59,6 +59,7 @@
 #include <openssl/cast.h>
 #include "cast_lcl.h"
 
+#ifndef OPENBSD_CAST_ASM
 void CAST_encrypt(CAST_LONG *data, CAST_KEY *key)
         {
         register CAST_LONG l,r,*k,t;
@@ -122,6 +123,7 @@ void CAST_decrypt(CAST_LONG *data, CAST_KEY *key)
         data[1]=l&0xffffffffL;
         data[0]=r&0xffffffffL;
         }
+#endif
 
 void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
              CAST_KEY *ks, unsigned char *iv, int enc)
diff --git a/src/lib/libssl/src/crypto/cast/c_skey.c b/src/lib/libssl/src/crypto/cast/c_skey.c
index db9b7573e0..dc4791a8cf 100644
--- a/src/lib/libssl/src/crypto/cast/c_skey.c
+++ b/src/lib/libssl/src/crypto/cast/c_skey.c
@@ -57,7 +57,6 @@
  */
 
 #include <openssl/crypto.h>
-#include <openssl/fips.h>
 #include <openssl/cast.h>
 
 #include "cast_lcl.h"
diff --git a/src/lib/libssl/src/crypto/cast/cast_lcl.h b/src/lib/libssl/src/crypto/cast/cast_lcl.h
index e756021a33..37f41cc6a4 100644
--- a/src/lib/libssl/src/crypto/cast/cast_lcl.h
+++ b/src/lib/libssl/src/crypto/cast/cast_lcl.h
@@ -64,6 +64,11 @@
 #endif
 
 
+#ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+#endif
+
 #undef c2l
 #define c2l(c,l)        (l =((unsigned long)(*((c)++)))    , \
                          l|=((unsigned long)(*((c)++)))<< 8L, \
@@ -217,11 +222,11 @@
         }
 #endif
 
-extern const CAST_LONG CAST_S_table0[256];
-extern const CAST_LONG CAST_S_table1[256];
-extern const CAST_LONG CAST_S_table2[256];
-extern const CAST_LONG CAST_S_table3[256];
-extern const CAST_LONG CAST_S_table4[256];
-extern const CAST_LONG CAST_S_table5[256];
-extern const CAST_LONG CAST_S_table6[256];
-extern const CAST_LONG CAST_S_table7[256];
+OPENSSL_EXTERN const CAST_LONG CAST_S_table0[256];
+OPENSSL_EXTERN const CAST_LONG CAST_S_table1[256];
+OPENSSL_EXTERN const CAST_LONG CAST_S_table2[256];
+OPENSSL_EXTERN const CAST_LONG CAST_S_table3[256];
+OPENSSL_EXTERN const CAST_LONG CAST_S_table4[256];
+OPENSSL_EXTERN const CAST_LONG CAST_S_table5[256];
+OPENSSL_EXTERN const CAST_LONG CAST_S_table6[256];
+OPENSSL_EXTERN const CAST_LONG CAST_S_table7[256];
diff --git a/src/lib/libssl/src/crypto/comp/Makefile.ssl b/src/lib/libssl/src/crypto/comp/Makefile.ssl
new file mode 100644
index 0000000000..f70ba1b285
--- /dev/null
+++ b/src/lib/libssl/src/crypto/comp/Makefile.ssl
@@ -0,0 +1,114 @@
+#
+# SSLeay/crypto/comp/Makefile
+#
+
+DIR=    comp
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= comp_lib.c comp_err.c \
+        c_rle.c c_zlib.c
+
+LIBOBJ= comp_lib.o comp_err.o \
+        c_rle.o c_zlib.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= comp.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+c_rle.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_rle.o: ../../include/openssl/bn.h ../../include/openssl/comp.h
+c_rle.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+c_rle.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+c_rle.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_rle.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+c_rle.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h c_rle.c
+c_zlib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_zlib.o: ../../include/openssl/bn.h ../../include/openssl/comp.h
+c_zlib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+c_zlib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+c_zlib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_zlib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+c_zlib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+c_zlib.o: c_zlib.c
+comp_err.o: ../../include/openssl/bio.h ../../include/openssl/comp.h
+comp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+comp_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+comp_err.o: ../../include/openssl/opensslconf.h
+comp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+comp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+comp_err.o: comp_err.c
+comp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+comp_lib.o: ../../include/openssl/bn.h ../../include/openssl/comp.h
+comp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+comp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+comp_lib.o: ../../include/openssl/opensslconf.h
+comp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+comp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+comp_lib.o: ../../include/openssl/symhacks.h comp_lib.c
diff --git a/src/lib/libssl/src/crypto/comp/c_zlib.c b/src/lib/libssl/src/crypto/comp/c_zlib.c
index 5fcb521ffb..1bd2850d15 100644
--- a/src/lib/libssl/src/crypto/comp/c_zlib.c
+++ b/src/lib/libssl/src/crypto/comp/c_zlib.c
@@ -51,17 +51,30 @@ static COMP_METHOD zlib_method={
  */
 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
 # include <windows.h>
+
+# define Z_CALLCONV _stdcall
+# define ZLIB_SHARED
+#else
+# define Z_CALLCONV
 #endif /* !(OPENSSL_SYS_WINDOWS || OPENSSL_SYS_WIN32) */
 
 #ifdef ZLIB_SHARED
 #include <openssl/dso.h>
 
+/* Prototypes for built in stubs */
+static int stub_compress(Bytef *dest,uLongf *destLen,
+        const Bytef *source, uLong sourceLen);
+static int stub_inflateEnd(z_streamp strm);
+static int stub_inflate(z_streamp strm, int flush);
+static int stub_inflateInit_(z_streamp strm, const char * version,
+        int stream_size);
+
 /* Function pointers */
-typedef int (*compress_ft)(Bytef *dest,uLongf *destLen,
+typedef int (Z_CALLCONV *compress_ft)(Bytef *dest,uLongf *destLen,
         const Bytef *source, uLong sourceLen);
-typedef int (*inflateEnd_ft)(z_streamp strm);
-typedef int (*inflate_ft)(z_streamp strm, int flush);
-typedef int (*inflateInit__ft)(z_streamp strm,
+typedef int (Z_CALLCONV *inflateEnd_ft)(z_streamp strm);
+typedef int (Z_CALLCONV *inflate_ft)(z_streamp strm, int flush);
+typedef int (Z_CALLCONV *inflateInit__ft)(z_streamp strm,
         const char * version, int stream_size);
 static compress_ft      p_compress=NULL;
 static inflateEnd_ft    p_inflateEnd=NULL;
@@ -71,10 +84,10 @@ static inflateInit__ft	p_inflateInit_=NULL;
 static int zlib_loaded = 0;     /* only attempt to init func pts once */
 static DSO *zlib_dso = NULL;
 
-#define compress                p_compress
-#define inflateEnd              p_inflateEnd
-#define inflate                 p_inflate
-#define inflateInit_            p_inflateInit_
+#define compress                stub_compress
+#define inflateEnd              stub_inflateEnd
+#define inflate                 stub_inflate
+#define inflateInit_            stub_inflateInit_
 #endif /* ZLIB_SHARED */
 
 static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out,
@@ -178,6 +191,16 @@ COMP_METHOD *COMP_zlib(void)
                 {
 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
                 zlib_dso = DSO_load(NULL, "ZLIB1", NULL, 0);
+                if (!zlib_dso)
+                        {
+                        zlib_dso = DSO_load(NULL, "ZLIB", NULL, 0);
+                        if (zlib_dso)
+                                {
+                                /* Clear the errors from the first failed
+                                   DSO_load() */
+                                ERR_clear_error();
+                                }
+                        }
 #else
                 zlib_dso = DSO_load(NULL, "z", NULL, 0);
 #endif
@@ -195,21 +218,54 @@ COMP_METHOD *COMP_zlib(void)
                         p_inflateInit_
                                 = (inflateInit__ft) DSO_bind_func(zlib_dso,
                                         "inflateInit_");
-
-                        if (p_compress && p_inflateEnd && p_inflate
-                                && p_inflateInit_)
-                                zlib_loaded++;
+                        zlib_loaded++;
                         }
                 }
 
 #endif
-#ifdef ZLIB_SHARED
-        if (zlib_loaded)
-#endif
 #if defined(ZLIB) || defined(ZLIB_SHARED)
-                meth = &zlib_method;
+        meth = &zlib_method;
 #endif
 
         return(meth);
         }
 
+#ifdef ZLIB_SHARED
+/* Stubs for each function to be dynamicly loaded */
+static int 
+stub_compress(Bytef *dest,uLongf *destLen,const Bytef *source, uLong sourceLen)
+        {
+        if (p_compress)
+                return(p_compress(dest,destLen,source,sourceLen));
+        else
+                return(Z_MEM_ERROR);
+        }
+
+static int
+stub_inflateEnd(z_streamp strm)
+        {
+        if ( p_inflateEnd )
+                return(p_inflateEnd(strm));
+        else
+                return(Z_MEM_ERROR);
+        }
+
+static int
+stub_inflate(z_streamp strm, int flush)
+        {
+        if ( p_inflate )
+                return(p_inflate(strm,flush));
+        else
+                return(Z_MEM_ERROR);
+        }
+
+static int
+stub_inflateInit_(z_streamp strm, const char * version, int stream_size)
+        {
+        if ( p_inflateInit_ )
+                return(p_inflateInit_(strm,version,stream_size));
+        else
+                return(Z_MEM_ERROR);
+        }
+
+#endif /* ZLIB_SHARED */
diff --git a/src/lib/libssl/src/crypto/conf/Makefile.ssl b/src/lib/libssl/src/crypto/conf/Makefile.ssl
new file mode 100644
index 0000000000..c5873bc6e7
--- /dev/null
+++ b/src/lib/libssl/src/crypto/conf/Makefile.ssl
@@ -0,0 +1,183 @@
+#
+# SSLeay/crypto/conf/Makefile
+#
+
+DIR=    conf
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= conf_err.c conf_lib.c conf_api.c conf_def.c conf_mod.c \
+         conf_mall.c conf_sap.c
+
+LIBOBJ= conf_err.o conf_lib.o conf_api.o conf_def.o conf_mod.o \
+        conf_mall.o conf_sap.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= conf.h conf_api.h
+HEADER= conf_def.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+conf_api.o: ../../e_os.h ../../include/openssl/bio.h
+conf_api.o: ../../include/openssl/conf.h ../../include/openssl/conf_api.h
+conf_api.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+conf_api.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+conf_api.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+conf_api.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+conf_api.o: conf_api.c
+conf_def.o: ../../e_os.h ../../include/openssl/bio.h
+conf_def.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+conf_def.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h
+conf_def.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+conf_def.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+conf_def.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+conf_def.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+conf_def.o: ../cryptlib.h conf_def.c conf_def.h
+conf_err.o: ../../include/openssl/bio.h ../../include/openssl/conf.h
+conf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+conf_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+conf_err.o: ../../include/openssl/opensslconf.h
+conf_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+conf_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+conf_err.o: conf_err.c
+conf_lib.o: ../../include/openssl/bio.h ../../include/openssl/conf.h
+conf_lib.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h
+conf_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+conf_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+conf_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+conf_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+conf_lib.o: conf_lib.c
+conf_mall.o: ../../e_os.h ../../include/openssl/aes.h
+conf_mall.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+conf_mall.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+conf_mall.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+conf_mall.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+conf_mall.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+conf_mall.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+conf_mall.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+conf_mall.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+conf_mall.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+conf_mall.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+conf_mall.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+conf_mall.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+conf_mall.o: ../../include/openssl/objects.h
+conf_mall.o: ../../include/openssl/opensslconf.h
+conf_mall.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_mall.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+conf_mall.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+conf_mall.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+conf_mall.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+conf_mall.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+conf_mall.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+conf_mall.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+conf_mall.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_mall.c
+conf_mod.o: ../../e_os.h ../../include/openssl/aes.h
+conf_mod.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+conf_mod.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+conf_mod.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+conf_mod.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+conf_mod.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+conf_mod.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+conf_mod.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+conf_mod.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+conf_mod.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+conf_mod.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+conf_mod.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+conf_mod.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+conf_mod.o: ../../include/openssl/opensslconf.h
+conf_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_mod.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+conf_mod.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+conf_mod.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+conf_mod.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+conf_mod.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+conf_mod.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+conf_mod.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+conf_mod.o: ../cryptlib.h conf_mod.c
+conf_sap.o: ../../e_os.h ../../include/openssl/aes.h
+conf_sap.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+conf_sap.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+conf_sap.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+conf_sap.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+conf_sap.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+conf_sap.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+conf_sap.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+conf_sap.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+conf_sap.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+conf_sap.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+conf_sap.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+conf_sap.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+conf_sap.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+conf_sap.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_sap.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+conf_sap.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+conf_sap.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+conf_sap.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+conf_sap.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+conf_sap.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+conf_sap.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+conf_sap.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_sap.c
diff --git a/src/lib/libssl/src/crypto/conf/conf_def.c b/src/lib/libssl/src/crypto/conf/conf_def.c
index 2464f8ed90..b5a876ae68 100644
--- a/src/lib/libssl/src/crypto/conf/conf_def.c
+++ b/src/lib/libssl/src/crypto/conf/conf_def.c
@@ -613,13 +613,13 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from)
                                 e++;
                                 }
                         /* So at this point we have
-                         * np which is the start of the name string which is
+                         * ns which is the start of the name string which is
                          *   '\0' terminated. 
-                         * cp which is the start of the section string which is
+                         * cs which is the start of the section string which is
                          *   '\0' terminated.
                          * e is the 'next point after'.
-                         * r and rr are the chars replaced by the '\0'
-                         * rp and rrp is where 'r' and 'rr' came from.
+                         * r and s are the chars replaced by the '\0'
+                         * rp and sp is where 'r' and 's' came from.
                          */
                         p=_CONF_get_string(conf,cp,np);
                         if (rrp != NULL) *rrp=rr;
@@ -638,11 +638,6 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from)
                            points at.  /RL */
                         len -= e-from;
                         from=e;
-
-                        /* In case there were no braces or parenthesis around
-                           the variable reference, we have to put back the
-                           character that was replaced with a '\0'.  /RL */
-                        *rp = r;
                         }
                 else
                         buf->data[to++]= *(from++);
diff --git a/src/lib/libssl/src/crypto/conf/conf_err.c b/src/lib/libssl/src/crypto/conf/conf_err.c
index f5e2ca4bf0..ee07bfe9d9 100644
--- a/src/lib/libssl/src/crypto/conf/conf_err.c
+++ b/src/lib/libssl/src/crypto/conf/conf_err.c
@@ -1,6 +1,6 @@
 /* crypto/conf/conf_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,51 +64,47 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_CONF,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_CONF,0,reason)
-
 static ERR_STRING_DATA CONF_str_functs[]=
         {
-{ERR_FUNC(CONF_F_CONF_DUMP_FP), "CONF_dump_fp"},
-{ERR_FUNC(CONF_F_CONF_LOAD),    "CONF_load"},
-{ERR_FUNC(CONF_F_CONF_LOAD_BIO),        "CONF_load_bio"},
-{ERR_FUNC(CONF_F_CONF_LOAD_FP), "CONF_load_fp"},
-{ERR_FUNC(CONF_F_CONF_MODULES_LOAD),    "CONF_modules_load"},
-{ERR_FUNC(CONF_F_MODULE_INIT),  "MODULE_INIT"},
-{ERR_FUNC(CONF_F_MODULE_LOAD_DSO),      "MODULE_LOAD_DSO"},
-{ERR_FUNC(CONF_F_MODULE_RUN),   "MODULE_RUN"},
-{ERR_FUNC(CONF_F_NCONF_DUMP_BIO),       "NCONF_dump_bio"},
-{ERR_FUNC(CONF_F_NCONF_DUMP_FP),        "NCONF_dump_fp"},
-{ERR_FUNC(CONF_F_NCONF_GET_NUMBER),     "NCONF_get_number"},
-{ERR_FUNC(CONF_F_NCONF_GET_NUMBER_E),   "NCONF_get_number_e"},
-{ERR_FUNC(CONF_F_NCONF_GET_SECTION),    "NCONF_get_section"},
-{ERR_FUNC(CONF_F_NCONF_GET_STRING),     "NCONF_get_string"},
-{ERR_FUNC(CONF_F_NCONF_LOAD),   "NCONF_load"},
-{ERR_FUNC(CONF_F_NCONF_LOAD_BIO),       "NCONF_load_bio"},
-{ERR_FUNC(CONF_F_NCONF_LOAD_FP),        "NCONF_load_fp"},
-{ERR_FUNC(CONF_F_NCONF_NEW),    "NCONF_new"},
-{ERR_FUNC(CONF_F_STR_COPY),     "STR_COPY"},
+{ERR_PACK(0,CONF_F_CONF_DUMP_FP,0),     "CONF_dump_fp"},
+{ERR_PACK(0,CONF_F_CONF_LOAD,0),        "CONF_load"},
+{ERR_PACK(0,CONF_F_CONF_LOAD_BIO,0),    "CONF_load_bio"},
+{ERR_PACK(0,CONF_F_CONF_LOAD_FP,0),     "CONF_load_fp"},
+{ERR_PACK(0,CONF_F_CONF_MODULES_LOAD,0),        "CONF_modules_load"},
+{ERR_PACK(0,CONF_F_MODULE_INIT,0),      "MODULE_INIT"},
+{ERR_PACK(0,CONF_F_MODULE_LOAD_DSO,0),  "MODULE_LOAD_DSO"},
+{ERR_PACK(0,CONF_F_MODULE_RUN,0),       "MODULE_RUN"},
+{ERR_PACK(0,CONF_F_NCONF_DUMP_BIO,0),   "NCONF_dump_bio"},
+{ERR_PACK(0,CONF_F_NCONF_DUMP_FP,0),    "NCONF_dump_fp"},
+{ERR_PACK(0,CONF_F_NCONF_GET_NUMBER,0), "NCONF_get_number"},
+{ERR_PACK(0,CONF_F_NCONF_GET_NUMBER_E,0),       "NCONF_get_number_e"},
+{ERR_PACK(0,CONF_F_NCONF_GET_SECTION,0),        "NCONF_get_section"},
+{ERR_PACK(0,CONF_F_NCONF_GET_STRING,0), "NCONF_get_string"},
+{ERR_PACK(0,CONF_F_NCONF_LOAD,0),       "NCONF_load"},
+{ERR_PACK(0,CONF_F_NCONF_LOAD_BIO,0),   "NCONF_load_bio"},
+{ERR_PACK(0,CONF_F_NCONF_LOAD_FP,0),    "NCONF_load_fp"},
+{ERR_PACK(0,CONF_F_NCONF_NEW,0),        "NCONF_new"},
+{ERR_PACK(0,CONF_F_STR_COPY,0), "STR_COPY"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA CONF_str_reasons[]=
         {
-{ERR_REASON(CONF_R_ERROR_LOADING_DSO)    ,"error loading dso"},
-{ERR_REASON(CONF_R_MISSING_CLOSE_SQUARE_BRACKET),"missing close square bracket"},
-{ERR_REASON(CONF_R_MISSING_EQUAL_SIGN)   ,"missing equal sign"},
-{ERR_REASON(CONF_R_MISSING_FINISH_FUNCTION),"missing finish function"},
-{ERR_REASON(CONF_R_MISSING_INIT_FUNCTION),"missing init function"},
-{ERR_REASON(CONF_R_MODULE_INITIALIZATION_ERROR),"module initialization error"},
-{ERR_REASON(CONF_R_NO_CLOSE_BRACE)       ,"no close brace"},
-{ERR_REASON(CONF_R_NO_CONF)              ,"no conf"},
-{ERR_REASON(CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE),"no conf or environment variable"},
-{ERR_REASON(CONF_R_NO_SECTION)           ,"no section"},
-{ERR_REASON(CONF_R_NO_SUCH_FILE)         ,"no such file"},
-{ERR_REASON(CONF_R_NO_VALUE)             ,"no value"},
-{ERR_REASON(CONF_R_UNABLE_TO_CREATE_NEW_SECTION),"unable to create new section"},
-{ERR_REASON(CONF_R_UNKNOWN_MODULE_NAME)  ,"unknown module name"},
-{ERR_REASON(CONF_R_VARIABLE_HAS_NO_VALUE),"variable has no value"},
+{CONF_R_ERROR_LOADING_DSO                ,"error loading dso"},
+{CONF_R_MISSING_CLOSE_SQUARE_BRACKET     ,"missing close square bracket"},
+{CONF_R_MISSING_EQUAL_SIGN               ,"missing equal sign"},
+{CONF_R_MISSING_FINISH_FUNCTION          ,"missing finish function"},
+{CONF_R_MISSING_INIT_FUNCTION            ,"missing init function"},
+{CONF_R_MODULE_INITIALIZATION_ERROR      ,"module initialization error"},
+{CONF_R_NO_CLOSE_BRACE                   ,"no close brace"},
+{CONF_R_NO_CONF                          ,"no conf"},
+{CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE  ,"no conf or environment variable"},
+{CONF_R_NO_SECTION                       ,"no section"},
+{CONF_R_NO_SUCH_FILE                     ,"no such file"},
+{CONF_R_NO_VALUE                         ,"no value"},
+{CONF_R_UNABLE_TO_CREATE_NEW_SECTION     ,"unable to create new section"},
+{CONF_R_UNKNOWN_MODULE_NAME              ,"unknown module name"},
+{CONF_R_VARIABLE_HAS_NO_VALUE            ,"variable has no value"},
 {0,NULL}
         };
 
@@ -122,8 +118,8 @@ void ERR_load_CONF_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,CONF_str_functs);
-                ERR_load_strings(0,CONF_str_reasons);
+                ERR_load_strings(ERR_LIB_CONF,CONF_str_functs);
+                ERR_load_strings(ERR_LIB_CONF,CONF_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/crypto/cpt_err.c b/src/lib/libssl/src/crypto/cpt_err.c
index 06a6109cce..1b4a1cb4d4 100644
--- a/src/lib/libssl/src/crypto/cpt_err.c
+++ b/src/lib/libssl/src/crypto/cpt_err.c
@@ -1,6 +1,6 @@
 /* crypto/cpt_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,27 +64,23 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_CRYPTO,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_CRYPTO,0,reason)
-
 static ERR_STRING_DATA CRYPTO_str_functs[]=
         {
-{ERR_FUNC(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX),    "CRYPTO_get_ex_new_index"},
-{ERR_FUNC(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID),   "CRYPTO_get_new_dynlockid"},
-{ERR_FUNC(CRYPTO_F_CRYPTO_GET_NEW_LOCKID),      "CRYPTO_get_new_lockid"},
-{ERR_FUNC(CRYPTO_F_CRYPTO_SET_EX_DATA), "CRYPTO_set_ex_data"},
-{ERR_FUNC(CRYPTO_F_DEF_ADD_INDEX),      "DEF_ADD_INDEX"},
-{ERR_FUNC(CRYPTO_F_DEF_GET_CLASS),      "DEF_GET_CLASS"},
-{ERR_FUNC(CRYPTO_F_INT_DUP_EX_DATA),    "INT_DUP_EX_DATA"},
-{ERR_FUNC(CRYPTO_F_INT_FREE_EX_DATA),   "INT_FREE_EX_DATA"},
-{ERR_FUNC(CRYPTO_F_INT_NEW_EX_DATA),    "INT_NEW_EX_DATA"},
+{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,0),        "CRYPTO_get_ex_new_index"},
+{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,0),       "CRYPTO_get_new_dynlockid"},
+{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_NEW_LOCKID,0),  "CRYPTO_get_new_lockid"},
+{ERR_PACK(0,CRYPTO_F_CRYPTO_SET_EX_DATA,0),     "CRYPTO_set_ex_data"},
+{ERR_PACK(0,CRYPTO_F_DEF_ADD_INDEX,0),  "DEF_ADD_INDEX"},
+{ERR_PACK(0,CRYPTO_F_DEF_GET_CLASS,0),  "DEF_GET_CLASS"},
+{ERR_PACK(0,CRYPTO_F_INT_DUP_EX_DATA,0),        "INT_DUP_EX_DATA"},
+{ERR_PACK(0,CRYPTO_F_INT_FREE_EX_DATA,0),       "INT_FREE_EX_DATA"},
+{ERR_PACK(0,CRYPTO_F_INT_NEW_EX_DATA,0),        "INT_NEW_EX_DATA"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA CRYPTO_str_reasons[]=
         {
-{ERR_REASON(CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK),"no dynlock create callback"},
+{CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK     ,"no dynlock create callback"},
 {0,NULL}
         };
 
@@ -98,8 +94,8 @@ void ERR_load_CRYPTO_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,CRYPTO_str_functs);
-                ERR_load_strings(0,CRYPTO_str_reasons);
+                ERR_load_strings(ERR_LIB_CRYPTO,CRYPTO_str_functs);
+                ERR_load_strings(ERR_LIB_CRYPTO,CRYPTO_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/crypto/cryptlib.c b/src/lib/libssl/src/crypto/cryptlib.c
index e63bbe8dba..fef0afb29f 100644
--- a/src/lib/libssl/src/crypto/cryptlib.c
+++ b/src/lib/libssl/src/crypto/cryptlib.c
@@ -480,8 +480,6 @@ const char *CRYPTO_get_lock_name(int type)
                 return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS));
         }
 
-int OPENSSL_NONPIC_relocated=0;
-
 #if defined(_WIN32) && defined(_WINDLL)
 
 /* All we really need to do is remove the 'error' state when a thread
@@ -493,21 +491,6 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason,
         switch(fdwReason)
                 {
         case DLL_PROCESS_ATTACH:
-#if defined(_WIN32_WINNT)
-                {
-                IMAGE_DOS_HEADER *dos_header = (IMAGE_DOS_HEADER *)hinstDLL;
-                IMAGE_NT_HEADERS *nt_headers;
-
-                if (dos_header->e_magic==IMAGE_DOS_SIGNATURE)
-                        {
-                        nt_headers = (IMAGE_NT_HEADERS *)((char *)dos_header
-                                                + dos_header->e_lfanew);
-                        if (nt_headers->Signature==IMAGE_NT_SIGNATURE &&
-                            hinstDLL!=(HINSTANCE)(nt_headers->OptionalHeader.ImageBase))
-                                OPENSSL_NONPIC_relocated=1;
-                        }
-                }
-#endif
                 break;
         case DLL_THREAD_ATTACH:
                 break;
@@ -521,160 +504,18 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason,
         }
 #endif
 
-#if defined(_WIN32)
-#include <tchar.h>
-
-#if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
-static int IsService(void)
-{ HWINSTA h;
-  DWORD len;
-  WCHAR *name;
-
-    (void)GetDesktopWindow(); /* return value is ignored */
-
-    h = GetProcessWindowStation();
-    if (h==NULL) return -1;
-
-    if (GetUserObjectInformationW (h,UOI_NAME,NULL,0,&len) ||
-        GetLastError() != ERROR_INSUFFICIENT_BUFFER)
-        return -1;
-
-    if (len>512) return -1;             /* paranoia */
-    len++,len&=~1;                      /* paranoia */
-#ifdef _MSC_VER
-    name=(WCHAR *)_alloca(len+sizeof(WCHAR));
-#else
-    name=(WCHAR *)alloca(len+sizeof(WCHAR));
-#endif
-    if (!GetUserObjectInformationW (h,UOI_NAME,name,len,&len))
-        return -1;
-
-    len++,len&=~1;                      /* paranoia */
-    name[len/sizeof(WCHAR)]=L'\0';      /* paranoia */
-#if 1
-    /* This doesn't cover "interactive" services [working with real
-     * WinSta0's] nor programs started non-interactively by Task
-     * Scheduler [those are working with SAWinSta]. */
-    if (wcsstr(name,L"Service-0x"))     return 1;
-#else
-    /* This covers all non-interactive programs such as services. */
-    if (!wcsstr(name,L"WinSta0"))       return 1;
-#endif
-    else                                return 0;
-}
-#endif
-
-void OPENSSL_showfatal (const char *fmta,...)
-{ va_list ap;
-  TCHAR buf[256];
-  const TCHAR *fmt;
-  HANDLE h;
-
-    if ((h=GetStdHandle(STD_ERROR_HANDLE)) != NULL &&
-        GetFileType(h)!=FILE_TYPE_UNKNOWN)
-    {   /* must be console application */
-        va_start (ap,fmta);
-        vfprintf (stderr,fmta,ap);
-        va_end (ap);
-        return;
-    }
-
-    if (sizeof(TCHAR)==sizeof(char))
-        fmt=(const TCHAR *)fmta;
-    else do
-    { int    keepgoing;
-      size_t len_0=strlen(fmta)+1,i;
-      WCHAR *fmtw;
-
-#ifdef _MSC_VER
-        fmtw = (WCHAR *)_alloca (len_0*sizeof(WCHAR));
-#else
-        fmtw = (WCHAR *)alloca (len_0*sizeof(WCHAR));
-#endif
-        if (fmtw == NULL) { fmt=(const TCHAR *)L"no stack?"; break; }
-
-#ifndef OPENSSL_NO_MULTIBYTE
-        if (!MultiByteToWideChar(CP_ACP,0,fmta,len_0,fmtw,len_0))
-#endif
-            for (i=0;i<len_0;i++) fmtw[i]=(WCHAR)fmta[i];
-
-        for (i=0;i<len_0;i++)
-        {   if (fmtw[i]==L'%') do
-            {   keepgoing=0;
-                switch (fmtw[i+1])
-                {   case L'0': case L'1': case L'2': case L'3': case L'4':
-                    case L'5': case L'6': case L'7': case L'8': case L'9':
-                    case L'.': case L'*':
-                    case L'-':  i++; keepgoing=1; break;
-                    case L's':  fmtw[i+1]=L'S';   break;
-                    case L'S':  fmtw[i+1]=L's';   break;
-                    case L'c':  fmtw[i+1]=L'C';   break;
-                    case L'C':  fmtw[i+1]=L'c';   break;
-                }
-            } while (keepgoing);
-        }
-        fmt = (const TCHAR *)fmtw;
-    } while (0);
-
-    va_start (ap,fmta);
-    _vsntprintf (buf,sizeof(buf)/sizeof(TCHAR)-1,fmt,ap);
-    buf [sizeof(buf)/sizeof(TCHAR)-1] = _T('\0');
-    va_end (ap);
-
-#if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
-    /* this -------------v--- guards NT-specific calls */
-    if (GetVersion() < 0x80000000 && IsService())
-    {   HANDLE h = RegisterEventSource(0,_T("OPENSSL"));
-        const TCHAR *pmsg=buf;
-        ReportEvent(h,EVENTLOG_ERROR_TYPE,0,0,0,1,0,&pmsg,0);
-        DeregisterEventSource(h);
-    }
-    else
-#endif
-    {   MSGBOXPARAMS         m;
-
-        m.cbSize             = sizeof(m);
-        m.hwndOwner          = NULL;
-        m.lpszCaption        = _T("OpenSSL: FATAL");
-        m.dwStyle            = MB_OK;
-        m.hInstance          = NULL;
-        m.lpszIcon           = IDI_ERROR;
-        m.dwContextHelpId    = 0;
-        m.lpfnMsgBoxCallback = NULL;
-        m.dwLanguageId       = MAKELANGID(LANG_ENGLISH,SUBLANG_ENGLISH_US);
-        m.lpszText           = buf;
-
-        MessageBoxIndirect (&m);
-    }
-}
-#else
-void OPENSSL_showfatal (const char *fmta,...)
-{ va_list ap;
-
-    va_start (ap,fmta);
-    vfprintf (stderr,fmta,ap);
-    va_end (ap);
-}
-#endif
-
 void OpenSSLDie(const char *file,int line,const char *assertion)
         {
-        OPENSSL_showfatal(
+        fprintf(stderr,
                 "%s(%d): OpenSSL internal error, assertion failed: %s\n",
                 file,line,assertion);
         abort();
         }
 
-void *OPENSSL_stderr(void)      { return stderr; }
-
 #ifdef OPENSSL_FIPS
-
-void fips_w_lock(void)          { CRYPTO_w_lock(CRYPTO_LOCK_FIPS); }
-void fips_w_unlock(void)        { CRYPTO_w_unlock(CRYPTO_LOCK_FIPS); }
-void fips_r_lock(void)          { CRYPTO_r_lock(CRYPTO_LOCK_FIPS); }
-void fips_r_unlock(void)        { CRYPTO_r_unlock(CRYPTO_LOCK_FIPS); }
-
 static int fips_started = 0;
+static int fips_mode = 0;
+static void *fips_rand_check = 0;
 static unsigned long fips_thread = 0;
 
 void fips_set_started(void)
@@ -735,10 +576,57 @@ int fips_clear_owning_thread(void)
         return ret;
         }
 
-unsigned char *fips_signature_witness(void)
+void fips_set_mode(int onoff)
+        {
+        int owning_thread = fips_is_owning_thread();
+
+        if (fips_is_started())
+                {
+                if (!owning_thread) CRYPTO_w_lock(CRYPTO_LOCK_FIPS);
+                fips_mode = onoff;
+                if (!owning_thread) CRYPTO_w_unlock(CRYPTO_LOCK_FIPS);
+                }
+        }
+
+void fips_set_rand_check(void *rand_check)
+        {
+        int owning_thread = fips_is_owning_thread();
+
+        if (fips_is_started())
+                {
+                if (!owning_thread) CRYPTO_w_lock(CRYPTO_LOCK_FIPS);
+                fips_rand_check = rand_check;
+                if (!owning_thread) CRYPTO_w_unlock(CRYPTO_LOCK_FIPS);
+                }
+        }
+
+int FIPS_mode(void)
+        {
+        int ret = 0;
+        int owning_thread = fips_is_owning_thread();
+
+        if (fips_is_started())
+                {
+                if (!owning_thread) CRYPTO_r_lock(CRYPTO_LOCK_FIPS);
+                ret = fips_mode;
+                if (!owning_thread) CRYPTO_r_unlock(CRYPTO_LOCK_FIPS);
+                }
+        return ret;
+        }
+
+void *FIPS_rand_check(void)
         {
-        extern unsigned char FIPS_signature[];
-        return FIPS_signature;
+        void *ret = 0;
+        int owning_thread = fips_is_owning_thread();
+
+        if (fips_is_started())
+                {
+                if (!owning_thread) CRYPTO_r_lock(CRYPTO_LOCK_FIPS);
+                ret = fips_rand_check;
+                if (!owning_thread) CRYPTO_r_unlock(CRYPTO_LOCK_FIPS);
+                }
+        return ret;
         }
+
 #endif /* OPENSSL_FIPS */
 
diff --git a/src/lib/libssl/src/crypto/cryptlib.h b/src/lib/libssl/src/crypto/cryptlib.h
index 6f59e08ca6..0d6b9d59f0 100644
--- a/src/lib/libssl/src/crypto/cryptlib.h
+++ b/src/lib/libssl/src/crypto/cryptlib.h
@@ -93,10 +93,6 @@ extern "C" {
 #define DECIMAL_SIZE(type)      ((sizeof(type)*8+2)/3+1)
 #define HEX_SIZE(type)          (sizeof(type)*2)
 
-void OPENSSL_showfatal(const char *,...);
-void *OPENSSL_stderr(void);
-extern int OPENSSL_NONPIC_relocated;
-
 #ifdef  __cplusplus
 }
 #endif
diff --git a/src/lib/libssl/src/crypto/crypto-lib.com b/src/lib/libssl/src/crypto/crypto-lib.com
index 427c321f25..c044ce0099 100644
--- a/src/lib/libssl/src/crypto/crypto-lib.com
+++ b/src/lib/libssl/src/crypto/crypto-lib.com
@@ -184,10 +184,10 @@ $ IF F$TRNLNM("OPENSSL_NO_ASM").OR.ARCH.EQS."AXP" THEN LIB_BN_ASM = "bn_asm"
 $ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,bn_mod,"+ -
         "bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ -
         "bn_kron,bn_sqrt,bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+","+ -
-        "bn_recp,bn_mont,bn_mpi,bn_exp2,bn_x931p"
+        "bn_recp,bn_mont,bn_mpi,bn_exp2"
 $ LIB_RSA = "rsa_eay,rsa_gen,rsa_lib,rsa_sign,rsa_saos,rsa_err,"+ -
         "rsa_pk1,rsa_ssl,rsa_none,rsa_oaep,rsa_chk,rsa_null,"+ -
-        "rsa_pss,rsa_x931,rsa_asn1"
+        "rsa_asn1"
 $ LIB_EC = "ec_lib,ecp_smpl,ecp_mont,ecp_recp,ecp_nist,ec_cvt,ec_mult,"+ -
         "ec_err"
 $ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,dsa_err,dsa_ossl"
@@ -265,15 +265,10 @@ $ LIB_KRB5 = "krb5_asn"
 $!
 $! Setup exceptional compilations
 $!
-$ ! Add definitions for no threads on OpenVMS 7.1 and higher
 $ COMPILEWITH_CC3 = ",bss_rtcp,"
-$ ! Disable the DOLLARID warning
 $ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time,"
-$ ! Disable disjoint optimization
 $ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + -
                     "sha_dgst,sha1dgst,rmd_dgst,bf_enc,"
-$ ! Disable the MIXLINKAGE warning
-$ COMPILEWITH_CC6 = ",enc_read,set_key,"
 $!
 $! Figure Out What Other Modules We Are To Build.
 $!
@@ -502,12 +497,7 @@ $       IF COMPILEWITH_CC5 - FILE_NAME0 .NES. COMPILEWITH_CC5
 $       THEN
 $         CC5/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
 $       ELSE
-$         IF COMPILEWITH_CC6 - FILE_NAME0 .NES. COMPILEWITH_CC6
-$         THEN
-$           CC6/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
-$         ELSE
-$           CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
-$         ENDIF
+$         CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
 $       ENDIF
 $     ENDIF
 $   ENDIF
@@ -970,7 +960,7 @@ $ CCDEFS = "TCPIP_TYPE_''P4',DSO_VMS"
 $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
 $ CCEXTRAFLAGS = ""
 $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
-$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
+$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX"
 $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
         CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
 $!
@@ -1087,18 +1077,14 @@ $   THEN
 $     IF CCDISABLEWARNINGS .EQS. ""
 $     THEN
 $       CC4DISABLEWARNINGS = "DOLLARID"
-$       CC6DISABLEWARNINGS = "MIXLINKAGE"
 $     ELSE
 $       CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID"
-$       CC6DISABLEWARNINGS = CCDISABLEWARNINGS + ",MIXLINKAGE"
 $       CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
 $     ENDIF
 $     CC4DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
-$     CC6DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC6DISABLEWARNINGS + "))"
 $   ELSE
 $     CCDISABLEWARNINGS = ""
 $     CC4DISABLEWARNINGS = ""
-$     CC6DISABLEWARNINGS = ""
 $   ENDIF
 $   CC3 = CC + "/DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS
 $   CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
@@ -1109,7 +1095,6 @@ $   ELSE
 $     CC5 = CC + "/NOOPTIMIZE"
 $   ENDIF
 $   CC4 = CC - CCDISABLEWARNINGS + CC4DISABLEWARNINGS
-$   CC6 = CC - CCDISABLEWARNINGS + CC6DISABLEWARNINGS
 $!
 $!  Show user the result
 $!
diff --git a/src/lib/libssl/src/crypto/crypto.h b/src/lib/libssl/src/crypto/crypto.h
index 22fd939e65..4d1dfac7f1 100644
--- a/src/lib/libssl/src/crypto/crypto.h
+++ b/src/lib/libssl/src/crypto/crypto.h
@@ -434,9 +434,12 @@ void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb);
 
 /* die if we have to */
 void OpenSSLDie(const char *file,int line,const char *assertion);
-#define OPENSSL_assert(e)       (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1))
+#define OPENSSL_assert(e)       ((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e))
 
 #ifdef OPENSSL_FIPS
+int FIPS_mode(void);
+void *FIPS_rand_check(void);
+
 #define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \
                 alg " previous FIPS forbidden algorithm error ignored");
 
diff --git a/src/lib/libssl/src/crypto/des/Makefile.ssl b/src/lib/libssl/src/crypto/des/Makefile.ssl
new file mode 100644
index 0000000000..0d9ba2b42f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/Makefile.ssl
@@ -0,0 +1,316 @@
+#
+# SSLeay/crypto/des/Makefile
+#
+
+DIR=    des
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=-I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+RANLIB=         ranlib
+DES_ENC=        des_enc.o fcrypt_b.o
+# or use
+#DES_ENC=       dx86-elf.o yx86-elf.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+
+GENERAL=Makefile
+TEST=destest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= cbc_cksm.c cbc_enc.c  cfb64enc.c cfb_enc.c  \
+        ecb3_enc.c ecb_enc.c  enc_read.c enc_writ.c \
+        fcrypt.c ofb64enc.c ofb_enc.c  pcbc_enc.c \
+        qud_cksm.c rand_key.c rpc_enc.c  set_key.c  \
+        des_enc.c fcrypt_b.c \
+        xcbc_enc.c \
+        str2key.c  cfb64ede.c ofb64ede.c ede_cbcm_enc.c des_old.c des_old2.c \
+        read2pwd.c
+
+LIBOBJ= set_key.o  ecb_enc.o  cbc_enc.o \
+        ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o  ofb64ede.o \
+        enc_read.o enc_writ.o ofb64enc.o \
+        ofb_enc.o  str2key.o  pcbc_enc.o qud_cksm.o rand_key.o \
+        ${DES_ENC} \
+        fcrypt.o xcbc_enc.o rpc_enc.o  cbc_cksm.o \
+        ede_cbcm_enc.o des_old.o des_old2.o read2pwd.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= des.h des_old.h
+HEADER= des_locl.h rpc_des.h spr.h des_ver.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+des: des.o cbc3_enc.o lib
+        $(CC) $(CFLAGS) -o des des.o cbc3_enc.o $(LIB)
+
+# elf
+asm/dx86-elf.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+        (cd asm; $(PERL) des-586.pl elf $(CFLAGS) > dx86-elf.s)
+
+asm/yx86-elf.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+        (cd asm; $(PERL) crypt586.pl elf $(CFLAGS) > yx86-elf.s)
+
+# a.out
+asm/dx86-out.o: asm/dx86unix.cpp
+        $(CPP) -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
+
+asm/yx86-out.o: asm/yx86unix.cpp
+        $(CPP) -DOUT asm/yx86unix.cpp | as -o asm/yx86-out.o
+
+# bsdi
+asm/dx86bsdi.o: asm/dx86unix.cpp
+        $(CPP) -DBSDI asm/dx86unix.cpp | sed 's/ :/:/' | as -o asm/dx86bsdi.o
+
+asm/yx86bsdi.o: asm/yx86unix.cpp
+        $(CPP) -DBSDI asm/yx86unix.cpp | sed 's/ :/:/' | as -o asm/yx86bsdi.o
+
+asm/dx86unix.cpp: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+        (cd asm; $(PERL) des-586.pl cpp >dx86unix.cpp)
+
+asm/yx86unix.cpp: asm/crypt586.pl ../perlasm/x86asm.pl
+        (cd asm; $(PERL) crypt586.pl cpp >yx86unix.cpp)
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install: installs
+
+installs:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f asm/dx86unix.cpp asm/yx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+cbc_cksm.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+cbc_cksm.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+cbc_cksm.o: ../../include/openssl/opensslconf.h
+cbc_cksm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+cbc_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cbc_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cbc_cksm.o: cbc_cksm.c des_locl.h
+cbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+cbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+cbc_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cbc_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cbc_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+cbc_enc.o: ../../include/openssl/ui_compat.h cbc_enc.c des_locl.h ncbc_enc.c
+cfb64ede.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+cfb64ede.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+cfb64ede.o: ../../include/openssl/opensslconf.h
+cfb64ede.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+cfb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cfb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cfb64ede.o: cfb64ede.c des_locl.h
+cfb64enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+cfb64enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+cfb64enc.o: ../../include/openssl/opensslconf.h
+cfb64enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+cfb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cfb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cfb64enc.o: cfb64enc.c des_locl.h
+cfb_enc.o: ../../e_os.h ../../include/openssl/crypto.h
+cfb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+cfb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cfb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+cfb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cfb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cfb_enc.o: cfb_enc.c des_locl.h
+des_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+des_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+des_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+des_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+des_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+des_enc.o: ../../include/openssl/ui_compat.h des_enc.c des_locl.h ncbc_enc.c
+des_old.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+des_old.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+des_old.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+des_old.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+des_old.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+des_old.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+des_old.o: ../../include/openssl/ui_compat.h des_old.c
+des_old2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+des_old2.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+des_old2.o: ../../include/openssl/opensslconf.h
+des_old2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+des_old2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+des_old2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+des_old2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+des_old2.o: des_old2.c
+ecb3_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+ecb3_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+ecb3_enc.o: ../../include/openssl/opensslconf.h
+ecb3_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ecb3_enc.o: des_locl.h ecb3_enc.c
+ecb_enc.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+ecb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ecb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ecb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ecb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ecb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ecb_enc.o: des_locl.h des_ver.h ecb_enc.c spr.h
+ede_cbcm_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+ede_cbcm_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+ede_cbcm_enc.o: ../../include/openssl/opensslconf.h
+ede_cbcm_enc.o: ../../include/openssl/opensslv.h
+ede_cbcm_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ede_cbcm_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ede_cbcm_enc.o: ../../include/openssl/ui_compat.h des_locl.h ede_cbcm_enc.c
+enc_read.o: ../../e_os.h ../../include/openssl/bio.h
+enc_read.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+enc_read.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+enc_read.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+enc_read.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+enc_read.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+enc_read.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+enc_read.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+enc_read.o: ../cryptlib.h des_locl.h enc_read.c
+enc_writ.o: ../../e_os.h ../../include/openssl/bio.h
+enc_writ.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+enc_writ.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+enc_writ.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+enc_writ.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+enc_writ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+enc_writ.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+enc_writ.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+enc_writ.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+enc_writ.o: ../cryptlib.h des_locl.h enc_writ.c
+fcrypt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+fcrypt.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+fcrypt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+fcrypt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+fcrypt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+fcrypt.o: ../../include/openssl/ui_compat.h des_locl.h fcrypt.c
+fcrypt_b.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+fcrypt_b.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+fcrypt_b.o: ../../include/openssl/opensslconf.h
+fcrypt_b.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+fcrypt_b.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+fcrypt_b.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+fcrypt_b.o: des_locl.h fcrypt_b.c
+ofb64ede.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+ofb64ede.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+ofb64ede.o: ../../include/openssl/opensslconf.h
+ofb64ede.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ofb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ofb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ofb64ede.o: des_locl.h ofb64ede.c
+ofb64enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+ofb64enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+ofb64enc.o: ../../include/openssl/opensslconf.h
+ofb64enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ofb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ofb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ofb64enc.o: des_locl.h ofb64enc.c
+ofb_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+ofb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+ofb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ofb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ofb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ofb_enc.o: ../../include/openssl/ui_compat.h des_locl.h ofb_enc.c
+pcbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+pcbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+pcbc_enc.o: ../../include/openssl/opensslconf.h
+pcbc_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+pcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+pcbc_enc.o: des_locl.h pcbc_enc.c
+qud_cksm.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+qud_cksm.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+qud_cksm.o: ../../include/openssl/opensslconf.h
+qud_cksm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+qud_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+qud_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+qud_cksm.o: des_locl.h qud_cksm.c
+rand_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+rand_key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+rand_key.o: ../../include/openssl/opensslconf.h
+rand_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rand_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+rand_key.o: rand_key.c
+read2pwd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+read2pwd.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+read2pwd.o: ../../include/openssl/opensslconf.h
+read2pwd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+read2pwd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+read2pwd.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+read2pwd.o: read2pwd.c
+rpc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+rpc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+rpc_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rpc_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rpc_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+rpc_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h rpc_des.h
+rpc_enc.o: rpc_enc.c
+set_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+set_key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+set_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+set_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+set_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+set_key.o: ../../include/openssl/ui_compat.h des_locl.h set_key.c
+str2key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+str2key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+str2key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+str2key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+str2key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+str2key.o: ../../include/openssl/ui_compat.h des_locl.h str2key.c
+xcbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+xcbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+xcbc_enc.o: ../../include/openssl/opensslconf.h
+xcbc_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+xcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+xcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+xcbc_enc.o: des_locl.h xcbc_enc.c
diff --git a/src/lib/libssl/src/crypto/des/asm/des-586.pl b/src/lib/libssl/src/crypto/des/asm/des-586.pl
index b75d3c6b3a..60d577cc8d 100644
--- a/src/lib/libssl/src/crypto/des/asm/des-586.pl
+++ b/src/lib/libssl/src/crypto/des/asm/des-586.pl
@@ -22,10 +22,14 @@ $R="esi";
 &external_label("DES_SPtrans");
 &DES_encrypt("DES_encrypt1",1);
 &DES_encrypt("DES_encrypt2",0);
-&DES_encrypt3("DES_encrypt3",1);
-&DES_encrypt3("DES_decrypt3",0);
-&cbc("DES_ncbc_encrypt","DES_encrypt1","DES_encrypt1",0,4,5,3,5,-1);
-&cbc("DES_ede3_cbc_encrypt","DES_encrypt3","DES_decrypt3",0,6,7,3,4,5);
+
+if (!$main'openbsd)
+        {
+        &DES_encrypt3("DES_encrypt3",1);
+        &DES_encrypt3("DES_decrypt3",0);
+        &cbc("DES_ncbc_encrypt","DES_encrypt1","DES_encrypt1",0,4,5,3,5,-1);
+        &cbc("DES_ede3_cbc_encrypt","DES_encrypt3","DES_decrypt3",0,6,7,3,4,5);
+        }
 
 &asm_finish();
 
diff --git a/src/lib/libssl/src/crypto/des/des.h b/src/lib/libssl/src/crypto/des/des.h
index c5df1c9c7b..81bd874edd 100644
--- a/src/lib/libssl/src/crypto/des/des.h
+++ b/src/lib/libssl/src/crypto/des/des.h
@@ -56,8 +56,8 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef HEADER_NEW_DES_H
-#define HEADER_NEW_DES_H
+#ifndef HEADER_DES_H
+#define HEADER_DES_H
 
 #ifdef OPENSSL_NO_DES
 #error DES is disabled.
@@ -71,6 +71,8 @@
 # define OPENSSL_EXTERN OPENSSL_EXPORT
 #endif
 
+#define des_SPtrans DES_SPtrans
+
 #ifdef  __cplusplus
 extern "C" {
 #endif
diff --git a/src/lib/libssl/src/crypto/des/des_enc.c b/src/lib/libssl/src/crypto/des/des_enc.c
index 72be2d98d7..6a49ec4a55 100644
--- a/src/lib/libssl/src/crypto/des/des_enc.c
+++ b/src/lib/libssl/src/crypto/des/des_enc.c
@@ -59,6 +59,7 @@
 #include "des_locl.h"
 
 #ifndef OPENSSL_FIPS
+#ifndef OPENBSD_DES_ASM
 
 void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
         {
@@ -248,6 +249,7 @@ void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc)
         data[1]=ROTATE(r,3)&0xffffffffL;
         l=r=t=u=0;
         }
+#endif
 
 void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
                   DES_key_schedule *ks2, DES_key_schedule *ks3)
diff --git a/src/lib/libssl/src/crypto/des/des_locl.h b/src/lib/libssl/src/crypto/des/des_locl.h
index 8f04b18c50..e44e8e98b2 100644
--- a/src/lib/libssl/src/crypto/des/des_locl.h
+++ b/src/lib/libssl/src/crypto/des/des_locl.h
@@ -421,7 +421,7 @@
         PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
         }
 
-extern const DES_LONG DES_SPtrans[8][64];
+OPENSSL_EXTERN const DES_LONG DES_SPtrans[8][64];
 
 void fcrypt_body(DES_LONG *out,DES_key_schedule *ks,
                  DES_LONG Eswap0, DES_LONG Eswap1);
diff --git a/src/lib/libssl/src/crypto/des/des_old.h b/src/lib/libssl/src/crypto/des/des_old.h
index 1d840b474a..1d8bf65101 100644
--- a/src/lib/libssl/src/crypto/des/des_old.h
+++ b/src/lib/libssl/src/crypto/des/des_old.h
@@ -88,14 +88,14 @@
  *
  */
 
-#ifndef HEADER_DES_H
-#define HEADER_DES_H
+#ifndef HEADER_DES_OLD_H
+#define HEADER_DES_OLD_H
 
 #ifdef OPENSSL_NO_DES
 #error DES is disabled.
 #endif
 
-#ifndef HEADER_NEW_DES_H
+#ifndef HEADER_DES_H
 #error You must include des.h, not des_old.h directly.
 #endif
 
diff --git a/src/lib/libssl/src/crypto/des/times/usparc.cc b/src/lib/libssl/src/crypto/des/times/usparc.cc
index f6ec8e8831..0864285ef6 100644
--- a/src/lib/libssl/src/crypto/des/times/usparc.cc
+++ b/src/lib/libssl/src/crypto/des/times/usparc.cc
@@ -2,7 +2,7 @@ solaris 2.5.1 usparc 167mhz?? - SC4.0 cc -fast -Xa -xO5
 
 For the ultra sparc, SunC 4.0 cc -fast -Xa -xO5, running 'des_opts'
 gives a speed of 475,000 des/s while 'speed' gives 417,000 des/s.
-I belive the difference is tied up in optimisation that the compiler
+I believe the difference is tied up in optimisation that the compiler
 is able to perform when the code is 'inlined'.  For 'speed', the DES
 routines are being linked from a library.  I'll record the higher
 speed since if performance is everything, you can always inline
diff --git a/src/lib/libssl/src/crypto/dh/Makefile.ssl b/src/lib/libssl/src/crypto/dh/Makefile.ssl
new file mode 100644
index 0000000000..e05fc01a12
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dh/Makefile.ssl
@@ -0,0 +1,133 @@
+#
+# SSLeay/crypto/dh/Makefile
+#
+
+DIR=    dh
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST= dhtest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c
+LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= dh.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+dh_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
+dh_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+dh_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dh_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dh_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dh_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dh_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dh_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_asn1.c
+dh_check.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_check.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_check.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dh_check.o: ../../include/openssl/opensslconf.h
+dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_check.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_check.c
+dh_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dh_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dh_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+dh_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_err.o: ../../include/openssl/symhacks.h dh_err.c
+dh_gen.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_gen.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dh_gen.o: ../cryptlib.h dh_gen.c
+dh_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_key.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_key.c
+dh_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+dh_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dh_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dh_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+dh_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+dh_lib.o: ../cryptlib.h dh_lib.c
diff --git a/src/lib/libssl/src/crypto/dh/dh.h b/src/lib/libssl/src/crypto/dh/dh.h
index 92c7481e10..0aff7fe21f 100644
--- a/src/lib/libssl/src/crypto/dh/dh.h
+++ b/src/lib/libssl/src/crypto/dh/dh.h
@@ -70,14 +70,7 @@
 #include <openssl/crypto.h>
 #include <openssl/ossl_typ.h>
         
-#define DH_FLAG_CACHE_MONT_P     0x01
-#define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
-                                       * implementation now uses constant time
-                                       * modular exponentiation for secret exponents
-                                       * by default. This flag causes the
-                                       * faster variable sliding window method to
-                                       * be used for all exponents.
-                                       */
+#define DH_FLAG_CACHE_MONT_P    0x01
 
 #ifdef  __cplusplus
 extern "C" {
@@ -108,7 +101,7 @@ struct dh_st
         int version;
         BIGNUM *p;
         BIGNUM *g;
-        long length; /* optional */
+        int length; /* optional */
         BIGNUM *pub_key;        /* g^x */
         BIGNUM *priv_key;       /* x */
 
@@ -137,6 +130,10 @@ struct dh_st
 #define DH_UNABLE_TO_CHECK_GENERATOR    0x04
 #define DH_NOT_SUITABLE_GENERATOR       0x08
 
+/* DH_check_pub_key error codes */
+#define DH_CHECK_PUBKEY_TOO_SMALL       0x01
+#define DH_CHECK_PUBKEY_TOO_LARGE       0x02
+
 /* primes p where (p-1)/2 is prime too are called "safe"; we define
    this for backward compatibility: */
 #define DH_CHECK_P_NOT_STRONG_PRIME     DH_CHECK_P_NOT_SAFE_PRIME
@@ -175,6 +172,7 @@ void *DH_get_ex_data(DH *d, int idx);
 DH *    DH_generate_parameters(int prime_len,int generator,
                 void (*callback)(int,int,void *),void *cb_arg);
 int     DH_check(const DH *dh,int *codes);
+int     DH_check_pub_key(const DH *dh,const BIGNUM *pub_key, int *codes);
 int     DH_generate_key(DH *dh);
 int     DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh);
 DH *    d2i_DHparams(DH **a,const unsigned char **pp, long length);
@@ -207,6 +205,7 @@ void ERR_load_DH_strings(void);
 /* Reason codes. */
 #define DH_R_BAD_GENERATOR                               101
 #define DH_R_NO_PRIVATE_VALUE                            100
+#define DH_R_INVALID_PUBKEY                              102
 
 #ifdef  __cplusplus
 }
diff --git a/src/lib/libssl/src/crypto/dh/dh_check.c b/src/lib/libssl/src/crypto/dh/dh_check.c
index a7e9920efb..17debff62d 100644
--- a/src/lib/libssl/src/crypto/dh/dh_check.c
+++ b/src/lib/libssl/src/crypto/dh/dh_check.c
@@ -121,4 +121,26 @@ err:
         return(ok);
         }
 
+int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret)
+        {
+        int ok=0;
+        BIGNUM *q=NULL;
+
+        *ret=0;
+        q=BN_new();
+        if (q == NULL) goto err;
+        BN_set_word(q,1);
+        if (BN_cmp(pub_key,q) <= 0)
+                *ret|=DH_CHECK_PUBKEY_TOO_SMALL;
+        BN_copy(q,dh->p);
+        BN_sub_word(q,1);
+        if (BN_cmp(pub_key,q) >= 0)
+                *ret|=DH_CHECK_PUBKEY_TOO_LARGE;
+
+        ok = 1;
+err:
+        if (q != NULL) BN_free(q);
+        return(ok);
+        }
+
 #endif
diff --git a/src/lib/libssl/src/crypto/dh/dh_err.c b/src/lib/libssl/src/crypto/dh/dh_err.c
index 83ccb41221..914b8a9c53 100644
--- a/src/lib/libssl/src/crypto/dh/dh_err.c
+++ b/src/lib/libssl/src/crypto/dh/dh_err.c
@@ -1,6 +1,6 @@
 /* crypto/dh/dh_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,25 +64,22 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DH,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DH,0,reason)
-
 static ERR_STRING_DATA DH_str_functs[]=
         {
-{ERR_FUNC(DH_F_DHPARAMS_PRINT), "DHparams_print"},
-{ERR_FUNC(DH_F_DHPARAMS_PRINT_FP),      "DHparams_print_fp"},
-{ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"},
-{ERR_FUNC(DH_F_DH_GENERATE_KEY),        "DH_generate_key"},
-{ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS), "DH_generate_parameters"},
-{ERR_FUNC(DH_F_DH_NEW_METHOD),  "DH_new_method"},
+{ERR_PACK(0,DH_F_DHPARAMS_PRINT,0),     "DHparams_print"},
+{ERR_PACK(0,DH_F_DHPARAMS_PRINT_FP,0),  "DHparams_print_fp"},
+{ERR_PACK(0,DH_F_DH_COMPUTE_KEY,0),     "DH_compute_key"},
+{ERR_PACK(0,DH_F_DH_GENERATE_KEY,0),    "DH_generate_key"},
+{ERR_PACK(0,DH_F_DH_GENERATE_PARAMETERS,0),     "DH_generate_parameters"},
+{ERR_PACK(0,DH_F_DH_NEW_METHOD,0),      "DH_new_method"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA DH_str_reasons[]=
         {
-{ERR_REASON(DH_R_BAD_GENERATOR)          ,"bad generator"},
-{ERR_REASON(DH_R_NO_PRIVATE_VALUE)       ,"no private value"},
+{DH_R_BAD_GENERATOR                      ,"bad generator"},
+{DH_R_NO_PRIVATE_VALUE                   ,"no private value"},
+{DH_R_INVALID_PUBKEY                     ,"invalid public key"},
 {0,NULL}
         };
 
@@ -96,8 +93,8 @@ void ERR_load_DH_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,DH_str_functs);
-                ERR_load_strings(0,DH_str_reasons);
+                ERR_load_strings(ERR_LIB_DH,DH_str_functs);
+                ERR_load_strings(ERR_LIB_DH,DH_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/crypto/dh/dh_key.c b/src/lib/libssl/src/crypto/dh/dh_key.c
index 3a39f7c8ca..648766a6ec 100644
--- a/src/lib/libssl/src/crypto/dh/dh_key.c
+++ b/src/lib/libssl/src/crypto/dh/dh_key.c
@@ -105,7 +105,7 @@ static int generate_key(DH *dh)
         int generate_new_key=0;
         unsigned l;
         BN_CTX *ctx;
-        BN_MONT_CTX *mont=NULL;
+        BN_MONT_CTX *mont;
         BIGNUM *pub_key=NULL,*priv_key=NULL;
 
         ctx = BN_CTX_new();
@@ -128,37 +128,21 @@ static int generate_key(DH *dh)
         else
                 pub_key=dh->pub_key;
 
-
-        if (dh->flags & DH_FLAG_CACHE_MONT_P)
+        if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
                 {
-                mont = BN_MONT_CTX_set_locked(
-                                (BN_MONT_CTX **)&dh->method_mont_p,
-                                CRYPTO_LOCK_DH, dh->p, ctx);
-                if (!mont)
-                        goto err;
+                if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
+                        if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
+                                dh->p,ctx)) goto err;
                 }
+        mont=(BN_MONT_CTX *)dh->method_mont_p;
 
         if (generate_new_key)
                 {
                 l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
                 if (!BN_rand(priv_key, l, 0, 0)) goto err;
                 }
-
-        {
-                BIGNUM local_prk;
-                BIGNUM *prk;
-
-                if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
-                        {
-                        BN_init(&local_prk);
-                        prk = &local_prk;
-                        BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME);
-                        }
-                else
-                        prk = priv_key;
-
-                if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont)) goto err;
-        }
+        if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, priv_key,dh->p,ctx,mont))
+                goto err;
                 
         dh->pub_key=pub_key;
         dh->priv_key=priv_key;
@@ -176,9 +160,10 @@ err:
 static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
         {
         BN_CTX *ctx;
-        BN_MONT_CTX *mont=NULL;
+        BN_MONT_CTX *mont;
         BIGNUM *tmp;
         int ret= -1;
+        int check_result;
 
         ctx = BN_CTX_new();
         if (ctx == NULL) goto err;
@@ -190,21 +175,20 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
                 DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
                 goto err;
                 }
-
-        if (dh->flags & DH_FLAG_CACHE_MONT_P)
+        if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
                 {
-                mont = BN_MONT_CTX_set_locked(
-                                (BN_MONT_CTX **)&dh->method_mont_p,
-                                CRYPTO_LOCK_DH, dh->p, ctx);
-                if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
-                        {
-                        /* XXX */
-                        BN_set_flags(dh->priv_key, BN_FLG_EXP_CONSTTIME);
-                        }
-                if (!mont)
-                        goto err;
+                if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
+                        if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
+                                dh->p,ctx)) goto err;
                 }
 
+        mont=(BN_MONT_CTX *)dh->method_mont_p;
+
+        if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result)
+                {
+                DHerr(DH_F_DH_COMPUTE_KEY,DH_R_INVALID_PUBKEY);
+                goto err;
+                }
         if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont))
                 {
                 DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
@@ -213,11 +197,8 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
 
         ret=BN_bn2bin(tmp,key);
 err:
-        if (ctx != NULL)
-                {
-                BN_CTX_end(ctx);
-                BN_CTX_free(ctx);
-                }
+        BN_CTX_end(ctx);
+        BN_CTX_free(ctx);
         return(ret);
         }
 
@@ -226,10 +207,7 @@ static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
                         const BIGNUM *m, BN_CTX *ctx,
                         BN_MONT_CTX *m_ctx)
         {
-        /* If a is only one word long and constant time is false, use the faster
-         * exponenentiation function.
-         */
-        if (a->top == 1 && ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) != 0))
+        if (a->top == 1)
                 {
                 BN_ULONG A = a->d[0];
                 return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx);
diff --git a/src/lib/libssl/src/crypto/dh/dhtest.c b/src/lib/libssl/src/crypto/dh/dhtest.c
index b76dede771..d75077f9fa 100644
--- a/src/lib/libssl/src/crypto/dh/dhtest.c
+++ b/src/lib/libssl/src/crypto/dh/dhtest.c
@@ -136,10 +136,6 @@ int main(int argc, char *argv[])
         b->g=BN_dup(a->g);
         if ((b->p == NULL) || (b->g == NULL)) goto err;
 
-        /* Set a to run with normal modexp and b to use constant time */
-        a->flags &= ~DH_FLAG_NO_EXP_CONSTTIME;
-        b->flags |= DH_FLAG_NO_EXP_CONSTTIME;
-
         if (!DH_generate_key(a)) goto err;
         BIO_puts(out,"pri 1=");
         BN_print(out,a->priv_key);
diff --git a/src/lib/libssl/src/crypto/dsa/Makefile.ssl b/src/lib/libssl/src/crypto/dsa/Makefile.ssl
new file mode 100644
index 0000000000..e5f8a8cf51
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dsa/Makefile.ssl
@@ -0,0 +1,171 @@
+#
+# SSLeay/crypto/dsa/Makefile
+#
+
+DIR=    dsa
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=dsatest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \
+        dsa_err.c dsa_ossl.c
+LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \
+        dsa_err.o dsa_ossl.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= dsa.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+dsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dsa_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_asn1.o: ../../include/openssl/opensslconf.h
+dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dsa_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_asn1.c
+dsa_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dsa_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_err.o: dsa_err.c
+dsa_gen.o: ../../e_os.h ../../include/openssl/aes.h
+dsa_gen.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+dsa_gen.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+dsa_gen.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+dsa_gen.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+dsa_gen.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+dsa_gen.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+dsa_gen.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+dsa_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+dsa_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+dsa_gen.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+dsa_gen.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+dsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_gen.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+dsa_gen.o: ../../include/openssl/ui_compat.h ../cryptlib.h dsa_gen.c
+dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+dsa_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dsa_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+dsa_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+dsa_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_key.o: ../cryptlib.h dsa_key.c
+dsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
+dsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+dsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+dsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_lib.o: ../../include/openssl/ui.h ../cryptlib.h dsa_lib.c
+dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_ossl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dsa_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+dsa_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_ossl.o: ../cryptlib.h dsa_ossl.c
+dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+dsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_sign.o: ../cryptlib.h dsa_sign.c
+dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_vrf.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dsa_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dsa_vrf.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_vrf.c
diff --git a/src/lib/libssl/src/crypto/dsa/dsa.h b/src/lib/libssl/src/crypto/dsa/dsa.h
index 851e3f0445..225ff391f9 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa.h
+++ b/src/lib/libssl/src/crypto/dsa/dsa.h
@@ -80,20 +80,6 @@
 #endif
 
 #define DSA_FLAG_CACHE_MONT_P   0x01
-#define DSA_FLAG_NO_EXP_CONSTTIME       0x02 /* new with 0.9.7h; the built-in DSA
-                                              * implementation now uses constant time
-                                              * modular exponentiation for secret exponents
-                                              * by default. This flag causes the
-                                              * faster variable sliding window method to
-                                              * be used for all exponents.
-                                              */
-
-/* If this flag is set external DSA_METHOD callbacks are allowed in FIPS mode
- * it is then the applications responsibility to ensure the external method
- * is compliant.
- */
-
-#define DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW     0x04
 
 #if defined(OPENSSL_FIPS)
 #define FIPS_DSA_SIZE_T int
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_err.c b/src/lib/libssl/src/crypto/dsa/dsa_err.c
index fd42053572..79aa4ff526 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa_err.c
+++ b/src/lib/libssl/src/crypto/dsa/dsa_err.c
@@ -1,6 +1,6 @@
 /* crypto/dsa/dsa_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,33 +64,29 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DSA,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSA,0,reason)
-
 static ERR_STRING_DATA DSA_str_functs[]=
         {
-{ERR_FUNC(DSA_F_D2I_DSA_SIG),   "d2i_DSA_SIG"},
-{ERR_FUNC(DSA_F_DSAPARAMS_PRINT),       "DSAparams_print"},
-{ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP),    "DSAparams_print_fp"},
-{ERR_FUNC(DSA_F_DSA_DO_SIGN),   "DSA_do_sign"},
-{ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"},
-{ERR_FUNC(DSA_F_DSA_NEW_METHOD),        "DSA_new_method"},
-{ERR_FUNC(DSA_F_DSA_PRINT),     "DSA_print"},
-{ERR_FUNC(DSA_F_DSA_PRINT_FP),  "DSA_print_fp"},
-{ERR_FUNC(DSA_F_DSA_SIGN),      "DSA_sign"},
-{ERR_FUNC(DSA_F_DSA_SIGN_SETUP),        "DSA_sign_setup"},
-{ERR_FUNC(DSA_F_DSA_SIG_NEW),   "DSA_SIG_new"},
-{ERR_FUNC(DSA_F_DSA_VERIFY),    "DSA_verify"},
-{ERR_FUNC(DSA_F_I2D_DSA_SIG),   "i2d_DSA_SIG"},
-{ERR_FUNC(DSA_F_SIG_CB),        "SIG_CB"},
+{ERR_PACK(0,DSA_F_D2I_DSA_SIG,0),       "d2i_DSA_SIG"},
+{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT,0),   "DSAparams_print"},
+{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT_FP,0),        "DSAparams_print_fp"},
+{ERR_PACK(0,DSA_F_DSA_DO_SIGN,0),       "DSA_do_sign"},
+{ERR_PACK(0,DSA_F_DSA_DO_VERIFY,0),     "DSA_do_verify"},
+{ERR_PACK(0,DSA_F_DSA_NEW_METHOD,0),    "DSA_new_method"},
+{ERR_PACK(0,DSA_F_DSA_PRINT,0), "DSA_print"},
+{ERR_PACK(0,DSA_F_DSA_PRINT_FP,0),      "DSA_print_fp"},
+{ERR_PACK(0,DSA_F_DSA_SIGN,0),  "DSA_sign"},
+{ERR_PACK(0,DSA_F_DSA_SIGN_SETUP,0),    "DSA_sign_setup"},
+{ERR_PACK(0,DSA_F_DSA_SIG_NEW,0),       "DSA_SIG_new"},
+{ERR_PACK(0,DSA_F_DSA_VERIFY,0),        "DSA_verify"},
+{ERR_PACK(0,DSA_F_I2D_DSA_SIG,0),       "i2d_DSA_SIG"},
+{ERR_PACK(0,DSA_F_SIG_CB,0),    "SIG_CB"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA DSA_str_reasons[]=
         {
-{ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"},
-{ERR_REASON(DSA_R_MISSING_PARAMETERS)    ,"missing parameters"},
+{DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE       ,"data too large for key size"},
+{DSA_R_MISSING_PARAMETERS                ,"missing parameters"},
 {0,NULL}
         };
 
@@ -104,8 +100,8 @@ void ERR_load_DSA_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,DSA_str_functs);
-                ERR_load_strings(0,DSA_str_reasons);
+                ERR_load_strings(ERR_LIB_DSA,DSA_str_functs);
+                ERR_load_strings(ERR_LIB_DSA,DSA_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_key.c b/src/lib/libssl/src/crypto/dsa/dsa_key.c
index 980b6dc2d3..30607ca579 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa_key.c
+++ b/src/lib/libssl/src/crypto/dsa/dsa_key.c
@@ -90,22 +90,8 @@ int DSA_generate_key(DSA *dsa)
                 }
         else
                 pub_key=dsa->pub_key;
-        
-        {
-                BIGNUM local_prk;
-                BIGNUM *prk;
-
-                if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
-                        {
-                        BN_init(&local_prk);
-                        prk = &local_prk;
-                        BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME);
-                        }
-                else
-                        prk = priv_key;
 
-                if (!BN_mod_exp(pub_key,dsa->g,prk,dsa->p,ctx)) goto err;
-        }
+        if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err;
 
         dsa->priv_key=priv_key;
         dsa->pub_key=pub_key;
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_ossl.c b/src/lib/libssl/src/crypto/dsa/dsa_ossl.c
index 12509a7083..f1a85afcde 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa_ossl.c
+++ b/src/lib/libssl/src/crypto/dsa/dsa_ossl.c
@@ -172,7 +172,7 @@ err:
 static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
         {
         BN_CTX *ctx;
-        BIGNUM k,kq,*K,*kinv=NULL,*r=NULL;
+        BIGNUM k,*kinv=NULL,*r=NULL;
         int ret=0;
 
         if (!dsa->p || !dsa->q || !dsa->g)
@@ -182,7 +182,6 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
                 }
 
         BN_init(&k);
-        BN_init(&kq);
 
         if (ctx_in == NULL)
                 {
@@ -192,49 +191,22 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
                 ctx=ctx_in;
 
         if ((r=BN_new()) == NULL) goto err;
+        kinv=NULL;
 
         /* Get random k */
         do
                 if (!BN_rand_range(&k, dsa->q)) goto err;
         while (BN_is_zero(&k));
-        if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
-                {
-                BN_set_flags(&k, BN_FLG_EXP_CONSTTIME);
-                }
 
-        if (dsa->flags & DSA_FLAG_CACHE_MONT_P)
+        if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
                 {
-                if (!BN_MONT_CTX_set_locked((BN_MONT_CTX **)&dsa->method_mont_p,
-                                                CRYPTO_LOCK_DSA,
-                                                dsa->p, ctx))
-                        goto err;
+                if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
+                        if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
+                                dsa->p,ctx)) goto err;
                 }
 
         /* Compute r = (g^k mod p) mod q */
-
-        if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
-                {
-                if (!BN_copy(&kq, &k)) goto err;
-
-                /* We do not want timing information to leak the length of k,
-                 * so we compute g^k using an equivalent exponent of fixed length.
-                 *
-                 * (This is a kludge that we need because the BN_mod_exp_mont()
-                 * does not let us specify the desired timing behaviour.) */
-
-                if (!BN_add(&kq, &kq, dsa->q)) goto err;
-                if (BN_num_bits(&kq) <= BN_num_bits(dsa->q))
-                        {
-                        if (!BN_add(&kq, &kq, dsa->q)) goto err;
-                        }
-
-                K = &kq;
-                }
-        else
-                {
-                K = &k;
-                }
-        if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,K,dsa->p,ctx,
+        if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,
                 (BN_MONT_CTX *)dsa->method_mont_p)) goto err;
         if (!BN_mod(r,r,dsa->q,ctx)) goto err;
 
@@ -257,7 +229,6 @@ err:
         if (ctx_in == NULL) BN_CTX_free(ctx);
         if (kinv != NULL) BN_clear_free(kinv);
         BN_clear_free(&k);
-        BN_clear_free(&kq);
         return(ret);
         }
 
@@ -304,15 +275,13 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
         /* u2 = r * w mod q */
         if (!BN_mod_mul(&u2,sig->r,&u2,dsa->q,ctx)) goto err;
 
-
-        if (dsa->flags & DSA_FLAG_CACHE_MONT_P)
+        if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
                 {
-                mont = BN_MONT_CTX_set_locked(
-                                        (BN_MONT_CTX **)&dsa->method_mont_p,
-                                        CRYPTO_LOCK_DSA, dsa->p, ctx);
-                if (!mont)
-                        goto err;
+                if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
+                        if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
+                                dsa->p,ctx)) goto err;
                 }
+        mont=(BN_MONT_CTX *)dsa->method_mont_p;
 
 #if 0
         {
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_sign.c b/src/lib/libssl/src/crypto/dsa/dsa_sign.c
index 37c65efb20..3c9753bac3 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa_sign.c
+++ b/src/lib/libssl/src/crypto/dsa/dsa_sign.c
@@ -72,8 +72,7 @@
 DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
         {
 #ifdef OPENSSL_FIPS
-        if(FIPS_mode() && !(dsa->flags & DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW)
-                && !FIPS_dsa_check(dsa))
+        if(FIPS_mode() && !FIPS_dsa_check(dsa))
                 return NULL;
 #endif
         return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
@@ -97,8 +96,7 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
 int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
         {
 #ifdef OPENSSL_FIPS
-        if(FIPS_mode() && !(dsa->flags & DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW)
-                && !FIPS_dsa_check(dsa))
+        if(FIPS_mode() && !FIPS_dsa_check(dsa))
                 return 0;
 #endif
         return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_vrf.c b/src/lib/libssl/src/crypto/dsa/dsa_vrf.c
index c9784bed48..8ef0c45025 100644
--- a/src/lib/libssl/src/crypto/dsa/dsa_vrf.c
+++ b/src/lib/libssl/src/crypto/dsa/dsa_vrf.c
@@ -74,8 +74,7 @@ int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
                   DSA *dsa)
         {
 #ifdef OPENSSL_FIPS
-        if(FIPS_mode() && !(dsa->flags & DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW)
-                && !FIPS_dsa_check(dsa))
+        if(FIPS_mode() && !FIPS_dsa_check(dsa))
                 return -1;
 #endif
         return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
diff --git a/src/lib/libssl/src/crypto/dsa/dsatest.c b/src/lib/libssl/src/crypto/dsa/dsatest.c
index 55a3756aff..4734ce4af8 100644
--- a/src/lib/libssl/src/crypto/dsa/dsatest.c
+++ b/src/lib/libssl/src/crypto/dsa/dsatest.c
@@ -194,19 +194,10 @@ int main(int argc, char **argv)
                 BIO_printf(bio_err,"g value is wrong\n");
                 goto end;
                 }
-
-        dsa->flags |= DSA_FLAG_NO_EXP_CONSTTIME;
         DSA_generate_key(dsa);
         DSA_sign(0, str1, 20, sig, &siglen, dsa);
         if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
                 ret=1;
-
-        dsa->flags &= ~DSA_FLAG_NO_EXP_CONSTTIME;
-        DSA_generate_key(dsa);
-        DSA_sign(0, str1, 20, sig, &siglen, dsa);
-        if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
-                ret=1;
-
 end:
         if (!ret)
                 ERR_print_errors(bio_err);
diff --git a/src/lib/libssl/src/crypto/dso/Makefile.ssl b/src/lib/libssl/src/crypto/dso/Makefile.ssl
new file mode 100644
index 0000000000..c0449d184e
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dso/Makefile.ssl
@@ -0,0 +1,142 @@
+#
+# SSLeay/crypto/dso/Makefile
+#
+
+DIR=    dso
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= dso_dl.c dso_dlfcn.c dso_err.c dso_lib.c dso_null.c \
+        dso_openssl.c dso_win32.c dso_vms.c
+LIBOBJ= dso_dl.o dso_dlfcn.o dso_err.o dso_lib.o dso_null.o \
+        dso_openssl.o dso_win32.o dso_vms.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= dso.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+dso_dl.o: ../../e_os.h ../../include/openssl/bio.h
+dso_dl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_dl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_dl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_dl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dso_dl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dso_dl.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_dl.c
+dso_dlfcn.o: ../../e_os.h ../../include/openssl/bio.h
+dso_dlfcn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_dlfcn.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_dlfcn.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_dlfcn.o: ../../include/openssl/opensslconf.h
+dso_dlfcn.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+dso_dlfcn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dso_dlfcn.o: ../cryptlib.h dso_dlfcn.c
+dso_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+dso_err.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dso_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dso_err.o: ../../include/openssl/symhacks.h dso_err.c
+dso_lib.o: ../../e_os.h ../../include/openssl/bio.h
+dso_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_lib.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dso_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dso_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_lib.c
+dso_null.o: ../../e_os.h ../../include/openssl/bio.h
+dso_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_null.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_null.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_null.o: ../../include/openssl/opensslconf.h
+dso_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+dso_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dso_null.o: ../cryptlib.h dso_null.c
+dso_openssl.o: ../../e_os.h ../../include/openssl/bio.h
+dso_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_openssl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_openssl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_openssl.o: ../../include/openssl/opensslconf.h
+dso_openssl.o: ../../include/openssl/opensslv.h
+dso_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dso_openssl.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_openssl.c
+dso_vms.o: ../../e_os.h ../../include/openssl/bio.h
+dso_vms.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_vms.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_vms.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_vms.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dso_vms.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dso_vms.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_vms.c
+dso_win32.o: ../../e_os.h ../../include/openssl/bio.h
+dso_win32.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_win32.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_win32.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_win32.o: ../../include/openssl/opensslconf.h
+dso_win32.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+dso_win32.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dso_win32.o: ../cryptlib.h dso_win32.c
diff --git a/src/lib/libssl/src/crypto/dso/dso_dl.c b/src/lib/libssl/src/crypto/dso/dso_dl.c
index f7b4dfc0c3..79d2cb4d8c 100644
--- a/src/lib/libssl/src/crypto/dso/dso_dl.c
+++ b/src/lib/libssl/src/crypto/dso/dso_dl.c
@@ -126,8 +126,7 @@ static int dl_load(DSO *dso)
                 DSOerr(DSO_F_DL_LOAD,DSO_R_NO_FILENAME);
                 goto err;
                 }
-        ptr = shl_load(filename, BIND_IMMEDIATE |
-                (dso->flags&DSO_FLAG_NO_NAME_TRANSLATION?0:DYNAMIC_PATH), 0L);
+        ptr = shl_load(filename, BIND_IMMEDIATE|DYNAMIC_PATH, 0L);
         if(ptr == NULL)
                 {
                 DSOerr(DSO_F_DL_LOAD,DSO_R_LOAD_FAILED);
@@ -282,36 +281,4 @@ static char *dl_name_converter(DSO *dso, const char *filename)
         return(translated);
         }
 
-#ifdef OPENSSL_FIPS
-static void dl_ref_point(){}
-
-int DSO_pathbyaddr(void *addr,char *path,int sz)
-        {
-        struct shl_descriptor inf;
-        int i,len;
-
-        if (addr == NULL)
-                {
-                union { void(*f)(); void *p; } t = { dl_ref_point };
-                addr = t.p;
-                }
-
-        for (i=-1;shl_get_r(i,&inf)==0;i++)
-                {
-                if (((size_t)addr >= inf.tstart && (size_t)addr < inf.tend) ||
-                    ((size_t)addr >= inf.dstart && (size_t)addr < inf.dend))
-                        {
-                        len = (int)strlen(inf.filename);
-                        if (sz <= 0) return len+1;
-                        if (len >= sz) len=sz-1;
-                        memcpy(path,inf.filename,len);
-                        path[len++] = 0;
-                        return len;
-                        }
-                }
-
-        return -1;
-        }
-#endif
-
 #endif /* DSO_DL */
diff --git a/src/lib/libssl/src/crypto/dso/dso_dlfcn.c b/src/lib/libssl/src/crypto/dso/dso_dlfcn.c
index 0422a4859a..2e72969431 100644
--- a/src/lib/libssl/src/crypto/dso/dso_dlfcn.c
+++ b/src/lib/libssl/src/crypto/dso/dso_dlfcn.c
@@ -56,10 +56,6 @@
  *
  */
 
-#ifdef __linux
-#define _GNU_SOURCE
-#endif
-
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/dso.h>
@@ -232,7 +228,7 @@ static void *dlfcn_bind_var(DSO *dso, const char *symname)
 static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname)
         {
         void *ptr;
-        DSO_FUNC_TYPE sym, *tsym = &sym;
+        DSO_FUNC_TYPE sym;
 
         if((dso == NULL) || (symname == NULL))
                 {
@@ -250,7 +246,7 @@ static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname)
                 DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_NULL_HANDLE);
                 return(NULL);
                 }
-        *(void**)(tsym) = dlsym(ptr, symname);
+        sym = (DSO_FUNC_TYPE)dlsym(ptr, symname);
         if(sym == NULL)
                 {
                 DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_SYM_FAILURE);
@@ -285,41 +281,13 @@ static char *dlfcn_name_converter(DSO *dso, const char *filename)
         if(transform)
                 {
                 if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
-                        sprintf(translated, "lib%s.so", filename);
+                        snprintf(translated, rsize, "lib%s.so", filename);
                 else
-                        sprintf(translated, "%s.so", filename);
+                        snprintf(translated, rsize, "%s.so", filename);
                 }
         else
-                sprintf(translated, "%s", filename);
+                snprintf(translated, rsize, "%s", filename);
         return(translated);
         }
 
-#ifdef OPENSSL_FIPS
-static void dlfcn_ref_point(){}
-
-int DSO_pathbyaddr(void *addr,char *path,int sz)
-        {
-        Dl_info dli;
-        int len;
-
-        if (addr == NULL)
-                {
-                union { void(*f)(void); void *p; } t = { dlfcn_ref_point };
-                addr = t.p;
-                }
-
-        if (dladdr(addr,&dli))
-                {
-                len = (int)strlen(dli.dli_fname);
-                if (sz <= 0) return len+1;
-                if (len >= sz) len=sz-1;
-                memcpy(path,dli.dli_fname,len);
-                path[len++]=0;
-                return len;
-                }
-
-        ERR_add_error_data(4, "dlfcn_pathbyaddr(): ", dlerror());
-        return -1;
-        }
-#endif
 #endif /* DSO_DLFCN */
diff --git a/src/lib/libssl/src/crypto/dso/dso_err.c b/src/lib/libssl/src/crypto/dso/dso_err.c
index 581677cc36..cf452de1aa 100644
--- a/src/lib/libssl/src/crypto/dso/dso_err.c
+++ b/src/lib/libssl/src/crypto/dso/dso_err.c
@@ -1,6 +1,6 @@
 /* crypto/dso/dso_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,60 +64,56 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DSO,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSO,0,reason)
-
 static ERR_STRING_DATA DSO_str_functs[]=
         {
-{ERR_FUNC(DSO_F_DLFCN_BIND_FUNC),       "DLFCN_BIND_FUNC"},
-{ERR_FUNC(DSO_F_DLFCN_BIND_VAR),        "DLFCN_BIND_VAR"},
-{ERR_FUNC(DSO_F_DLFCN_LOAD),    "DLFCN_LOAD"},
-{ERR_FUNC(DSO_F_DLFCN_NAME_CONVERTER),  "DLFCN_NAME_CONVERTER"},
-{ERR_FUNC(DSO_F_DLFCN_UNLOAD),  "DLFCN_UNLOAD"},
-{ERR_FUNC(DSO_F_DL_BIND_FUNC),  "DL_BIND_FUNC"},
-{ERR_FUNC(DSO_F_DL_BIND_VAR),   "DL_BIND_VAR"},
-{ERR_FUNC(DSO_F_DL_LOAD),       "DL_LOAD"},
-{ERR_FUNC(DSO_F_DL_NAME_CONVERTER),     "DL_NAME_CONVERTER"},
-{ERR_FUNC(DSO_F_DL_UNLOAD),     "DL_UNLOAD"},
-{ERR_FUNC(DSO_F_DSO_BIND_FUNC), "DSO_bind_func"},
-{ERR_FUNC(DSO_F_DSO_BIND_VAR),  "DSO_bind_var"},
-{ERR_FUNC(DSO_F_DSO_CONVERT_FILENAME),  "DSO_convert_filename"},
-{ERR_FUNC(DSO_F_DSO_CTRL),      "DSO_ctrl"},
-{ERR_FUNC(DSO_F_DSO_FREE),      "DSO_free"},
-{ERR_FUNC(DSO_F_DSO_GET_FILENAME),      "DSO_get_filename"},
-{ERR_FUNC(DSO_F_DSO_GET_LOADED_FILENAME),       "DSO_get_loaded_filename"},
-{ERR_FUNC(DSO_F_DSO_LOAD),      "DSO_load"},
-{ERR_FUNC(DSO_F_DSO_NEW_METHOD),        "DSO_new_method"},
-{ERR_FUNC(DSO_F_DSO_SET_FILENAME),      "DSO_set_filename"},
-{ERR_FUNC(DSO_F_DSO_SET_NAME_CONVERTER),        "DSO_set_name_converter"},
-{ERR_FUNC(DSO_F_DSO_UP_REF),    "DSO_up_ref"},
-{ERR_FUNC(DSO_F_VMS_BIND_VAR),  "VMS_BIND_VAR"},
-{ERR_FUNC(DSO_F_VMS_LOAD),      "VMS_LOAD"},
-{ERR_FUNC(DSO_F_VMS_UNLOAD),    "VMS_UNLOAD"},
-{ERR_FUNC(DSO_F_WIN32_BIND_FUNC),       "WIN32_BIND_FUNC"},
-{ERR_FUNC(DSO_F_WIN32_BIND_VAR),        "WIN32_BIND_VAR"},
-{ERR_FUNC(DSO_F_WIN32_LOAD),    "WIN32_LOAD"},
-{ERR_FUNC(DSO_F_WIN32_NAME_CONVERTER),  "WIN32_NAME_CONVERTER"},
-{ERR_FUNC(DSO_F_WIN32_UNLOAD),  "WIN32_UNLOAD"},
+{ERR_PACK(0,DSO_F_DLFCN_BIND_FUNC,0),   "DLFCN_BIND_FUNC"},
+{ERR_PACK(0,DSO_F_DLFCN_BIND_VAR,0),    "DLFCN_BIND_VAR"},
+{ERR_PACK(0,DSO_F_DLFCN_LOAD,0),        "DLFCN_LOAD"},
+{ERR_PACK(0,DSO_F_DLFCN_NAME_CONVERTER,0),      "DLFCN_NAME_CONVERTER"},
+{ERR_PACK(0,DSO_F_DLFCN_UNLOAD,0),      "DLFCN_UNLOAD"},
+{ERR_PACK(0,DSO_F_DL_BIND_FUNC,0),      "DL_BIND_FUNC"},
+{ERR_PACK(0,DSO_F_DL_BIND_VAR,0),       "DL_BIND_VAR"},
+{ERR_PACK(0,DSO_F_DL_LOAD,0),   "DL_LOAD"},
+{ERR_PACK(0,DSO_F_DL_NAME_CONVERTER,0), "DL_NAME_CONVERTER"},
+{ERR_PACK(0,DSO_F_DL_UNLOAD,0), "DL_UNLOAD"},
+{ERR_PACK(0,DSO_F_DSO_BIND_FUNC,0),     "DSO_bind_func"},
+{ERR_PACK(0,DSO_F_DSO_BIND_VAR,0),      "DSO_bind_var"},
+{ERR_PACK(0,DSO_F_DSO_CONVERT_FILENAME,0),      "DSO_convert_filename"},
+{ERR_PACK(0,DSO_F_DSO_CTRL,0),  "DSO_ctrl"},
+{ERR_PACK(0,DSO_F_DSO_FREE,0),  "DSO_free"},
+{ERR_PACK(0,DSO_F_DSO_GET_FILENAME,0),  "DSO_get_filename"},
+{ERR_PACK(0,DSO_F_DSO_GET_LOADED_FILENAME,0),   "DSO_get_loaded_filename"},
+{ERR_PACK(0,DSO_F_DSO_LOAD,0),  "DSO_load"},
+{ERR_PACK(0,DSO_F_DSO_NEW_METHOD,0),    "DSO_new_method"},
+{ERR_PACK(0,DSO_F_DSO_SET_FILENAME,0),  "DSO_set_filename"},
+{ERR_PACK(0,DSO_F_DSO_SET_NAME_CONVERTER,0),    "DSO_set_name_converter"},
+{ERR_PACK(0,DSO_F_DSO_UP_REF,0),        "DSO_up_ref"},
+{ERR_PACK(0,DSO_F_VMS_BIND_VAR,0),      "VMS_BIND_VAR"},
+{ERR_PACK(0,DSO_F_VMS_LOAD,0),  "VMS_LOAD"},
+{ERR_PACK(0,DSO_F_VMS_UNLOAD,0),        "VMS_UNLOAD"},
+{ERR_PACK(0,DSO_F_WIN32_BIND_FUNC,0),   "WIN32_BIND_FUNC"},
+{ERR_PACK(0,DSO_F_WIN32_BIND_VAR,0),    "WIN32_BIND_VAR"},
+{ERR_PACK(0,DSO_F_WIN32_LOAD,0),        "WIN32_LOAD"},
+{ERR_PACK(0,DSO_F_WIN32_NAME_CONVERTER,0),      "WIN32_NAME_CONVERTER"},
+{ERR_PACK(0,DSO_F_WIN32_UNLOAD,0),      "WIN32_UNLOAD"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA DSO_str_reasons[]=
         {
-{ERR_REASON(DSO_R_CTRL_FAILED)           ,"control command failed"},
-{ERR_REASON(DSO_R_DSO_ALREADY_LOADED)    ,"dso already loaded"},
-{ERR_REASON(DSO_R_FILENAME_TOO_BIG)      ,"filename too big"},
-{ERR_REASON(DSO_R_FINISH_FAILED)         ,"cleanup method function failed"},
-{ERR_REASON(DSO_R_LOAD_FAILED)           ,"could not load the shared library"},
-{ERR_REASON(DSO_R_NAME_TRANSLATION_FAILED),"name translation failed"},
-{ERR_REASON(DSO_R_NO_FILENAME)           ,"no filename"},
-{ERR_REASON(DSO_R_NULL_HANDLE)           ,"a null shared library handle was used"},
-{ERR_REASON(DSO_R_SET_FILENAME_FAILED)   ,"set filename failed"},
-{ERR_REASON(DSO_R_STACK_ERROR)           ,"the meth_data stack is corrupt"},
-{ERR_REASON(DSO_R_SYM_FAILURE)           ,"could not bind to the requested symbol name"},
-{ERR_REASON(DSO_R_UNLOAD_FAILED)         ,"could not unload the shared library"},
-{ERR_REASON(DSO_R_UNSUPPORTED)           ,"functionality not supported"},
+{DSO_R_CTRL_FAILED                       ,"control command failed"},
+{DSO_R_DSO_ALREADY_LOADED                ,"dso already loaded"},
+{DSO_R_FILENAME_TOO_BIG                  ,"filename too big"},
+{DSO_R_FINISH_FAILED                     ,"cleanup method function failed"},
+{DSO_R_LOAD_FAILED                       ,"could not load the shared library"},
+{DSO_R_NAME_TRANSLATION_FAILED           ,"name translation failed"},
+{DSO_R_NO_FILENAME                       ,"no filename"},
+{DSO_R_NULL_HANDLE                       ,"a null shared library handle was used"},
+{DSO_R_SET_FILENAME_FAILED               ,"set filename failed"},
+{DSO_R_STACK_ERROR                       ,"the meth_data stack is corrupt"},
+{DSO_R_SYM_FAILURE                       ,"could not bind to the requested symbol name"},
+{DSO_R_UNLOAD_FAILED                     ,"could not unload the shared library"},
+{DSO_R_UNSUPPORTED                       ,"functionality not supported"},
 {0,NULL}
         };
 
@@ -131,8 +127,8 @@ void ERR_load_DSO_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,DSO_str_functs);
-                ERR_load_strings(0,DSO_str_reasons);
+                ERR_load_strings(ERR_LIB_DSO,DSO_str_functs);
+                ERR_load_strings(ERR_LIB_DSO,DSO_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/crypto/dso/dso_win32.c b/src/lib/libssl/src/crypto/dso/dso_win32.c
index cc4ac68696..3fa90eb27c 100644
--- a/src/lib/libssl/src/crypto/dso/dso_win32.c
+++ b/src/lib/libssl/src/crypto/dso/dso_win32.c
@@ -68,25 +68,6 @@ DSO_METHOD *DSO_METHOD_win32(void)
         }
 #else
 
-#ifdef _WIN32_WCE
-# if _WIN32_WCE < 300
-static FARPROC GetProcAddressA(HMODULE hModule,LPCSTR lpProcName)
-        {
-        WCHAR lpProcNameW[64];
-        int i;
-
-        for (i=0;lpProcName[i] && i<64;i++)
-                lpProcNameW[i] = (WCHAR)lpProcName[i];
-        if (i==64) return NULL;
-        lpProcNameW[i] = 0;
-
-        return GetProcAddressW(hModule,lpProcNameW);
-        }
-# endif
-# undef GetProcAddress
-# define GetProcAddress GetProcAddressA
-#endif
-
 /* Part of the hack in "win32_load" ... */
 #define DSO_MAX_TRANSLATED_SIZE 256
 
@@ -141,7 +122,7 @@ static int win32_load(DSO *dso)
                 DSOerr(DSO_F_WIN32_LOAD,DSO_R_NO_FILENAME);
                 goto err;
                 }
-        h = LoadLibraryA(filename);
+        h = LoadLibrary(filename);
         if(h == NULL)
                 {
                 DSOerr(DSO_F_WIN32_LOAD,DSO_R_LOAD_FAILED);
diff --git a/src/lib/libssl/src/crypto/ec/Makefile.ssl b/src/lib/libssl/src/crypto/ec/Makefile.ssl
new file mode 100644
index 0000000000..a2805c47a2
--- /dev/null
+++ b/src/lib/libssl/src/crypto/ec/Makefile.ssl
@@ -0,0 +1,128 @@
+#
+# crypto/ec/Makefile
+#
+
+DIR=    ec
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=ectest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= ec_lib.c ecp_smpl.c ecp_mont.c ecp_recp.c ecp_nist.c ec_cvt.c ec_mult.c \
+        ec_err.c
+
+LIBOBJ= ec_lib.o ecp_smpl.o ecp_mont.o ecp_recp.o ecp_nist.o ec_cvt.o ec_mult.o \
+        ec_err.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= ec.h
+HEADER= ec_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ec_cvt.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h
+ec_cvt.o: ../../include/openssl/ec.h ../../include/openssl/opensslconf.h
+ec_cvt.o: ../../include/openssl/symhacks.h ec_cvt.c ec_lcl.h
+ec_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ec_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ec_err.o: ../../include/openssl/ec.h ../../include/openssl/err.h
+ec_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ec_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ec_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ec_err.o: ec_err.c
+ec_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ec_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ec_lib.o: ../../include/openssl/ec.h ../../include/openssl/err.h
+ec_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ec_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ec_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ec_lib.o: ec_lcl.h ec_lib.c
+ec_mult.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ec_mult.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ec_mult.o: ../../include/openssl/ec.h ../../include/openssl/err.h
+ec_mult.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ec_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ec_mult.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ec_mult.o: ec_lcl.h ec_mult.c
+ecp_mont.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ecp_mont.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ecp_mont.o: ../../include/openssl/ec.h ../../include/openssl/err.h
+ecp_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ecp_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ecp_mont.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ecp_mont.o: ec_lcl.h ecp_mont.c
+ecp_nist.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h
+ecp_nist.o: ../../include/openssl/ec.h ../../include/openssl/opensslconf.h
+ecp_nist.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_nist.c
+ecp_recp.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h
+ecp_recp.o: ../../include/openssl/ec.h ../../include/openssl/opensslconf.h
+ecp_recp.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_recp.c
+ecp_smpl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ecp_smpl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ecp_smpl.o: ../../include/openssl/ec.h ../../include/openssl/err.h
+ecp_smpl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ecp_smpl.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ecp_smpl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ecp_smpl.o: ec_lcl.h ecp_smpl.c
diff --git a/src/lib/libssl/src/crypto/ec/ec_err.c b/src/lib/libssl/src/crypto/ec/ec_err.c
index 5b70f94382..d37b6aba87 100644
--- a/src/lib/libssl/src/crypto/ec/ec_err.c
+++ b/src/lib/libssl/src/crypto/ec/ec_err.c
@@ -1,6 +1,6 @@
 /* crypto/ec/ec_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,74 +64,70 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_EC,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_EC,0,reason)
-
 static ERR_STRING_DATA EC_str_functs[]=
         {
-{ERR_FUNC(EC_F_COMPUTE_WNAF),   "COMPUTE_WNAF"},
-{ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_DECODE),       "ec_GFp_mont_field_decode"},
-{ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_ENCODE),       "ec_GFp_mont_field_encode"},
-{ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_MUL),  "ec_GFp_mont_field_mul"},
-{ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_SQR),  "ec_GFp_mont_field_sqr"},
-{ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP),      "ec_GFp_simple_group_set_curve_GFp"},
-{ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR),      "ec_GFp_simple_group_set_generator"},
-{ERR_FUNC(EC_F_EC_GFP_SIMPLE_MAKE_AFFINE),      "ec_GFp_simple_make_affine"},
-{ERR_FUNC(EC_F_EC_GFP_SIMPLE_OCT2POINT),        "ec_GFp_simple_oct2point"},
-{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT2OCT),        "ec_GFp_simple_point2oct"},
-{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE),       "ec_GFp_simple_points_make_affine"},
-{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP), "ec_GFp_simple_point_get_affine_coordinates_GFp"},
-{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP), "ec_GFp_simple_point_set_affine_coordinates_GFp"},
-{ERR_FUNC(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP),   "ec_GFp_simple_set_compressed_coordinates_GFp"},
-{ERR_FUNC(EC_F_EC_GROUP_COPY),  "EC_GROUP_copy"},
-{ERR_FUNC(EC_F_EC_GROUP_GET0_GENERATOR),        "EC_GROUP_get0_generator"},
-{ERR_FUNC(EC_F_EC_GROUP_GET_COFACTOR),  "EC_GROUP_get_cofactor"},
-{ERR_FUNC(EC_F_EC_GROUP_GET_CURVE_GFP), "EC_GROUP_get_curve_GFp"},
-{ERR_FUNC(EC_F_EC_GROUP_GET_ORDER),     "EC_GROUP_get_order"},
-{ERR_FUNC(EC_F_EC_GROUP_NEW),   "EC_GROUP_new"},
-{ERR_FUNC(EC_F_EC_GROUP_PRECOMPUTE_MULT),       "EC_GROUP_precompute_mult"},
-{ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GFP), "EC_GROUP_set_curve_GFp"},
-{ERR_FUNC(EC_F_EC_GROUP_SET_EXTRA_DATA),        "EC_GROUP_set_extra_data"},
-{ERR_FUNC(EC_F_EC_GROUP_SET_GENERATOR), "EC_GROUP_set_generator"},
-{ERR_FUNC(EC_F_EC_POINTS_MAKE_AFFINE),  "EC_POINTs_make_affine"},
-{ERR_FUNC(EC_F_EC_POINTS_MUL),  "EC_POINTs_mul"},
-{ERR_FUNC(EC_F_EC_POINT_ADD),   "EC_POINT_add"},
-{ERR_FUNC(EC_F_EC_POINT_CMP),   "EC_POINT_cmp"},
-{ERR_FUNC(EC_F_EC_POINT_COPY),  "EC_POINT_copy"},
-{ERR_FUNC(EC_F_EC_POINT_DBL),   "EC_POINT_dbl"},
-{ERR_FUNC(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP),    "EC_POINT_get_affine_coordinates_GFp"},
-{ERR_FUNC(EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP),       "EC_POINT_get_Jprojective_coordinates_GFp"},
-{ERR_FUNC(EC_F_EC_POINT_IS_AT_INFINITY),        "EC_POINT_is_at_infinity"},
-{ERR_FUNC(EC_F_EC_POINT_IS_ON_CURVE),   "EC_POINT_is_on_curve"},
-{ERR_FUNC(EC_F_EC_POINT_MAKE_AFFINE),   "EC_POINT_make_affine"},
-{ERR_FUNC(EC_F_EC_POINT_NEW),   "EC_POINT_new"},
-{ERR_FUNC(EC_F_EC_POINT_OCT2POINT),     "EC_POINT_oct2point"},
-{ERR_FUNC(EC_F_EC_POINT_POINT2OCT),     "EC_POINT_point2oct"},
-{ERR_FUNC(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP),    "EC_POINT_set_affine_coordinates_GFp"},
-{ERR_FUNC(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP),        "EC_POINT_set_compressed_coordinates_GFp"},
-{ERR_FUNC(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP),       "EC_POINT_set_Jprojective_coordinates_GFp"},
-{ERR_FUNC(EC_F_EC_POINT_SET_TO_INFINITY),       "EC_POINT_set_to_infinity"},
-{ERR_FUNC(EC_F_GFP_MONT_GROUP_SET_CURVE_GFP),   "GFP_MONT_GROUP_SET_CURVE_GFP"},
+{ERR_PACK(0,EC_F_COMPUTE_WNAF,0),       "COMPUTE_WNAF"},
+{ERR_PACK(0,EC_F_EC_GFP_MONT_FIELD_DECODE,0),   "ec_GFp_mont_field_decode"},
+{ERR_PACK(0,EC_F_EC_GFP_MONT_FIELD_ENCODE,0),   "ec_GFp_mont_field_encode"},
+{ERR_PACK(0,EC_F_EC_GFP_MONT_FIELD_MUL,0),      "ec_GFp_mont_field_mul"},
+{ERR_PACK(0,EC_F_EC_GFP_MONT_FIELD_SQR,0),      "ec_GFp_mont_field_sqr"},
+{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP,0),  "ec_GFp_simple_group_set_curve_GFp"},
+{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR,0),  "ec_GFp_simple_group_set_generator"},
+{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_MAKE_AFFINE,0),  "ec_GFp_simple_make_affine"},
+{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_OCT2POINT,0),    "ec_GFp_simple_oct2point"},
+{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_POINT2OCT,0),    "ec_GFp_simple_point2oct"},
+{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE,0),   "ec_GFp_simple_points_make_affine"},
+{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP,0),     "ec_GFp_simple_point_get_affine_coordinates_GFp"},
+{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP,0),     "ec_GFp_simple_point_set_affine_coordinates_GFp"},
+{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP,0),       "ec_GFp_simple_set_compressed_coordinates_GFp"},
+{ERR_PACK(0,EC_F_EC_GROUP_COPY,0),      "EC_GROUP_copy"},
+{ERR_PACK(0,EC_F_EC_GROUP_GET0_GENERATOR,0),    "EC_GROUP_get0_generator"},
+{ERR_PACK(0,EC_F_EC_GROUP_GET_COFACTOR,0),      "EC_GROUP_get_cofactor"},
+{ERR_PACK(0,EC_F_EC_GROUP_GET_CURVE_GFP,0),     "EC_GROUP_get_curve_GFp"},
+{ERR_PACK(0,EC_F_EC_GROUP_GET_ORDER,0), "EC_GROUP_get_order"},
+{ERR_PACK(0,EC_F_EC_GROUP_NEW,0),       "EC_GROUP_new"},
+{ERR_PACK(0,EC_F_EC_GROUP_PRECOMPUTE_MULT,0),   "EC_GROUP_precompute_mult"},
+{ERR_PACK(0,EC_F_EC_GROUP_SET_CURVE_GFP,0),     "EC_GROUP_set_curve_GFp"},
+{ERR_PACK(0,EC_F_EC_GROUP_SET_EXTRA_DATA,0),    "EC_GROUP_set_extra_data"},
+{ERR_PACK(0,EC_F_EC_GROUP_SET_GENERATOR,0),     "EC_GROUP_set_generator"},
+{ERR_PACK(0,EC_F_EC_POINTS_MAKE_AFFINE,0),      "EC_POINTs_make_affine"},
+{ERR_PACK(0,EC_F_EC_POINTS_MUL,0),      "EC_POINTs_mul"},
+{ERR_PACK(0,EC_F_EC_POINT_ADD,0),       "EC_POINT_add"},
+{ERR_PACK(0,EC_F_EC_POINT_CMP,0),       "EC_POINT_cmp"},
+{ERR_PACK(0,EC_F_EC_POINT_COPY,0),      "EC_POINT_copy"},
+{ERR_PACK(0,EC_F_EC_POINT_DBL,0),       "EC_POINT_dbl"},
+{ERR_PACK(0,EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP,0),        "EC_POINT_get_affine_coordinates_GFp"},
+{ERR_PACK(0,EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP,0),   "EC_POINT_get_Jprojective_coordinates_GFp"},
+{ERR_PACK(0,EC_F_EC_POINT_IS_AT_INFINITY,0),    "EC_POINT_is_at_infinity"},
+{ERR_PACK(0,EC_F_EC_POINT_IS_ON_CURVE,0),       "EC_POINT_is_on_curve"},
+{ERR_PACK(0,EC_F_EC_POINT_MAKE_AFFINE,0),       "EC_POINT_make_affine"},
+{ERR_PACK(0,EC_F_EC_POINT_NEW,0),       "EC_POINT_new"},
+{ERR_PACK(0,EC_F_EC_POINT_OCT2POINT,0), "EC_POINT_oct2point"},
+{ERR_PACK(0,EC_F_EC_POINT_POINT2OCT,0), "EC_POINT_point2oct"},
+{ERR_PACK(0,EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP,0),        "EC_POINT_set_affine_coordinates_GFp"},
+{ERR_PACK(0,EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP,0),    "EC_POINT_set_compressed_coordinates_GFp"},
+{ERR_PACK(0,EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP,0),   "EC_POINT_set_Jprojective_coordinates_GFp"},
+{ERR_PACK(0,EC_F_EC_POINT_SET_TO_INFINITY,0),   "EC_POINT_set_to_infinity"},
+{ERR_PACK(0,EC_F_GFP_MONT_GROUP_SET_CURVE_GFP,0),       "GFP_MONT_GROUP_SET_CURVE_GFP"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA EC_str_reasons[]=
         {
-{ERR_REASON(EC_R_BUFFER_TOO_SMALL)       ,"buffer too small"},
-{ERR_REASON(EC_R_INCOMPATIBLE_OBJECTS)   ,"incompatible objects"},
-{ERR_REASON(EC_R_INVALID_ARGUMENT)       ,"invalid argument"},
-{ERR_REASON(EC_R_INVALID_COMPRESSED_POINT),"invalid compressed point"},
-{ERR_REASON(EC_R_INVALID_COMPRESSION_BIT),"invalid compression bit"},
-{ERR_REASON(EC_R_INVALID_ENCODING)       ,"invalid encoding"},
-{ERR_REASON(EC_R_INVALID_FIELD)          ,"invalid field"},
-{ERR_REASON(EC_R_INVALID_FORM)           ,"invalid form"},
-{ERR_REASON(EC_R_NOT_INITIALIZED)        ,"not initialized"},
-{ERR_REASON(EC_R_POINT_AT_INFINITY)      ,"point at infinity"},
-{ERR_REASON(EC_R_POINT_IS_NOT_ON_CURVE)  ,"point is not on curve"},
-{ERR_REASON(EC_R_SLOT_FULL)              ,"slot full"},
-{ERR_REASON(EC_R_UNDEFINED_GENERATOR)    ,"undefined generator"},
-{ERR_REASON(EC_R_UNKNOWN_ORDER)          ,"unknown order"},
+{EC_R_BUFFER_TOO_SMALL                   ,"buffer too small"},
+{EC_R_INCOMPATIBLE_OBJECTS               ,"incompatible objects"},
+{EC_R_INVALID_ARGUMENT                   ,"invalid argument"},
+{EC_R_INVALID_COMPRESSED_POINT           ,"invalid compressed point"},
+{EC_R_INVALID_COMPRESSION_BIT            ,"invalid compression bit"},
+{EC_R_INVALID_ENCODING                   ,"invalid encoding"},
+{EC_R_INVALID_FIELD                      ,"invalid field"},
+{EC_R_INVALID_FORM                       ,"invalid form"},
+{EC_R_NOT_INITIALIZED                    ,"not initialized"},
+{EC_R_POINT_AT_INFINITY                  ,"point at infinity"},
+{EC_R_POINT_IS_NOT_ON_CURVE              ,"point is not on curve"},
+{EC_R_SLOT_FULL                          ,"slot full"},
+{EC_R_UNDEFINED_GENERATOR                ,"undefined generator"},
+{EC_R_UNKNOWN_ORDER                      ,"unknown order"},
 {0,NULL}
         };
 
@@ -145,8 +141,8 @@ void ERR_load_EC_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,EC_str_functs);
-                ERR_load_strings(0,EC_str_reasons);
+                ERR_load_strings(ERR_LIB_EC,EC_str_functs);
+                ERR_load_strings(ERR_LIB_EC,EC_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/crypto/ec/ectest.c b/src/lib/libssl/src/crypto/ec/ectest.c
index 345d3e4289..fcf969f3cf 100644
--- a/src/lib/libssl/src/crypto/ec/ectest.c
+++ b/src/lib/libssl/src/crypto/ec/ectest.c
@@ -197,7 +197,7 @@ int main(int argc, char *argv[])
                 EC_GROUP *tmp;
                 tmp = EC_GROUP_new(EC_GROUP_method_of(group));
                 if (!tmp) ABORT;
-                if (!EC_GROUP_copy(tmp, group));
+                if (!EC_GROUP_copy(tmp, group)) ABORT;
                 EC_GROUP_free(group);
                 group = tmp;
         }
diff --git a/src/lib/libssl/src/crypto/engine/Makefile.ssl b/src/lib/libssl/src/crypto/engine/Makefile.ssl
new file mode 100644
index 0000000000..30a4446ff9
--- /dev/null
+++ b/src/lib/libssl/src/crypto/engine/Makefile.ssl
@@ -0,0 +1,538 @@
+#
+# OpenSSL/crypto/engine/Makefile
+#
+
+DIR=    engine
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST= enginetest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \
+        eng_table.c eng_pkey.c eng_fat.c eng_all.c \
+        tb_rsa.c tb_dsa.c tb_dh.c tb_rand.c tb_cipher.c tb_digest.c \
+        eng_openssl.c eng_dyn.c eng_cnf.c \
+        hw_atalla.c hw_cswift.c hw_ncipher.c hw_nuron.c hw_ubsec.c \
+        hw_cryptodev.c hw_aep.c hw_sureware.c hw_4758_cca.c
+LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \
+        eng_table.o eng_pkey.o eng_fat.o eng_all.o \
+        tb_rsa.o tb_dsa.o tb_dh.o tb_rand.o tb_cipher.o tb_digest.o \
+        eng_openssl.o eng_dyn.o eng_cnf.o \
+        hw_atalla.o hw_cswift.o hw_ncipher.o hw_nuron.o hw_ubsec.o \
+        hw_cryptodev.o hw_aep.o hw_sureware.o hw_4758_cca.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= engine.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+errors:
+        $(PERL) $(TOP)/util/mkerr.pl -conf hw.ec \
+                -nostatic -staticloader -write hw_*.c
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+eng_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+eng_all.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+eng_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+eng_all.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
+eng_all.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+eng_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+eng_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+eng_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+eng_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_all.o: ../../include/openssl/ui.h eng_all.c eng_int.h
+eng_cnf.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_cnf.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+eng_cnf.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+eng_cnf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+eng_cnf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+eng_cnf.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_cnf.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+eng_cnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_cnf.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+eng_cnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+eng_cnf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+eng_cnf.o: ../cryptlib.h eng_cnf.c
+eng_ctrl.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_ctrl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+eng_ctrl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+eng_ctrl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+eng_ctrl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
+eng_ctrl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+eng_ctrl.o: ../../include/openssl/opensslconf.h
+eng_ctrl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_ctrl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+eng_ctrl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+eng_ctrl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+eng_ctrl.o: ../cryptlib.h eng_ctrl.c eng_int.h
+eng_dyn.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_dyn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+eng_dyn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+eng_dyn.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+eng_dyn.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+eng_dyn.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_dyn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+eng_dyn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_dyn.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+eng_dyn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+eng_dyn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+eng_dyn.o: ../cryptlib.h eng_dyn.c eng_int.h
+eng_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+eng_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+eng_err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+eng_err.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
+eng_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+eng_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+eng_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+eng_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+eng_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_err.o: ../../include/openssl/ui.h eng_err.c
+eng_fat.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_fat.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+eng_fat.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+eng_fat.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+eng_fat.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+eng_fat.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_fat.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+eng_fat.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_fat.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+eng_fat.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+eng_fat.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+eng_fat.o: ../cryptlib.h eng_fat.c eng_int.h
+eng_init.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_init.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+eng_init.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+eng_init.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+eng_init.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
+eng_init.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+eng_init.o: ../../include/openssl/opensslconf.h
+eng_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_init.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+eng_init.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+eng_init.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+eng_init.o: ../cryptlib.h eng_init.c eng_int.h
+eng_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+eng_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+eng_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+eng_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
+eng_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+eng_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+eng_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+eng_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+eng_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_lib.o: ../../include/openssl/ui.h ../cryptlib.h eng_int.h eng_lib.c
+eng_list.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_list.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+eng_list.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+eng_list.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+eng_list.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
+eng_list.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+eng_list.o: ../../include/openssl/opensslconf.h
+eng_list.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_list.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+eng_list.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+eng_list.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+eng_list.o: ../cryptlib.h eng_int.h eng_list.c
+eng_openssl.o: ../../e_os.h ../../include/openssl/aes.h
+eng_openssl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+eng_openssl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+eng_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+eng_openssl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+eng_openssl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+eng_openssl.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
+eng_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
+eng_openssl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eng_openssl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+eng_openssl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+eng_openssl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+eng_openssl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_openssl.o: ../../include/openssl/opensslconf.h
+eng_openssl.o: ../../include/openssl/opensslv.h
+eng_openssl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+eng_openssl.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+eng_openssl.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+eng_openssl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+eng_openssl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+eng_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_openssl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_openssl.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+eng_openssl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_openssl.o: ../cryptlib.h eng_openssl.c
+eng_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+eng_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+eng_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+eng_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
+eng_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+eng_pkey.o: ../../include/openssl/opensslconf.h
+eng_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_pkey.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+eng_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+eng_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+eng_pkey.o: ../cryptlib.h eng_int.h eng_pkey.c
+eng_table.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+eng_table.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+eng_table.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
+eng_table.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+eng_table.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+eng_table.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+eng_table.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_table.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+eng_table.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+eng_table.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+eng_table.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+eng_table.o: ../../include/openssl/objects.h
+eng_table.o: ../../include/openssl/opensslconf.h
+eng_table.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_table.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+eng_table.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+eng_table.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+eng_table.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_table.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_table.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+eng_table.o: eng_int.h eng_table.c
+hw_4758_cca.o: ../../e_os.h ../../include/openssl/aes.h
+hw_4758_cca.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+hw_4758_cca.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+hw_4758_cca.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+hw_4758_cca.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+hw_4758_cca.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+hw_4758_cca.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
+hw_4758_cca.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
+hw_4758_cca.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+hw_4758_cca.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+hw_4758_cca.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+hw_4758_cca.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+hw_4758_cca.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+hw_4758_cca.o: ../../include/openssl/opensslconf.h
+hw_4758_cca.o: ../../include/openssl/opensslv.h
+hw_4758_cca.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+hw_4758_cca.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+hw_4758_cca.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+hw_4758_cca.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+hw_4758_cca.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+hw_4758_cca.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+hw_4758_cca.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+hw_4758_cca.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+hw_4758_cca.o: ../cryptlib.h hw_4758_cca.c hw_4758_cca_err.c hw_4758_cca_err.h
+hw_4758_cca.o: vendor_defns/hw_4758_cca.h
+hw_aep.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+hw_aep.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+hw_aep.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+hw_aep.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
+hw_aep.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
+hw_aep.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+hw_aep.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+hw_aep.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+hw_aep.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+hw_aep.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+hw_aep.o: ../../include/openssl/ui.h hw_aep.c hw_aep_err.c hw_aep_err.h
+hw_aep.o: vendor_defns/aep.h
+hw_atalla.o: ../../e_os.h ../../include/openssl/asn1.h
+hw_atalla.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+hw_atalla.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+hw_atalla.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+hw_atalla.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+hw_atalla.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+hw_atalla.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+hw_atalla.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+hw_atalla.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+hw_atalla.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+hw_atalla.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+hw_atalla.o: ../cryptlib.h hw_atalla.c hw_atalla_err.c hw_atalla_err.h
+hw_atalla.o: vendor_defns/atalla.h
+hw_cryptodev.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+hw_cryptodev.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+hw_cryptodev.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
+hw_cryptodev.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+hw_cryptodev.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+hw_cryptodev.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+hw_cryptodev.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+hw_cryptodev.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+hw_cryptodev.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+hw_cryptodev.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+hw_cryptodev.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+hw_cryptodev.o: ../../include/openssl/objects.h
+hw_cryptodev.o: ../../include/openssl/opensslconf.h
+hw_cryptodev.o: ../../include/openssl/opensslv.h
+hw_cryptodev.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+hw_cryptodev.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+hw_cryptodev.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+hw_cryptodev.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+hw_cryptodev.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+hw_cryptodev.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+hw_cryptodev.o: ../../include/openssl/ui_compat.h hw_cryptodev.c
+hw_cswift.o: ../../e_os.h ../../include/openssl/asn1.h
+hw_cswift.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+hw_cswift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+hw_cswift.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+hw_cswift.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+hw_cswift.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+hw_cswift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+hw_cswift.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+hw_cswift.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+hw_cswift.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+hw_cswift.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+hw_cswift.o: ../cryptlib.h hw_cswift.c hw_cswift_err.c hw_cswift_err.h
+hw_cswift.o: vendor_defns/cswift.h
+hw_ncipher.o: ../../e_os.h ../../include/openssl/aes.h
+hw_ncipher.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+hw_ncipher.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+hw_ncipher.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+hw_ncipher.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+hw_ncipher.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+hw_ncipher.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
+hw_ncipher.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
+hw_ncipher.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+hw_ncipher.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+hw_ncipher.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+hw_ncipher.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+hw_ncipher.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+hw_ncipher.o: ../../include/openssl/opensslconf.h
+hw_ncipher.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+hw_ncipher.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+hw_ncipher.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+hw_ncipher.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+hw_ncipher.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+hw_ncipher.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+hw_ncipher.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+hw_ncipher.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+hw_ncipher.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+hw_ncipher.o: ../../include/openssl/x509_vfy.h ../cryptlib.h hw_ncipher.c
+hw_ncipher.o: hw_ncipher_err.c hw_ncipher_err.h vendor_defns/hwcryptohook.h
+hw_nuron.o: ../../e_os.h ../../include/openssl/asn1.h
+hw_nuron.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+hw_nuron.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+hw_nuron.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+hw_nuron.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+hw_nuron.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+hw_nuron.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+hw_nuron.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+hw_nuron.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+hw_nuron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+hw_nuron.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+hw_nuron.o: ../cryptlib.h hw_nuron.c hw_nuron_err.c hw_nuron_err.h
+hw_sureware.o: ../../e_os.h ../../include/openssl/aes.h
+hw_sureware.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+hw_sureware.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+hw_sureware.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+hw_sureware.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+hw_sureware.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+hw_sureware.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
+hw_sureware.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
+hw_sureware.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+hw_sureware.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+hw_sureware.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+hw_sureware.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+hw_sureware.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+hw_sureware.o: ../../include/openssl/opensslconf.h
+hw_sureware.o: ../../include/openssl/opensslv.h
+hw_sureware.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+hw_sureware.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+hw_sureware.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+hw_sureware.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+hw_sureware.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+hw_sureware.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+hw_sureware.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+hw_sureware.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+hw_sureware.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+hw_sureware.o: ../cryptlib.h eng_int.h engine.h hw_sureware.c hw_sureware_err.c
+hw_sureware.o: hw_sureware_err.h vendor_defns/sureware.h
+hw_ubsec.o: ../../e_os.h ../../include/openssl/asn1.h
+hw_ubsec.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+hw_ubsec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+hw_ubsec.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+hw_ubsec.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+hw_ubsec.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+hw_ubsec.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+hw_ubsec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+hw_ubsec.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+hw_ubsec.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+hw_ubsec.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+hw_ubsec.o: ../cryptlib.h hw_ubsec.c hw_ubsec_err.c hw_ubsec_err.h
+hw_ubsec.o: vendor_defns/hw_ubsec.h
+tb_cipher.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+tb_cipher.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+tb_cipher.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
+tb_cipher.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+tb_cipher.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+tb_cipher.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+tb_cipher.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+tb_cipher.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+tb_cipher.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+tb_cipher.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+tb_cipher.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+tb_cipher.o: ../../include/openssl/objects.h
+tb_cipher.o: ../../include/openssl/opensslconf.h
+tb_cipher.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_cipher.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+tb_cipher.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+tb_cipher.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+tb_cipher.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+tb_cipher.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tb_cipher.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+tb_cipher.o: eng_int.h tb_cipher.c
+tb_dh.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+tb_dh.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+tb_dh.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
+tb_dh.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+tb_dh.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+tb_dh.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+tb_dh.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+tb_dh.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+tb_dh.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+tb_dh.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+tb_dh.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+tb_dh.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tb_dh.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_dh.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+tb_dh.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+tb_dh.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+tb_dh.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+tb_dh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tb_dh.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h eng_int.h
+tb_dh.o: tb_dh.c
+tb_digest.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+tb_digest.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+tb_digest.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
+tb_digest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+tb_digest.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+tb_digest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+tb_digest.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+tb_digest.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+tb_digest.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+tb_digest.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+tb_digest.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+tb_digest.o: ../../include/openssl/objects.h
+tb_digest.o: ../../include/openssl/opensslconf.h
+tb_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_digest.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+tb_digest.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+tb_digest.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+tb_digest.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+tb_digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tb_digest.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+tb_digest.o: eng_int.h tb_digest.c
+tb_dsa.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+tb_dsa.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+tb_dsa.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
+tb_dsa.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+tb_dsa.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+tb_dsa.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+tb_dsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+tb_dsa.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+tb_dsa.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+tb_dsa.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+tb_dsa.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+tb_dsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tb_dsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_dsa.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+tb_dsa.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+tb_dsa.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+tb_dsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+tb_dsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tb_dsa.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+tb_dsa.o: eng_int.h tb_dsa.c
+tb_rand.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+tb_rand.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+tb_rand.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
+tb_rand.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+tb_rand.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+tb_rand.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+tb_rand.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+tb_rand.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+tb_rand.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+tb_rand.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+tb_rand.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+tb_rand.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tb_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_rand.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+tb_rand.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+tb_rand.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+tb_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+tb_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tb_rand.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+tb_rand.o: eng_int.h tb_rand.c
+tb_rsa.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+tb_rsa.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+tb_rsa.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
+tb_rsa.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+tb_rsa.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+tb_rsa.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+tb_rsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+tb_rsa.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+tb_rsa.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+tb_rsa.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+tb_rsa.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+tb_rsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tb_rsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_rsa.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+tb_rsa.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+tb_rsa.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+tb_rsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+tb_rsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tb_rsa.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+tb_rsa.o: eng_int.h tb_rsa.c
diff --git a/src/lib/libssl/src/crypto/engine/eng_cnf.c b/src/lib/libssl/src/crypto/engine/eng_cnf.c
index 4225760af1..cdf670901a 100644
--- a/src/lib/libssl/src/crypto/engine/eng_cnf.c
+++ b/src/lib/libssl/src/crypto/engine/eng_cnf.c
@@ -158,7 +158,7 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf)
                          */
                         if (!strcmp(ctrlvalue, "EMPTY"))
                                 ctrlvalue = NULL;
-                        if (!strcmp(ctrlname, "init"))
+                        else if (!strcmp(ctrlname, "init"))
                                 {
                                 if (!NCONF_get_number_e(cnf, value, "init", &do_init))
                                         goto err;
diff --git a/src/lib/libssl/src/crypto/engine/eng_err.c b/src/lib/libssl/src/crypto/engine/eng_err.c
index fdc0e7be0f..814d95ee32 100644
--- a/src/lib/libssl/src/crypto/engine/eng_err.c
+++ b/src/lib/libssl/src/crypto/engine/eng_err.c
@@ -1,6 +1,6 @@
 /* crypto/engine/eng_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,91 +64,87 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ENGINE,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ENGINE,0,reason)
-
 static ERR_STRING_DATA ENGINE_str_functs[]=
         {
-{ERR_FUNC(ENGINE_F_DYNAMIC_CTRL),       "DYNAMIC_CTRL"},
-{ERR_FUNC(ENGINE_F_DYNAMIC_GET_DATA_CTX),       "DYNAMIC_GET_DATA_CTX"},
-{ERR_FUNC(ENGINE_F_DYNAMIC_LOAD),       "DYNAMIC_LOAD"},
-{ERR_FUNC(ENGINE_F_ENGINE_ADD), "ENGINE_add"},
-{ERR_FUNC(ENGINE_F_ENGINE_BY_ID),       "ENGINE_by_id"},
-{ERR_FUNC(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE),   "ENGINE_cmd_is_executable"},
-{ERR_FUNC(ENGINE_F_ENGINE_CTRL),        "ENGINE_ctrl"},
-{ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD),    "ENGINE_ctrl_cmd"},
-{ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD_STRING),     "ENGINE_ctrl_cmd_string"},
-{ERR_FUNC(ENGINE_F_ENGINE_FINISH),      "ENGINE_finish"},
-{ERR_FUNC(ENGINE_F_ENGINE_FREE),        "ENGINE_free"},
-{ERR_FUNC(ENGINE_F_ENGINE_GET_CIPHER),  "ENGINE_get_cipher"},
-{ERR_FUNC(ENGINE_F_ENGINE_GET_DEFAULT_TYPE),    "ENGINE_GET_DEFAULT_TYPE"},
-{ERR_FUNC(ENGINE_F_ENGINE_GET_DIGEST),  "ENGINE_get_digest"},
-{ERR_FUNC(ENGINE_F_ENGINE_GET_NEXT),    "ENGINE_get_next"},
-{ERR_FUNC(ENGINE_F_ENGINE_GET_PREV),    "ENGINE_get_prev"},
-{ERR_FUNC(ENGINE_F_ENGINE_INIT),        "ENGINE_init"},
-{ERR_FUNC(ENGINE_F_ENGINE_LIST_ADD),    "ENGINE_LIST_ADD"},
-{ERR_FUNC(ENGINE_F_ENGINE_LIST_REMOVE), "ENGINE_LIST_REMOVE"},
-{ERR_FUNC(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY),    "ENGINE_load_private_key"},
-{ERR_FUNC(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY),     "ENGINE_load_public_key"},
-{ERR_FUNC(ENGINE_F_ENGINE_MODULE_INIT), "ENGINE_MODULE_INIT"},
-{ERR_FUNC(ENGINE_F_ENGINE_NEW), "ENGINE_new"},
-{ERR_FUNC(ENGINE_F_ENGINE_REMOVE),      "ENGINE_remove"},
-{ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_STRING),  "ENGINE_set_default_string"},
-{ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_TYPE),    "ENGINE_SET_DEFAULT_TYPE"},
-{ERR_FUNC(ENGINE_F_ENGINE_SET_ID),      "ENGINE_set_id"},
-{ERR_FUNC(ENGINE_F_ENGINE_SET_NAME),    "ENGINE_set_name"},
-{ERR_FUNC(ENGINE_F_ENGINE_TABLE_REGISTER),      "ENGINE_TABLE_REGISTER"},
-{ERR_FUNC(ENGINE_F_ENGINE_UNLOAD_KEY),  "ENGINE_UNLOAD_KEY"},
-{ERR_FUNC(ENGINE_F_ENGINE_UP_REF),      "ENGINE_up_ref"},
-{ERR_FUNC(ENGINE_F_INT_CTRL_HELPER),    "INT_CTRL_HELPER"},
-{ERR_FUNC(ENGINE_F_INT_ENGINE_CONFIGURE),       "INT_ENGINE_CONFIGURE"},
-{ERR_FUNC(ENGINE_F_LOG_MESSAGE),        "LOG_MESSAGE"},
-{ERR_FUNC(ENGINE_F_SET_DATA_CTX),       "SET_DATA_CTX"},
+{ERR_PACK(0,ENGINE_F_DYNAMIC_CTRL,0),   "DYNAMIC_CTRL"},
+{ERR_PACK(0,ENGINE_F_DYNAMIC_GET_DATA_CTX,0),   "DYNAMIC_GET_DATA_CTX"},
+{ERR_PACK(0,ENGINE_F_DYNAMIC_LOAD,0),   "DYNAMIC_LOAD"},
+{ERR_PACK(0,ENGINE_F_ENGINE_ADD,0),     "ENGINE_add"},
+{ERR_PACK(0,ENGINE_F_ENGINE_BY_ID,0),   "ENGINE_by_id"},
+{ERR_PACK(0,ENGINE_F_ENGINE_CMD_IS_EXECUTABLE,0),       "ENGINE_cmd_is_executable"},
+{ERR_PACK(0,ENGINE_F_ENGINE_CTRL,0),    "ENGINE_ctrl"},
+{ERR_PACK(0,ENGINE_F_ENGINE_CTRL_CMD,0),        "ENGINE_ctrl_cmd"},
+{ERR_PACK(0,ENGINE_F_ENGINE_CTRL_CMD_STRING,0), "ENGINE_ctrl_cmd_string"},
+{ERR_PACK(0,ENGINE_F_ENGINE_FINISH,0),  "ENGINE_finish"},
+{ERR_PACK(0,ENGINE_F_ENGINE_FREE,0),    "ENGINE_free"},
+{ERR_PACK(0,ENGINE_F_ENGINE_GET_CIPHER,0),      "ENGINE_get_cipher"},
+{ERR_PACK(0,ENGINE_F_ENGINE_GET_DEFAULT_TYPE,0),        "ENGINE_GET_DEFAULT_TYPE"},
+{ERR_PACK(0,ENGINE_F_ENGINE_GET_DIGEST,0),      "ENGINE_get_digest"},
+{ERR_PACK(0,ENGINE_F_ENGINE_GET_NEXT,0),        "ENGINE_get_next"},
+{ERR_PACK(0,ENGINE_F_ENGINE_GET_PREV,0),        "ENGINE_get_prev"},
+{ERR_PACK(0,ENGINE_F_ENGINE_INIT,0),    "ENGINE_init"},
+{ERR_PACK(0,ENGINE_F_ENGINE_LIST_ADD,0),        "ENGINE_LIST_ADD"},
+{ERR_PACK(0,ENGINE_F_ENGINE_LIST_REMOVE,0),     "ENGINE_LIST_REMOVE"},
+{ERR_PACK(0,ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,0),        "ENGINE_load_private_key"},
+{ERR_PACK(0,ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,0), "ENGINE_load_public_key"},
+{ERR_PACK(0,ENGINE_F_ENGINE_MODULE_INIT,0),     "ENGINE_MODULE_INIT"},
+{ERR_PACK(0,ENGINE_F_ENGINE_NEW,0),     "ENGINE_new"},
+{ERR_PACK(0,ENGINE_F_ENGINE_REMOVE,0),  "ENGINE_remove"},
+{ERR_PACK(0,ENGINE_F_ENGINE_SET_DEFAULT_STRING,0),      "ENGINE_set_default_string"},
+{ERR_PACK(0,ENGINE_F_ENGINE_SET_DEFAULT_TYPE,0),        "ENGINE_SET_DEFAULT_TYPE"},
+{ERR_PACK(0,ENGINE_F_ENGINE_SET_ID,0),  "ENGINE_set_id"},
+{ERR_PACK(0,ENGINE_F_ENGINE_SET_NAME,0),        "ENGINE_set_name"},
+{ERR_PACK(0,ENGINE_F_ENGINE_TABLE_REGISTER,0),  "ENGINE_TABLE_REGISTER"},
+{ERR_PACK(0,ENGINE_F_ENGINE_UNLOAD_KEY,0),      "ENGINE_UNLOAD_KEY"},
+{ERR_PACK(0,ENGINE_F_ENGINE_UP_REF,0),  "ENGINE_up_ref"},
+{ERR_PACK(0,ENGINE_F_INT_CTRL_HELPER,0),        "INT_CTRL_HELPER"},
+{ERR_PACK(0,ENGINE_F_INT_ENGINE_CONFIGURE,0),   "INT_ENGINE_CONFIGURE"},
+{ERR_PACK(0,ENGINE_F_LOG_MESSAGE,0),    "LOG_MESSAGE"},
+{ERR_PACK(0,ENGINE_F_SET_DATA_CTX,0),   "SET_DATA_CTX"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA ENGINE_str_reasons[]=
         {
-{ERR_REASON(ENGINE_R_ALREADY_LOADED)     ,"already loaded"},
-{ERR_REASON(ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER),"argument is not a number"},
-{ERR_REASON(ENGINE_R_CMD_NOT_EXECUTABLE) ,"cmd not executable"},
-{ERR_REASON(ENGINE_R_COMMAND_TAKES_INPUT),"command takes input"},
-{ERR_REASON(ENGINE_R_COMMAND_TAKES_NO_INPUT),"command takes no input"},
-{ERR_REASON(ENGINE_R_CONFLICTING_ENGINE_ID),"conflicting engine id"},
-{ERR_REASON(ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED),"ctrl command not implemented"},
-{ERR_REASON(ENGINE_R_DH_NOT_IMPLEMENTED) ,"dh not implemented"},
-{ERR_REASON(ENGINE_R_DSA_NOT_IMPLEMENTED),"dsa not implemented"},
-{ERR_REASON(ENGINE_R_DSO_FAILURE)        ,"DSO failure"},
-{ERR_REASON(ENGINE_R_DSO_NOT_FOUND)      ,"dso not found"},
-{ERR_REASON(ENGINE_R_ENGINES_SECTION_ERROR),"engines section error"},
-{ERR_REASON(ENGINE_R_ENGINE_IS_NOT_IN_LIST),"engine is not in the list"},
-{ERR_REASON(ENGINE_R_ENGINE_SECTION_ERROR),"engine section error"},
-{ERR_REASON(ENGINE_R_FAILED_LOADING_PRIVATE_KEY),"failed loading private key"},
-{ERR_REASON(ENGINE_R_FAILED_LOADING_PUBLIC_KEY),"failed loading public key"},
-{ERR_REASON(ENGINE_R_FINISH_FAILED)      ,"finish failed"},
-{ERR_REASON(ENGINE_R_GET_HANDLE_FAILED)  ,"could not obtain hardware handle"},
-{ERR_REASON(ENGINE_R_ID_OR_NAME_MISSING) ,"'id' or 'name' missing"},
-{ERR_REASON(ENGINE_R_INIT_FAILED)        ,"init failed"},
-{ERR_REASON(ENGINE_R_INTERNAL_LIST_ERROR),"internal list error"},
-{ERR_REASON(ENGINE_R_INVALID_ARGUMENT)   ,"invalid argument"},
-{ERR_REASON(ENGINE_R_INVALID_CMD_NAME)   ,"invalid cmd name"},
-{ERR_REASON(ENGINE_R_INVALID_CMD_NUMBER) ,"invalid cmd number"},
-{ERR_REASON(ENGINE_R_INVALID_INIT_VALUE) ,"invalid init value"},
-{ERR_REASON(ENGINE_R_INVALID_STRING)     ,"invalid string"},
-{ERR_REASON(ENGINE_R_NOT_INITIALISED)    ,"not initialised"},
-{ERR_REASON(ENGINE_R_NOT_LOADED)         ,"not loaded"},
-{ERR_REASON(ENGINE_R_NO_CONTROL_FUNCTION),"no control function"},
-{ERR_REASON(ENGINE_R_NO_INDEX)           ,"no index"},
-{ERR_REASON(ENGINE_R_NO_LOAD_FUNCTION)   ,"no load function"},
-{ERR_REASON(ENGINE_R_NO_REFERENCE)       ,"no reference"},
-{ERR_REASON(ENGINE_R_NO_SUCH_ENGINE)     ,"no such engine"},
-{ERR_REASON(ENGINE_R_NO_UNLOAD_FUNCTION) ,"no unload function"},
-{ERR_REASON(ENGINE_R_PROVIDE_PARAMETERS) ,"provide parameters"},
-{ERR_REASON(ENGINE_R_RSA_NOT_IMPLEMENTED),"rsa not implemented"},
-{ERR_REASON(ENGINE_R_UNIMPLEMENTED_CIPHER),"unimplemented cipher"},
-{ERR_REASON(ENGINE_R_UNIMPLEMENTED_DIGEST),"unimplemented digest"},
-{ERR_REASON(ENGINE_R_VERSION_INCOMPATIBILITY),"version incompatibility"},
+{ENGINE_R_ALREADY_LOADED                 ,"already loaded"},
+{ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER       ,"argument is not a number"},
+{ENGINE_R_CMD_NOT_EXECUTABLE             ,"cmd not executable"},
+{ENGINE_R_COMMAND_TAKES_INPUT            ,"command takes input"},
+{ENGINE_R_COMMAND_TAKES_NO_INPUT         ,"command takes no input"},
+{ENGINE_R_CONFLICTING_ENGINE_ID          ,"conflicting engine id"},
+{ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED   ,"ctrl command not implemented"},
+{ENGINE_R_DH_NOT_IMPLEMENTED             ,"dh not implemented"},
+{ENGINE_R_DSA_NOT_IMPLEMENTED            ,"dsa not implemented"},
+{ENGINE_R_DSO_FAILURE                    ,"DSO failure"},
+{ENGINE_R_DSO_NOT_FOUND                  ,"dso not found"},
+{ENGINE_R_ENGINES_SECTION_ERROR          ,"engines section error"},
+{ENGINE_R_ENGINE_IS_NOT_IN_LIST          ,"engine is not in the list"},
+{ENGINE_R_ENGINE_SECTION_ERROR           ,"engine section error"},
+{ENGINE_R_FAILED_LOADING_PRIVATE_KEY     ,"failed loading private key"},
+{ENGINE_R_FAILED_LOADING_PUBLIC_KEY      ,"failed loading public key"},
+{ENGINE_R_FINISH_FAILED                  ,"finish failed"},
+{ENGINE_R_GET_HANDLE_FAILED              ,"could not obtain hardware handle"},
+{ENGINE_R_ID_OR_NAME_MISSING             ,"'id' or 'name' missing"},
+{ENGINE_R_INIT_FAILED                    ,"init failed"},
+{ENGINE_R_INTERNAL_LIST_ERROR            ,"internal list error"},
+{ENGINE_R_INVALID_ARGUMENT               ,"invalid argument"},
+{ENGINE_R_INVALID_CMD_NAME               ,"invalid cmd name"},
+{ENGINE_R_INVALID_CMD_NUMBER             ,"invalid cmd number"},
+{ENGINE_R_INVALID_INIT_VALUE             ,"invalid init value"},
+{ENGINE_R_INVALID_STRING                 ,"invalid string"},
+{ENGINE_R_NOT_INITIALISED                ,"not initialised"},
+{ENGINE_R_NOT_LOADED                     ,"not loaded"},
+{ENGINE_R_NO_CONTROL_FUNCTION            ,"no control function"},
+{ENGINE_R_NO_INDEX                       ,"no index"},
+{ENGINE_R_NO_LOAD_FUNCTION               ,"no load function"},
+{ENGINE_R_NO_REFERENCE                   ,"no reference"},
+{ENGINE_R_NO_SUCH_ENGINE                 ,"no such engine"},
+{ENGINE_R_NO_UNLOAD_FUNCTION             ,"no unload function"},
+{ENGINE_R_PROVIDE_PARAMETERS             ,"provide parameters"},
+{ENGINE_R_RSA_NOT_IMPLEMENTED            ,"rsa not implemented"},
+{ENGINE_R_UNIMPLEMENTED_CIPHER           ,"unimplemented cipher"},
+{ENGINE_R_UNIMPLEMENTED_DIGEST           ,"unimplemented digest"},
+{ENGINE_R_VERSION_INCOMPATIBILITY        ,"version incompatibility"},
 {0,NULL}
         };
 
@@ -162,8 +158,8 @@ void ERR_load_ENGINE_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,ENGINE_str_functs);
-                ERR_load_strings(0,ENGINE_str_reasons);
+                ERR_load_strings(ERR_LIB_ENGINE,ENGINE_str_functs);
+                ERR_load_strings(ERR_LIB_ENGINE,ENGINE_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/crypto/engine/hw_aep.c b/src/lib/libssl/src/crypto/engine/hw_aep.c
index 5f1772ea99..8b8380a582 100644
--- a/src/lib/libssl/src/crypto/engine/hw_aep.c
+++ b/src/lib/libssl/src/crypto/engine/hw_aep.c
@@ -474,7 +474,6 @@ static int aep_init(ENGINE *e)
 
         if(aep_dso)
                 DSO_free(aep_dso);
-        aep_dso = NULL;
                 
         p_AEP_OpenConnection    = NULL;
         p_AEP_ModExp            = NULL;
diff --git a/src/lib/libssl/src/crypto/engine/hw_atalla.c b/src/lib/libssl/src/crypto/engine/hw_atalla.c
index 2b8342bbdd..e9eff9fad1 100644
--- a/src/lib/libssl/src/crypto/engine/hw_atalla.c
+++ b/src/lib/libssl/src/crypto/engine/hw_atalla.c
@@ -375,7 +375,6 @@ static int atalla_init(ENGINE *e)
 err:
         if(atalla_dso)
                 DSO_free(atalla_dso);
-        atalla_dso = NULL;
         p_Atalla_GetHardwareConfig = NULL;
         p_Atalla_RSAPrivateKeyOpFn = NULL;
         p_Atalla_GetPerformanceStatistics = NULL;
diff --git a/src/lib/libssl/src/crypto/engine/hw_cryptodev.c b/src/lib/libssl/src/crypto/engine/hw_cryptodev.c
index 3e7fff1c1e..d3b186c132 100644
--- a/src/lib/libssl/src/crypto/engine/hw_cryptodev.c
+++ b/src/lib/libssl/src/crypto/engine/hw_cryptodev.c
@@ -1,6 +1,6 @@
 /*
+ * Copyright (c) 2002-2004 Theo de Raadt
  * Copyright (c) 2002 Bob Beck <beck@openbsd.org>
- * Copyright (c) 2002 Theo de Raadt
  * Copyright (c) 2002 Markus Friedl
  * All rights reserved.
  *
@@ -49,11 +49,12 @@ ENGINE_load_cryptodev(void)
         return;
 }
 
-#else 
+#else
 
 #include <sys/types.h>
 #include <crypto/cryptodev.h>
 #include <sys/ioctl.h>
+
 #include <errno.h>
 #include <stdio.h>
 #include <unistd.h>
@@ -63,19 +64,34 @@ ENGINE_load_cryptodev(void)
 #include <errno.h>
 #include <string.h>
 
+#ifdef __i386__
+#include <sys/sysctl.h>
+#include <machine/cpu.h>
+#include <machine/specialreg.h>
+
+#include <ssl/aes.h>
+
+static int check_viac3aes(void);
+#endif
+
 struct dev_crypto_state {
         struct session_op d_sess;
         int d_fd;
 };
 
+struct dev_crypto_cipher {
+        int     c_id;
+        int     c_nid;
+        int     c_ivmax;
+        int     c_keylen;
+};
+
 static u_int32_t cryptodev_asymfeat = 0;
 
 static int get_asym_dev_crypto(void);
 static int open_dev_crypto(void);
 static int get_dev_crypto(void);
-static int cryptodev_max_iv(int cipher);
-static int cryptodev_key_length_valid(int cipher, int len);
-static int cipher_nid_to_cryptodev(int nid);
+static struct dev_crypto_cipher *cipher_nid_to_cryptodev(int nid);
 static int get_cryptodev_ciphers(const int **cnids);
 /*static int get_cryptodev_digests(const int **cnids);*/
 static int cryptodev_usable_ciphers(const int **nids);
@@ -122,15 +138,12 @@ static const ENGINE_CMD_DEFN cryptodev_defns[] = {
         { 0, NULL, NULL, 0 }
 };
 
-static struct {
-        int     id;
-        int     nid;
-        int     ivmax;
-        int     keylen;
-} ciphers[] = {
+static struct dev_crypto_cipher ciphers[] = {
         { CRYPTO_DES_CBC,               NID_des_cbc,            8,       8, },
         { CRYPTO_3DES_CBC,              NID_des_ede3_cbc,       8,      24, },
         { CRYPTO_AES_CBC,               NID_aes_128_cbc,        16,     16, },
+        { CRYPTO_AES_CBC,               NID_aes_192_cbc,        16,     24, },
+        { CRYPTO_AES_CBC,               NID_aes_256_cbc,        16,     32, },
         { CRYPTO_BLF_CBC,               NID_bf_cbc,             8,      16, },
         { CRYPTO_CAST_CBC,              NID_cast5_cbc,          8,      16, },
         { CRYPTO_SKIPJACK_CBC,          NID_undef,              0,       0, },
@@ -153,7 +166,7 @@ static struct {
 #endif
 
 /*
- * Return a fd if /dev/crypto seems usable, 0 otherwise.
+ * Return a fd if /dev/crypto seems usable, -1 otherwise.
  */
 static int
 open_dev_crypto(void)
@@ -180,8 +193,10 @@ get_dev_crypto(void)
 
         if ((fd = open_dev_crypto()) == -1)
                 return (-1);
-        if (ioctl(fd, CRIOGET, &retfd) == -1)
+        if (ioctl(fd, CRIOGET, &retfd) == -1) {
+                close(fd);
                 return (-1);
+        }
 
         /* close on exec */
         if (fcntl(retfd, F_SETFD, 1) == -1) {
@@ -202,48 +217,16 @@ get_asym_dev_crypto(void)
         return fd;
 }
 
-/*
- * XXXX this needs to be set for each alg - and determined from
- * a running card.
- */
-static int
-cryptodev_max_iv(int cipher)
-{
-        int i;
-
-        for (i = 0; ciphers[i].id; i++)
-                if (ciphers[i].id == cipher)
-                        return (ciphers[i].ivmax);
-        return (0);
-}
-
-/*
- * XXXX this needs to be set for each alg - and determined from
- * a running card. For now, fake it out - but most of these
- * for real devices should return 1 for the supported key
- * sizes the device can handle.
- */
-static int
-cryptodev_key_length_valid(int cipher, int len)
-{
-        int i;
-
-        for (i = 0; ciphers[i].id; i++)
-                if (ciphers[i].id == cipher)
-                        return (ciphers[i].keylen == len);
-        return (0);
-}
-
 /* convert libcrypto nids to cryptodev */
-static int
+static struct dev_crypto_cipher *
 cipher_nid_to_cryptodev(int nid)
 {
         int i;
 
-        for (i = 0; ciphers[i].id; i++)
-                if (ciphers[i].nid == nid)
-                        return (ciphers[i].id);
-        return (0);
+        for (i = 0; ciphers[i].c_id; i++)
+                if (ciphers[i].c_nid == nid)
+                        return (&ciphers[i]);
+        return (NULL);
 }
 
 /*
@@ -266,18 +249,45 @@ get_cryptodev_ciphers(const int **cnids)
         memset(&sess, 0, sizeof(sess));
         sess.key = (caddr_t)"123456781234567812345678";
 
-        for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
-                if (ciphers[i].nid == NID_undef)
+        for (i = 0; ciphers[i].c_id && count < CRYPTO_ALGORITHM_MAX; i++) {
+                if (ciphers[i].c_nid == NID_undef)
                         continue;
-                sess.cipher = ciphers[i].id;
-                sess.keylen = ciphers[i].keylen;
+                sess.cipher = ciphers[i].c_id;
+                sess.keylen = ciphers[i].c_keylen;
                 sess.mac = 0;
                 if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
                     ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
-                        nids[count++] = ciphers[i].nid;
+                        nids[count++] = ciphers[i].c_nid;
         }
         close(fd);
 
+#if defined(__i386__)
+        /*
+         * On i386, always check for the VIA C3 AES instructions;
+         * even if /dev/crypto is disabled.
+         */
+        if (check_viac3aes() >= 1) {
+                int have_NID_aes_128_cbc = 0;
+                int have_NID_aes_192_cbc = 0;
+                int have_NID_aes_256_cbc = 0;
+
+                for (i = 0; i < count; i++) {
+                        if (nids[i] == NID_aes_128_cbc)
+                                have_NID_aes_128_cbc = 1;
+                        if (nids[i] == NID_aes_192_cbc)
+                                have_NID_aes_192_cbc = 1;
+                        if (nids[i] == NID_aes_256_cbc)
+                                have_NID_aes_256_cbc = 1;
+                }
+                if (!have_NID_aes_128_cbc)
+                        nids[count++] = NID_aes_128_cbc;
+                if (!have_NID_aes_192_cbc)
+                        nids[count++] = NID_aes_192_cbc;
+                if (!have_NID_aes_256_cbc)
+                        nids[count++] = NID_aes_256_cbc;
+        }
+#endif
+
         if (count > 0)
                 *cnids = nids;
         else
@@ -429,15 +439,15 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 {
         struct dev_crypto_state *state = ctx->cipher_data;
         struct session_op *sess = &state->d_sess;
-        int cipher;
+        struct dev_crypto_cipher *cipher;
 
-        if ((cipher = cipher_nid_to_cryptodev(ctx->cipher->nid)) == NID_undef)
+        if ((cipher = cipher_nid_to_cryptodev(ctx->cipher->nid)) == NULL)
                 return (0);
 
-        if (ctx->cipher->iv_len > cryptodev_max_iv(cipher))
+        if (ctx->cipher->iv_len > cipher->c_ivmax)
                 return (0);
 
-        if (!cryptodev_key_length_valid(cipher, ctx->key_len))
+        if (ctx->key_len != cipher->c_keylen)
                 return (0);
 
         memset(sess, 0, sizeof(struct session_op));
@@ -447,7 +457,7 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 
         sess->key = (unsigned char *)key;
         sess->keylen = ctx->key_len;
-        sess->cipher = cipher;
+        sess->cipher = cipher->c_id;
 
         if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) {
                 close(state->d_fd);
@@ -552,7 +562,7 @@ const EVP_CIPHER cryptodev_cast_cbc = {
         NULL
 };
 
-const EVP_CIPHER cryptodev_aes_cbc = {
+EVP_CIPHER cryptodev_aes_128_cbc = {
         NID_aes_128_cbc,
         16, 16, 16,
         EVP_CIPH_CBC_MODE,
@@ -565,6 +575,209 @@ const EVP_CIPHER cryptodev_aes_cbc = {
         NULL
 };
 
+EVP_CIPHER cryptodev_aes_192_cbc = {
+        NID_aes_192_cbc,
+        16, 24, 16,
+        EVP_CIPH_CBC_MODE,
+        cryptodev_init_key,
+        cryptodev_cipher,
+        cryptodev_cleanup,
+        sizeof(struct dev_crypto_state),
+        EVP_CIPHER_set_asn1_iv,
+        EVP_CIPHER_get_asn1_iv,
+        NULL
+};
+
+EVP_CIPHER cryptodev_aes_256_cbc = {
+        NID_aes_256_cbc,
+        16, 32, 16,
+        EVP_CIPH_CBC_MODE,
+        cryptodev_init_key,
+        cryptodev_cipher,
+        cryptodev_cleanup,
+        sizeof(struct dev_crypto_state),
+        EVP_CIPHER_set_asn1_iv,
+        EVP_CIPHER_get_asn1_iv,
+        NULL
+};
+
+#if defined(__i386__)
+
+static inline void
+viac3_xcrypt_cbc(int *cw, const void *src, void *dst, void *key, int rep,
+    void *iv)
+{
+#ifdef notdef
+        printf("cw %x[%x %x %x %x] src %x dst %x key %x rep %x iv %x\n",
+            cw, cw[0], cw[1], cw[2], cw[3],
+            src, dst, key, rep, iv);
+#endif
+        /*
+         * Clear bit 30 of EFLAGS.
+         */
+        __asm __volatile("pushfl; popfl");
+
+        /*
+         * Cannot simply place key into "b" register, since the compiler
+         * -pic mode uses that register; so instead we must dance a little.
+         */
+        __asm __volatile("pushl %%ebx; movl %0, %%ebx; rep xcrypt-cbc; popl %%ebx" :
+            : "mr" (key), "a" (iv), "c" (rep), "d" (cw), "S" (src), "D" (dst)
+            : "memory", "cc");
+}
+
+#define ISUNALIGNED(x)  ((long)(x)) & 15
+#define DOALIGN(v)      ((void *)(((long)(v) + 15) & ~15))
+
+static int
+xcrypt_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+    const unsigned char *in, unsigned int inl)
+{
+        unsigned char *save_iv_store[EVP_MAX_IV_LENGTH + 15];
+        unsigned char *save_iv = DOALIGN(save_iv_store);
+        unsigned char *ivs_store[EVP_MAX_IV_LENGTH + 15];
+        unsigned char *ivs = DOALIGN(ivs_store);
+        void *iiv, *iv = NULL, *ivp = NULL;
+        const void *usein = in;
+        void *useout = out, *spare;
+        int cws[4 + 3], *cw = DOALIGN(cws);
+
+        if (!inl)
+                return (1);
+        if ((inl % ctx->cipher->block_size) != 0)
+                return (0);
+
+        if (ISUNALIGNED(in) || ISUNALIGNED(out)) {
+                spare = malloc(inl);
+                if (spare == NULL)
+                        return (0);
+
+                if (ISUNALIGNED(in)) {
+                        bcopy(in, spare, inl);
+                        usein = spare;
+                }
+                if (ISUNALIGNED(out))
+                        useout = spare;
+        }
+
+        cw[0] = C3_CRYPT_CWLO_ALG_AES | C3_CRYPT_CWLO_KEYGEN_SW |
+            C3_CRYPT_CWLO_NORMAL;
+        cw[0] |= ctx->encrypt ? C3_CRYPT_CWLO_ENCRYPT : C3_CRYPT_CWLO_DECRYPT;
+        cw[1] = cw[2] = cw[3] = 0;
+
+        switch (ctx->key_len * 8) {
+        case 128:
+                cw[0] |= C3_CRYPT_CWLO_KEY128;
+                break;
+        case 192:
+                cw[0] |= C3_CRYPT_CWLO_KEY192;
+                break;
+        case 256:
+                cw[0] |= C3_CRYPT_CWLO_KEY256;
+                break;
+        }
+
+        if (ctx->cipher->iv_len) {
+                iv = (caddr_t) ctx->iv;
+                if (!ctx->encrypt) {
+                        iiv = (void *) in + inl - ctx->cipher->iv_len;
+                        memcpy(save_iv, iiv, ctx->cipher->iv_len);
+                }
+        }
+
+        ivp = iv;
+        if (ISUNALIGNED(iv)) {
+                bcopy(iv, ivs, ctx->cipher->iv_len);
+                ivp = ivs;
+        }
+
+        viac3_xcrypt_cbc(cw, usein, useout, ctx->cipher_data,  inl / 16, ivp);
+
+        if (ISUNALIGNED(out)) {
+                bcopy(spare, out, inl);
+                free(spare);
+        }
+
+        if (ivp == ivs)
+                bcopy(ivp, iv, ctx->cipher->iv_len);
+
+        if (ctx->cipher->iv_len) {
+                if (ctx->encrypt)
+                        iiv = (void *) out + inl - ctx->cipher->iv_len;
+                else
+                        iiv = save_iv;
+                memcpy(ctx->iv, iiv, ctx->cipher->iv_len);
+        }
+        return (1);
+}
+
+static int
+xcrypt_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+    const unsigned char *iv, int enc)
+{
+        AES_KEY *k = ctx->cipher_data;
+#ifndef AES_ASM
+        int i;
+#endif
+
+        bzero(k, sizeof *k);
+        if (enc)
+                AES_set_encrypt_key(key, ctx->key_len * 8, k);
+        else
+                AES_set_decrypt_key(key, ctx->key_len * 8, k);
+
+#ifndef AES_ASM
+        /*
+         * XXX Damn OpenSSL byte swaps the expanded key!!
+         *
+         * XXX But only if we're using the C implementation of AES
+         */
+        for (i = 0; i < 4 * (AES_MAXNR + 1); i++)
+                k->rd_key[i] = htonl(k->rd_key[i]);
+#endif
+
+        return (1);
+}
+
+static int
+xcrypt_cleanup(EVP_CIPHER_CTX *ctx)
+{
+        bzero(ctx->cipher_data, ctx->cipher->ctx_size);
+        return (1);
+}
+
+static int
+check_viac3aes(void)
+{
+        int mib[2] = { CTL_MACHDEP, CPU_XCRYPT }, value;
+        size_t size = sizeof(value);
+
+        if (sysctl(mib, sizeof(mib)/sizeof(mib[0]), &value, &size,
+            NULL, 0) < 0)
+                return (0);
+        if (value == 0)
+                return (0);
+
+        if (value & C3_HAS_AES) {
+                cryptodev_aes_128_cbc.init = xcrypt_init_key;
+                cryptodev_aes_128_cbc.do_cipher = xcrypt_cipher;
+                cryptodev_aes_128_cbc.cleanup = xcrypt_cleanup;
+                cryptodev_aes_128_cbc.ctx_size = sizeof(AES_KEY);
+
+                cryptodev_aes_192_cbc.init = xcrypt_init_key;
+                cryptodev_aes_192_cbc.do_cipher = xcrypt_cipher;
+                cryptodev_aes_192_cbc.cleanup = xcrypt_cleanup;
+                cryptodev_aes_192_cbc.ctx_size = sizeof(AES_KEY);
+
+                cryptodev_aes_256_cbc.init = xcrypt_init_key;
+                cryptodev_aes_256_cbc.do_cipher = xcrypt_cipher;
+                cryptodev_aes_256_cbc.cleanup = xcrypt_cleanup;
+                cryptodev_aes_256_cbc.ctx_size = sizeof(AES_KEY);
+        }
+        return (value);
+}
+#endif /* __i386__ */
+
 /*
  * Registered by the ENGINE when used to find out how to deal with
  * a particular NID in the ENGINE. this says what we'll do at the
@@ -591,7 +804,13 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
                 *cipher = &cryptodev_cast_cbc;
                 break;
         case NID_aes_128_cbc:
-                *cipher = &cryptodev_aes_cbc;
+                *cipher = &cryptodev_aes_128_cbc;
+                break;
+        case NID_aes_192_cbc:
+                *cipher = &cryptodev_aes_192_cbc;
+                break;
+        case NID_aes_256_cbc:
+                *cipher = &cryptodev_aes_256_cbc;
                 break;
         default:
                 *cipher = NULL;
diff --git a/src/lib/libssl/src/crypto/engine/hw_cswift.c b/src/lib/libssl/src/crypto/engine/hw_cswift.c
index 1411fd8333..f128ee5a68 100644
--- a/src/lib/libssl/src/crypto/engine/hw_cswift.c
+++ b/src/lib/libssl/src/crypto/engine/hw_cswift.c
@@ -90,7 +90,6 @@ static int cswift_destroy(ENGINE *e);
 static int cswift_init(ENGINE *e);
 static int cswift_finish(ENGINE *e);
 static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
-static int cswift_bn_32copy(SW_LARGENUMBER * out, const BIGNUM * in);
 
 /* BIGNUM stuff */
 static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
@@ -404,10 +403,7 @@ static int cswift_init(ENGINE *e)
         return 1;
 err:
         if(cswift_dso)
-        {
                 DSO_free(cswift_dso);
-                cswift_dso = NULL;
-        }
         p_CSwift_AcquireAccContext = NULL;
         p_CSwift_AttachKeyParam = NULL;
         p_CSwift_SimpleRequest = NULL;
@@ -557,29 +553,6 @@ err:
         return to_return;
         }
 
-
-int cswift_bn_32copy(SW_LARGENUMBER * out, const BIGNUM * in)
-{
-        int mod;
-        int numbytes = BN_num_bytes(in);
-
-        mod = 0;
-        while( ((out->nbytes = (numbytes+mod)) % 32) )
-        {
-                mod++;
-        }
-        out->value = (unsigned char*)OPENSSL_malloc(out->nbytes);
-        if(!out->value)
-        {
-                return 0;
-        }
-        BN_bn2bin(in, &out->value[mod]);
-        if(mod)
-                memset(out->value, 0, mod);
-
-        return 1;
-}
-
 /* Un petit mod_exp chinois */
 static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
                         const BIGNUM *q, const BIGNUM *dmp1,
@@ -589,16 +562,15 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
         SW_LARGENUMBER arg, res;
         SW_PARAM sw_param;
         SW_CONTEXT_HANDLE hac;
-        BIGNUM *result = NULL;
+        BIGNUM *rsa_p = NULL;
+        BIGNUM *rsa_q = NULL;
+        BIGNUM *rsa_dmp1 = NULL;
+        BIGNUM *rsa_dmq1 = NULL;
+        BIGNUM *rsa_iqmp = NULL;
         BIGNUM *argument = NULL;
+        BIGNUM *result = NULL;
         int to_return = 0; /* expect failure */
         int acquired = 0;
-
-        sw_param.up.crt.p.value = NULL;
-        sw_param.up.crt.q.value = NULL;
-        sw_param.up.crt.dmp1.value = NULL;
-        sw_param.up.crt.dmq1.value = NULL;
-        sw_param.up.crt.iqmp.value = NULL;
  
         if(!get_context(&hac))
                 {
@@ -606,55 +578,44 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
                 goto err;
                 }
         acquired = 1;
-
         /* Prepare the params */
-        argument = BN_new();
-        result = BN_new();
-        if(!result || !argument)
+        BN_CTX_start(ctx);
+        rsa_p = BN_CTX_get(ctx);
+        rsa_q = BN_CTX_get(ctx);
+        rsa_dmp1 = BN_CTX_get(ctx);
+        rsa_dmq1 = BN_CTX_get(ctx);
+        rsa_iqmp = BN_CTX_get(ctx);
+        argument = BN_CTX_get(ctx);
+        result = BN_CTX_get(ctx);
+        if(!result)
                 {
                 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_CTX_FULL);
                 goto err;
                 }
-
-
-        sw_param.type = SW_ALG_CRT;
-        /************************************************************************/
-        /* 04/02/2003                                                           */
-        /* Modified by Frederic Giudicelli (deny-all.com) to overcome the       */
-        /* limitation of cswift with values not a multiple of 32                */
-        /************************************************************************/
-        if(!cswift_bn_32copy(&sw_param.up.crt.p, p))
-        {
-                CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
-                goto err;
-        }
-        if(!cswift_bn_32copy(&sw_param.up.crt.q, q))
-        {
-                CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
-                goto err;
-        }
-        if(!cswift_bn_32copy(&sw_param.up.crt.dmp1, dmp1))
-        {
-                CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
-                goto err;
-        }
-        if(!cswift_bn_32copy(&sw_param.up.crt.dmq1, dmq1))
-        {
-                CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
-                goto err;
-        }
-        if(!cswift_bn_32copy(&sw_param.up.crt.iqmp, iqmp))
-        {
-                CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
-                goto err;
-        }
-        if(     !bn_wexpand(argument, a->top) ||
+        if(!bn_wexpand(rsa_p, p->top) || !bn_wexpand(rsa_q, q->top) ||
+                        !bn_wexpand(rsa_dmp1, dmp1->top) ||
+                        !bn_wexpand(rsa_dmq1, dmq1->top) ||
+                        !bn_wexpand(rsa_iqmp, iqmp->top) ||
+                        !bn_wexpand(argument, a->top) ||
                         !bn_wexpand(result, p->top + q->top))
                 {
                 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
                 goto err;
                 }
-
+        sw_param.type = SW_ALG_CRT;
+        sw_param.up.crt.p.nbytes = BN_bn2bin(p, (unsigned char *)rsa_p->d);
+        sw_param.up.crt.p.value = (unsigned char *)rsa_p->d;
+        sw_param.up.crt.q.nbytes = BN_bn2bin(q, (unsigned char *)rsa_q->d);
+        sw_param.up.crt.q.value = (unsigned char *)rsa_q->d;
+        sw_param.up.crt.dmp1.nbytes = BN_bn2bin(dmp1,
+                (unsigned char *)rsa_dmp1->d);
+        sw_param.up.crt.dmp1.value = (unsigned char *)rsa_dmp1->d;
+        sw_param.up.crt.dmq1.nbytes = BN_bn2bin(dmq1,
+                (unsigned char *)rsa_dmq1->d);
+        sw_param.up.crt.dmq1.value = (unsigned char *)rsa_dmq1->d;
+        sw_param.up.crt.iqmp.nbytes = BN_bn2bin(iqmp,
+                (unsigned char *)rsa_iqmp->d);
+        sw_param.up.crt.iqmp.value = (unsigned char *)rsa_iqmp->d;
         /* Attach the key params */
         sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
         switch(sw_status)
@@ -693,22 +654,9 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
         BN_bin2bn((unsigned char *)result->d, res.nbytes, r);
         to_return = 1;
 err:
-        if(sw_param.up.crt.p.value)
-                OPENSSL_free(sw_param.up.crt.p.value);
-        if(sw_param.up.crt.q.value)
-                OPENSSL_free(sw_param.up.crt.q.value);
-        if(sw_param.up.crt.dmp1.value)
-                OPENSSL_free(sw_param.up.crt.dmp1.value);
-        if(sw_param.up.crt.dmq1.value)
-                OPENSSL_free(sw_param.up.crt.dmq1.value);
-        if(sw_param.up.crt.iqmp.value)
-                OPENSSL_free(sw_param.up.crt.iqmp.value);
-        if(result)
-                BN_free(result);
-        if(argument)
-                BN_free(argument);
         if(acquired)
                 release_context(hac);
+        BN_CTX_end(ctx);
         return to_return;
         }
  
@@ -717,27 +665,6 @@ static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
         {
         BN_CTX *ctx;
         int to_return = 0;
-        const RSA_METHOD * def_rsa_method;
-
-        /* Try the limits of RSA (2048 bits) */
-        if(BN_num_bytes(rsa->p) > 128 ||
-                BN_num_bytes(rsa->q) > 128 ||
-                BN_num_bytes(rsa->dmp1) > 128 ||
-                BN_num_bytes(rsa->dmq1) > 128 ||
-                BN_num_bytes(rsa->iqmp) > 128)
-        {
-#ifdef RSA_NULL
-                def_rsa_method=RSA_null_method();
-#else
-#if 0
-                def_rsa_method=RSA_PKCS1_RSAref();
-#else
-                def_rsa_method=RSA_PKCS1_SSLeay();
-#endif
-#endif
-                if(def_rsa_method)
-                        return def_rsa_method->rsa_mod_exp(r0, I, rsa);
-        }
 
         if((ctx = BN_CTX_new()) == NULL)
                 goto err;
@@ -759,26 +686,6 @@ err:
 static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
                 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
         {
-        const RSA_METHOD * def_rsa_method;
-
-        /* Try the limits of RSA (2048 bits) */
-        if(BN_num_bytes(r) > 256 ||
-                BN_num_bytes(a) > 256 ||
-                BN_num_bytes(m) > 256)
-        {
-#ifdef RSA_NULL
-                def_rsa_method=RSA_null_method();
-#else
-#if 0
-                def_rsa_method=RSA_PKCS1_RSAref();
-#else
-                def_rsa_method=RSA_PKCS1_SSLeay();
-#endif
-#endif
-                if(def_rsa_method)
-                        return def_rsa_method->bn_mod_exp(r, a, p, m, ctx, m_ctx);
-        }
-
         return cswift_mod_exp(r, a, p, m, ctx);
         }
 
@@ -1023,10 +930,9 @@ static int cswift_rand_bytes(unsigned char *buf, int num)
         SW_CONTEXT_HANDLE hac;
         SW_STATUS swrc;
         SW_LARGENUMBER largenum;
+        size_t nbytes = 0;
         int acquired = 0;
         int to_return = 0; /* assume failure */
-        unsigned char buf32[1024];
-
 
         if (!get_context(&hac))
         {
@@ -1035,19 +941,17 @@ static int cswift_rand_bytes(unsigned char *buf, int num)
         }
         acquired = 1;
 
-        /************************************************************************/
-        /* 04/02/2003                                                           */
-        /* Modified by Frederic Giudicelli (deny-all.com) to overcome the       */
-        /* limitation of cswift with values not a multiple of 32                */
-        /************************************************************************/
-
-        while(num >= sizeof(buf32))
+        while (nbytes < (size_t)num)
         {
-                largenum.value = buf;
-                largenum.nbytes = sizeof(buf32);
                 /* tell CryptoSwift how many bytes we want and where we want it.
                  * Note: - CryptoSwift cannot do more than 4096 bytes at a time.
                  *       - CryptoSwift can only do multiple of 32-bits. */
+                largenum.value = (SW_BYTE *) buf + nbytes;
+                if (4096 > num - nbytes)
+                        largenum.nbytes = num - nbytes;
+                else
+                        largenum.nbytes = 4096;
+
                 swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
                 if (swrc != SW_OK)
                 {
@@ -1057,30 +961,14 @@ static int cswift_rand_bytes(unsigned char *buf, int num)
                         ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
                         goto err;
                 }
-                buf += sizeof(buf32);
-                num -= sizeof(buf32);
-        }
-        if(num)
-        {
-                largenum.nbytes = sizeof(buf32);
-                largenum.value = buf32;
-                swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
-                if (swrc != SW_OK)
-                {
-                        char tmpbuf[20];
-                        CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_REQUEST_FAILED);
-                        sprintf(tmpbuf, "%ld", swrc);
-                        ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
-                        goto err;
-                }
-                memcpy(buf, largenum.value, num);
-        }
 
+                nbytes += largenum.nbytes;
+        }
         to_return = 1;  /* success */
+
 err:
         if (acquired)
                 release_context(hac);
-
         return to_return;
 }
 
diff --git a/src/lib/libssl/src/crypto/engine/hw_ubsec.c b/src/lib/libssl/src/crypto/engine/hw_ubsec.c
index 8fb834af31..5234a08a07 100644
--- a/src/lib/libssl/src/crypto/engine/hw_ubsec.c
+++ b/src/lib/libssl/src/crypto/engine/hw_ubsec.c
@@ -454,7 +454,6 @@ static int ubsec_init(ENGINE *e)
 err:
         if(ubsec_dso)
                 DSO_free(ubsec_dso);
-        ubsec_dso = NULL;
         p_UBSEC_ubsec_bytes_to_bits = NULL;
         p_UBSEC_ubsec_bits_to_bytes = NULL;
         p_UBSEC_ubsec_open = NULL;
diff --git a/src/lib/libssl/src/crypto/engine/tb_dsa.c b/src/lib/libssl/src/crypto/engine/tb_dsa.c
index 7efe181927..80170591f2 100644
--- a/src/lib/libssl/src/crypto/engine/tb_dsa.c
+++ b/src/lib/libssl/src/crypto/engine/tb_dsa.c
@@ -94,7 +94,7 @@ int ENGINE_set_default_DSA(ENGINE *e)
         {
         if(e->dsa_meth)
                 return engine_table_register(&dsa_table,
-                                engine_unregister_all_DSA, e, &dummy_nid, 1, 1);
+                                engine_unregister_all_DSA, e, &dummy_nid, 1, 0);
         return 1;
         }
 
diff --git a/src/lib/libssl/src/crypto/err/Makefile.ssl b/src/lib/libssl/src/crypto/err/Makefile.ssl
new file mode 100644
index 0000000000..b253061d07
--- /dev/null
+++ b/src/lib/libssl/src/crypto/err/Makefile.ssl
@@ -0,0 +1,119 @@
+#
+# SSLeay/crypto/err/Makefile
+#
+
+DIR=    err
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=err.c err_all.c err_prn.c
+LIBOBJ=err.o err_all.o err_prn.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= err.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+err.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/buffer.h
+err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+err.o: ../../include/openssl/symhacks.h ../cryptlib.h err.c
+err_all.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+err_all.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+err_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+err_all.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+err_all.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+err_all.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+err_all.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
+err_all.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+err_all.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+err_all.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+err_all.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+err_all.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+err_all.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+err_all.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+err_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+err_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem2.h
+err_all.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+err_all.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+err_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+err_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+err_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+err_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+err_all.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+err_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+err_all.o: ../../include/openssl/x509v3.h err_all.c
+err_prn.o: ../../e_os.h ../../include/openssl/bio.h
+err_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+err_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+err_prn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+err_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+err_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+err_prn.o: ../cryptlib.h err_prn.c
diff --git a/src/lib/libssl/src/crypto/err/err.c b/src/lib/libssl/src/crypto/err/err.c
index 53687d79ab..c78790a54c 100644
--- a/src/lib/libssl/src/crypto/err/err.c
+++ b/src/lib/libssl/src/crypto/err/err.c
@@ -621,8 +621,7 @@ static void err_load_strings(int lib, ERR_STRING_DATA *str)
         {
         while (str->error)
                 {
-                if (lib)
-                        str->error|=ERR_PACK(lib,0,0);
+                str->error|=ERR_PACK(lib,0,0);
                 ERRFN(err_set_item)(str);
                 str++;
                 }
@@ -638,8 +637,7 @@ void ERR_unload_strings(int lib, ERR_STRING_DATA *str)
         {
         while (str->error)
                 {
-                if (lib)
-                        str->error|=ERR_PACK(lib,0,0);
+                str->error|=ERR_PACK(lib,0,0);
                 ERRFN(err_del_item)(str);
                 str++;
                 }
diff --git a/src/lib/libssl/src/crypto/err/openssl.ec b/src/lib/libssl/src/crypto/err/openssl.ec
index f8cd6937e7..447a7f87ed 100644
--- a/src/lib/libssl/src/crypto/err/openssl.ec
+++ b/src/lib/libssl/src/crypto/err/openssl.ec
@@ -27,7 +27,7 @@ L DSO		crypto/dso/dso.h		crypto/dso/dso_err.c
 L ENGINE        crypto/engine/engine.h          crypto/engine/eng_err.c
 L OCSP          crypto/ocsp/ocsp.h              crypto/ocsp/ocsp_err.c
 L UI            crypto/ui/ui.h                  crypto/ui/ui_err.c
-L FIPS          fips-1.0/fips.h                 fips-1.0/fips_err.h
+L FIPS          fips/fips.h                     fips/fips_err.h
 
 # additional header files to be scanned for function names
 L NONE          crypto/x509/x509_vfy.h          NONE
diff --git a/src/lib/libssl/src/crypto/evp/Makefile.ssl b/src/lib/libssl/src/crypto/evp/Makefile.ssl
new file mode 100644
index 0000000000..f33aebd33a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/Makefile.ssl
@@ -0,0 +1,1059 @@
+#
+# SSLeay/crypto/evp/Makefile
+#
+
+DIR=    evp
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=evp_test.c
+TESTDATA=evptests.txt
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \
+        e_des.c e_bf.c e_idea.c e_des3.c \
+        e_rc4.c e_aes.c names.c \
+        e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
+        m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c \
+        m_dss.c m_dss1.c m_mdc2.c m_ripemd.c \
+        p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
+        bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
+        c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \
+        evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c
+
+LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o \
+        e_des.o e_bf.o e_idea.o e_des3.o \
+        e_rc4.o e_aes.o names.o \
+        e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
+        m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o \
+        m_dss.o m_dss1.o m_mdc2.o m_ripemd.o \
+        p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \
+        bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
+        c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \
+        evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= evp.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        cp $(TESTDATA) ../../test
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bio_b64.o: ../../e_os.h ../../include/openssl/aes.h
+bio_b64.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+bio_b64.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+bio_b64.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+bio_b64.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+bio_b64.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+bio_b64.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+bio_b64.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+bio_b64.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+bio_b64.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+bio_b64.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+bio_b64.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+bio_b64.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bio_b64.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
+bio_b64.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+bio_b64.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+bio_b64.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+bio_b64.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bio_b64.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+bio_b64.o: ../cryptlib.h bio_b64.c
+bio_enc.o: ../../e_os.h ../../include/openssl/aes.h
+bio_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+bio_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+bio_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+bio_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+bio_enc.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+bio_enc.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+bio_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+bio_enc.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+bio_enc.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+bio_enc.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+bio_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+bio_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bio_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
+bio_enc.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+bio_enc.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+bio_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+bio_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bio_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+bio_enc.o: ../cryptlib.h bio_enc.c
+bio_md.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+bio_md.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+bio_md.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+bio_md.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+bio_md.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+bio_md.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+bio_md.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_md.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+bio_md.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+bio_md.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+bio_md.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+bio_md.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+bio_md.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_md.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+bio_md.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+bio_md.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+bio_md.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+bio_md.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+bio_md.o: ../../include/openssl/ui_compat.h ../cryptlib.h bio_md.c
+bio_ok.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+bio_ok.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+bio_ok.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+bio_ok.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+bio_ok.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+bio_ok.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+bio_ok.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_ok.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+bio_ok.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+bio_ok.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+bio_ok.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+bio_ok.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+bio_ok.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_ok.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+bio_ok.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+bio_ok.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+bio_ok.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+bio_ok.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bio_ok.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+bio_ok.o: ../cryptlib.h bio_ok.c
+c_all.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+c_all.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+c_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+c_all.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+c_all.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+c_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+c_all.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
+c_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+c_all.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+c_all.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+c_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+c_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+c_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+c_all.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+c_all.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+c_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+c_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+c_all.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+c_all.o: ../../include/openssl/ui_compat.h ../cryptlib.h c_all.c
+c_allc.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+c_allc.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+c_allc.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+c_allc.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+c_allc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+c_allc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+c_allc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+c_allc.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+c_allc.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+c_allc.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+c_allc.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+c_allc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+c_allc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+c_allc.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+c_allc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+c_allc.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+c_allc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+c_allc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+c_allc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+c_allc.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+c_allc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_allc.c
+c_alld.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+c_alld.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+c_alld.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+c_alld.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+c_alld.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+c_alld.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+c_alld.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+c_alld.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+c_alld.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+c_alld.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+c_alld.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+c_alld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+c_alld.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+c_alld.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+c_alld.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+c_alld.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+c_alld.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+c_alld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+c_alld.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+c_alld.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+c_alld.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_alld.c
+digest.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+digest.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+digest.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+digest.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+digest.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+digest.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+digest.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
+digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+digest.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+digest.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+digest.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+digest.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+digest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+digest.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+digest.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+digest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+digest.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+digest.o: ../../include/openssl/ui_compat.h ../cryptlib.h digest.c
+e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+e_aes.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+e_aes.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
+e_aes.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+e_aes.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+e_aes.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+e_aes.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+e_aes.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+e_aes.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+e_aes.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+e_aes.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_aes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_aes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
+e_aes.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+e_aes.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+e_aes.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_aes.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h e_aes.c
+e_aes.o: evp_locl.h
+e_bf.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+e_bf.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+e_bf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+e_bf.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+e_bf.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+e_bf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+e_bf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_bf.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+e_bf.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+e_bf.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+e_bf.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+e_bf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_bf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_bf.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+e_bf.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+e_bf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+e_bf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+e_bf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_bf.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_bf.c evp_locl.h
+e_cast.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+e_cast.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+e_cast.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+e_cast.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+e_cast.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+e_cast.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+e_cast.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_cast.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+e_cast.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+e_cast.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+e_cast.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+e_cast.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_cast.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_cast.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+e_cast.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+e_cast.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+e_cast.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+e_cast.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_cast.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_cast.c evp_locl.h
+e_des.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+e_des.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+e_des.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+e_des.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+e_des.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+e_des.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+e_des.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_des.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+e_des.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+e_des.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+e_des.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+e_des.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_des.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_des.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+e_des.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+e_des.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+e_des.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+e_des.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_des.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des.c evp_locl.h
+e_des3.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+e_des3.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+e_des3.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+e_des3.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+e_des3.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+e_des3.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+e_des3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_des3.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+e_des3.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+e_des3.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+e_des3.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+e_des3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_des3.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_des3.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+e_des3.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+e_des3.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+e_des3.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+e_des3.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_des3.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des3.c evp_locl.h
+e_idea.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+e_idea.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+e_idea.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+e_idea.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+e_idea.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+e_idea.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+e_idea.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_idea.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+e_idea.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+e_idea.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+e_idea.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+e_idea.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_idea.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_idea.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+e_idea.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+e_idea.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+e_idea.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+e_idea.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_idea.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_idea.c evp_locl.h
+e_null.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+e_null.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+e_null.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+e_null.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+e_null.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+e_null.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+e_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_null.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+e_null.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+e_null.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+e_null.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+e_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_null.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+e_null.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+e_null.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+e_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+e_null.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_null.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_null.c
+e_rc2.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+e_rc2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+e_rc2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+e_rc2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+e_rc2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+e_rc2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+e_rc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_rc2.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+e_rc2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+e_rc2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+e_rc2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+e_rc2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_rc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_rc2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+e_rc2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+e_rc2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+e_rc2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+e_rc2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_rc2.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_rc2.c evp_locl.h
+e_rc4.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+e_rc4.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+e_rc4.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+e_rc4.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+e_rc4.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+e_rc4.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+e_rc4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_rc4.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+e_rc4.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+e_rc4.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+e_rc4.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+e_rc4.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_rc4.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_rc4.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+e_rc4.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+e_rc4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+e_rc4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+e_rc4.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_rc4.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_rc4.c
+e_rc5.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+e_rc5.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+e_rc5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+e_rc5.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+e_rc5.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+e_rc5.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+e_rc5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_rc5.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+e_rc5.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+e_rc5.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+e_rc5.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+e_rc5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_rc5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_rc5.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+e_rc5.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+e_rc5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+e_rc5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+e_rc5.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_rc5.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_rc5.c evp_locl.h
+e_xcbc_d.o: ../../e_os.h ../../include/openssl/aes.h
+e_xcbc_d.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_xcbc_d.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+e_xcbc_d.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+e_xcbc_d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+e_xcbc_d.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+e_xcbc_d.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+e_xcbc_d.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+e_xcbc_d.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+e_xcbc_d.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+e_xcbc_d.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+e_xcbc_d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_xcbc_d.o: ../../include/openssl/opensslconf.h
+e_xcbc_d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_xcbc_d.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+e_xcbc_d.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+e_xcbc_d.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+e_xcbc_d.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+e_xcbc_d.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_xcbc_d.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_xcbc_d.c
+encode.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+encode.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+encode.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+encode.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+encode.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+encode.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+encode.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+encode.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+encode.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+encode.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+encode.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+encode.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+encode.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+encode.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+encode.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+encode.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+encode.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+encode.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+encode.o: ../../include/openssl/ui_compat.h ../cryptlib.h encode.c
+evp_acnf.o: ../../e_os.h ../../include/openssl/aes.h
+evp_acnf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+evp_acnf.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+evp_acnf.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+evp_acnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+evp_acnf.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+evp_acnf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+evp_acnf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+evp_acnf.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+evp_acnf.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+evp_acnf.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+evp_acnf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_acnf.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+evp_acnf.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+evp_acnf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+evp_acnf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+evp_acnf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+evp_acnf.o: ../../include/openssl/ui_compat.h ../cryptlib.h evp_acnf.c
+evp_enc.o: ../../e_os.h ../../include/openssl/aes.h
+evp_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+evp_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+evp_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+evp_enc.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+evp_enc.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+evp_enc.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+evp_enc.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+evp_enc.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+evp_enc.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+evp_enc.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+evp_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_enc.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+evp_enc.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+evp_enc.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+evp_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+evp_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+evp_enc.o: ../cryptlib.h evp_enc.c evp_locl.h
+evp_err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+evp_err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+evp_err.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
+evp_err.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+evp_err.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+evp_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+evp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_err.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+evp_err.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+evp_err.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+evp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+evp_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+evp_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
+evp_err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+evp_err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+evp_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+evp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_err.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+evp_err.o: evp_err.c
+evp_key.o: ../../e_os.h ../../include/openssl/aes.h
+evp_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+evp_key.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+evp_key.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+evp_key.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+evp_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+evp_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_key.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+evp_key.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+evp_key.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+evp_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+evp_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+evp_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+evp_key.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+evp_key.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+evp_key.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+evp_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+evp_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+evp_key.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+evp_key.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_key.c
+evp_lib.o: ../../e_os.h ../../include/openssl/aes.h
+evp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+evp_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+evp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+evp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+evp_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+evp_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+evp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+evp_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+evp_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+evp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+evp_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+evp_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
+evp_lib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+evp_lib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+evp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+evp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_lib.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+evp_lib.o: ../cryptlib.h evp_lib.c
+evp_pbe.o: ../../e_os.h ../../include/openssl/aes.h
+evp_pbe.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+evp_pbe.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+evp_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+evp_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+evp_pbe.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+evp_pbe.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+evp_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_pbe.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+evp_pbe.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+evp_pbe.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+evp_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+evp_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+evp_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+evp_pbe.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+evp_pbe.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+evp_pbe.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+evp_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+evp_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+evp_pbe.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+evp_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pbe.c
+evp_pkey.o: ../../e_os.h ../../include/openssl/aes.h
+evp_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+evp_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+evp_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+evp_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+evp_pkey.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+evp_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+evp_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_pkey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+evp_pkey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+evp_pkey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+evp_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+evp_pkey.o: ../../include/openssl/opensslconf.h
+evp_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+evp_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+evp_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+evp_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+evp_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+evp_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+evp_pkey.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+evp_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pkey.c
+m_dss.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+m_dss.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+m_dss.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+m_dss.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+m_dss.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+m_dss.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+m_dss.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_dss.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+m_dss.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+m_dss.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+m_dss.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+m_dss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_dss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_dss.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+m_dss.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+m_dss.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_dss.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+m_dss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_dss.o: ../cryptlib.h m_dss.c
+m_dss1.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+m_dss1.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+m_dss1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+m_dss1.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+m_dss1.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+m_dss1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+m_dss1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_dss1.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+m_dss1.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+m_dss1.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+m_dss1.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+m_dss1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_dss1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_dss1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+m_dss1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+m_dss1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_dss1.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+m_dss1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_dss1.o: ../cryptlib.h m_dss1.c
+m_md2.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+m_md2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+m_md2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+m_md2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+m_md2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+m_md2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_md2.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+m_md2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+m_md2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+m_md2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+m_md2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_md2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_md2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+m_md2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+m_md2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+m_md2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_md2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_md2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+m_md2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_md2.o: ../cryptlib.h m_md2.c
+m_md4.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+m_md4.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+m_md4.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+m_md4.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+m_md4.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+m_md4.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+m_md4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_md4.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+m_md4.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+m_md4.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+m_md4.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+m_md4.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_md4.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_md4.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+m_md4.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+m_md4.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+m_md4.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_md4.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_md4.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+m_md4.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_md4.o: ../cryptlib.h m_md4.c
+m_md5.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+m_md5.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+m_md5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+m_md5.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+m_md5.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+m_md5.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+m_md5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_md5.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+m_md5.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+m_md5.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+m_md5.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+m_md5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_md5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_md5.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+m_md5.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+m_md5.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+m_md5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_md5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_md5.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+m_md5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_md5.o: ../cryptlib.h m_md5.c
+m_mdc2.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+m_mdc2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+m_mdc2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+m_mdc2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+m_mdc2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+m_mdc2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+m_mdc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_mdc2.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+m_mdc2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+m_mdc2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+m_mdc2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+m_mdc2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_mdc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_mdc2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+m_mdc2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+m_mdc2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+m_mdc2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_mdc2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_mdc2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+m_mdc2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_mdc2.o: ../cryptlib.h m_mdc2.c
+m_null.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+m_null.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+m_null.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+m_null.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+m_null.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+m_null.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+m_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_null.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+m_null.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+m_null.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+m_null.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+m_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_null.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+m_null.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+m_null.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+m_null.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_null.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+m_null.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_null.o: ../cryptlib.h m_null.c
+m_ripemd.o: ../../e_os.h ../../include/openssl/aes.h
+m_ripemd.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_ripemd.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+m_ripemd.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+m_ripemd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+m_ripemd.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+m_ripemd.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+m_ripemd.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_ripemd.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+m_ripemd.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+m_ripemd.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+m_ripemd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_ripemd.o: ../../include/openssl/opensslconf.h
+m_ripemd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_ripemd.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+m_ripemd.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+m_ripemd.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+m_ripemd.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_ripemd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_ripemd.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+m_ripemd.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_ripemd.o: ../cryptlib.h m_ripemd.c
+m_sha.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+m_sha.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+m_sha.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+m_sha.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+m_sha.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+m_sha.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_sha.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+m_sha.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+m_sha.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+m_sha.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+m_sha.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_sha.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+m_sha.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+m_sha.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_sha.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_sha.o: ../cryptlib.h m_sha.c
+m_sha1.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+m_sha1.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+m_sha1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+m_sha1.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+m_sha1.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+m_sha1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_sha1.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+m_sha1.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+m_sha1.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+m_sha1.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+m_sha1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_sha1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_sha1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+m_sha1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+m_sha1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_sha1.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+m_sha1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_sha1.o: ../cryptlib.h m_sha1.c
+names.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+names.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+names.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+names.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+names.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+names.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+names.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+names.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+names.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+names.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+names.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+names.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+names.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+names.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+names.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+names.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+names.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+names.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+names.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+names.o: ../cryptlib.h names.c
+p5_crpt.o: ../../e_os.h ../../include/openssl/aes.h
+p5_crpt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p5_crpt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+p5_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+p5_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+p5_crpt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+p5_crpt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p5_crpt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p5_crpt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+p5_crpt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+p5_crpt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+p5_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p5_crpt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p5_crpt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p5_crpt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+p5_crpt.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+p5_crpt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p5_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p5_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+p5_crpt.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+p5_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_crpt.c
+p5_crpt2.o: ../../e_os.h ../../include/openssl/aes.h
+p5_crpt2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p5_crpt2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+p5_crpt2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+p5_crpt2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+p5_crpt2.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+p5_crpt2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p5_crpt2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p5_crpt2.o: ../../include/openssl/hmac.h ../../include/openssl/idea.h
+p5_crpt2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+p5_crpt2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+p5_crpt2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+p5_crpt2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+p5_crpt2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+p5_crpt2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+p5_crpt2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p5_crpt2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p5_crpt2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+p5_crpt2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p5_crpt2.o: ../cryptlib.h p5_crpt2.c
+p_dec.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+p_dec.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+p_dec.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+p_dec.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+p_dec.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+p_dec.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+p_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p_dec.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+p_dec.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+p_dec.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+p_dec.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+p_dec.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_dec.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+p_dec.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+p_dec.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+p_dec.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p_dec.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p_dec.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+p_dec.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+p_dec.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_dec.c
+p_enc.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+p_enc.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+p_enc.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+p_enc.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+p_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+p_enc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+p_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p_enc.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+p_enc.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+p_enc.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+p_enc.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+p_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+p_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+p_enc.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+p_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+p_enc.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+p_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_enc.c
+p_lib.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+p_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+p_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+p_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+p_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+p_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+p_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+p_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+p_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+p_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+p_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+p_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+p_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+p_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_lib.c
+p_open.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+p_open.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+p_open.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+p_open.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+p_open.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+p_open.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+p_open.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p_open.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+p_open.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+p_open.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+p_open.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+p_open.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_open.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_open.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+p_open.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+p_open.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+p_open.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_open.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_open.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+p_open.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_open.o: ../cryptlib.h p_open.c
+p_seal.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+p_seal.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+p_seal.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+p_seal.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+p_seal.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+p_seal.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+p_seal.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p_seal.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+p_seal.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+p_seal.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+p_seal.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+p_seal.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+p_seal.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+p_seal.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+p_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+p_seal.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+p_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_seal.c
+p_sign.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+p_sign.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+p_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+p_sign.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+p_sign.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+p_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+p_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p_sign.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+p_sign.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+p_sign.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+p_sign.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+p_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+p_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+p_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+p_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+p_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_sign.o: ../cryptlib.h p_sign.c
+p_verify.o: ../../e_os.h ../../include/openssl/aes.h
+p_verify.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_verify.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+p_verify.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+p_verify.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+p_verify.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+p_verify.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p_verify.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+p_verify.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+p_verify.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+p_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p_verify.o: ../../include/openssl/opensslconf.h
+p_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+p_verify.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+p_verify.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+p_verify.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_verify.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_verify.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+p_verify.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_verify.o: ../cryptlib.h p_verify.c
diff --git a/src/lib/libssl/src/crypto/evp/bio_enc.c b/src/lib/libssl/src/crypto/evp/bio_enc.c
index b8cda1a9f0..ab81851503 100644
--- a/src/lib/libssl/src/crypto/evp/bio_enc.c
+++ b/src/lib/libssl/src/crypto/evp/bio_enc.c
@@ -71,7 +71,7 @@ static int enc_new(BIO *h);
 static int enc_free(BIO *data);
 static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps);
 #define ENC_BLOCK_SIZE  (1024*4)
-#define BUF_OFFSET      (EVP_MAX_BLOCK_LENGTH*2)
+#define BUF_OFFSET      EVP_MAX_BLOCK_LENGTH
 
 typedef struct enc_struct
         {
diff --git a/src/lib/libssl/src/crypto/evp/c_alld.c b/src/lib/libssl/src/crypto/evp/c_alld.c
index 929ea56a3e..aae7bf7482 100644
--- a/src/lib/libssl/src/crypto/evp/c_alld.c
+++ b/src/lib/libssl/src/crypto/evp/c_alld.c
@@ -100,14 +100,4 @@ void OpenSSL_add_all_digests(void)
         EVP_add_digest_alias(SN_ripemd160,"ripemd");
         EVP_add_digest_alias(SN_ripemd160,"rmd160");
 #endif
-#ifdef OPENSSL_FIPS
-#ifndef OPENSSL_NO_SHA256
-        EVP_add_digest(EVP_sha224());
-        EVP_add_digest(EVP_sha256());
-#endif
-#ifndef OPENSSL_NO_SHA512
-        EVP_add_digest(EVP_sha384());
-        EVP_add_digest(EVP_sha512());
-#endif
-#endif
         }
diff --git a/src/lib/libssl/src/crypto/evp/e_acss.c b/src/lib/libssl/src/crypto/evp/e_acss.c
new file mode 100644
index 0000000000..a16b85c627
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/e_acss.c
@@ -0,0 +1,85 @@
+/*      $Id: e_acss.c,v 1.2 2004/02/13 10:05:44 hshoexer Exp $  */
+/*
+ * Copyright (c) 2004 The OpenBSD project
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef OPENSSL_NO_ACSS
+
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include "evp_locl.h"
+#include <openssl/acss.h>
+
+typedef struct {
+    ACSS_KEY ks;
+} EVP_ACSS_KEY;
+
+#define data(ctx) EVP_C_DATA(EVP_ACSS_KEY,ctx)
+
+static int acss_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                const unsigned char *iv, int enc);
+static int acss_ciph(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                const unsigned char *in, unsigned int inl);
+static int acss_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+static const EVP_CIPHER acss_cipher = {
+        NID_undef,
+        1,5,0,
+        0,
+        acss_init_key,
+        acss_ciph,
+        NULL,
+        sizeof(EVP_ACSS_KEY),
+        NULL,
+        NULL,
+        acss_ctrl,
+        NULL
+};
+
+const
+EVP_CIPHER *EVP_acss(void)
+{
+        return(&acss_cipher);
+}
+
+static int
+acss_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                const unsigned char *iv, int enc)
+{
+        acss_setkey(&data(ctx)->ks,key,enc,ACSS_MODE1);
+        return 1;
+}
+
+static int
+acss_ciph(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in,
+                unsigned int inl)
+{
+        acss(&data(ctx)->ks,inl,in,out);
+        return 1;
+}
+
+static int
+acss_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
+{
+        switch(type) {
+        case EVP_CTRL_SET_ACSS_MODE:
+                data(ctx)->ks.mode = arg;
+                return 1;
+
+        default:
+                return -1;
+        }
+}
+#endif
diff --git a/src/lib/libssl/src/crypto/evp/e_aes.c b/src/lib/libssl/src/crypto/evp/e_aes.c
index 7b67984fa1..f35036c9d7 100644
--- a/src/lib/libssl/src/crypto/evp/e_aes.c
+++ b/src/lib/libssl/src/crypto/evp/e_aes.c
@@ -86,9 +86,9 @@ IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY,
 
 #define IMPLEMENT_AES_CFBR(ksize,cbits,flags)   IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16,flags)
 
-IMPLEMENT_AES_CFBR(128,1,EVP_CIPH_FLAG_FIPS)
-IMPLEMENT_AES_CFBR(192,1,EVP_CIPH_FLAG_FIPS)
-IMPLEMENT_AES_CFBR(256,1,EVP_CIPH_FLAG_FIPS)
+IMPLEMENT_AES_CFBR(128,1,0)
+IMPLEMENT_AES_CFBR(192,1,0)
+IMPLEMENT_AES_CFBR(256,1,0)
 
 IMPLEMENT_AES_CFBR(128,8,EVP_CIPH_FLAG_FIPS)
 IMPLEMENT_AES_CFBR(192,8,EVP_CIPH_FLAG_FIPS)
diff --git a/src/lib/libssl/src/crypto/evp/encode.c b/src/lib/libssl/src/crypto/evp/encode.c
index 33e540087d..08209357ce 100644
--- a/src/lib/libssl/src/crypto/evp/encode.c
+++ b/src/lib/libssl/src/crypto/evp/encode.c
@@ -313,7 +313,7 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
                         /* There will never be more than two '=' */
                         }
 
-                if ((v == B64_EOF && (n&3) == 0) || (n >= 64))
+                if ((v == B64_EOF) || (n >= 64))
                         {
                         /* This is needed to work correctly on 64 byte input
                          * lines.  We process the line and then need to
diff --git a/src/lib/libssl/src/crypto/evp/evp.h b/src/lib/libssl/src/crypto/evp/evp.h
index 56eec23fef..09e597f631 100644
--- a/src/lib/libssl/src/crypto/evp/evp.h
+++ b/src/lib/libssl/src/crypto/evp/evp.h
@@ -74,52 +74,6 @@
 #ifndef OPENSSL_NO_BIO
 #include <openssl/bio.h>
 #endif
-#ifndef OPENSSL_NO_MD2
-#include <openssl/md2.h>
-#endif
-#ifndef OPENSSL_NO_MD4
-#include <openssl/md4.h>
-#endif
-#ifndef OPENSSL_NO_MD5
-#include <openssl/md5.h>
-#endif
-#ifndef OPENSSL_NO_SHA
-#ifndef OPENSSL_FIPS
-#include <openssl/sha.h>
-#else
-#include <openssl/fips_sha.h>
-#endif
-#endif
-#ifndef OPENSSL_NO_RIPEMD
-#include <openssl/ripemd.h>
-#endif
-#ifndef OPENSSL_NO_DES
-#include <openssl/des.h>
-#endif
-#ifndef OPENSSL_NO_RC4
-#include <openssl/rc4.h>
-#endif
-#ifndef OPENSSL_NO_RC2
-#include <openssl/rc2.h>
-#endif
-#ifndef OPENSSL_NO_RC5
-#include <openssl/rc5.h>
-#endif
-#ifndef OPENSSL_NO_BF
-#include <openssl/blowfish.h>
-#endif
-#ifndef OPENSSL_NO_CAST
-#include <openssl/cast.h>
-#endif
-#ifndef OPENSSL_NO_IDEA
-#include <openssl/idea.h>
-#endif
-#ifndef OPENSSL_NO_MDC2
-#include <openssl/mdc2.h>
-#endif
-#ifndef OPENSSL_NO_AES
-#include <openssl/aes.h>
-#endif
 
 #ifdef OPENSSL_FIPS
 #include <openssl/fips.h>
@@ -132,11 +86,7 @@
 #define EVP_CAST5_KEY_SIZE              16
 #define EVP_RC5_32_12_16_KEY_SIZE       16
 */
-#ifdef OPENSSL_FIPS
-#define EVP_MAX_MD_SIZE                 64      /* longest known SHA512 */
-#else
-#define EVP_MAX_MD_SIZE                 (16+20) /* The SSLv3 md5+sha1 type */
-#endif
+#define EVP_MAX_MD_SIZE                 64 /* to fit SHA512 */
 #define EVP_MAX_KEY_LENGTH              32
 #define EVP_MAX_IV_LENGTH               16
 #define EVP_MAX_BLOCK_LENGTH            32
@@ -145,18 +95,6 @@
 /* Default PKCS#5 iteration count */
 #define PKCS5_DEFAULT_ITER              2048
 
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-
-#ifndef OPENSSL_NO_DH
-#include <openssl/dh.h>
-#endif
-
 #include <openssl/objects.h>
 
 #define EVP_PK_RSA      0x0001
@@ -402,6 +340,7 @@ struct evp_cipher_st
 #define         EVP_CTRL_SET_RC2_KEY_BITS       0x3
 #define         EVP_CTRL_GET_RC5_ROUNDS         0x4
 #define         EVP_CTRL_SET_RC5_ROUNDS         0x5
+#define         EVP_CTRL_SET_ACSS_MODE          0x6
 
 typedef struct evp_cipher_info_st
         {
@@ -650,16 +589,6 @@ const EVP_MD *EVP_sha(void);
 const EVP_MD *EVP_sha1(void);
 const EVP_MD *EVP_dss(void);
 const EVP_MD *EVP_dss1(void);
-#ifdef OPENSSL_FIPS
-#ifndef OPENSSL_NO_SHA256
-const EVP_MD *EVP_sha224(void);
-const EVP_MD *EVP_sha256(void);
-#endif
-#ifndef OPENSSL_NO_SHA512
-const EVP_MD *EVP_sha384(void);
-const EVP_MD *EVP_sha512(void);
-#endif
-#endif
 #endif
 #ifndef OPENSSL_NO_MDC2
 const EVP_MD *EVP_mdc2(void);
@@ -778,6 +707,9 @@ const EVP_CIPHER *EVP_aes_256_ofb(void);
 const EVP_CIPHER *EVP_aes_256_ctr(void);
 #endif
 #endif
+#ifndef OPENSSL_NO_ACSS
+const EVP_CIPHER *EVP_acss(void);
+#endif
 
 void OPENSSL_add_all_algorithms_noconf(void);
 void OPENSSL_add_all_algorithms_conf(void);
diff --git a/src/lib/libssl/src/crypto/evp/evp_err.c b/src/lib/libssl/src/crypto/evp/evp_err.c
index 77eee070d3..40135d0729 100644
--- a/src/lib/libssl/src/crypto/evp/evp_err.c
+++ b/src/lib/libssl/src/crypto/evp/evp_err.c
@@ -64,92 +64,88 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_EVP,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_EVP,0,reason)
-
 static ERR_STRING_DATA EVP_str_functs[]=
         {
-{ERR_FUNC(EVP_F_AES_INIT_KEY),  "AES_INIT_KEY"},
-{ERR_FUNC(EVP_F_D2I_PKEY),      "D2I_PKEY"},
-{ERR_FUNC(EVP_F_EVP_ADD_CIPHER),        "EVP_add_cipher"},
-{ERR_FUNC(EVP_F_EVP_ADD_DIGEST),        "EVP_add_digest"},
-{ERR_FUNC(EVP_F_EVP_CIPHERINIT),        "EVP_CipherInit"},
-{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL),   "EVP_CIPHER_CTX_ctrl"},
-{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH), "EVP_CIPHER_CTX_set_key_length"},
-{ERR_FUNC(EVP_F_EVP_DECRYPTFINAL),      "EVP_DecryptFinal"},
-{ERR_FUNC(EVP_F_EVP_DIGESTINIT),        "EVP_DigestInit"},
-{ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL),      "EVP_EncryptFinal"},
-{ERR_FUNC(EVP_F_EVP_GET_CIPHERBYNAME),  "EVP_get_cipherbyname"},
-{ERR_FUNC(EVP_F_EVP_GET_DIGESTBYNAME),  "EVP_get_digestbyname"},
-{ERR_FUNC(EVP_F_EVP_MD_CTX_COPY),       "EVP_MD_CTX_copy"},
-{ERR_FUNC(EVP_F_EVP_OPENINIT),  "EVP_OpenInit"},
-{ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD),       "EVP_PBE_alg_add"},
-{ERR_FUNC(EVP_F_EVP_PBE_CIPHERINIT),    "EVP_PBE_CipherInit"},
-{ERR_FUNC(EVP_F_EVP_PKCS82PKEY),        "EVP_PKCS82PKEY"},
-{ERR_FUNC(EVP_F_EVP_PKCS8_SET_BROKEN),  "EVP_PKCS8_SET_BROKEN"},
-{ERR_FUNC(EVP_F_EVP_PKEY2PKCS8),        "EVP_PKEY2PKCS8"},
-{ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS),      "EVP_PKEY_copy_parameters"},
-{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT),      "EVP_PKEY_decrypt"},
-{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT),      "EVP_PKEY_encrypt"},
-{ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH),      "EVP_PKEY_get1_DH"},
-{ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA),     "EVP_PKEY_get1_DSA"},
-{ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA),     "EVP_PKEY_get1_RSA"},
-{ERR_FUNC(EVP_F_EVP_PKEY_NEW),  "EVP_PKEY_new"},
-{ERR_FUNC(EVP_F_EVP_RIJNDAEL),  "EVP_RIJNDAEL"},
-{ERR_FUNC(EVP_F_EVP_SIGNFINAL), "EVP_SignFinal"},
-{ERR_FUNC(EVP_F_EVP_VERIFYFINAL),       "EVP_VerifyFinal"},
-{ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN),    "PKCS5_PBE_keyivgen"},
-{ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"},
-{ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH),     "RC2_MAGIC_TO_METH"},
-{ERR_FUNC(EVP_F_RC5_CTRL),      "RC5_CTRL"},
+{ERR_PACK(0,EVP_F_AES_INIT_KEY,0),      "AES_INIT_KEY"},
+{ERR_PACK(0,EVP_F_D2I_PKEY,0),  "D2I_PKEY"},
+{ERR_PACK(0,EVP_F_EVP_ADD_CIPHER,0),    "EVP_add_cipher"},
+{ERR_PACK(0,EVP_F_EVP_ADD_DIGEST,0),    "EVP_add_digest"},
+{ERR_PACK(0,EVP_F_EVP_CIPHERINIT,0),    "EVP_CipherInit"},
+{ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_CTRL,0),       "EVP_CIPHER_CTX_ctrl"},
+{ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,0),     "EVP_CIPHER_CTX_set_key_length"},
+{ERR_PACK(0,EVP_F_EVP_DECRYPTFINAL,0),  "EVP_DecryptFinal"},
+{ERR_PACK(0,EVP_F_EVP_DIGESTINIT,0),    "EVP_DigestInit"},
+{ERR_PACK(0,EVP_F_EVP_ENCRYPTFINAL,0),  "EVP_EncryptFinal"},
+{ERR_PACK(0,EVP_F_EVP_GET_CIPHERBYNAME,0),      "EVP_get_cipherbyname"},
+{ERR_PACK(0,EVP_F_EVP_GET_DIGESTBYNAME,0),      "EVP_get_digestbyname"},
+{ERR_PACK(0,EVP_F_EVP_MD_CTX_COPY,0),   "EVP_MD_CTX_copy"},
+{ERR_PACK(0,EVP_F_EVP_OPENINIT,0),      "EVP_OpenInit"},
+{ERR_PACK(0,EVP_F_EVP_PBE_ALG_ADD,0),   "EVP_PBE_alg_add"},
+{ERR_PACK(0,EVP_F_EVP_PBE_CIPHERINIT,0),        "EVP_PBE_CipherInit"},
+{ERR_PACK(0,EVP_F_EVP_PKCS82PKEY,0),    "EVP_PKCS82PKEY"},
+{ERR_PACK(0,EVP_F_EVP_PKCS8_SET_BROKEN,0),      "EVP_PKCS8_SET_BROKEN"},
+{ERR_PACK(0,EVP_F_EVP_PKEY2PKCS8,0),    "EVP_PKEY2PKCS8"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_COPY_PARAMETERS,0),  "EVP_PKEY_copy_parameters"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_DECRYPT,0),  "EVP_PKEY_decrypt"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_ENCRYPT,0),  "EVP_PKEY_encrypt"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DH,0),  "EVP_PKEY_get1_DH"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DSA,0), "EVP_PKEY_get1_DSA"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_RSA,0), "EVP_PKEY_get1_RSA"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0),      "EVP_PKEY_new"},
+{ERR_PACK(0,EVP_F_EVP_RIJNDAEL,0),      "EVP_RIJNDAEL"},
+{ERR_PACK(0,EVP_F_EVP_SIGNFINAL,0),     "EVP_SignFinal"},
+{ERR_PACK(0,EVP_F_EVP_VERIFYFINAL,0),   "EVP_VerifyFinal"},
+{ERR_PACK(0,EVP_F_PKCS5_PBE_KEYIVGEN,0),        "PKCS5_PBE_keyivgen"},
+{ERR_PACK(0,EVP_F_PKCS5_V2_PBE_KEYIVGEN,0),     "PKCS5_v2_PBE_keyivgen"},
+{ERR_PACK(0,EVP_F_RC2_MAGIC_TO_METH,0), "RC2_MAGIC_TO_METH"},
+{ERR_PACK(0,EVP_F_RC5_CTRL,0),  "RC5_CTRL"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA EVP_str_reasons[]=
         {
-{ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED)  ,"aes key setup failed"},
-{ERR_REASON(EVP_R_BAD_BLOCK_LENGTH)      ,"bad block length"},
-{ERR_REASON(EVP_R_BAD_DECRYPT)           ,"bad decrypt"},
-{ERR_REASON(EVP_R_BAD_KEY_LENGTH)        ,"bad key length"},
-{ERR_REASON(EVP_R_BN_DECODE_ERROR)       ,"bn decode error"},
-{ERR_REASON(EVP_R_BN_PUBKEY_ERROR)       ,"bn pubkey error"},
-{ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR),"cipher parameter error"},
-{ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED)  ,"ctrl not implemented"},
-{ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED),"ctrl operation not implemented"},
-{ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH),"data not multiple of block length"},
-{ERR_REASON(EVP_R_DECODE_ERROR)          ,"decode error"},
-{ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES)   ,"different key types"},
-{ERR_REASON(EVP_R_DISABLED_FOR_FIPS)     ,"disabled for fips"},
-{ERR_REASON(EVP_R_ENCODE_ERROR)          ,"encode error"},
-{ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"},
-{ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY)  ,"expecting an rsa key"},
-{ERR_REASON(EVP_R_EXPECTING_A_DH_KEY)    ,"expecting a dh key"},
-{ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY)   ,"expecting a dsa key"},
-{ERR_REASON(EVP_R_INITIALIZATION_ERROR)  ,"initialization error"},
-{ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) ,"input not initialized"},
-{ERR_REASON(EVP_R_INVALID_KEY_LENGTH)    ,"invalid key length"},
-{ERR_REASON(EVP_R_IV_TOO_LARGE)          ,"iv too large"},
-{ERR_REASON(EVP_R_KEYGEN_FAILURE)        ,"keygen failure"},
-{ERR_REASON(EVP_R_MISSING_PARAMETERS)    ,"missing parameters"},
-{ERR_REASON(EVP_R_NO_CIPHER_SET)         ,"no cipher set"},
-{ERR_REASON(EVP_R_NO_DIGEST_SET)         ,"no digest set"},
-{ERR_REASON(EVP_R_NO_DSA_PARAMETERS)     ,"no dsa parameters"},
-{ERR_REASON(EVP_R_NO_SIGN_FUNCTION_CONFIGURED),"no sign function configured"},
-{ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED),"no verify function configured"},
-{ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE),"pkcs8 unknown broken type"},
-{ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA)    ,"public key not rsa"},
-{ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) ,"unknown pbe algorithm"},
-{ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),"unsuported number of rounds"},
-{ERR_REASON(EVP_R_UNSUPPORTED_CIPHER)    ,"unsupported cipher"},
-{ERR_REASON(EVP_R_UNSUPPORTED_KEYLENGTH) ,"unsupported keylength"},
-{ERR_REASON(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION),"unsupported key derivation function"},
-{ERR_REASON(EVP_R_UNSUPPORTED_KEY_SIZE)  ,"unsupported key size"},
-{ERR_REASON(EVP_R_UNSUPPORTED_PRF)       ,"unsupported prf"},
-{ERR_REASON(EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM),"unsupported private key algorithm"},
-{ERR_REASON(EVP_R_UNSUPPORTED_SALT_TYPE) ,"unsupported salt type"},
-{ERR_REASON(EVP_R_WRONG_FINAL_BLOCK_LENGTH),"wrong final block length"},
-{ERR_REASON(EVP_R_WRONG_PUBLIC_KEY_TYPE) ,"wrong public key type"},
+{EVP_R_AES_KEY_SETUP_FAILED              ,"aes key setup failed"},
+{EVP_R_BAD_BLOCK_LENGTH                  ,"bad block length"},
+{EVP_R_BAD_DECRYPT                       ,"bad decrypt"},
+{EVP_R_BAD_KEY_LENGTH                    ,"bad key length"},
+{EVP_R_BN_DECODE_ERROR                   ,"bn decode error"},
+{EVP_R_BN_PUBKEY_ERROR                   ,"bn pubkey error"},
+{EVP_R_CIPHER_PARAMETER_ERROR            ,"cipher parameter error"},
+{EVP_R_CTRL_NOT_IMPLEMENTED              ,"ctrl not implemented"},
+{EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED    ,"ctrl operation not implemented"},
+{EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH ,"data not multiple of block length"},
+{EVP_R_DECODE_ERROR                      ,"decode error"},
+{EVP_R_DIFFERENT_KEY_TYPES               ,"different key types"},
+{EVP_R_DISABLED_FOR_FIPS                 ,"disabled for fips"},
+{EVP_R_ENCODE_ERROR                      ,"encode error"},
+{EVP_R_EVP_PBE_CIPHERINIT_ERROR          ,"evp pbe cipherinit error"},
+{EVP_R_EXPECTING_AN_RSA_KEY              ,"expecting an rsa key"},
+{EVP_R_EXPECTING_A_DH_KEY                ,"expecting a dh key"},
+{EVP_R_EXPECTING_A_DSA_KEY               ,"expecting a dsa key"},
+{EVP_R_INITIALIZATION_ERROR              ,"initialization error"},
+{EVP_R_INPUT_NOT_INITIALIZED             ,"input not initialized"},
+{EVP_R_INVALID_KEY_LENGTH                ,"invalid key length"},
+{EVP_R_IV_TOO_LARGE                      ,"iv too large"},
+{EVP_R_KEYGEN_FAILURE                    ,"keygen failure"},
+{EVP_R_MISSING_PARAMETERS                ,"missing parameters"},
+{EVP_R_NO_CIPHER_SET                     ,"no cipher set"},
+{EVP_R_NO_DIGEST_SET                     ,"no digest set"},
+{EVP_R_NO_DSA_PARAMETERS                 ,"no dsa parameters"},
+{EVP_R_NO_SIGN_FUNCTION_CONFIGURED       ,"no sign function configured"},
+{EVP_R_NO_VERIFY_FUNCTION_CONFIGURED     ,"no verify function configured"},
+{EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE         ,"pkcs8 unknown broken type"},
+{EVP_R_PUBLIC_KEY_NOT_RSA                ,"public key not rsa"},
+{EVP_R_UNKNOWN_PBE_ALGORITHM             ,"unknown pbe algorithm"},
+{EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS       ,"unsuported number of rounds"},
+{EVP_R_UNSUPPORTED_CIPHER                ,"unsupported cipher"},
+{EVP_R_UNSUPPORTED_KEYLENGTH             ,"unsupported keylength"},
+{EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION,"unsupported key derivation function"},
+{EVP_R_UNSUPPORTED_KEY_SIZE              ,"unsupported key size"},
+{EVP_R_UNSUPPORTED_PRF                   ,"unsupported prf"},
+{EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM ,"unsupported private key algorithm"},
+{EVP_R_UNSUPPORTED_SALT_TYPE             ,"unsupported salt type"},
+{EVP_R_WRONG_FINAL_BLOCK_LENGTH          ,"wrong final block length"},
+{EVP_R_WRONG_PUBLIC_KEY_TYPE             ,"wrong public key type"},
 {0,NULL}
         };
 
@@ -163,8 +159,8 @@ void ERR_load_EVP_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,EVP_str_functs);
-                ERR_load_strings(0,EVP_str_reasons);
+                ERR_load_strings(ERR_LIB_EVP,EVP_str_functs);
+                ERR_load_strings(ERR_LIB_EVP,EVP_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/crypto/evp/evp_key.c b/src/lib/libssl/src/crypto/evp/evp_key.c
index f8650d5df6..5f387a94d3 100644
--- a/src/lib/libssl/src/crypto/evp/evp_key.c
+++ b/src/lib/libssl/src/crypto/evp/evp_key.c
@@ -126,8 +126,7 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
         EVP_MD_CTX_init(&c);
         for (;;)
                 {
-                if (!EVP_DigestInit_ex(&c,md, NULL))
-                        return 0;
+                EVP_DigestInit_ex(&c,md, NULL);
                 if (addmd++)
                         EVP_DigestUpdate(&c,&(md_buf[0]),mds);
                 EVP_DigestUpdate(&c,data,datal);
diff --git a/src/lib/libssl/src/crypto/evp/m_dss1.c b/src/lib/libssl/src/crypto/evp/m_dss1.c
index 23b90d0538..f5668ebda0 100644
--- a/src/lib/libssl/src/crypto/evp/m_dss1.c
+++ b/src/lib/libssl/src/crypto/evp/m_dss1.c
@@ -67,14 +67,7 @@ static int init(EVP_MD_CTX *ctx)
         { return SHA1_Init(ctx->md_data); }
 
 static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
-#ifndef OPENSSL_FIPS
         { return SHA1_Update(ctx->md_data,data,count); }
-#else
-        {
-        OPENSSL_assert(sizeof(count)<=sizeof(size_t));
-        return SHA1_Update(ctx->md_data,data,count);
-        }
-#endif
 
 static int final(EVP_MD_CTX *ctx,unsigned char *md)
         { return SHA1_Final(md,ctx->md_data); }
@@ -84,7 +77,7 @@ static const EVP_MD dss1_md=
         NID_dsa,
         NID_dsaWithSHA1,
         SHA_DIGEST_LENGTH,
-        EVP_MD_FLAG_FIPS,
+        0,
         init,
         update,
         final,
diff --git a/src/lib/libssl/src/crypto/evp/m_sha.c b/src/lib/libssl/src/crypto/evp/m_sha.c
index ed54909b16..d1785e5f74 100644
--- a/src/lib/libssl/src/crypto/evp/m_sha.c
+++ b/src/lib/libssl/src/crypto/evp/m_sha.c
@@ -59,9 +59,6 @@
 #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
 #include <stdio.h>
 #include "cryptlib.h"
-/* Including sha.h prior evp.h masks FIPS SHA declarations, but that's
- * exactly what we want to achieve here... */
-#include <openssl/sha.h>
 #include <openssl/evp.h>
 #include "evp_locl.h"
 #include <openssl/objects.h>
diff --git a/src/lib/libssl/src/crypto/evp/m_sha1.c b/src/lib/libssl/src/crypto/evp/m_sha1.c
index 60da93873c..fe4402389a 100644
--- a/src/lib/libssl/src/crypto/evp/m_sha1.c
+++ b/src/lib/libssl/src/crypto/evp/m_sha1.c
@@ -67,14 +67,7 @@ static int init(EVP_MD_CTX *ctx)
         { return SHA1_Init(ctx->md_data); }
 
 static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
-#ifndef OPENSSL_FIPS
         { return SHA1_Update(ctx->md_data,data,count); }
-#else
-        {
-        OPENSSL_assert(sizeof(count)<=sizeof(size_t));
-        return SHA1_Update(ctx->md_data,data,count);
-        }
-#endif
 
 static int final(EVP_MD_CTX *ctx,unsigned char *md)
         { return SHA1_Final(md,ctx->md_data); }
@@ -100,115 +93,3 @@ const EVP_MD *EVP_sha1(void)
         return(&sha1_md);
         }
 #endif
-
-#ifdef OPENSSL_FIPS
-#ifndef OPENSSL_NO_SHA256
-static int init224(EVP_MD_CTX *ctx)
-        { return SHA224_Init(ctx->md_data); }
-static int init256(EVP_MD_CTX *ctx)
-        { return SHA256_Init(ctx->md_data); }
-/*
- * Even though there're separate SHA224_[Update|Final], we call
- * SHA256 functions even in SHA224 context. This is what happens
- * there anyway, so we can spare few CPU cycles:-)
- */
-static int update256(EVP_MD_CTX *ctx,const void *data,unsigned long count)
-        {
-        OPENSSL_assert(sizeof(count)<=sizeof(size_t));
-        return SHA256_Update(ctx->md_data,data,count);
-        }
-static int final256(EVP_MD_CTX *ctx,unsigned char *md)
-        { return SHA256_Final(md,ctx->md_data); }
-
-static const EVP_MD sha224_md=
-        {
-        NID_sha224,
-        NID_sha224WithRSAEncryption,
-        SHA224_DIGEST_LENGTH,
-        EVP_MD_FLAG_FIPS,
-        init224,
-        update256,
-        final256,
-        NULL,
-        NULL,
-        EVP_PKEY_RSA_method,
-        SHA256_CBLOCK,
-        sizeof(EVP_MD *)+sizeof(SHA256_CTX),
-        };
-
-const EVP_MD *EVP_sha224(void)
-        { return(&sha224_md); }
-
-static const EVP_MD sha256_md=
-        {
-        NID_sha256,
-        NID_sha256WithRSAEncryption,
-        SHA256_DIGEST_LENGTH,
-        EVP_MD_FLAG_FIPS,
-        init256,
-        update256,
-        final256,
-        NULL,
-        NULL,
-        EVP_PKEY_RSA_method,
-        SHA256_CBLOCK,
-        sizeof(EVP_MD *)+sizeof(SHA256_CTX),
-        };
-
-const EVP_MD *EVP_sha256(void)
-        { return(&sha256_md); }
-#endif /* ifndef OPENSSL_NO_SHA256 */
-
-#ifndef OPENSSL_NO_SHA512
-static int init384(EVP_MD_CTX *ctx)
-        { return SHA384_Init(ctx->md_data); }
-static int init512(EVP_MD_CTX *ctx)
-        { return SHA512_Init(ctx->md_data); }
-/* See comment in SHA224/256 section */
-static int update512(EVP_MD_CTX *ctx,const void *data,unsigned long count)
-        {
-        OPENSSL_assert(sizeof(count)<=sizeof(size_t));
-        return SHA512_Update(ctx->md_data,data,count);
-        }
-static int final512(EVP_MD_CTX *ctx,unsigned char *md)
-        { return SHA512_Final(md,ctx->md_data); }
-
-static const EVP_MD sha384_md=
-        {
-        NID_sha384,
-        NID_sha384WithRSAEncryption,
-        SHA384_DIGEST_LENGTH,
-        EVP_MD_FLAG_FIPS,
-        init384,
-        update512,
-        final512,
-        NULL,
-        NULL,
-        EVP_PKEY_RSA_method,
-        SHA512_CBLOCK,
-        sizeof(EVP_MD *)+sizeof(SHA512_CTX),
-        };
-
-const EVP_MD *EVP_sha384(void)
-        { return(&sha384_md); }
-
-static const EVP_MD sha512_md=
-        {
-        NID_sha512,
-        NID_sha512WithRSAEncryption,
-        SHA512_DIGEST_LENGTH,
-        EVP_MD_FLAG_FIPS,
-        init512,
-        update512,
-        final512,
-        NULL,
-        NULL,
-        EVP_PKEY_RSA_method,
-        SHA512_CBLOCK,
-        sizeof(EVP_MD *)+sizeof(SHA512_CTX),
-        };
-
-const EVP_MD *EVP_sha512(void)
-        { return(&sha512_md); }
-#endif /* ifndef OPENSSL_NO_SHA512 */
-#endif /* ifdef OPENSSL_FIPS */
diff --git a/src/lib/libssl/src/crypto/evp/p5_crpt2.c b/src/lib/libssl/src/crypto/evp/p5_crpt2.c
index 1d5fabc4b2..1f94e1ef88 100644
--- a/src/lib/libssl/src/crypto/evp/p5_crpt2.c
+++ b/src/lib/libssl/src/crypto/evp/p5_crpt2.c
@@ -194,16 +194,11 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
 
         /* Now decode key derivation function */
 
-        if(!pbe2->keyfunc->parameter ||
-                 (pbe2->keyfunc->parameter->type != V_ASN1_SEQUENCE))
-                {
-                EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
-                goto err;
-                }
-
         pbuf = pbe2->keyfunc->parameter->value.sequence->data;
         plen = pbe2->keyfunc->parameter->value.sequence->length;
-        if(!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
+        if(!pbe2->keyfunc->parameter ||
+                 (pbe2->keyfunc->parameter->type != V_ASN1_SEQUENCE) ||
+                                !(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
                 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
                 goto err;
         }
diff --git a/src/lib/libssl/src/crypto/hmac/Makefile.ssl b/src/lib/libssl/src/crypto/hmac/Makefile.ssl
new file mode 100644
index 0000000000..f1c07322c4
--- /dev/null
+++ b/src/lib/libssl/src/crypto/hmac/Makefile.ssl
@@ -0,0 +1,101 @@
+#
+# SSLeay/crypto/md/Makefile
+#
+
+DIR=    hmac
+TOP=    ../..
+CC=     cc
+INCLUDES=
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=hmactest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=hmac.c
+LIBOBJ=hmac.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= hmac.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+hmac.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+hmac.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+hmac.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+hmac.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+hmac.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+hmac.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+hmac.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+hmac.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
+hmac.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+hmac.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+hmac.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+hmac.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+hmac.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+hmac.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
+hmac.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+hmac.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+hmac.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+hmac.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+hmac.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+hmac.o: ../cryptlib.h hmac.c
diff --git a/src/lib/libssl/src/crypto/hmac/hmac.c b/src/lib/libssl/src/crypto/hmac/hmac.c
index 6c110bd52b..06ee80761f 100644
--- a/src/lib/libssl/src/crypto/hmac/hmac.c
+++ b/src/lib/libssl/src/crypto/hmac/hmac.c
@@ -61,8 +61,6 @@
 #include <openssl/hmac.h>
 #include "cryptlib.h"
 
-#ifndef OPENSSL_FIPS
-
 void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
                   const EVP_MD *md, ENGINE *impl)
         {
@@ -79,6 +77,15 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
 
         if (key != NULL)
                 {
+#ifdef OPENSSL_FIPS
+                if (FIPS_mode() && !(md->flags & EVP_MD_FLAG_FIPS)
+                && (!(ctx->md_ctx.flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)
+                 || !(ctx->i_ctx.flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)
+                 || !(ctx->o_ctx.flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)))
+                OpenSSLDie(__FILE__,__LINE__,
+                        "HMAC: digest not allowed in FIPS mode");
+#endif
+                
                 reset=1;
                 j=EVP_MD_block_size(md);
                 OPENSSL_assert(j <= sizeof ctx->key);
@@ -180,4 +187,3 @@ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
         EVP_MD_CTX_set_flags(&ctx->md_ctx, flags);
         }
 
-#endif
diff --git a/src/lib/libssl/src/crypto/hmac/hmac.h b/src/lib/libssl/src/crypto/hmac/hmac.h
index c6489c04c8..294ab3b36a 100644
--- a/src/lib/libssl/src/crypto/hmac/hmac.h
+++ b/src/lib/libssl/src/crypto/hmac/hmac.h
@@ -64,11 +64,7 @@
 
 #include <openssl/evp.h>
 
-#ifdef OPENSSL_FIPS
-#define HMAC_MAX_MD_CBLOCK      128
-#else
 #define HMAC_MAX_MD_CBLOCK      64
-#endif
 
 #ifdef  __cplusplus
 extern "C" {
diff --git a/src/lib/libssl/src/crypto/idea/Makefile.ssl b/src/lib/libssl/src/crypto/idea/Makefile.ssl
new file mode 100644
index 0000000000..fa016ea399
--- /dev/null
+++ b/src/lib/libssl/src/crypto/idea/Makefile.ssl
@@ -0,0 +1,91 @@
+#
+# SSLeay/crypto/idea/Makefile
+#
+
+DIR=    idea
+TOP=    ../..
+CC=     cc
+INCLUDES=
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=ideatest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c
+LIBOBJ=i_cbc.o i_cfb64.o i_ofb64.o i_ecb.o i_skey.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= idea.h
+HEADER= idea_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+i_cbc.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
+i_cbc.o: i_cbc.c idea_lcl.h
+i_cfb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
+i_cfb64.o: i_cfb64.c idea_lcl.h
+i_ecb.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
+i_ecb.o: ../../include/openssl/opensslv.h i_ecb.c idea_lcl.h
+i_ofb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
+i_ofb64.o: i_ofb64.c idea_lcl.h
+i_skey.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
+i_skey.o: i_skey.c idea_lcl.h
diff --git a/src/lib/libssl/src/crypto/krb5/Makefile.ssl b/src/lib/libssl/src/crypto/krb5/Makefile.ssl
new file mode 100644
index 0000000000..d9224c0f09
--- /dev/null
+++ b/src/lib/libssl/src/crypto/krb5/Makefile.ssl
@@ -0,0 +1,90 @@
+#
+# OpenSSL/krb5/Makefile.ssl
+#
+
+DIR=    krb5
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= krb5_asn.c
+
+LIBOBJ= krb5_asn.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= krb5_asn.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile ;
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+krb5_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+krb5_asn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+krb5_asn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+krb5_asn.o: ../../include/openssl/krb5_asn.h
+krb5_asn.o: ../../include/openssl/opensslconf.h
+krb5_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+krb5_asn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+krb5_asn.o: ../../include/openssl/symhacks.h krb5_asn.c
diff --git a/src/lib/libssl/src/crypto/lhash/Makefile.ssl b/src/lib/libssl/src/crypto/lhash/Makefile.ssl
new file mode 100644
index 0000000000..60e7ee3393
--- /dev/null
+++ b/src/lib/libssl/src/crypto/lhash/Makefile.ssl
@@ -0,0 +1,93 @@
+#
+# SSLeay/crypto/lhash/Makefile
+#
+
+DIR=    lhash
+TOP=    ../..
+CC=     cc
+INCLUDES=
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=lhash.c lh_stats.c
+LIBOBJ=lhash.o lh_stats.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= lhash.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+lh_stats.o: ../../e_os.h ../../include/openssl/bio.h
+lh_stats.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+lh_stats.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+lh_stats.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+lh_stats.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+lh_stats.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+lh_stats.o: ../cryptlib.h lh_stats.c
+lhash.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+lhash.o: ../../include/openssl/e_os2.h ../../include/openssl/lhash.h
+lhash.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+lhash.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+lhash.o: ../../include/openssl/symhacks.h lhash.c
diff --git a/src/lib/libssl/src/crypto/md2/Makefile.ssl b/src/lib/libssl/src/crypto/md2/Makefile.ssl
new file mode 100644
index 0000000000..3206924c90
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md2/Makefile.ssl
@@ -0,0 +1,93 @@
+#
+# SSLeay/crypto/md/Makefile
+#
+
+DIR=    md2
+TOP=    ../..
+CC=     cc
+INCLUDES=
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=md2test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=md2_dgst.c md2_one.c
+LIBOBJ=md2_dgst.o md2_one.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= md2.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+md2_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+md2_dgst.o: ../../include/openssl/md2.h ../../include/openssl/opensslconf.h
+md2_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+md2_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+md2_dgst.o: md2_dgst.c
+md2_one.o: ../../e_os.h ../../include/openssl/bio.h
+md2_one.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+md2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+md2_one.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+md2_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+md2_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+md2_one.o: ../../include/openssl/symhacks.h ../cryptlib.h md2_one.c
diff --git a/src/lib/libssl/src/crypto/md2/md2_one.c b/src/lib/libssl/src/crypto/md2/md2_one.c
index 8c36ba5779..835160ef56 100644
--- a/src/lib/libssl/src/crypto/md2/md2_one.c
+++ b/src/lib/libssl/src/crypto/md2/md2_one.c
@@ -69,8 +69,7 @@ unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md)
         static unsigned char m[MD2_DIGEST_LENGTH];
 
         if (md == NULL) md=m;
-        if (!MD2_Init(&c))
-                return NULL;
+        MD2_Init(&c);
 #ifndef CHARSET_EBCDIC
         MD2_Update(&c,d,n);
 #else
diff --git a/src/lib/libssl/src/crypto/md4/Makefile.ssl b/src/lib/libssl/src/crypto/md4/Makefile.ssl
new file mode 100644
index 0000000000..7d2e8d8d3b
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md4/Makefile.ssl
@@ -0,0 +1,91 @@
+#
+# SSLeay/crypto/md4/Makefile
+#
+
+DIR=    md4
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=md4test.c
+APPS=md4.c
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=md4_dgst.c md4_one.c
+LIBOBJ=md4_dgst.o md4_one.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= md4.h
+HEADER= md4_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f asm/mx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+md4_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md4.h
+md4_dgst.o: ../../include/openssl/opensslconf.h
+md4_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md4_dgst.c
+md4_dgst.o: md4_locl.h
+md4_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+md4_one.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h
+md4_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+md4_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+md4_one.o: md4_one.c
diff --git a/src/lib/libssl/src/crypto/md4/md4_one.c b/src/lib/libssl/src/crypto/md4/md4_one.c
index 50f79352f6..00565507e4 100644
--- a/src/lib/libssl/src/crypto/md4/md4_one.c
+++ b/src/lib/libssl/src/crypto/md4/md4_one.c
@@ -71,8 +71,7 @@ unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md)
         static unsigned char m[MD4_DIGEST_LENGTH];
 
         if (md == NULL) md=m;
-        if (!MD4_Init(&c))
-                return NULL;
+        MD4_Init(&c);
 #ifndef CHARSET_EBCDIC
         MD4_Update(&c,d,n);
 #else
diff --git a/src/lib/libssl/src/crypto/md5/Makefile.ssl b/src/lib/libssl/src/crypto/md5/Makefile.ssl
new file mode 100644
index 0000000000..2361775a2d
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md5/Makefile.ssl
@@ -0,0 +1,127 @@
+#
+# SSLeay/crypto/md5/Makefile
+#
+
+DIR=    md5
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=-I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+MD5_ASM_OBJ=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+
+GENERAL=Makefile
+TEST=md5test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=md5_dgst.c md5_one.c
+LIBOBJ=md5_dgst.o md5_one.o $(MD5_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= md5.h
+HEADER= md5_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+# elf
+asm/mx86-elf.s: asm/md5-586.pl ../perlasm/x86asm.pl
+        (cd asm; $(PERL) md5-586.pl elf $(CFLAGS) > mx86-elf.s)
+
+# a.out
+asm/mx86-out.o: asm/mx86unix.cpp
+        $(CPP) -DOUT asm/mx86unix.cpp | as -o asm/mx86-out.o
+
+# bsdi
+asm/mx86bsdi.o: asm/mx86unix.cpp
+        $(CPP) -DBSDI asm/mx86unix.cpp | sed 's/ :/:/' | as -o asm/mx86bsdi.o
+
+asm/mx86unix.cpp: asm/md5-586.pl ../perlasm/x86asm.pl
+        (cd asm; $(PERL) md5-586.pl cpp >mx86unix.cpp)
+
+asm/md5-sparcv8plus.o: asm/md5-sparcv9.S
+        $(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -c \
+                -o asm/md5-sparcv8plus.o asm/md5-sparcv9.S
+
+# Old GNU assembler doesn't understand V9 instructions, so we
+# hire /usr/ccs/bin/as to do the job. Note that option is called
+# *-gcc27, but even gcc 2>=8 users may experience similar problem
+# if they didn't bother to upgrade GNU assembler. Such users should
+# not choose this option, but be adviced to *remove* GNU assembler
+# or upgrade it.
+asm/md5-sparcv8plus-gcc27.o: asm/md5-sparcv9.S
+        $(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -E asm/md5-sparcv9.S | \
+                /usr/ccs/bin/as -xarch=v8plus - -o asm/md5-sparcv8plus-gcc27.o
+
+asm/md5-sparcv9.o: asm/md5-sparcv9.S
+        $(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -c \
+                -o asm/md5-sparcv9.o asm/md5-sparcv9.S
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f asm/mx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+md5_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md5.h
+md5_dgst.o: ../../include/openssl/opensslconf.h
+md5_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md5_dgst.c
+md5_dgst.o: md5_locl.h
+md5_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+md5_one.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h
+md5_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+md5_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+md5_one.o: md5_one.c
diff --git a/src/lib/libssl/src/crypto/md5/md5_one.c b/src/lib/libssl/src/crypto/md5/md5_one.c
index 44c6c455d1..c5dd2d81db 100644
--- a/src/lib/libssl/src/crypto/md5/md5_one.c
+++ b/src/lib/libssl/src/crypto/md5/md5_one.c
@@ -71,8 +71,7 @@ unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md)
         static unsigned char m[MD5_DIGEST_LENGTH];
 
         if (md == NULL) md=m;
-        if (!MD5_Init(&c))
-                return NULL;
+        MD5_Init(&c);
 #ifndef CHARSET_EBCDIC
         MD5_Update(&c,d,n);
 #else
diff --git a/src/lib/libssl/src/crypto/mdc2/Makefile b/src/lib/libssl/src/crypto/mdc2/Makefile
index b8e9a9a4fa..38c785bf95 100644
--- a/src/lib/libssl/src/crypto/mdc2/Makefile
+++ b/src/lib/libssl/src/crypto/mdc2/Makefile
@@ -1,5 +1,5 @@
 #
-# OpenSSL/crypto/mdc2/Makefile
+# SSLeay/crypto/mdc2/Makefile
 #
 
 DIR=    mdc2
diff --git a/src/lib/libssl/src/crypto/mdc2/Makefile.ssl b/src/lib/libssl/src/crypto/mdc2/Makefile.ssl
new file mode 100644
index 0000000000..33f366fb08
--- /dev/null
+++ b/src/lib/libssl/src/crypto/mdc2/Makefile.ssl
@@ -0,0 +1,98 @@
+#
+# SSLeay/crypto/mdc2/Makefile
+#
+
+DIR=    mdc2
+TOP=    ../..
+CC=     cc
+INCLUDES=
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST= mdc2test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=mdc2dgst.c mdc2_one.c
+LIBOBJ=mdc2dgst.o mdc2_one.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= mdc2.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+mdc2_one.o: ../../e_os.h ../../include/openssl/bio.h
+mdc2_one.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+mdc2_one.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+mdc2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+mdc2_one.o: ../../include/openssl/lhash.h ../../include/openssl/mdc2.h
+mdc2_one.o: ../../include/openssl/opensslconf.h
+mdc2_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+mdc2_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+mdc2_one.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+mdc2_one.o: ../cryptlib.h mdc2_one.c
+mdc2dgst.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+mdc2dgst.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+mdc2dgst.o: ../../include/openssl/mdc2.h ../../include/openssl/opensslconf.h
+mdc2dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+mdc2dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+mdc2dgst.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+mdc2dgst.o: mdc2dgst.c
diff --git a/src/lib/libssl/src/crypto/objects/Makefile.ssl b/src/lib/libssl/src/crypto/objects/Makefile.ssl
new file mode 100644
index 0000000000..3e7a194cf9
--- /dev/null
+++ b/src/lib/libssl/src/crypto/objects/Makefile.ssl
@@ -0,0 +1,123 @@
+#
+# SSLeay/crypto/objects/Makefile
+#
+
+DIR=    objects
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+PERL=           perl
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= o_names.c obj_dat.c obj_lib.c obj_err.c
+LIBOBJ= o_names.o obj_dat.o obj_lib.o obj_err.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= objects.h obj_mac.h
+HEADER= $(EXHEADER) obj_dat.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    obj_dat.h lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+obj_dat.h: obj_dat.pl obj_mac.h
+        $(PERL) obj_dat.pl obj_mac.h obj_dat.h
+
+# objects.pl both reads and writes obj_mac.num
+obj_mac.h: objects.pl objects.txt obj_mac.num
+        $(PERL) objects.pl objects.txt obj_mac.num obj_mac.h
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+o_names.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+o_names.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+o_names.o: ../../include/openssl/e_os2.h ../../include/openssl/lhash.h
+o_names.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+o_names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+o_names.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+o_names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+o_names.o: o_names.c
+obj_dat.o: ../../e_os.h ../../include/openssl/asn1.h
+obj_dat.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+obj_dat.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+obj_dat.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+obj_dat.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+obj_dat.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+obj_dat.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+obj_dat.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+obj_dat.o: ../../include/openssl/symhacks.h ../cryptlib.h obj_dat.c obj_dat.h
+obj_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+obj_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+obj_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+obj_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+obj_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+obj_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+obj_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+obj_err.o: ../../include/openssl/symhacks.h obj_err.c
+obj_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+obj_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+obj_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+obj_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+obj_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+obj_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+obj_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+obj_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+obj_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h obj_lib.c
diff --git a/src/lib/libssl/src/crypto/objects/obj_dat.h b/src/lib/libssl/src/crypto/objects/obj_dat.h
deleted file mode 100644
index cc22152682..0000000000
--- a/src/lib/libssl/src/crypto/objects/obj_dat.h
+++ /dev/null
@@ -1,3762 +0,0 @@
-/* crypto/objects/obj_dat.h */
-
-/* THIS FILE IS GENERATED FROM objects.h by obj_dat.pl via the
- * following command:
- * perl obj_dat.pl obj_mac.h obj_dat.h
- */
-
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define NUM_NID 676
-#define NUM_SN 669
-#define NUM_LN 669
-#define NUM_OBJ 633
-
-static unsigned char lvalues[4575]={
-0x00,                                        /* [  0] OBJ_undef */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,               /* [  1] OBJ_rsadsi */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,          /* [  7] OBJ_pkcs */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02,     /* [ 14] OBJ_md2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05,     /* [ 22] OBJ_md5 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04,     /* [ 30] OBJ_rc4 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 38] OBJ_rsaEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 47] OBJ_md2WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 56] OBJ_md5WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 65] OBJ_pbeWithMD2AndDES_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 74] OBJ_pbeWithMD5AndDES_CBC */
-0x55,                                        /* [ 83] OBJ_X500 */
-0x55,0x04,                                   /* [ 84] OBJ_X509 */
-0x55,0x04,0x03,                              /* [ 86] OBJ_commonName */
-0x55,0x04,0x06,                              /* [ 89] OBJ_countryName */
-0x55,0x04,0x07,                              /* [ 92] OBJ_localityName */
-0x55,0x04,0x08,                              /* [ 95] OBJ_stateOrProvinceName */
-0x55,0x04,0x0A,                              /* [ 98] OBJ_organizationName */
-0x55,0x04,0x0B,                              /* [101] OBJ_organizationalUnitName */
-0x55,0x08,0x01,0x01,                         /* [104] OBJ_rsa */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,     /* [108] OBJ_pkcs7 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [116] OBJ_pkcs7_data */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [125] OBJ_pkcs7_signed */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [134] OBJ_pkcs7_enveloped */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [143] OBJ_pkcs7_signedAndEnveloped */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [152] OBJ_pkcs7_digest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [161] OBJ_pkcs7_encrypted */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,     /* [170] OBJ_pkcs3 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [178] OBJ_dhKeyAgreement */
-0x2B,0x0E,0x03,0x02,0x06,                    /* [187] OBJ_des_ecb */
-0x2B,0x0E,0x03,0x02,0x09,                    /* [192] OBJ_des_cfb64 */
-0x2B,0x0E,0x03,0x02,0x07,                    /* [197] OBJ_des_cbc */
-0x2B,0x0E,0x03,0x02,0x11,                    /* [202] OBJ_des_ede_ecb */
-0x2B,0x06,0x01,0x04,0x01,0x81,0x3C,0x07,0x01,0x01,0x02,/* [207] OBJ_idea_cbc */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02,     /* [218] OBJ_rc2_cbc */
-0x2B,0x0E,0x03,0x02,0x12,                    /* [226] OBJ_sha */
-0x2B,0x0E,0x03,0x02,0x0F,                    /* [231] OBJ_shaWithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07,     /* [236] OBJ_des_ede3_cbc */
-0x2B,0x0E,0x03,0x02,0x08,                    /* [244] OBJ_des_ofb64 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,     /* [249] OBJ_pkcs9 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [257] OBJ_pkcs9_emailAddress */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [266] OBJ_pkcs9_unstructuredName */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [275] OBJ_pkcs9_contentType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [284] OBJ_pkcs9_messageDigest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [293] OBJ_pkcs9_signingTime */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [302] OBJ_pkcs9_countersignature */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [311] OBJ_pkcs9_challengePassword */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [320] OBJ_pkcs9_unstructuredAddress */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [329] OBJ_pkcs9_extCertAttributes */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,          /* [338] OBJ_netscape */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,     /* [345] OBJ_netscape_cert_extension */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,     /* [353] OBJ_netscape_data_type */
-0x2B,0x0E,0x03,0x02,0x1A,                    /* [361] OBJ_sha1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [366] OBJ_sha1WithRSAEncryption */
-0x2B,0x0E,0x03,0x02,0x0D,                    /* [375] OBJ_dsaWithSHA */
-0x2B,0x0E,0x03,0x02,0x0C,                    /* [380] OBJ_dsa_2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [385] OBJ_pbeWithSHA1AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [394] OBJ_id_pbkdf2 */
-0x2B,0x0E,0x03,0x02,0x1B,                    /* [403] OBJ_dsaWithSHA1_2 */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [408] OBJ_netscape_cert_type */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [417] OBJ_netscape_base_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [426] OBJ_netscape_revocation_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [435] OBJ_netscape_ca_revocation_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [444] OBJ_netscape_renewal_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [453] OBJ_netscape_ca_policy_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [462] OBJ_netscape_ssl_server_name */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [471] OBJ_netscape_comment */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [480] OBJ_netscape_cert_sequence */
-0x55,0x1D,                                   /* [489] OBJ_id_ce */
-0x55,0x1D,0x0E,                              /* [491] OBJ_subject_key_identifier */
-0x55,0x1D,0x0F,                              /* [494] OBJ_key_usage */
-0x55,0x1D,0x10,                              /* [497] OBJ_private_key_usage_period */
-0x55,0x1D,0x11,                              /* [500] OBJ_subject_alt_name */
-0x55,0x1D,0x12,                              /* [503] OBJ_issuer_alt_name */
-0x55,0x1D,0x13,                              /* [506] OBJ_basic_constraints */
-0x55,0x1D,0x14,                              /* [509] OBJ_crl_number */
-0x55,0x1D,0x20,                              /* [512] OBJ_certificate_policies */
-0x55,0x1D,0x23,                              /* [515] OBJ_authority_key_identifier */
-0x2B,0x06,0x01,0x04,0x01,0x97,0x55,0x01,0x02,/* [518] OBJ_bf_cbc */
-0x55,0x08,0x03,0x65,                         /* [527] OBJ_mdc2 */
-0x55,0x08,0x03,0x64,                         /* [531] OBJ_mdc2WithRSA */
-0x55,0x04,0x2A,                              /* [535] OBJ_givenName */
-0x55,0x04,0x04,                              /* [538] OBJ_surname */
-0x55,0x04,0x2B,                              /* [541] OBJ_initials */
-0x55,0x1D,0x1F,                              /* [544] OBJ_crl_distribution_points */
-0x2B,0x0E,0x03,0x02,0x03,                    /* [547] OBJ_md5WithRSA */
-0x55,0x04,0x05,                              /* [552] OBJ_serialNumber */
-0x55,0x04,0x0C,                              /* [555] OBJ_title */
-0x55,0x04,0x0D,                              /* [558] OBJ_description */
-0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0A,/* [561] OBJ_cast5_cbc */
-0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0C,/* [570] OBJ_pbeWithMD5AndCast5_CBC */
-0x2A,0x86,0x48,0xCE,0x38,0x04,0x03,          /* [579] OBJ_dsaWithSHA1 */
-0x2B,0x0E,0x03,0x02,0x1D,                    /* [586] OBJ_sha1WithRSA */
-0x2A,0x86,0x48,0xCE,0x38,0x04,0x01,          /* [591] OBJ_dsa */
-0x2B,0x24,0x03,0x02,0x01,                    /* [598] OBJ_ripemd160 */
-0x2B,0x24,0x03,0x03,0x01,0x02,               /* [603] OBJ_ripemd160WithRSA */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08,     /* [609] OBJ_rc5_cbc */
-0x29,0x01,0x01,0x85,0x1A,0x01,               /* [617] OBJ_rle_compression */
-0x29,0x01,0x01,0x85,0x1A,0x02,               /* [623] OBJ_zlib_compression */
-0x55,0x1D,0x25,                              /* [629] OBJ_ext_key_usage */
-0x2B,0x06,0x01,0x05,0x05,0x07,               /* [632] OBJ_id_pkix */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,          /* [638] OBJ_id_kp */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01,     /* [645] OBJ_server_auth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02,     /* [653] OBJ_client_auth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03,     /* [661] OBJ_code_sign */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04,     /* [669] OBJ_email_protect */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08,     /* [677] OBJ_time_stamp */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [685] OBJ_ms_code_ind */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [695] OBJ_ms_code_com */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [705] OBJ_ms_ctl_sign */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [715] OBJ_ms_sgc */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [725] OBJ_ms_efs */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [735] OBJ_ns_sgc */
-0x55,0x1D,0x1B,                              /* [744] OBJ_delta_crl */
-0x55,0x1D,0x15,                              /* [747] OBJ_crl_reason */
-0x55,0x1D,0x18,                              /* [750] OBJ_invalidity_date */
-0x2B,0x65,0x01,0x04,0x01,                    /* [753] OBJ_sxnet */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [758] OBJ_pbe_WithSHA1And128BitRC4 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [768] OBJ_pbe_WithSHA1And40BitRC4 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [778] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [788] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [798] OBJ_pbe_WithSHA1And128BitRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [808] OBJ_pbe_WithSHA1And40BitRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [818] OBJ_keyBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [829] OBJ_pkcs8ShroudedKeyBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [840] OBJ_certBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [851] OBJ_crlBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [862] OBJ_secretBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [873] OBJ_safeContentsBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [884] OBJ_friendlyName */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [893] OBJ_localKeyID */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [902] OBJ_x509Certificate */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [912] OBJ_sdsiCertificate */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [922] OBJ_x509Crl */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [932] OBJ_pbes2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [941] OBJ_pbmac1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07,     /* [950] OBJ_hmacWithSHA1 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01,     /* [958] OBJ_id_qt_cps */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02,     /* [966] OBJ_id_qt_unotice */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [974] OBJ_SMIMECapabilities */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [983] OBJ_pbeWithMD2AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [992] OBJ_pbeWithMD5AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [1001] OBJ_pbeWithSHA1AndDES_CBC */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1010] OBJ_ms_ext_req */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1020] OBJ_ext_req */
-0x55,0x04,0x29,                              /* [1029] OBJ_name */
-0x55,0x04,0x2E,                              /* [1032] OBJ_dnQualifier */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,          /* [1035] OBJ_id_pe */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,          /* [1042] OBJ_id_ad */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01,     /* [1049] OBJ_info_access */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,     /* [1057] OBJ_ad_OCSP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02,     /* [1065] OBJ_ad_ca_issuers */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09,     /* [1073] OBJ_OCSP_sign */
-0x28,                                        /* [1081] OBJ_iso */
-0x2A,                                        /* [1082] OBJ_member_body */
-0x2A,0x86,0x48,                              /* [1083] OBJ_ISO_US */
-0x2A,0x86,0x48,0xCE,0x38,                    /* [1086] OBJ_X9_57 */
-0x2A,0x86,0x48,0xCE,0x38,0x04,               /* [1091] OBJ_X9cm */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,     /* [1097] OBJ_pkcs1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,     /* [1105] OBJ_pkcs5 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1113] OBJ_SMIME */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1122] OBJ_id_smime_mod */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1132] OBJ_id_smime_ct */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1142] OBJ_id_smime_aa */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1152] OBJ_id_smime_alg */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1162] OBJ_id_smime_cd */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1172] OBJ_id_smime_spq */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1182] OBJ_id_smime_cti */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1192] OBJ_id_smime_mod_cms */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1203] OBJ_id_smime_mod_ess */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1214] OBJ_id_smime_mod_oid */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1225] OBJ_id_smime_mod_msg_v3 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1236] OBJ_id_smime_mod_ets_eSignature_88 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1247] OBJ_id_smime_mod_ets_eSignature_97 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1258] OBJ_id_smime_mod_ets_eSigPolicy_88 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1269] OBJ_id_smime_mod_ets_eSigPolicy_97 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1280] OBJ_id_smime_ct_receipt */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1291] OBJ_id_smime_ct_authData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1302] OBJ_id_smime_ct_publishCert */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1313] OBJ_id_smime_ct_TSTInfo */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1324] OBJ_id_smime_ct_TDTInfo */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1335] OBJ_id_smime_ct_contentInfo */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1346] OBJ_id_smime_ct_DVCSRequestData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1357] OBJ_id_smime_ct_DVCSResponseData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1368] OBJ_id_smime_aa_receiptRequest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1379] OBJ_id_smime_aa_securityLabel */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1390] OBJ_id_smime_aa_mlExpandHistory */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1401] OBJ_id_smime_aa_contentHint */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1412] OBJ_id_smime_aa_msgSigDigest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1423] OBJ_id_smime_aa_encapContentType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1434] OBJ_id_smime_aa_contentIdentifier */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1445] OBJ_id_smime_aa_macValue */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1456] OBJ_id_smime_aa_equivalentLabels */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1467] OBJ_id_smime_aa_contentReference */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1478] OBJ_id_smime_aa_encrypKeyPref */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1489] OBJ_id_smime_aa_signingCertificate */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1500] OBJ_id_smime_aa_smimeEncryptCerts */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1511] OBJ_id_smime_aa_timeStampToken */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1522] OBJ_id_smime_aa_ets_sigPolicyId */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1533] OBJ_id_smime_aa_ets_commitmentType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1544] OBJ_id_smime_aa_ets_signerLocation */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1555] OBJ_id_smime_aa_ets_signerAttr */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1566] OBJ_id_smime_aa_ets_otherSigCert */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1577] OBJ_id_smime_aa_ets_contentTimestamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1588] OBJ_id_smime_aa_ets_CertificateRefs */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1599] OBJ_id_smime_aa_ets_RevocationRefs */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1610] OBJ_id_smime_aa_ets_certValues */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1621] OBJ_id_smime_aa_ets_revocationValues */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1632] OBJ_id_smime_aa_ets_escTimeStamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1643] OBJ_id_smime_aa_ets_certCRLTimestamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1654] OBJ_id_smime_aa_ets_archiveTimeStamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1665] OBJ_id_smime_aa_signatureType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1676] OBJ_id_smime_aa_dvcs_dvc */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1687] OBJ_id_smime_alg_ESDHwith3DES */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1698] OBJ_id_smime_alg_ESDHwithRC2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1709] OBJ_id_smime_alg_3DESwrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1720] OBJ_id_smime_alg_RC2wrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1731] OBJ_id_smime_alg_ESDH */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1742] OBJ_id_smime_alg_CMS3DESwrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1753] OBJ_id_smime_alg_CMSRC2wrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1764] OBJ_id_smime_cd_ldap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1775] OBJ_id_smime_spq_ets_sqt_uri */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1786] OBJ_id_smime_spq_ets_sqt_unotice */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1797] OBJ_id_smime_cti_ets_proofOfOrigin */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1808] OBJ_id_smime_cti_ets_proofOfReceipt */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1819] OBJ_id_smime_cti_ets_proofOfDelivery */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1830] OBJ_id_smime_cti_ets_proofOfSender */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1841] OBJ_id_smime_cti_ets_proofOfApproval */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1852] OBJ_id_smime_cti_ets_proofOfCreation */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04,     /* [1863] OBJ_md4 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,          /* [1871] OBJ_id_pkix_mod */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,          /* [1878] OBJ_id_qt */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,          /* [1885] OBJ_id_it */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,          /* [1892] OBJ_id_pkip */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,          /* [1899] OBJ_id_alg */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,          /* [1906] OBJ_id_cmc */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x08,          /* [1913] OBJ_id_on */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,          /* [1920] OBJ_id_pda */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,          /* [1927] OBJ_id_aca */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,          /* [1934] OBJ_id_qcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,          /* [1941] OBJ_id_cct */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01,     /* [1948] OBJ_id_pkix1_explicit_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02,     /* [1956] OBJ_id_pkix1_implicit_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03,     /* [1964] OBJ_id_pkix1_explicit_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04,     /* [1972] OBJ_id_pkix1_implicit_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05,     /* [1980] OBJ_id_mod_crmf */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06,     /* [1988] OBJ_id_mod_cmc */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07,     /* [1996] OBJ_id_mod_kea_profile_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08,     /* [2004] OBJ_id_mod_kea_profile_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09,     /* [2012] OBJ_id_mod_cmp */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A,     /* [2020] OBJ_id_mod_qualified_cert_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B,     /* [2028] OBJ_id_mod_qualified_cert_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C,     /* [2036] OBJ_id_mod_attribute_cert */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D,     /* [2044] OBJ_id_mod_timestamp_protocol */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E,     /* [2052] OBJ_id_mod_ocsp */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F,     /* [2060] OBJ_id_mod_dvcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10,     /* [2068] OBJ_id_mod_cmp2000 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02,     /* [2076] OBJ_biometricInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03,     /* [2084] OBJ_qcStatements */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04,     /* [2092] OBJ_ac_auditEntity */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05,     /* [2100] OBJ_ac_targeting */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06,     /* [2108] OBJ_aaControls */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07,     /* [2116] OBJ_sbgp_ipAddrBlock */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08,     /* [2124] OBJ_sbgp_autonomousSysNum */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09,     /* [2132] OBJ_sbgp_routerIdentifier */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03,     /* [2140] OBJ_textNotice */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05,     /* [2148] OBJ_ipsecEndSystem */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06,     /* [2156] OBJ_ipsecTunnel */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07,     /* [2164] OBJ_ipsecUser */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A,     /* [2172] OBJ_dvcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01,     /* [2180] OBJ_id_it_caProtEncCert */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02,     /* [2188] OBJ_id_it_signKeyPairTypes */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03,     /* [2196] OBJ_id_it_encKeyPairTypes */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04,     /* [2204] OBJ_id_it_preferredSymmAlg */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05,     /* [2212] OBJ_id_it_caKeyUpdateInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06,     /* [2220] OBJ_id_it_currentCRL */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07,     /* [2228] OBJ_id_it_unsupportedOIDs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08,     /* [2236] OBJ_id_it_subscriptionRequest */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09,     /* [2244] OBJ_id_it_subscriptionResponse */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A,     /* [2252] OBJ_id_it_keyPairParamReq */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B,     /* [2260] OBJ_id_it_keyPairParamRep */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C,     /* [2268] OBJ_id_it_revPassphrase */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D,     /* [2276] OBJ_id_it_implicitConfirm */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E,     /* [2284] OBJ_id_it_confirmWaitTime */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F,     /* [2292] OBJ_id_it_origPKIMessage */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,     /* [2300] OBJ_id_regCtrl */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,     /* [2308] OBJ_id_regInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2316] OBJ_id_regCtrl_regToken */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2325] OBJ_id_regCtrl_authenticator */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2334] OBJ_id_regCtrl_pkiPublicationInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2343] OBJ_id_regCtrl_pkiArchiveOptions */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2352] OBJ_id_regCtrl_oldCertID */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2361] OBJ_id_regCtrl_protocolEncrKey */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2370] OBJ_id_regInfo_utf8Pairs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2379] OBJ_id_regInfo_certReq */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01,     /* [2388] OBJ_id_alg_des40 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02,     /* [2396] OBJ_id_alg_noSignature */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03,     /* [2404] OBJ_id_alg_dh_sig_hmac_sha1 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04,     /* [2412] OBJ_id_alg_dh_pop */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01,     /* [2420] OBJ_id_cmc_statusInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02,     /* [2428] OBJ_id_cmc_identification */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03,     /* [2436] OBJ_id_cmc_identityProof */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04,     /* [2444] OBJ_id_cmc_dataReturn */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05,     /* [2452] OBJ_id_cmc_transactionId */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06,     /* [2460] OBJ_id_cmc_senderNonce */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07,     /* [2468] OBJ_id_cmc_recipientNonce */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08,     /* [2476] OBJ_id_cmc_addExtensions */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09,     /* [2484] OBJ_id_cmc_encryptedPOP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A,     /* [2492] OBJ_id_cmc_decryptedPOP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B,     /* [2500] OBJ_id_cmc_lraPOPWitness */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F,     /* [2508] OBJ_id_cmc_getCert */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10,     /* [2516] OBJ_id_cmc_getCRL */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11,     /* [2524] OBJ_id_cmc_revokeRequest */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12,     /* [2532] OBJ_id_cmc_regInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13,     /* [2540] OBJ_id_cmc_responseInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15,     /* [2548] OBJ_id_cmc_queryPending */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16,     /* [2556] OBJ_id_cmc_popLinkRandom */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17,     /* [2564] OBJ_id_cmc_popLinkWitness */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18,     /* [2572] OBJ_id_cmc_confirmCertAcceptance */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01,     /* [2580] OBJ_id_on_personalData */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01,     /* [2588] OBJ_id_pda_dateOfBirth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02,     /* [2596] OBJ_id_pda_placeOfBirth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03,     /* [2604] OBJ_id_pda_gender */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04,     /* [2612] OBJ_id_pda_countryOfCitizenship */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05,     /* [2620] OBJ_id_pda_countryOfResidence */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01,     /* [2628] OBJ_id_aca_authenticationInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02,     /* [2636] OBJ_id_aca_accessIdentity */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03,     /* [2644] OBJ_id_aca_chargingIdentity */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04,     /* [2652] OBJ_id_aca_group */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05,     /* [2660] OBJ_id_aca_role */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01,     /* [2668] OBJ_id_qcs_pkixQCSyntax_v1 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01,     /* [2676] OBJ_id_cct_crs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02,     /* [2684] OBJ_id_cct_PKIData */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03,     /* [2692] OBJ_id_cct_PKIResponse */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03,     /* [2700] OBJ_ad_timeStamping */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04,     /* [2708] OBJ_ad_dvcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2716] OBJ_id_pkix_OCSP_basic */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2725] OBJ_id_pkix_OCSP_Nonce */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2734] OBJ_id_pkix_OCSP_CrlID */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2743] OBJ_id_pkix_OCSP_acceptableResponses */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2752] OBJ_id_pkix_OCSP_noCheck */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2761] OBJ_id_pkix_OCSP_archiveCutoff */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2770] OBJ_id_pkix_OCSP_serviceLocator */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2779] OBJ_id_pkix_OCSP_extendedStatus */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2788] OBJ_id_pkix_OCSP_valid */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2797] OBJ_id_pkix_OCSP_path */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2806] OBJ_id_pkix_OCSP_trustRoot */
-0x2B,0x0E,0x03,0x02,                         /* [2815] OBJ_algorithm */
-0x2B,0x0E,0x03,0x02,0x0B,                    /* [2819] OBJ_rsaSignature */
-0x55,0x08,                                   /* [2824] OBJ_X500algorithms */
-0x2B,                                        /* [2826] OBJ_org */
-0x2B,0x06,                                   /* [2827] OBJ_dod */
-0x2B,0x06,0x01,                              /* [2829] OBJ_iana */
-0x2B,0x06,0x01,0x01,                         /* [2832] OBJ_Directory */
-0x2B,0x06,0x01,0x02,                         /* [2836] OBJ_Management */
-0x2B,0x06,0x01,0x03,                         /* [2840] OBJ_Experimental */
-0x2B,0x06,0x01,0x04,                         /* [2844] OBJ_Private */
-0x2B,0x06,0x01,0x05,                         /* [2848] OBJ_Security */
-0x2B,0x06,0x01,0x06,                         /* [2852] OBJ_SNMPv2 */
-0x2B,0x06,0x01,0x07,                         /* [2856] OBJ_Mail */
-0x2B,0x06,0x01,0x04,0x01,                    /* [2860] OBJ_Enterprises */
-0x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2865] OBJ_dcObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2874] OBJ_domainComponent */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2884] OBJ_Domain */
-0x50,                                        /* [2894] OBJ_joint_iso_ccitt */
-0x55,0x01,0x05,                              /* [2895] OBJ_selected_attribute_types */
-0x55,0x01,0x05,0x37,                         /* [2898] OBJ_clearance */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2902] OBJ_md4WithRSAEncryption */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A,     /* [2911] OBJ_ac_proxying */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B,     /* [2919] OBJ_sinfo_access */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06,     /* [2927] OBJ_id_aca_encAttrs */
-0x55,0x04,0x48,                              /* [2935] OBJ_role */
-0x55,0x1D,0x24,                              /* [2938] OBJ_policy_constraints */
-0x55,0x1D,0x37,                              /* [2941] OBJ_target_information */
-0x55,0x1D,0x38,                              /* [2944] OBJ_no_rev_avail */
-0x00,                                        /* [2947] OBJ_ccitt */
-0x2A,0x86,0x48,0xCE,0x3D,                    /* [2948] OBJ_ansi_X9_62 */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x01,          /* [2953] OBJ_X9_62_prime_field */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,          /* [2960] OBJ_X9_62_characteristic_two_field */
-0x2A,0x86,0x48,0xCE,0x3D,0x02,0x01,          /* [2967] OBJ_X9_62_id_ecPublicKey */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01,     /* [2974] OBJ_X9_62_prime192v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02,     /* [2982] OBJ_X9_62_prime192v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03,     /* [2990] OBJ_X9_62_prime192v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04,     /* [2998] OBJ_X9_62_prime239v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05,     /* [3006] OBJ_X9_62_prime239v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06,     /* [3014] OBJ_X9_62_prime239v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07,     /* [3022] OBJ_X9_62_prime256v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01,          /* [3030] OBJ_ecdsa_with_SHA1 */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3037] OBJ_ms_csp_name */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3046] OBJ_aes_128_ecb */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3055] OBJ_aes_128_cbc */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3064] OBJ_aes_128_ofb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3073] OBJ_aes_128_cfb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3082] OBJ_aes_192_ecb */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3091] OBJ_aes_192_cbc */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3100] OBJ_aes_192_ofb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3109] OBJ_aes_192_cfb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3118] OBJ_aes_256_ecb */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3127] OBJ_aes_256_cbc */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3136] OBJ_aes_256_ofb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3145] OBJ_aes_256_cfb128 */
-0x55,0x1D,0x17,                              /* [3154] OBJ_hold_instruction_code */
-0x2A,0x86,0x48,0xCE,0x38,0x02,0x01,          /* [3157] OBJ_hold_instruction_none */
-0x2A,0x86,0x48,0xCE,0x38,0x02,0x02,          /* [3164] OBJ_hold_instruction_call_issuer */
-0x2A,0x86,0x48,0xCE,0x38,0x02,0x03,          /* [3171] OBJ_hold_instruction_reject */
-0x09,                                        /* [3178] OBJ_data */
-0x09,0x92,0x26,                              /* [3179] OBJ_pss */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,          /* [3182] OBJ_ucl */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,     /* [3189] OBJ_pilot */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3197] OBJ_pilotAttributeType */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3206] OBJ_pilotAttributeSyntax */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3215] OBJ_pilotObjectClass */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3224] OBJ_pilotGroups */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3233] OBJ_iA5StringSyntax */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3243] OBJ_caseIgnoreIA5StringSyntax */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3253] OBJ_pilotObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3263] OBJ_pilotPerson */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3273] OBJ_account */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3283] OBJ_document */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3293] OBJ_room */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3303] OBJ_documentSeries */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3313] OBJ_rFC822localPart */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3323] OBJ_dNSDomain */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3333] OBJ_domainRelatedObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3343] OBJ_friendlyCountry */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3353] OBJ_simpleSecurityObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3363] OBJ_pilotOrganization */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3373] OBJ_pilotDSA */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3383] OBJ_qualityLabelledData */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3393] OBJ_userId */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3403] OBJ_textEncodedORAddress */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3413] OBJ_rfc822Mailbox */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3423] OBJ_info */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3433] OBJ_favouriteDrink */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3443] OBJ_roomNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3453] OBJ_photo */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3463] OBJ_userClass */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3473] OBJ_host */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3483] OBJ_manager */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3493] OBJ_documentIdentifier */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3503] OBJ_documentTitle */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3513] OBJ_documentVersion */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3523] OBJ_documentAuthor */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3533] OBJ_documentLocation */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3543] OBJ_homeTelephoneNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3553] OBJ_secretary */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3563] OBJ_otherMailbox */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3573] OBJ_lastModifiedTime */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3583] OBJ_lastModifiedBy */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3593] OBJ_aRecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3603] OBJ_pilotAttributeType27 */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3613] OBJ_mXRecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3623] OBJ_nSRecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3633] OBJ_sOARecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3643] OBJ_cNAMERecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3653] OBJ_associatedDomain */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3663] OBJ_associatedName */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3673] OBJ_homePostalAddress */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3683] OBJ_personalTitle */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3693] OBJ_mobileTelephoneNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3703] OBJ_pagerTelephoneNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3713] OBJ_friendlyCountryName */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3723] OBJ_organizationalStatus */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3733] OBJ_janetMailbox */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3743] OBJ_mailPreferenceOption */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3753] OBJ_buildingName */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3763] OBJ_dSAQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3773] OBJ_singleLevelQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3783] OBJ_subtreeMinimumQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3793] OBJ_subtreeMaximumQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3803] OBJ_personalSignature */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3813] OBJ_dITRedirect */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3823] OBJ_audio */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3833] OBJ_documentPublisher */
-0x55,0x04,0x2D,                              /* [3843] OBJ_x500UniqueIdentifier */
-0x2B,0x06,0x01,0x07,0x01,                    /* [3846] OBJ_mime_mhs */
-0x2B,0x06,0x01,0x07,0x01,0x01,               /* [3851] OBJ_mime_mhs_headings */
-0x2B,0x06,0x01,0x07,0x01,0x02,               /* [3857] OBJ_mime_mhs_bodies */
-0x2B,0x06,0x01,0x07,0x01,0x01,0x01,          /* [3863] OBJ_id_hex_partial_message */
-0x2B,0x06,0x01,0x07,0x01,0x01,0x02,          /* [3870] OBJ_id_hex_multipart_message */
-0x55,0x04,0x2C,                              /* [3877] OBJ_generationQualifier */
-0x55,0x04,0x41,                              /* [3880] OBJ_pseudonym */
-0x67,0x2A,                                   /* [3883] OBJ_id_set */
-0x67,0x2A,0x00,                              /* [3885] OBJ_set_ctype */
-0x67,0x2A,0x01,                              /* [3888] OBJ_set_msgExt */
-0x67,0x2A,0x03,                              /* [3891] OBJ_set_attr */
-0x67,0x2A,0x05,                              /* [3894] OBJ_set_policy */
-0x67,0x2A,0x07,                              /* [3897] OBJ_set_certExt */
-0x67,0x2A,0x08,                              /* [3900] OBJ_set_brand */
-0x67,0x2A,0x00,0x00,                         /* [3903] OBJ_setct_PANData */
-0x67,0x2A,0x00,0x01,                         /* [3907] OBJ_setct_PANToken */
-0x67,0x2A,0x00,0x02,                         /* [3911] OBJ_setct_PANOnly */
-0x67,0x2A,0x00,0x03,                         /* [3915] OBJ_setct_OIData */
-0x67,0x2A,0x00,0x04,                         /* [3919] OBJ_setct_PI */
-0x67,0x2A,0x00,0x05,                         /* [3923] OBJ_setct_PIData */
-0x67,0x2A,0x00,0x06,                         /* [3927] OBJ_setct_PIDataUnsigned */
-0x67,0x2A,0x00,0x07,                         /* [3931] OBJ_setct_HODInput */
-0x67,0x2A,0x00,0x08,                         /* [3935] OBJ_setct_AuthResBaggage */
-0x67,0x2A,0x00,0x09,                         /* [3939] OBJ_setct_AuthRevReqBaggage */
-0x67,0x2A,0x00,0x0A,                         /* [3943] OBJ_setct_AuthRevResBaggage */
-0x67,0x2A,0x00,0x0B,                         /* [3947] OBJ_setct_CapTokenSeq */
-0x67,0x2A,0x00,0x0C,                         /* [3951] OBJ_setct_PInitResData */
-0x67,0x2A,0x00,0x0D,                         /* [3955] OBJ_setct_PI_TBS */
-0x67,0x2A,0x00,0x0E,                         /* [3959] OBJ_setct_PResData */
-0x67,0x2A,0x00,0x10,                         /* [3963] OBJ_setct_AuthReqTBS */
-0x67,0x2A,0x00,0x11,                         /* [3967] OBJ_setct_AuthResTBS */
-0x67,0x2A,0x00,0x12,                         /* [3971] OBJ_setct_AuthResTBSX */
-0x67,0x2A,0x00,0x13,                         /* [3975] OBJ_setct_AuthTokenTBS */
-0x67,0x2A,0x00,0x14,                         /* [3979] OBJ_setct_CapTokenData */
-0x67,0x2A,0x00,0x15,                         /* [3983] OBJ_setct_CapTokenTBS */
-0x67,0x2A,0x00,0x16,                         /* [3987] OBJ_setct_AcqCardCodeMsg */
-0x67,0x2A,0x00,0x17,                         /* [3991] OBJ_setct_AuthRevReqTBS */
-0x67,0x2A,0x00,0x18,                         /* [3995] OBJ_setct_AuthRevResData */
-0x67,0x2A,0x00,0x19,                         /* [3999] OBJ_setct_AuthRevResTBS */
-0x67,0x2A,0x00,0x1A,                         /* [4003] OBJ_setct_CapReqTBS */
-0x67,0x2A,0x00,0x1B,                         /* [4007] OBJ_setct_CapReqTBSX */
-0x67,0x2A,0x00,0x1C,                         /* [4011] OBJ_setct_CapResData */
-0x67,0x2A,0x00,0x1D,                         /* [4015] OBJ_setct_CapRevReqTBS */
-0x67,0x2A,0x00,0x1E,                         /* [4019] OBJ_setct_CapRevReqTBSX */
-0x67,0x2A,0x00,0x1F,                         /* [4023] OBJ_setct_CapRevResData */
-0x67,0x2A,0x00,0x20,                         /* [4027] OBJ_setct_CredReqTBS */
-0x67,0x2A,0x00,0x21,                         /* [4031] OBJ_setct_CredReqTBSX */
-0x67,0x2A,0x00,0x22,                         /* [4035] OBJ_setct_CredResData */
-0x67,0x2A,0x00,0x23,                         /* [4039] OBJ_setct_CredRevReqTBS */
-0x67,0x2A,0x00,0x24,                         /* [4043] OBJ_setct_CredRevReqTBSX */
-0x67,0x2A,0x00,0x25,                         /* [4047] OBJ_setct_CredRevResData */
-0x67,0x2A,0x00,0x26,                         /* [4051] OBJ_setct_PCertReqData */
-0x67,0x2A,0x00,0x27,                         /* [4055] OBJ_setct_PCertResTBS */
-0x67,0x2A,0x00,0x28,                         /* [4059] OBJ_setct_BatchAdminReqData */
-0x67,0x2A,0x00,0x29,                         /* [4063] OBJ_setct_BatchAdminResData */
-0x67,0x2A,0x00,0x2A,                         /* [4067] OBJ_setct_CardCInitResTBS */
-0x67,0x2A,0x00,0x2B,                         /* [4071] OBJ_setct_MeAqCInitResTBS */
-0x67,0x2A,0x00,0x2C,                         /* [4075] OBJ_setct_RegFormResTBS */
-0x67,0x2A,0x00,0x2D,                         /* [4079] OBJ_setct_CertReqData */
-0x67,0x2A,0x00,0x2E,                         /* [4083] OBJ_setct_CertReqTBS */
-0x67,0x2A,0x00,0x2F,                         /* [4087] OBJ_setct_CertResData */
-0x67,0x2A,0x00,0x30,                         /* [4091] OBJ_setct_CertInqReqTBS */
-0x67,0x2A,0x00,0x31,                         /* [4095] OBJ_setct_ErrorTBS */
-0x67,0x2A,0x00,0x32,                         /* [4099] OBJ_setct_PIDualSignedTBE */
-0x67,0x2A,0x00,0x33,                         /* [4103] OBJ_setct_PIUnsignedTBE */
-0x67,0x2A,0x00,0x34,                         /* [4107] OBJ_setct_AuthReqTBE */
-0x67,0x2A,0x00,0x35,                         /* [4111] OBJ_setct_AuthResTBE */
-0x67,0x2A,0x00,0x36,                         /* [4115] OBJ_setct_AuthResTBEX */
-0x67,0x2A,0x00,0x37,                         /* [4119] OBJ_setct_AuthTokenTBE */
-0x67,0x2A,0x00,0x38,                         /* [4123] OBJ_setct_CapTokenTBE */
-0x67,0x2A,0x00,0x39,                         /* [4127] OBJ_setct_CapTokenTBEX */
-0x67,0x2A,0x00,0x3A,                         /* [4131] OBJ_setct_AcqCardCodeMsgTBE */
-0x67,0x2A,0x00,0x3B,                         /* [4135] OBJ_setct_AuthRevReqTBE */
-0x67,0x2A,0x00,0x3C,                         /* [4139] OBJ_setct_AuthRevResTBE */
-0x67,0x2A,0x00,0x3D,                         /* [4143] OBJ_setct_AuthRevResTBEB */
-0x67,0x2A,0x00,0x3E,                         /* [4147] OBJ_setct_CapReqTBE */
-0x67,0x2A,0x00,0x3F,                         /* [4151] OBJ_setct_CapReqTBEX */
-0x67,0x2A,0x00,0x40,                         /* [4155] OBJ_setct_CapResTBE */
-0x67,0x2A,0x00,0x41,                         /* [4159] OBJ_setct_CapRevReqTBE */
-0x67,0x2A,0x00,0x42,                         /* [4163] OBJ_setct_CapRevReqTBEX */
-0x67,0x2A,0x00,0x43,                         /* [4167] OBJ_setct_CapRevResTBE */
-0x67,0x2A,0x00,0x44,                         /* [4171] OBJ_setct_CredReqTBE */
-0x67,0x2A,0x00,0x45,                         /* [4175] OBJ_setct_CredReqTBEX */
-0x67,0x2A,0x00,0x46,                         /* [4179] OBJ_setct_CredResTBE */
-0x67,0x2A,0x00,0x47,                         /* [4183] OBJ_setct_CredRevReqTBE */
-0x67,0x2A,0x00,0x48,                         /* [4187] OBJ_setct_CredRevReqTBEX */
-0x67,0x2A,0x00,0x49,                         /* [4191] OBJ_setct_CredRevResTBE */
-0x67,0x2A,0x00,0x4A,                         /* [4195] OBJ_setct_BatchAdminReqTBE */
-0x67,0x2A,0x00,0x4B,                         /* [4199] OBJ_setct_BatchAdminResTBE */
-0x67,0x2A,0x00,0x4C,                         /* [4203] OBJ_setct_RegFormReqTBE */
-0x67,0x2A,0x00,0x4D,                         /* [4207] OBJ_setct_CertReqTBE */
-0x67,0x2A,0x00,0x4E,                         /* [4211] OBJ_setct_CertReqTBEX */
-0x67,0x2A,0x00,0x4F,                         /* [4215] OBJ_setct_CertResTBE */
-0x67,0x2A,0x00,0x50,                         /* [4219] OBJ_setct_CRLNotificationTBS */
-0x67,0x2A,0x00,0x51,                         /* [4223] OBJ_setct_CRLNotificationResTBS */
-0x67,0x2A,0x00,0x52,                         /* [4227] OBJ_setct_BCIDistributionTBS */
-0x67,0x2A,0x01,0x01,                         /* [4231] OBJ_setext_genCrypt */
-0x67,0x2A,0x01,0x03,                         /* [4235] OBJ_setext_miAuth */
-0x67,0x2A,0x01,0x04,                         /* [4239] OBJ_setext_pinSecure */
-0x67,0x2A,0x01,0x05,                         /* [4243] OBJ_setext_pinAny */
-0x67,0x2A,0x01,0x07,                         /* [4247] OBJ_setext_track2 */
-0x67,0x2A,0x01,0x08,                         /* [4251] OBJ_setext_cv */
-0x67,0x2A,0x05,0x00,                         /* [4255] OBJ_set_policy_root */
-0x67,0x2A,0x07,0x00,                         /* [4259] OBJ_setCext_hashedRoot */
-0x67,0x2A,0x07,0x01,                         /* [4263] OBJ_setCext_certType */
-0x67,0x2A,0x07,0x02,                         /* [4267] OBJ_setCext_merchData */
-0x67,0x2A,0x07,0x03,                         /* [4271] OBJ_setCext_cCertRequired */
-0x67,0x2A,0x07,0x04,                         /* [4275] OBJ_setCext_tunneling */
-0x67,0x2A,0x07,0x05,                         /* [4279] OBJ_setCext_setExt */
-0x67,0x2A,0x07,0x06,                         /* [4283] OBJ_setCext_setQualf */
-0x67,0x2A,0x07,0x07,                         /* [4287] OBJ_setCext_PGWYcapabilities */
-0x67,0x2A,0x07,0x08,                         /* [4291] OBJ_setCext_TokenIdentifier */
-0x67,0x2A,0x07,0x09,                         /* [4295] OBJ_setCext_Track2Data */
-0x67,0x2A,0x07,0x0A,                         /* [4299] OBJ_setCext_TokenType */
-0x67,0x2A,0x07,0x0B,                         /* [4303] OBJ_setCext_IssuerCapabilities */
-0x67,0x2A,0x03,0x00,                         /* [4307] OBJ_setAttr_Cert */
-0x67,0x2A,0x03,0x01,                         /* [4311] OBJ_setAttr_PGWYcap */
-0x67,0x2A,0x03,0x02,                         /* [4315] OBJ_setAttr_TokenType */
-0x67,0x2A,0x03,0x03,                         /* [4319] OBJ_setAttr_IssCap */
-0x67,0x2A,0x03,0x00,0x00,                    /* [4323] OBJ_set_rootKeyThumb */
-0x67,0x2A,0x03,0x00,0x01,                    /* [4328] OBJ_set_addPolicy */
-0x67,0x2A,0x03,0x02,0x01,                    /* [4333] OBJ_setAttr_Token_EMV */
-0x67,0x2A,0x03,0x02,0x02,                    /* [4338] OBJ_setAttr_Token_B0Prime */
-0x67,0x2A,0x03,0x03,0x03,                    /* [4343] OBJ_setAttr_IssCap_CVM */
-0x67,0x2A,0x03,0x03,0x04,                    /* [4348] OBJ_setAttr_IssCap_T2 */
-0x67,0x2A,0x03,0x03,0x05,                    /* [4353] OBJ_setAttr_IssCap_Sig */
-0x67,0x2A,0x03,0x03,0x03,0x01,               /* [4358] OBJ_setAttr_GenCryptgrm */
-0x67,0x2A,0x03,0x03,0x04,0x01,               /* [4364] OBJ_setAttr_T2Enc */
-0x67,0x2A,0x03,0x03,0x04,0x02,               /* [4370] OBJ_setAttr_T2cleartxt */
-0x67,0x2A,0x03,0x03,0x05,0x01,               /* [4376] OBJ_setAttr_TokICCsig */
-0x67,0x2A,0x03,0x03,0x05,0x02,               /* [4382] OBJ_setAttr_SecDevSig */
-0x67,0x2A,0x08,0x01,                         /* [4388] OBJ_set_brand_IATA_ATA */
-0x67,0x2A,0x08,0x1E,                         /* [4392] OBJ_set_brand_Diners */
-0x67,0x2A,0x08,0x22,                         /* [4396] OBJ_set_brand_AmericanExpress */
-0x67,0x2A,0x08,0x23,                         /* [4400] OBJ_set_brand_JCB */
-0x67,0x2A,0x08,0x04,                         /* [4404] OBJ_set_brand_Visa */
-0x67,0x2A,0x08,0x05,                         /* [4408] OBJ_set_brand_MasterCard */
-0x67,0x2A,0x08,0xAE,0x7B,                    /* [4412] OBJ_set_brand_Novus */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A,     /* [4417] OBJ_des_cdmf */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4425] OBJ_rsaOAEPEncryptionSET */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4434] OBJ_ms_smartcard_login */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4444] OBJ_ms_upn */
-0x55,0x04,0x09,                              /* [4454] OBJ_streetAddress */
-0x55,0x04,0x11,                              /* [4457] OBJ_postalCode */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,          /* [4460] OBJ_id_ppl */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E,     /* [4467] OBJ_proxyCertInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00,     /* [4475] OBJ_id_ppl_anyLanguage */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01,     /* [4483] OBJ_id_ppl_inheritAll */
-0x55,0x1D,0x1E,                              /* [4491] OBJ_name_constraints */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02,     /* [4494] OBJ_Independent */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4502] OBJ_sha256WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4511] OBJ_sha384WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4520] OBJ_sha512WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4529] OBJ_sha224WithRSAEncryption */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4538] OBJ_sha256 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4547] OBJ_sha384 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4556] OBJ_sha512 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4565] OBJ_sha224 */
-};
-
-static ASN1_OBJECT nid_objs[NUM_NID]={
-{"UNDEF","undefined",NID_undef,1,&(lvalues[0]),0},
-{"rsadsi","RSA Data Security, Inc.",NID_rsadsi,6,&(lvalues[1]),0},
-{"pkcs","RSA Data Security, Inc. PKCS",NID_pkcs,7,&(lvalues[7]),0},
-{"MD2","md2",NID_md2,8,&(lvalues[14]),0},
-{"MD5","md5",NID_md5,8,&(lvalues[22]),0},
-{"RC4","rc4",NID_rc4,8,&(lvalues[30]),0},
-{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[38]),0},
-{"RSA-MD2","md2WithRSAEncryption",NID_md2WithRSAEncryption,9,
-        &(lvalues[47]),0},
-{"RSA-MD5","md5WithRSAEncryption",NID_md5WithRSAEncryption,9,
-        &(lvalues[56]),0},
-{"PBE-MD2-DES","pbeWithMD2AndDES-CBC",NID_pbeWithMD2AndDES_CBC,9,
-        &(lvalues[65]),0},
-{"PBE-MD5-DES","pbeWithMD5AndDES-CBC",NID_pbeWithMD5AndDES_CBC,9,
-        &(lvalues[74]),0},
-{"X500","directory services (X.500)",NID_X500,1,&(lvalues[83]),0},
-{"X509","X509",NID_X509,2,&(lvalues[84]),0},
-{"CN","commonName",NID_commonName,3,&(lvalues[86]),0},
-{"C","countryName",NID_countryName,3,&(lvalues[89]),0},
-{"L","localityName",NID_localityName,3,&(lvalues[92]),0},
-{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[95]),0},
-{"O","organizationName",NID_organizationName,3,&(lvalues[98]),0},
-{"OU","organizationalUnitName",NID_organizationalUnitName,3,
-        &(lvalues[101]),0},
-{"RSA","rsa",NID_rsa,4,&(lvalues[104]),0},
-{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[108]),0},
-{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[116]),0},
-{"pkcs7-signedData","pkcs7-signedData",NID_pkcs7_signed,9,
-        &(lvalues[125]),0},
-{"pkcs7-envelopedData","pkcs7-envelopedData",NID_pkcs7_enveloped,9,
-        &(lvalues[134]),0},
-{"pkcs7-signedAndEnvelopedData","pkcs7-signedAndEnvelopedData",
-        NID_pkcs7_signedAndEnveloped,9,&(lvalues[143]),0},
-{"pkcs7-digestData","pkcs7-digestData",NID_pkcs7_digest,9,
-        &(lvalues[152]),0},
-{"pkcs7-encryptedData","pkcs7-encryptedData",NID_pkcs7_encrypted,9,
-        &(lvalues[161]),0},
-{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[170]),0},
-{"dhKeyAgreement","dhKeyAgreement",NID_dhKeyAgreement,9,
-        &(lvalues[178]),0},
-{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[187]),0},
-{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[192]),0},
-{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[197]),0},
-{"DES-EDE","des-ede",NID_des_ede_ecb,5,&(lvalues[202]),0},
-{"DES-EDE3","des-ede3",NID_des_ede3_ecb,0,NULL},
-{"IDEA-CBC","idea-cbc",NID_idea_cbc,11,&(lvalues[207]),0},
-{"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL},
-{"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL},
-{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[218]),0},
-{"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL},
-{"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL},
-{"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL},
-{"SHA","sha",NID_sha,5,&(lvalues[226]),0},
-{"RSA-SHA","shaWithRSAEncryption",NID_shaWithRSAEncryption,5,
-        &(lvalues[231]),0},
-{"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL},
-{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[236]),0},
-{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[244]),0},
-{"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL},
-{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[249]),0},
-{"emailAddress","emailAddress",NID_pkcs9_emailAddress,9,
-        &(lvalues[257]),0},
-{"unstructuredName","unstructuredName",NID_pkcs9_unstructuredName,9,
-        &(lvalues[266]),0},
-{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[275]),0},
-{"messageDigest","messageDigest",NID_pkcs9_messageDigest,9,
-        &(lvalues[284]),0},
-{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[293]),0},
-{"countersignature","countersignature",NID_pkcs9_countersignature,9,
-        &(lvalues[302]),0},
-{"challengePassword","challengePassword",NID_pkcs9_challengePassword,
-        9,&(lvalues[311]),0},
-{"unstructuredAddress","unstructuredAddress",
-        NID_pkcs9_unstructuredAddress,9,&(lvalues[320]),0},
-{"extendedCertificateAttributes","extendedCertificateAttributes",
-        NID_pkcs9_extCertAttributes,9,&(lvalues[329]),0},
-{"Netscape","Netscape Communications Corp.",NID_netscape,7,
-        &(lvalues[338]),0},
-{"nsCertExt","Netscape Certificate Extension",
-        NID_netscape_cert_extension,8,&(lvalues[345]),0},
-{"nsDataType","Netscape Data Type",NID_netscape_data_type,8,
-        &(lvalues[353]),0},
-{"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL},
-{"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL},
-{"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL},
-{"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL},
-{"SHA1","sha1",NID_sha1,5,&(lvalues[361]),0},
-{"RSA-SHA1","sha1WithRSAEncryption",NID_sha1WithRSAEncryption,9,
-        &(lvalues[366]),0},
-{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[375]),0},
-{"DSA-old","dsaEncryption-old",NID_dsa_2,5,&(lvalues[380]),0},
-{"PBE-SHA1-RC2-64","pbeWithSHA1AndRC2-CBC",NID_pbeWithSHA1AndRC2_CBC,
-        9,&(lvalues[385]),0},
-{"PBKDF2","PBKDF2",NID_id_pbkdf2,9,&(lvalues[394]),0},
-{"DSA-SHA1-old","dsaWithSHA1-old",NID_dsaWithSHA1_2,5,&(lvalues[403]),0},
-{"nsCertType","Netscape Cert Type",NID_netscape_cert_type,9,
-        &(lvalues[408]),0},
-{"nsBaseUrl","Netscape Base Url",NID_netscape_base_url,9,
-        &(lvalues[417]),0},
-{"nsRevocationUrl","Netscape Revocation Url",
-        NID_netscape_revocation_url,9,&(lvalues[426]),0},
-{"nsCaRevocationUrl","Netscape CA Revocation Url",
-        NID_netscape_ca_revocation_url,9,&(lvalues[435]),0},
-{"nsRenewalUrl","Netscape Renewal Url",NID_netscape_renewal_url,9,
-        &(lvalues[444]),0},
-{"nsCaPolicyUrl","Netscape CA Policy Url",NID_netscape_ca_policy_url,
-        9,&(lvalues[453]),0},
-{"nsSslServerName","Netscape SSL Server Name",
-        NID_netscape_ssl_server_name,9,&(lvalues[462]),0},
-{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[471]),0},
-{"nsCertSequence","Netscape Certificate Sequence",
-        NID_netscape_cert_sequence,9,&(lvalues[480]),0},
-{"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL},
-{"id-ce","id-ce",NID_id_ce,2,&(lvalues[489]),0},
-{"subjectKeyIdentifier","X509v3 Subject Key Identifier",
-        NID_subject_key_identifier,3,&(lvalues[491]),0},
-{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[494]),0},
-{"privateKeyUsagePeriod","X509v3 Private Key Usage Period",
-        NID_private_key_usage_period,3,&(lvalues[497]),0},
-{"subjectAltName","X509v3 Subject Alternative Name",
-        NID_subject_alt_name,3,&(lvalues[500]),0},
-{"issuerAltName","X509v3 Issuer Alternative Name",NID_issuer_alt_name,
-        3,&(lvalues[503]),0},
-{"basicConstraints","X509v3 Basic Constraints",NID_basic_constraints,
-        3,&(lvalues[506]),0},
-{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[509]),0},
-{"certificatePolicies","X509v3 Certificate Policies",
-        NID_certificate_policies,3,&(lvalues[512]),0},
-{"authorityKeyIdentifier","X509v3 Authority Key Identifier",
-        NID_authority_key_identifier,3,&(lvalues[515]),0},
-{"BF-CBC","bf-cbc",NID_bf_cbc,9,&(lvalues[518]),0},
-{"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL},
-{"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL},
-{"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL},
-{"MDC2","mdc2",NID_mdc2,4,&(lvalues[527]),0},
-{"RSA-MDC2","mdc2WithRSA",NID_mdc2WithRSA,4,&(lvalues[531]),0},
-{"RC4-40","rc4-40",NID_rc4_40,0,NULL},
-{"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL},
-{"GN","givenName",NID_givenName,3,&(lvalues[535]),0},
-{"SN","surname",NID_surname,3,&(lvalues[538]),0},
-{"initials","initials",NID_initials,3,&(lvalues[541]),0},
-{NULL,NULL,NID_undef,0,NULL},
-{"crlDistributionPoints","X509v3 CRL Distribution Points",
-        NID_crl_distribution_points,3,&(lvalues[544]),0},
-{"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[547]),0},
-{"serialNumber","serialNumber",NID_serialNumber,3,&(lvalues[552]),0},
-{"title","title",NID_title,3,&(lvalues[555]),0},
-{"description","description",NID_description,3,&(lvalues[558]),0},
-{"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[561]),0},
-{"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL},
-{"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL},
-{"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL},
-{"pbeWithMD5AndCast5CBC","pbeWithMD5AndCast5CBC",
-        NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[570]),0},
-{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[579]),0},
-{"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL},
-{"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[586]),0},
-{"DSA","dsaEncryption",NID_dsa,7,&(lvalues[591]),0},
-{"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[598]),0},
-{NULL,NULL,NID_undef,0,NULL},
-{"RSA-RIPEMD160","ripemd160WithRSA",NID_ripemd160WithRSA,6,
-        &(lvalues[603]),0},
-{"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[609]),0},
-{"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL},
-{"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL},
-{"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL},
-{"RLE","run length compression",NID_rle_compression,6,&(lvalues[617]),0},
-{"ZLIB","zlib compression",NID_zlib_compression,6,&(lvalues[623]),0},
-{"extendedKeyUsage","X509v3 Extended Key Usage",NID_ext_key_usage,3,
-        &(lvalues[629]),0},
-{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[632]),0},
-{"id-kp","id-kp",NID_id_kp,7,&(lvalues[638]),0},
-{"serverAuth","TLS Web Server Authentication",NID_server_auth,8,
-        &(lvalues[645]),0},
-{"clientAuth","TLS Web Client Authentication",NID_client_auth,8,
-        &(lvalues[653]),0},
-{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[661]),0},
-{"emailProtection","E-mail Protection",NID_email_protect,8,
-        &(lvalues[669]),0},
-{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[677]),0},
-{"msCodeInd","Microsoft Individual Code Signing",NID_ms_code_ind,10,
-        &(lvalues[685]),0},
-{"msCodeCom","Microsoft Commercial Code Signing",NID_ms_code_com,10,
-        &(lvalues[695]),0},
-{"msCTLSign","Microsoft Trust List Signing",NID_ms_ctl_sign,10,
-        &(lvalues[705]),0},
-{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[715]),0},
-{"msEFS","Microsoft Encrypted File System",NID_ms_efs,10,
-        &(lvalues[725]),0},
-{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[735]),0},
-{"deltaCRL","X509v3 Delta CRL Indicator",NID_delta_crl,3,
-        &(lvalues[744]),0},
-{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[747]),0},
-{"invalidityDate","Invalidity Date",NID_invalidity_date,3,
-        &(lvalues[750]),0},
-{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[753]),0},
-{"PBE-SHA1-RC4-128","pbeWithSHA1And128BitRC4",
-        NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[758]),0},
-{"PBE-SHA1-RC4-40","pbeWithSHA1And40BitRC4",
-        NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[768]),0},
-{"PBE-SHA1-3DES","pbeWithSHA1And3-KeyTripleDES-CBC",
-        NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[778]),0},
-{"PBE-SHA1-2DES","pbeWithSHA1And2-KeyTripleDES-CBC",
-        NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[788]),0},
-{"PBE-SHA1-RC2-128","pbeWithSHA1And128BitRC2-CBC",
-        NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[798]),0},
-{"PBE-SHA1-RC2-40","pbeWithSHA1And40BitRC2-CBC",
-        NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[808]),0},
-{"keyBag","keyBag",NID_keyBag,11,&(lvalues[818]),0},
-{"pkcs8ShroudedKeyBag","pkcs8ShroudedKeyBag",NID_pkcs8ShroudedKeyBag,
-        11,&(lvalues[829]),0},
-{"certBag","certBag",NID_certBag,11,&(lvalues[840]),0},
-{"crlBag","crlBag",NID_crlBag,11,&(lvalues[851]),0},
-{"secretBag","secretBag",NID_secretBag,11,&(lvalues[862]),0},
-{"safeContentsBag","safeContentsBag",NID_safeContentsBag,11,
-        &(lvalues[873]),0},
-{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[884]),0},
-{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[893]),0},
-{"x509Certificate","x509Certificate",NID_x509Certificate,10,
-        &(lvalues[902]),0},
-{"sdsiCertificate","sdsiCertificate",NID_sdsiCertificate,10,
-        &(lvalues[912]),0},
-{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[922]),0},
-{"PBES2","PBES2",NID_pbes2,9,&(lvalues[932]),0},
-{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[941]),0},
-{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[950]),0},
-{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[958]),0},
-{"id-qt-unotice","Policy Qualifier User Notice",NID_id_qt_unotice,8,
-        &(lvalues[966]),0},
-{"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL},
-{"SMIME-CAPS","S/MIME Capabilities",NID_SMIMECapabilities,9,
-        &(lvalues[974]),0},
-{"PBE-MD2-RC2-64","pbeWithMD2AndRC2-CBC",NID_pbeWithMD2AndRC2_CBC,9,
-        &(lvalues[983]),0},
-{"PBE-MD5-RC2-64","pbeWithMD5AndRC2-CBC",NID_pbeWithMD5AndRC2_CBC,9,
-        &(lvalues[992]),0},
-{"PBE-SHA1-DES","pbeWithSHA1AndDES-CBC",NID_pbeWithSHA1AndDES_CBC,9,
-        &(lvalues[1001]),0},
-{"msExtReq","Microsoft Extension Request",NID_ms_ext_req,10,
-        &(lvalues[1010]),0},
-{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1020]),0},
-{"name","name",NID_name,3,&(lvalues[1029]),0},
-{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1032]),0},
-{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1035]),0},
-{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1042]),0},
-{"authorityInfoAccess","Authority Information Access",NID_info_access,
-        8,&(lvalues[1049]),0},
-{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1057]),0},
-{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1065]),0},
-{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1073]),0},
-{"ISO","iso",NID_iso,1,&(lvalues[1081]),0},
-{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1082]),0},
-{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1083]),0},
-{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1086]),0},
-{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1091]),0},
-{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1097]),0},
-{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1105]),0},
-{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1113]),0},
-{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1122]),0},
-{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1132]),0},
-{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1142]),0},
-{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1152]),0},
-{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1162]),0},
-{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1172]),0},
-{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1182]),0},
-{"id-smime-mod-cms","id-smime-mod-cms",NID_id_smime_mod_cms,11,
-        &(lvalues[1192]),0},
-{"id-smime-mod-ess","id-smime-mod-ess",NID_id_smime_mod_ess,11,
-        &(lvalues[1203]),0},
-{"id-smime-mod-oid","id-smime-mod-oid",NID_id_smime_mod_oid,11,
-        &(lvalues[1214]),0},
-{"id-smime-mod-msg-v3","id-smime-mod-msg-v3",NID_id_smime_mod_msg_v3,
-        11,&(lvalues[1225]),0},
-{"id-smime-mod-ets-eSignature-88","id-smime-mod-ets-eSignature-88",
-        NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1236]),0},
-{"id-smime-mod-ets-eSignature-97","id-smime-mod-ets-eSignature-97",
-        NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1247]),0},
-{"id-smime-mod-ets-eSigPolicy-88","id-smime-mod-ets-eSigPolicy-88",
-        NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1258]),0},
-{"id-smime-mod-ets-eSigPolicy-97","id-smime-mod-ets-eSigPolicy-97",
-        NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1269]),0},
-{"id-smime-ct-receipt","id-smime-ct-receipt",NID_id_smime_ct_receipt,
-        11,&(lvalues[1280]),0},
-{"id-smime-ct-authData","id-smime-ct-authData",
-        NID_id_smime_ct_authData,11,&(lvalues[1291]),0},
-{"id-smime-ct-publishCert","id-smime-ct-publishCert",
-        NID_id_smime_ct_publishCert,11,&(lvalues[1302]),0},
-{"id-smime-ct-TSTInfo","id-smime-ct-TSTInfo",NID_id_smime_ct_TSTInfo,
-        11,&(lvalues[1313]),0},
-{"id-smime-ct-TDTInfo","id-smime-ct-TDTInfo",NID_id_smime_ct_TDTInfo,
-        11,&(lvalues[1324]),0},
-{"id-smime-ct-contentInfo","id-smime-ct-contentInfo",
-        NID_id_smime_ct_contentInfo,11,&(lvalues[1335]),0},
-{"id-smime-ct-DVCSRequestData","id-smime-ct-DVCSRequestData",
-        NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1346]),0},
-{"id-smime-ct-DVCSResponseData","id-smime-ct-DVCSResponseData",
-        NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1357]),0},
-{"id-smime-aa-receiptRequest","id-smime-aa-receiptRequest",
-        NID_id_smime_aa_receiptRequest,11,&(lvalues[1368]),0},
-{"id-smime-aa-securityLabel","id-smime-aa-securityLabel",
-        NID_id_smime_aa_securityLabel,11,&(lvalues[1379]),0},
-{"id-smime-aa-mlExpandHistory","id-smime-aa-mlExpandHistory",
-        NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1390]),0},
-{"id-smime-aa-contentHint","id-smime-aa-contentHint",
-        NID_id_smime_aa_contentHint,11,&(lvalues[1401]),0},
-{"id-smime-aa-msgSigDigest","id-smime-aa-msgSigDigest",
-        NID_id_smime_aa_msgSigDigest,11,&(lvalues[1412]),0},
-{"id-smime-aa-encapContentType","id-smime-aa-encapContentType",
-        NID_id_smime_aa_encapContentType,11,&(lvalues[1423]),0},
-{"id-smime-aa-contentIdentifier","id-smime-aa-contentIdentifier",
-        NID_id_smime_aa_contentIdentifier,11,&(lvalues[1434]),0},
-{"id-smime-aa-macValue","id-smime-aa-macValue",
-        NID_id_smime_aa_macValue,11,&(lvalues[1445]),0},
-{"id-smime-aa-equivalentLabels","id-smime-aa-equivalentLabels",
-        NID_id_smime_aa_equivalentLabels,11,&(lvalues[1456]),0},
-{"id-smime-aa-contentReference","id-smime-aa-contentReference",
-        NID_id_smime_aa_contentReference,11,&(lvalues[1467]),0},
-{"id-smime-aa-encrypKeyPref","id-smime-aa-encrypKeyPref",
-        NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1478]),0},
-{"id-smime-aa-signingCertificate","id-smime-aa-signingCertificate",
-        NID_id_smime_aa_signingCertificate,11,&(lvalues[1489]),0},
-{"id-smime-aa-smimeEncryptCerts","id-smime-aa-smimeEncryptCerts",
-        NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1500]),0},
-{"id-smime-aa-timeStampToken","id-smime-aa-timeStampToken",
-        NID_id_smime_aa_timeStampToken,11,&(lvalues[1511]),0},
-{"id-smime-aa-ets-sigPolicyId","id-smime-aa-ets-sigPolicyId",
-        NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1522]),0},
-{"id-smime-aa-ets-commitmentType","id-smime-aa-ets-commitmentType",
-        NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1533]),0},
-{"id-smime-aa-ets-signerLocation","id-smime-aa-ets-signerLocation",
-        NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1544]),0},
-{"id-smime-aa-ets-signerAttr","id-smime-aa-ets-signerAttr",
-        NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1555]),0},
-{"id-smime-aa-ets-otherSigCert","id-smime-aa-ets-otherSigCert",
-        NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1566]),0},
-{"id-smime-aa-ets-contentTimestamp",
-        "id-smime-aa-ets-contentTimestamp",
-        NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1577]),0},
-{"id-smime-aa-ets-CertificateRefs","id-smime-aa-ets-CertificateRefs",
-        NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1588]),0},
-{"id-smime-aa-ets-RevocationRefs","id-smime-aa-ets-RevocationRefs",
-        NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1599]),0},
-{"id-smime-aa-ets-certValues","id-smime-aa-ets-certValues",
-        NID_id_smime_aa_ets_certValues,11,&(lvalues[1610]),0},
-{"id-smime-aa-ets-revocationValues",
-        "id-smime-aa-ets-revocationValues",
-        NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1621]),0},
-{"id-smime-aa-ets-escTimeStamp","id-smime-aa-ets-escTimeStamp",
-        NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1632]),0},
-{"id-smime-aa-ets-certCRLTimestamp",
-        "id-smime-aa-ets-certCRLTimestamp",
-        NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1643]),0},
-{"id-smime-aa-ets-archiveTimeStamp",
-        "id-smime-aa-ets-archiveTimeStamp",
-        NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1654]),0},
-{"id-smime-aa-signatureType","id-smime-aa-signatureType",
-        NID_id_smime_aa_signatureType,11,&(lvalues[1665]),0},
-{"id-smime-aa-dvcs-dvc","id-smime-aa-dvcs-dvc",
-        NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1676]),0},
-{"id-smime-alg-ESDHwith3DES","id-smime-alg-ESDHwith3DES",
-        NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1687]),0},
-{"id-smime-alg-ESDHwithRC2","id-smime-alg-ESDHwithRC2",
-        NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1698]),0},
-{"id-smime-alg-3DESwrap","id-smime-alg-3DESwrap",
-        NID_id_smime_alg_3DESwrap,11,&(lvalues[1709]),0},
-{"id-smime-alg-RC2wrap","id-smime-alg-RC2wrap",
-        NID_id_smime_alg_RC2wrap,11,&(lvalues[1720]),0},
-{"id-smime-alg-ESDH","id-smime-alg-ESDH",NID_id_smime_alg_ESDH,11,
-        &(lvalues[1731]),0},
-{"id-smime-alg-CMS3DESwrap","id-smime-alg-CMS3DESwrap",
-        NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1742]),0},
-{"id-smime-alg-CMSRC2wrap","id-smime-alg-CMSRC2wrap",
-        NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1753]),0},
-{"id-smime-cd-ldap","id-smime-cd-ldap",NID_id_smime_cd_ldap,11,
-        &(lvalues[1764]),0},
-{"id-smime-spq-ets-sqt-uri","id-smime-spq-ets-sqt-uri",
-        NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1775]),0},
-{"id-smime-spq-ets-sqt-unotice","id-smime-spq-ets-sqt-unotice",
-        NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1786]),0},
-{"id-smime-cti-ets-proofOfOrigin","id-smime-cti-ets-proofOfOrigin",
-        NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1797]),0},
-{"id-smime-cti-ets-proofOfReceipt","id-smime-cti-ets-proofOfReceipt",
-        NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1808]),0},
-{"id-smime-cti-ets-proofOfDelivery",
-        "id-smime-cti-ets-proofOfDelivery",
-        NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1819]),0},
-{"id-smime-cti-ets-proofOfSender","id-smime-cti-ets-proofOfSender",
-        NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1830]),0},
-{"id-smime-cti-ets-proofOfApproval",
-        "id-smime-cti-ets-proofOfApproval",
-        NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1841]),0},
-{"id-smime-cti-ets-proofOfCreation",
-        "id-smime-cti-ets-proofOfCreation",
-        NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1852]),0},
-{"MD4","md4",NID_md4,8,&(lvalues[1863]),0},
-{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1871]),0},
-{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1878]),0},
-{"id-it","id-it",NID_id_it,7,&(lvalues[1885]),0},
-{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1892]),0},
-{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1899]),0},
-{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1906]),0},
-{"id-on","id-on",NID_id_on,7,&(lvalues[1913]),0},
-{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1920]),0},
-{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1927]),0},
-{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1934]),0},
-{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1941]),0},
-{"id-pkix1-explicit-88","id-pkix1-explicit-88",
-        NID_id_pkix1_explicit_88,8,&(lvalues[1948]),0},
-{"id-pkix1-implicit-88","id-pkix1-implicit-88",
-        NID_id_pkix1_implicit_88,8,&(lvalues[1956]),0},
-{"id-pkix1-explicit-93","id-pkix1-explicit-93",
-        NID_id_pkix1_explicit_93,8,&(lvalues[1964]),0},
-{"id-pkix1-implicit-93","id-pkix1-implicit-93",
-        NID_id_pkix1_implicit_93,8,&(lvalues[1972]),0},
-{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1980]),0},
-{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1988]),0},
-{"id-mod-kea-profile-88","id-mod-kea-profile-88",
-        NID_id_mod_kea_profile_88,8,&(lvalues[1996]),0},
-{"id-mod-kea-profile-93","id-mod-kea-profile-93",
-        NID_id_mod_kea_profile_93,8,&(lvalues[2004]),0},
-{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2012]),0},
-{"id-mod-qualified-cert-88","id-mod-qualified-cert-88",
-        NID_id_mod_qualified_cert_88,8,&(lvalues[2020]),0},
-{"id-mod-qualified-cert-93","id-mod-qualified-cert-93",
-        NID_id_mod_qualified_cert_93,8,&(lvalues[2028]),0},
-{"id-mod-attribute-cert","id-mod-attribute-cert",
-        NID_id_mod_attribute_cert,8,&(lvalues[2036]),0},
-{"id-mod-timestamp-protocol","id-mod-timestamp-protocol",
-        NID_id_mod_timestamp_protocol,8,&(lvalues[2044]),0},
-{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2052]),0},
-{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2060]),0},
-{"id-mod-cmp2000","id-mod-cmp2000",NID_id_mod_cmp2000,8,
-        &(lvalues[2068]),0},
-{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2076]),0},
-{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2084]),0},
-{"ac-auditEntity","ac-auditEntity",NID_ac_auditEntity,8,
-        &(lvalues[2092]),0},
-{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2100]),0},
-{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2108]),0},
-{"sbgp-ipAddrBlock","sbgp-ipAddrBlock",NID_sbgp_ipAddrBlock,8,
-        &(lvalues[2116]),0},
-{"sbgp-autonomousSysNum","sbgp-autonomousSysNum",
-        NID_sbgp_autonomousSysNum,8,&(lvalues[2124]),0},
-{"sbgp-routerIdentifier","sbgp-routerIdentifier",
-        NID_sbgp_routerIdentifier,8,&(lvalues[2132]),0},
-{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2140]),0},
-{"ipsecEndSystem","IPSec End System",NID_ipsecEndSystem,8,
-        &(lvalues[2148]),0},
-{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2156]),0},
-{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2164]),0},
-{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2172]),0},
-{"id-it-caProtEncCert","id-it-caProtEncCert",NID_id_it_caProtEncCert,
-        8,&(lvalues[2180]),0},
-{"id-it-signKeyPairTypes","id-it-signKeyPairTypes",
-        NID_id_it_signKeyPairTypes,8,&(lvalues[2188]),0},
-{"id-it-encKeyPairTypes","id-it-encKeyPairTypes",
-        NID_id_it_encKeyPairTypes,8,&(lvalues[2196]),0},
-{"id-it-preferredSymmAlg","id-it-preferredSymmAlg",
-        NID_id_it_preferredSymmAlg,8,&(lvalues[2204]),0},
-{"id-it-caKeyUpdateInfo","id-it-caKeyUpdateInfo",
-        NID_id_it_caKeyUpdateInfo,8,&(lvalues[2212]),0},
-{"id-it-currentCRL","id-it-currentCRL",NID_id_it_currentCRL,8,
-        &(lvalues[2220]),0},
-{"id-it-unsupportedOIDs","id-it-unsupportedOIDs",
-        NID_id_it_unsupportedOIDs,8,&(lvalues[2228]),0},
-{"id-it-subscriptionRequest","id-it-subscriptionRequest",
-        NID_id_it_subscriptionRequest,8,&(lvalues[2236]),0},
-{"id-it-subscriptionResponse","id-it-subscriptionResponse",
-        NID_id_it_subscriptionResponse,8,&(lvalues[2244]),0},
-{"id-it-keyPairParamReq","id-it-keyPairParamReq",
-        NID_id_it_keyPairParamReq,8,&(lvalues[2252]),0},
-{"id-it-keyPairParamRep","id-it-keyPairParamRep",
-        NID_id_it_keyPairParamRep,8,&(lvalues[2260]),0},
-{"id-it-revPassphrase","id-it-revPassphrase",NID_id_it_revPassphrase,
-        8,&(lvalues[2268]),0},
-{"id-it-implicitConfirm","id-it-implicitConfirm",
-        NID_id_it_implicitConfirm,8,&(lvalues[2276]),0},
-{"id-it-confirmWaitTime","id-it-confirmWaitTime",
-        NID_id_it_confirmWaitTime,8,&(lvalues[2284]),0},
-{"id-it-origPKIMessage","id-it-origPKIMessage",
-        NID_id_it_origPKIMessage,8,&(lvalues[2292]),0},
-{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2300]),0},
-{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2308]),0},
-{"id-regCtrl-regToken","id-regCtrl-regToken",NID_id_regCtrl_regToken,
-        9,&(lvalues[2316]),0},
-{"id-regCtrl-authenticator","id-regCtrl-authenticator",
-        NID_id_regCtrl_authenticator,9,&(lvalues[2325]),0},
-{"id-regCtrl-pkiPublicationInfo","id-regCtrl-pkiPublicationInfo",
-        NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2334]),0},
-{"id-regCtrl-pkiArchiveOptions","id-regCtrl-pkiArchiveOptions",
-        NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2343]),0},
-{"id-regCtrl-oldCertID","id-regCtrl-oldCertID",
-        NID_id_regCtrl_oldCertID,9,&(lvalues[2352]),0},
-{"id-regCtrl-protocolEncrKey","id-regCtrl-protocolEncrKey",
-        NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2361]),0},
-{"id-regInfo-utf8Pairs","id-regInfo-utf8Pairs",
-        NID_id_regInfo_utf8Pairs,9,&(lvalues[2370]),0},
-{"id-regInfo-certReq","id-regInfo-certReq",NID_id_regInfo_certReq,9,
-        &(lvalues[2379]),0},
-{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2388]),0},
-{"id-alg-noSignature","id-alg-noSignature",NID_id_alg_noSignature,8,
-        &(lvalues[2396]),0},
-{"id-alg-dh-sig-hmac-sha1","id-alg-dh-sig-hmac-sha1",
-        NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2404]),0},
-{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2412]),0},
-{"id-cmc-statusInfo","id-cmc-statusInfo",NID_id_cmc_statusInfo,8,
-        &(lvalues[2420]),0},
-{"id-cmc-identification","id-cmc-identification",
-        NID_id_cmc_identification,8,&(lvalues[2428]),0},
-{"id-cmc-identityProof","id-cmc-identityProof",
-        NID_id_cmc_identityProof,8,&(lvalues[2436]),0},
-{"id-cmc-dataReturn","id-cmc-dataReturn",NID_id_cmc_dataReturn,8,
-        &(lvalues[2444]),0},
-{"id-cmc-transactionId","id-cmc-transactionId",
-        NID_id_cmc_transactionId,8,&(lvalues[2452]),0},
-{"id-cmc-senderNonce","id-cmc-senderNonce",NID_id_cmc_senderNonce,8,
-        &(lvalues[2460]),0},
-{"id-cmc-recipientNonce","id-cmc-recipientNonce",
-        NID_id_cmc_recipientNonce,8,&(lvalues[2468]),0},
-{"id-cmc-addExtensions","id-cmc-addExtensions",
-        NID_id_cmc_addExtensions,8,&(lvalues[2476]),0},
-{"id-cmc-encryptedPOP","id-cmc-encryptedPOP",NID_id_cmc_encryptedPOP,
-        8,&(lvalues[2484]),0},
-{"id-cmc-decryptedPOP","id-cmc-decryptedPOP",NID_id_cmc_decryptedPOP,
-        8,&(lvalues[2492]),0},
-{"id-cmc-lraPOPWitness","id-cmc-lraPOPWitness",
-        NID_id_cmc_lraPOPWitness,8,&(lvalues[2500]),0},
-{"id-cmc-getCert","id-cmc-getCert",NID_id_cmc_getCert,8,
-        &(lvalues[2508]),0},
-{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2516]),0},
-{"id-cmc-revokeRequest","id-cmc-revokeRequest",
-        NID_id_cmc_revokeRequest,8,&(lvalues[2524]),0},
-{"id-cmc-regInfo","id-cmc-regInfo",NID_id_cmc_regInfo,8,
-        &(lvalues[2532]),0},
-{"id-cmc-responseInfo","id-cmc-responseInfo",NID_id_cmc_responseInfo,
-        8,&(lvalues[2540]),0},
-{"id-cmc-queryPending","id-cmc-queryPending",NID_id_cmc_queryPending,
-        8,&(lvalues[2548]),0},
-{"id-cmc-popLinkRandom","id-cmc-popLinkRandom",
-        NID_id_cmc_popLinkRandom,8,&(lvalues[2556]),0},
-{"id-cmc-popLinkWitness","id-cmc-popLinkWitness",
-        NID_id_cmc_popLinkWitness,8,&(lvalues[2564]),0},
-{"id-cmc-confirmCertAcceptance","id-cmc-confirmCertAcceptance",
-        NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2572]),0},
-{"id-on-personalData","id-on-personalData",NID_id_on_personalData,8,
-        &(lvalues[2580]),0},
-{"id-pda-dateOfBirth","id-pda-dateOfBirth",NID_id_pda_dateOfBirth,8,
-        &(lvalues[2588]),0},
-{"id-pda-placeOfBirth","id-pda-placeOfBirth",NID_id_pda_placeOfBirth,
-        8,&(lvalues[2596]),0},
-{NULL,NULL,NID_undef,0,NULL},
-{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2604]),0},
-{"id-pda-countryOfCitizenship","id-pda-countryOfCitizenship",
-        NID_id_pda_countryOfCitizenship,8,&(lvalues[2612]),0},
-{"id-pda-countryOfResidence","id-pda-countryOfResidence",
-        NID_id_pda_countryOfResidence,8,&(lvalues[2620]),0},
-{"id-aca-authenticationInfo","id-aca-authenticationInfo",
-        NID_id_aca_authenticationInfo,8,&(lvalues[2628]),0},
-{"id-aca-accessIdentity","id-aca-accessIdentity",
-        NID_id_aca_accessIdentity,8,&(lvalues[2636]),0},
-{"id-aca-chargingIdentity","id-aca-chargingIdentity",
-        NID_id_aca_chargingIdentity,8,&(lvalues[2644]),0},
-{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2652]),0},
-{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2660]),0},
-{"id-qcs-pkixQCSyntax-v1","id-qcs-pkixQCSyntax-v1",
-        NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2668]),0},
-{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2676]),0},
-{"id-cct-PKIData","id-cct-PKIData",NID_id_cct_PKIData,8,
-        &(lvalues[2684]),0},
-{"id-cct-PKIResponse","id-cct-PKIResponse",NID_id_cct_PKIResponse,8,
-        &(lvalues[2692]),0},
-{"ad_timestamping","AD Time Stamping",NID_ad_timeStamping,8,
-        &(lvalues[2700]),0},
-{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2708]),0},
-{"basicOCSPResponse","Basic OCSP Response",NID_id_pkix_OCSP_basic,9,
-        &(lvalues[2716]),0},
-{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2725]),0},
-{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2734]),0},
-{"acceptableResponses","Acceptable OCSP Responses",
-        NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2743]),0},
-{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2752]),0},
-{"archiveCutoff","OCSP Archive Cutoff",NID_id_pkix_OCSP_archiveCutoff,
-        9,&(lvalues[2761]),0},
-{"serviceLocator","OCSP Service Locator",
-        NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2770]),0},
-{"extendedStatus","Extended OCSP Status",
-        NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2779]),0},
-{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2788]),0},
-{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2797]),0},
-{"trustRoot","Trust Root",NID_id_pkix_OCSP_trustRoot,9,
-        &(lvalues[2806]),0},
-{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2815]),0},
-{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2819]),0},
-{"X500algorithms","directory services - algorithms",
-        NID_X500algorithms,2,&(lvalues[2824]),0},
-{"ORG","org",NID_org,1,&(lvalues[2826]),0},
-{"DOD","dod",NID_dod,2,&(lvalues[2827]),0},
-{"IANA","iana",NID_iana,3,&(lvalues[2829]),0},
-{"directory","Directory",NID_Directory,4,&(lvalues[2832]),0},
-{"mgmt","Management",NID_Management,4,&(lvalues[2836]),0},
-{"experimental","Experimental",NID_Experimental,4,&(lvalues[2840]),0},
-{"private","Private",NID_Private,4,&(lvalues[2844]),0},
-{"security","Security",NID_Security,4,&(lvalues[2848]),0},
-{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2852]),0},
-{"Mail","Mail",NID_Mail,4,&(lvalues[2856]),0},
-{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2860]),0},
-{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2865]),0},
-{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2874]),0},
-{"domain","Domain",NID_Domain,10,&(lvalues[2884]),0},
-{"JOINT-ISO-CCITT","joint-iso-ccitt",NID_joint_iso_ccitt,1,
-        &(lvalues[2894]),0},
-{"selected-attribute-types","Selected Attribute Types",
-        NID_selected_attribute_types,3,&(lvalues[2895]),0},
-{"clearance","clearance",NID_clearance,4,&(lvalues[2898]),0},
-{"RSA-MD4","md4WithRSAEncryption",NID_md4WithRSAEncryption,9,
-        &(lvalues[2902]),0},
-{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2911]),0},
-{"subjectInfoAccess","Subject Information Access",NID_sinfo_access,8,
-        &(lvalues[2919]),0},
-{"id-aca-encAttrs","id-aca-encAttrs",NID_id_aca_encAttrs,8,
-        &(lvalues[2927]),0},
-{"role","role",NID_role,3,&(lvalues[2935]),0},
-{"policyConstraints","X509v3 Policy Constraints",
-        NID_policy_constraints,3,&(lvalues[2938]),0},
-{"targetInformation","X509v3 AC Targeting",NID_target_information,3,
-        &(lvalues[2941]),0},
-{"noRevAvail","X509v3 No Revocation Available",NID_no_rev_avail,3,
-        &(lvalues[2944]),0},
-{"CCITT","ccitt",NID_ccitt,1,&(lvalues[2947]),0},
-{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2948]),0},
-{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2953]),0},
-{"characteristic-two-field","characteristic-two-field",
-        NID_X9_62_characteristic_two_field,7,&(lvalues[2960]),0},
-{"id-ecPublicKey","id-ecPublicKey",NID_X9_62_id_ecPublicKey,7,
-        &(lvalues[2967]),0},
-{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2974]),0},
-{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2982]),0},
-{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2990]),0},
-{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[2998]),0},
-{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3006]),0},
-{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3014]),0},
-{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3022]),0},
-{"ecdsa-with-SHA1","ecdsa-with-SHA1",NID_ecdsa_with_SHA1,7,
-        &(lvalues[3030]),0},
-{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3037]),0},
-{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3046]),0},
-{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3055]),0},
-{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3064]),0},
-{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3073]),0},
-{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3082]),0},
-{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3091]),0},
-{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3100]),0},
-{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3109]),0},
-{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3118]),0},
-{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3127]),0},
-{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3136]),0},
-{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3145]),0},
-{"holdInstructionCode","Hold Instruction Code",
-        NID_hold_instruction_code,3,&(lvalues[3154]),0},
-{"holdInstructionNone","Hold Instruction None",
-        NID_hold_instruction_none,7,&(lvalues[3157]),0},
-{"holdInstructionCallIssuer","Hold Instruction Call Issuer",
-        NID_hold_instruction_call_issuer,7,&(lvalues[3164]),0},
-{"holdInstructionReject","Hold Instruction Reject",
-        NID_hold_instruction_reject,7,&(lvalues[3171]),0},
-{"data","data",NID_data,1,&(lvalues[3178]),0},
-{"pss","pss",NID_pss,3,&(lvalues[3179]),0},
-{"ucl","ucl",NID_ucl,7,&(lvalues[3182]),0},
-{"pilot","pilot",NID_pilot,8,&(lvalues[3189]),0},
-{"pilotAttributeType","pilotAttributeType",NID_pilotAttributeType,9,
-        &(lvalues[3197]),0},
-{"pilotAttributeSyntax","pilotAttributeSyntax",
-        NID_pilotAttributeSyntax,9,&(lvalues[3206]),0},
-{"pilotObjectClass","pilotObjectClass",NID_pilotObjectClass,9,
-        &(lvalues[3215]),0},
-{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3224]),0},
-{"iA5StringSyntax","iA5StringSyntax",NID_iA5StringSyntax,10,
-        &(lvalues[3233]),0},
-{"caseIgnoreIA5StringSyntax","caseIgnoreIA5StringSyntax",
-        NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3243]),0},
-{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3253]),0},
-{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3263]),0},
-{"account","account",NID_account,10,&(lvalues[3273]),0},
-{"document","document",NID_document,10,&(lvalues[3283]),0},
-{"room","room",NID_room,10,&(lvalues[3293]),0},
-{"documentSeries","documentSeries",NID_documentSeries,10,
-        &(lvalues[3303]),0},
-{"rFC822localPart","rFC822localPart",NID_rFC822localPart,10,
-        &(lvalues[3313]),0},
-{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3323]),0},
-{"domainRelatedObject","domainRelatedObject",NID_domainRelatedObject,
-        10,&(lvalues[3333]),0},
-{"friendlyCountry","friendlyCountry",NID_friendlyCountry,10,
-        &(lvalues[3343]),0},
-{"simpleSecurityObject","simpleSecurityObject",
-        NID_simpleSecurityObject,10,&(lvalues[3353]),0},
-{"pilotOrganization","pilotOrganization",NID_pilotOrganization,10,
-        &(lvalues[3363]),0},
-{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3373]),0},
-{"qualityLabelledData","qualityLabelledData",NID_qualityLabelledData,
-        10,&(lvalues[3383]),0},
-{"UID","userId",NID_userId,10,&(lvalues[3393]),0},
-{"textEncodedORAddress","textEncodedORAddress",
-        NID_textEncodedORAddress,10,&(lvalues[3403]),0},
-{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3413]),0},
-{"info","info",NID_info,10,&(lvalues[3423]),0},
-{"favouriteDrink","favouriteDrink",NID_favouriteDrink,10,
-        &(lvalues[3433]),0},
-{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3443]),0},
-{"photo","photo",NID_photo,10,&(lvalues[3453]),0},
-{"userClass","userClass",NID_userClass,10,&(lvalues[3463]),0},
-{"host","host",NID_host,10,&(lvalues[3473]),0},
-{"manager","manager",NID_manager,10,&(lvalues[3483]),0},
-{"documentIdentifier","documentIdentifier",NID_documentIdentifier,10,
-        &(lvalues[3493]),0},
-{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3503]),0},
-{"documentVersion","documentVersion",NID_documentVersion,10,
-        &(lvalues[3513]),0},
-{"documentAuthor","documentAuthor",NID_documentAuthor,10,
-        &(lvalues[3523]),0},
-{"documentLocation","documentLocation",NID_documentLocation,10,
-        &(lvalues[3533]),0},
-{"homeTelephoneNumber","homeTelephoneNumber",NID_homeTelephoneNumber,
-        10,&(lvalues[3543]),0},
-{"secretary","secretary",NID_secretary,10,&(lvalues[3553]),0},
-{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3563]),0},
-{"lastModifiedTime","lastModifiedTime",NID_lastModifiedTime,10,
-        &(lvalues[3573]),0},
-{"lastModifiedBy","lastModifiedBy",NID_lastModifiedBy,10,
-        &(lvalues[3583]),0},
-{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3593]),0},
-{"pilotAttributeType27","pilotAttributeType27",
-        NID_pilotAttributeType27,10,&(lvalues[3603]),0},
-{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3613]),0},
-{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3623]),0},
-{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3633]),0},
-{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3643]),0},
-{"associatedDomain","associatedDomain",NID_associatedDomain,10,
-        &(lvalues[3653]),0},
-{"associatedName","associatedName",NID_associatedName,10,
-        &(lvalues[3663]),0},
-{"homePostalAddress","homePostalAddress",NID_homePostalAddress,10,
-        &(lvalues[3673]),0},
-{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3683]),0},
-{"mobileTelephoneNumber","mobileTelephoneNumber",
-        NID_mobileTelephoneNumber,10,&(lvalues[3693]),0},
-{"pagerTelephoneNumber","pagerTelephoneNumber",
-        NID_pagerTelephoneNumber,10,&(lvalues[3703]),0},
-{"friendlyCountryName","friendlyCountryName",NID_friendlyCountryName,
-        10,&(lvalues[3713]),0},
-{"organizationalStatus","organizationalStatus",
-        NID_organizationalStatus,10,&(lvalues[3723]),0},
-{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3733]),0},
-{"mailPreferenceOption","mailPreferenceOption",
-        NID_mailPreferenceOption,10,&(lvalues[3743]),0},
-{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3753]),0},
-{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3763]),0},
-{"singleLevelQuality","singleLevelQuality",NID_singleLevelQuality,10,
-        &(lvalues[3773]),0},
-{"subtreeMinimumQuality","subtreeMinimumQuality",
-        NID_subtreeMinimumQuality,10,&(lvalues[3783]),0},
-{"subtreeMaximumQuality","subtreeMaximumQuality",
-        NID_subtreeMaximumQuality,10,&(lvalues[3793]),0},
-{"personalSignature","personalSignature",NID_personalSignature,10,
-        &(lvalues[3803]),0},
-{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3813]),0},
-{"audio","audio",NID_audio,10,&(lvalues[3823]),0},
-{"documentPublisher","documentPublisher",NID_documentPublisher,10,
-        &(lvalues[3833]),0},
-{"x500UniqueIdentifier","x500UniqueIdentifier",
-        NID_x500UniqueIdentifier,3,&(lvalues[3843]),0},
-{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3846]),0},
-{"mime-mhs-headings","mime-mhs-headings",NID_mime_mhs_headings,6,
-        &(lvalues[3851]),0},
-{"mime-mhs-bodies","mime-mhs-bodies",NID_mime_mhs_bodies,6,
-        &(lvalues[3857]),0},
-{"id-hex-partial-message","id-hex-partial-message",
-        NID_id_hex_partial_message,7,&(lvalues[3863]),0},
-{"id-hex-multipart-message","id-hex-multipart-message",
-        NID_id_hex_multipart_message,7,&(lvalues[3870]),0},
-{"generationQualifier","generationQualifier",NID_generationQualifier,
-        3,&(lvalues[3877]),0},
-{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3880]),0},
-{NULL,NULL,NID_undef,0,NULL},
-{"id-set","Secure Electronic Transactions",NID_id_set,2,
-        &(lvalues[3883]),0},
-{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3885]),0},
-{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3888]),0},
-{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3891]),0},
-{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3894]),0},
-{"set-certExt","certificate extensions",NID_set_certExt,3,
-        &(lvalues[3897]),0},
-{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3900]),0},
-{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3903]),0},
-{"setct-PANToken","setct-PANToken",NID_setct_PANToken,4,
-        &(lvalues[3907]),0},
-{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3911]),0},
-{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3915]),0},
-{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3919]),0},
-{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3923]),0},
-{"setct-PIDataUnsigned","setct-PIDataUnsigned",
-        NID_setct_PIDataUnsigned,4,&(lvalues[3927]),0},
-{"setct-HODInput","setct-HODInput",NID_setct_HODInput,4,
-        &(lvalues[3931]),0},
-{"setct-AuthResBaggage","setct-AuthResBaggage",
-        NID_setct_AuthResBaggage,4,&(lvalues[3935]),0},
-{"setct-AuthRevReqBaggage","setct-AuthRevReqBaggage",
-        NID_setct_AuthRevReqBaggage,4,&(lvalues[3939]),0},
-{"setct-AuthRevResBaggage","setct-AuthRevResBaggage",
-        NID_setct_AuthRevResBaggage,4,&(lvalues[3943]),0},
-{"setct-CapTokenSeq","setct-CapTokenSeq",NID_setct_CapTokenSeq,4,
-        &(lvalues[3947]),0},
-{"setct-PInitResData","setct-PInitResData",NID_setct_PInitResData,4,
-        &(lvalues[3951]),0},
-{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3955]),0},
-{"setct-PResData","setct-PResData",NID_setct_PResData,4,
-        &(lvalues[3959]),0},
-{"setct-AuthReqTBS","setct-AuthReqTBS",NID_setct_AuthReqTBS,4,
-        &(lvalues[3963]),0},
-{"setct-AuthResTBS","setct-AuthResTBS",NID_setct_AuthResTBS,4,
-        &(lvalues[3967]),0},
-{"setct-AuthResTBSX","setct-AuthResTBSX",NID_setct_AuthResTBSX,4,
-        &(lvalues[3971]),0},
-{"setct-AuthTokenTBS","setct-AuthTokenTBS",NID_setct_AuthTokenTBS,4,
-        &(lvalues[3975]),0},
-{"setct-CapTokenData","setct-CapTokenData",NID_setct_CapTokenData,4,
-        &(lvalues[3979]),0},
-{"setct-CapTokenTBS","setct-CapTokenTBS",NID_setct_CapTokenTBS,4,
-        &(lvalues[3983]),0},
-{"setct-AcqCardCodeMsg","setct-AcqCardCodeMsg",
-        NID_setct_AcqCardCodeMsg,4,&(lvalues[3987]),0},
-{"setct-AuthRevReqTBS","setct-AuthRevReqTBS",NID_setct_AuthRevReqTBS,
-        4,&(lvalues[3991]),0},
-{"setct-AuthRevResData","setct-AuthRevResData",
-        NID_setct_AuthRevResData,4,&(lvalues[3995]),0},
-{"setct-AuthRevResTBS","setct-AuthRevResTBS",NID_setct_AuthRevResTBS,
-        4,&(lvalues[3999]),0},
-{"setct-CapReqTBS","setct-CapReqTBS",NID_setct_CapReqTBS,4,
-        &(lvalues[4003]),0},
-{"setct-CapReqTBSX","setct-CapReqTBSX",NID_setct_CapReqTBSX,4,
-        &(lvalues[4007]),0},
-{"setct-CapResData","setct-CapResData",NID_setct_CapResData,4,
-        &(lvalues[4011]),0},
-{"setct-CapRevReqTBS","setct-CapRevReqTBS",NID_setct_CapRevReqTBS,4,
-        &(lvalues[4015]),0},
-{"setct-CapRevReqTBSX","setct-CapRevReqTBSX",NID_setct_CapRevReqTBSX,
-        4,&(lvalues[4019]),0},
-{"setct-CapRevResData","setct-CapRevResData",NID_setct_CapRevResData,
-        4,&(lvalues[4023]),0},
-{"setct-CredReqTBS","setct-CredReqTBS",NID_setct_CredReqTBS,4,
-        &(lvalues[4027]),0},
-{"setct-CredReqTBSX","setct-CredReqTBSX",NID_setct_CredReqTBSX,4,
-        &(lvalues[4031]),0},
-{"setct-CredResData","setct-CredResData",NID_setct_CredResData,4,
-        &(lvalues[4035]),0},
-{"setct-CredRevReqTBS","setct-CredRevReqTBS",NID_setct_CredRevReqTBS,
-        4,&(lvalues[4039]),0},
-{"setct-CredRevReqTBSX","setct-CredRevReqTBSX",
-        NID_setct_CredRevReqTBSX,4,&(lvalues[4043]),0},
-{"setct-CredRevResData","setct-CredRevResData",
-        NID_setct_CredRevResData,4,&(lvalues[4047]),0},
-{"setct-PCertReqData","setct-PCertReqData",NID_setct_PCertReqData,4,
-        &(lvalues[4051]),0},
-{"setct-PCertResTBS","setct-PCertResTBS",NID_setct_PCertResTBS,4,
-        &(lvalues[4055]),0},
-{"setct-BatchAdminReqData","setct-BatchAdminReqData",
-        NID_setct_BatchAdminReqData,4,&(lvalues[4059]),0},
-{"setct-BatchAdminResData","setct-BatchAdminResData",
-        NID_setct_BatchAdminResData,4,&(lvalues[4063]),0},
-{"setct-CardCInitResTBS","setct-CardCInitResTBS",
-        NID_setct_CardCInitResTBS,4,&(lvalues[4067]),0},
-{"setct-MeAqCInitResTBS","setct-MeAqCInitResTBS",
-        NID_setct_MeAqCInitResTBS,4,&(lvalues[4071]),0},
-{"setct-RegFormResTBS","setct-RegFormResTBS",NID_setct_RegFormResTBS,
-        4,&(lvalues[4075]),0},
-{"setct-CertReqData","setct-CertReqData",NID_setct_CertReqData,4,
-        &(lvalues[4079]),0},
-{"setct-CertReqTBS","setct-CertReqTBS",NID_setct_CertReqTBS,4,
-        &(lvalues[4083]),0},
-{"setct-CertResData","setct-CertResData",NID_setct_CertResData,4,
-        &(lvalues[4087]),0},
-{"setct-CertInqReqTBS","setct-CertInqReqTBS",NID_setct_CertInqReqTBS,
-        4,&(lvalues[4091]),0},
-{"setct-ErrorTBS","setct-ErrorTBS",NID_setct_ErrorTBS,4,
-        &(lvalues[4095]),0},
-{"setct-PIDualSignedTBE","setct-PIDualSignedTBE",
-        NID_setct_PIDualSignedTBE,4,&(lvalues[4099]),0},
-{"setct-PIUnsignedTBE","setct-PIUnsignedTBE",NID_setct_PIUnsignedTBE,
-        4,&(lvalues[4103]),0},
-{"setct-AuthReqTBE","setct-AuthReqTBE",NID_setct_AuthReqTBE,4,
-        &(lvalues[4107]),0},
-{"setct-AuthResTBE","setct-AuthResTBE",NID_setct_AuthResTBE,4,
-        &(lvalues[4111]),0},
-{"setct-AuthResTBEX","setct-AuthResTBEX",NID_setct_AuthResTBEX,4,
-        &(lvalues[4115]),0},
-{"setct-AuthTokenTBE","setct-AuthTokenTBE",NID_setct_AuthTokenTBE,4,
-        &(lvalues[4119]),0},
-{"setct-CapTokenTBE","setct-CapTokenTBE",NID_setct_CapTokenTBE,4,
-        &(lvalues[4123]),0},
-{"setct-CapTokenTBEX","setct-CapTokenTBEX",NID_setct_CapTokenTBEX,4,
-        &(lvalues[4127]),0},
-{"setct-AcqCardCodeMsgTBE","setct-AcqCardCodeMsgTBE",
-        NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4131]),0},
-{"setct-AuthRevReqTBE","setct-AuthRevReqTBE",NID_setct_AuthRevReqTBE,
-        4,&(lvalues[4135]),0},
-{"setct-AuthRevResTBE","setct-AuthRevResTBE",NID_setct_AuthRevResTBE,
-        4,&(lvalues[4139]),0},
-{"setct-AuthRevResTBEB","setct-AuthRevResTBEB",
-        NID_setct_AuthRevResTBEB,4,&(lvalues[4143]),0},
-{"setct-CapReqTBE","setct-CapReqTBE",NID_setct_CapReqTBE,4,
-        &(lvalues[4147]),0},
-{"setct-CapReqTBEX","setct-CapReqTBEX",NID_setct_CapReqTBEX,4,
-        &(lvalues[4151]),0},
-{"setct-CapResTBE","setct-CapResTBE",NID_setct_CapResTBE,4,
-        &(lvalues[4155]),0},
-{"setct-CapRevReqTBE","setct-CapRevReqTBE",NID_setct_CapRevReqTBE,4,
-        &(lvalues[4159]),0},
-{"setct-CapRevReqTBEX","setct-CapRevReqTBEX",NID_setct_CapRevReqTBEX,
-        4,&(lvalues[4163]),0},
-{"setct-CapRevResTBE","setct-CapRevResTBE",NID_setct_CapRevResTBE,4,
-        &(lvalues[4167]),0},
-{"setct-CredReqTBE","setct-CredReqTBE",NID_setct_CredReqTBE,4,
-        &(lvalues[4171]),0},
-{"setct-CredReqTBEX","setct-CredReqTBEX",NID_setct_CredReqTBEX,4,
-        &(lvalues[4175]),0},
-{"setct-CredResTBE","setct-CredResTBE",NID_setct_CredResTBE,4,
-        &(lvalues[4179]),0},
-{"setct-CredRevReqTBE","setct-CredRevReqTBE",NID_setct_CredRevReqTBE,
-        4,&(lvalues[4183]),0},
-{"setct-CredRevReqTBEX","setct-CredRevReqTBEX",
-        NID_setct_CredRevReqTBEX,4,&(lvalues[4187]),0},
-{"setct-CredRevResTBE","setct-CredRevResTBE",NID_setct_CredRevResTBE,
-        4,&(lvalues[4191]),0},
-{"setct-BatchAdminReqTBE","setct-BatchAdminReqTBE",
-        NID_setct_BatchAdminReqTBE,4,&(lvalues[4195]),0},
-{"setct-BatchAdminResTBE","setct-BatchAdminResTBE",
-        NID_setct_BatchAdminResTBE,4,&(lvalues[4199]),0},
-{"setct-RegFormReqTBE","setct-RegFormReqTBE",NID_setct_RegFormReqTBE,
-        4,&(lvalues[4203]),0},
-{"setct-CertReqTBE","setct-CertReqTBE",NID_setct_CertReqTBE,4,
-        &(lvalues[4207]),0},
-{"setct-CertReqTBEX","setct-CertReqTBEX",NID_setct_CertReqTBEX,4,
-        &(lvalues[4211]),0},
-{"setct-CertResTBE","setct-CertResTBE",NID_setct_CertResTBE,4,
-        &(lvalues[4215]),0},
-{"setct-CRLNotificationTBS","setct-CRLNotificationTBS",
-        NID_setct_CRLNotificationTBS,4,&(lvalues[4219]),0},
-{"setct-CRLNotificationResTBS","setct-CRLNotificationResTBS",
-        NID_setct_CRLNotificationResTBS,4,&(lvalues[4223]),0},
-{"setct-BCIDistributionTBS","setct-BCIDistributionTBS",
-        NID_setct_BCIDistributionTBS,4,&(lvalues[4227]),0},
-{"setext-genCrypt","generic cryptogram",NID_setext_genCrypt,4,
-        &(lvalues[4231]),0},
-{"setext-miAuth","merchant initiated auth",NID_setext_miAuth,4,
-        &(lvalues[4235]),0},
-{"setext-pinSecure","setext-pinSecure",NID_setext_pinSecure,4,
-        &(lvalues[4239]),0},
-{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4243]),0},
-{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4247]),0},
-{"setext-cv","additional verification",NID_setext_cv,4,
-        &(lvalues[4251]),0},
-{"set-policy-root","set-policy-root",NID_set_policy_root,4,
-        &(lvalues[4255]),0},
-{"setCext-hashedRoot","setCext-hashedRoot",NID_setCext_hashedRoot,4,
-        &(lvalues[4259]),0},
-{"setCext-certType","setCext-certType",NID_setCext_certType,4,
-        &(lvalues[4263]),0},
-{"setCext-merchData","setCext-merchData",NID_setCext_merchData,4,
-        &(lvalues[4267]),0},
-{"setCext-cCertRequired","setCext-cCertRequired",
-        NID_setCext_cCertRequired,4,&(lvalues[4271]),0},
-{"setCext-tunneling","setCext-tunneling",NID_setCext_tunneling,4,
-        &(lvalues[4275]),0},
-{"setCext-setExt","setCext-setExt",NID_setCext_setExt,4,
-        &(lvalues[4279]),0},
-{"setCext-setQualf","setCext-setQualf",NID_setCext_setQualf,4,
-        &(lvalues[4283]),0},
-{"setCext-PGWYcapabilities","setCext-PGWYcapabilities",
-        NID_setCext_PGWYcapabilities,4,&(lvalues[4287]),0},
-{"setCext-TokenIdentifier","setCext-TokenIdentifier",
-        NID_setCext_TokenIdentifier,4,&(lvalues[4291]),0},
-{"setCext-Track2Data","setCext-Track2Data",NID_setCext_Track2Data,4,
-        &(lvalues[4295]),0},
-{"setCext-TokenType","setCext-TokenType",NID_setCext_TokenType,4,
-        &(lvalues[4299]),0},
-{"setCext-IssuerCapabilities","setCext-IssuerCapabilities",
-        NID_setCext_IssuerCapabilities,4,&(lvalues[4303]),0},
-{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4307]),0},
-{"setAttr-PGWYcap","payment gateway capabilities",NID_setAttr_PGWYcap,
-        4,&(lvalues[4311]),0},
-{"setAttr-TokenType","setAttr-TokenType",NID_setAttr_TokenType,4,
-        &(lvalues[4315]),0},
-{"setAttr-IssCap","issuer capabilities",NID_setAttr_IssCap,4,
-        &(lvalues[4319]),0},
-{"set-rootKeyThumb","set-rootKeyThumb",NID_set_rootKeyThumb,5,
-        &(lvalues[4323]),0},
-{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4328]),0},
-{"setAttr-Token-EMV","setAttr-Token-EMV",NID_setAttr_Token_EMV,5,
-        &(lvalues[4333]),0},
-{"setAttr-Token-B0Prime","setAttr-Token-B0Prime",
-        NID_setAttr_Token_B0Prime,5,&(lvalues[4338]),0},
-{"setAttr-IssCap-CVM","setAttr-IssCap-CVM",NID_setAttr_IssCap_CVM,5,
-        &(lvalues[4343]),0},
-{"setAttr-IssCap-T2","setAttr-IssCap-T2",NID_setAttr_IssCap_T2,5,
-        &(lvalues[4348]),0},
-{"setAttr-IssCap-Sig","setAttr-IssCap-Sig",NID_setAttr_IssCap_Sig,5,
-        &(lvalues[4353]),0},
-{"setAttr-GenCryptgrm","generate cryptogram",NID_setAttr_GenCryptgrm,
-        6,&(lvalues[4358]),0},
-{"setAttr-T2Enc","encrypted track 2",NID_setAttr_T2Enc,6,
-        &(lvalues[4364]),0},
-{"setAttr-T2cleartxt","cleartext track 2",NID_setAttr_T2cleartxt,6,
-        &(lvalues[4370]),0},
-{"setAttr-TokICCsig","ICC or token signature",NID_setAttr_TokICCsig,6,
-        &(lvalues[4376]),0},
-{"setAttr-SecDevSig","secure device signature",NID_setAttr_SecDevSig,
-        6,&(lvalues[4382]),0},
-{"set-brand-IATA-ATA","set-brand-IATA-ATA",NID_set_brand_IATA_ATA,4,
-        &(lvalues[4388]),0},
-{"set-brand-Diners","set-brand-Diners",NID_set_brand_Diners,4,
-        &(lvalues[4392]),0},
-{"set-brand-AmericanExpress","set-brand-AmericanExpress",
-        NID_set_brand_AmericanExpress,4,&(lvalues[4396]),0},
-{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4400]),0},
-{"set-brand-Visa","set-brand-Visa",NID_set_brand_Visa,4,
-        &(lvalues[4404]),0},
-{"set-brand-MasterCard","set-brand-MasterCard",
-        NID_set_brand_MasterCard,4,&(lvalues[4408]),0},
-{"set-brand-Novus","set-brand-Novus",NID_set_brand_Novus,5,
-        &(lvalues[4412]),0},
-{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4417]),0},
-{"rsaOAEPEncryptionSET","rsaOAEPEncryptionSET",
-        NID_rsaOAEPEncryptionSET,9,&(lvalues[4425]),0},
-{NULL,NULL,NID_undef,0,NULL},
-{NULL,NULL,NID_undef,0,NULL},
-{NULL,NULL,NID_undef,0,NULL},
-{"msSmartcardLogin","Microsoft Smartcardlogin",NID_ms_smartcard_login,
-        10,&(lvalues[4434]),0},
-{"msUPN","Microsoft Universal Principal Name",NID_ms_upn,10,
-        &(lvalues[4444]),0},
-{"AES-128-CFB1","aes-128-cfb1",NID_aes_128_cfb1,0,NULL},
-{"AES-192-CFB1","aes-192-cfb1",NID_aes_192_cfb1,0,NULL},
-{"AES-256-CFB1","aes-256-cfb1",NID_aes_256_cfb1,0,NULL},
-{"AES-128-CFB8","aes-128-cfb8",NID_aes_128_cfb8,0,NULL},
-{"AES-192-CFB8","aes-192-cfb8",NID_aes_192_cfb8,0,NULL},
-{"AES-256-CFB8","aes-256-cfb8",NID_aes_256_cfb8,0,NULL},
-{"DES-CFB1","des-cfb1",NID_des_cfb1,0,NULL},
-{"DES-CFB8","des-cfb8",NID_des_cfb8,0,NULL},
-{"DES-EDE3-CFB1","des-ede3-cfb1",NID_des_ede3_cfb1,0,NULL},
-{"DES-EDE3-CFB8","des-ede3-cfb8",NID_des_ede3_cfb8,0,NULL},
-{"streetAddress","streetAddress",NID_streetAddress,3,&(lvalues[4454]),0},
-{"postalCode","postalCode",NID_postalCode,3,&(lvalues[4457]),0},
-{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4460]),0},
-{"proxyCertInfo","Proxy Certificate Information",NID_proxyCertInfo,8,
-        &(lvalues[4467]),0},
-{"id-ppl-anyLanguage","Any language",NID_id_ppl_anyLanguage,8,
-        &(lvalues[4475]),0},
-{"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8,
-        &(lvalues[4483]),0},
-{"nameConstraints","X509v3 Name Constraints",NID_name_constraints,3,
-        &(lvalues[4491]),0},
-{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4494]),0},
-{"RSA-SHA256","sha256WithRSAEncryption",NID_sha256WithRSAEncryption,9,
-        &(lvalues[4502]),0},
-{"RSA-SHA384","sha384WithRSAEncryption",NID_sha384WithRSAEncryption,9,
-        &(lvalues[4511]),0},
-{"RSA-SHA512","sha512WithRSAEncryption",NID_sha512WithRSAEncryption,9,
-        &(lvalues[4520]),0},
-{"RSA-SHA224","sha224WithRSAEncryption",NID_sha224WithRSAEncryption,9,
-        &(lvalues[4529]),0},
-{"SHA256","sha256",NID_sha256,9,&(lvalues[4538]),0},
-{"SHA384","sha384",NID_sha384,9,&(lvalues[4547]),0},
-{"SHA512","sha512",NID_sha512,9,&(lvalues[4556]),0},
-{"SHA224","sha224",NID_sha224,9,&(lvalues[4565]),0},
-};
-
-static ASN1_OBJECT *sn_objs[NUM_SN]={
-&(nid_objs[364]),/* "AD_DVCS" */
-&(nid_objs[419]),/* "AES-128-CBC" */
-&(nid_objs[421]),/* "AES-128-CFB" */
-&(nid_objs[650]),/* "AES-128-CFB1" */
-&(nid_objs[653]),/* "AES-128-CFB8" */
-&(nid_objs[418]),/* "AES-128-ECB" */
-&(nid_objs[420]),/* "AES-128-OFB" */
-&(nid_objs[423]),/* "AES-192-CBC" */
-&(nid_objs[425]),/* "AES-192-CFB" */
-&(nid_objs[651]),/* "AES-192-CFB1" */
-&(nid_objs[654]),/* "AES-192-CFB8" */
-&(nid_objs[422]),/* "AES-192-ECB" */
-&(nid_objs[424]),/* "AES-192-OFB" */
-&(nid_objs[427]),/* "AES-256-CBC" */
-&(nid_objs[429]),/* "AES-256-CFB" */
-&(nid_objs[652]),/* "AES-256-CFB1" */
-&(nid_objs[655]),/* "AES-256-CFB8" */
-&(nid_objs[426]),/* "AES-256-ECB" */
-&(nid_objs[428]),/* "AES-256-OFB" */
-&(nid_objs[91]),/* "BF-CBC" */
-&(nid_objs[93]),/* "BF-CFB" */
-&(nid_objs[92]),/* "BF-ECB" */
-&(nid_objs[94]),/* "BF-OFB" */
-&(nid_objs[14]),/* "C" */
-&(nid_objs[108]),/* "CAST5-CBC" */
-&(nid_objs[110]),/* "CAST5-CFB" */
-&(nid_objs[109]),/* "CAST5-ECB" */
-&(nid_objs[111]),/* "CAST5-OFB" */
-&(nid_objs[404]),/* "CCITT" */
-&(nid_objs[13]),/* "CN" */
-&(nid_objs[141]),/* "CRLReason" */
-&(nid_objs[417]),/* "CSPName" */
-&(nid_objs[367]),/* "CrlID" */
-&(nid_objs[391]),/* "DC" */
-&(nid_objs[31]),/* "DES-CBC" */
-&(nid_objs[643]),/* "DES-CDMF" */
-&(nid_objs[30]),/* "DES-CFB" */
-&(nid_objs[656]),/* "DES-CFB1" */
-&(nid_objs[657]),/* "DES-CFB8" */
-&(nid_objs[29]),/* "DES-ECB" */
-&(nid_objs[32]),/* "DES-EDE" */
-&(nid_objs[43]),/* "DES-EDE-CBC" */
-&(nid_objs[60]),/* "DES-EDE-CFB" */
-&(nid_objs[62]),/* "DES-EDE-OFB" */
-&(nid_objs[33]),/* "DES-EDE3" */
-&(nid_objs[44]),/* "DES-EDE3-CBC" */
-&(nid_objs[61]),/* "DES-EDE3-CFB" */
-&(nid_objs[658]),/* "DES-EDE3-CFB1" */
-&(nid_objs[659]),/* "DES-EDE3-CFB8" */
-&(nid_objs[63]),/* "DES-EDE3-OFB" */
-&(nid_objs[45]),/* "DES-OFB" */
-&(nid_objs[80]),/* "DESX-CBC" */
-&(nid_objs[380]),/* "DOD" */
-&(nid_objs[116]),/* "DSA" */
-&(nid_objs[66]),/* "DSA-SHA" */
-&(nid_objs[113]),/* "DSA-SHA1" */
-&(nid_objs[70]),/* "DSA-SHA1-old" */
-&(nid_objs[67]),/* "DSA-old" */
-&(nid_objs[297]),/* "DVCS" */
-&(nid_objs[99]),/* "GN" */
-&(nid_objs[381]),/* "IANA" */
-&(nid_objs[34]),/* "IDEA-CBC" */
-&(nid_objs[35]),/* "IDEA-CFB" */
-&(nid_objs[36]),/* "IDEA-ECB" */
-&(nid_objs[46]),/* "IDEA-OFB" */
-&(nid_objs[181]),/* "ISO" */
-&(nid_objs[183]),/* "ISO-US" */
-&(nid_objs[393]),/* "JOINT-ISO-CCITT" */
-&(nid_objs[15]),/* "L" */
-&(nid_objs[ 3]),/* "MD2" */
-&(nid_objs[257]),/* "MD4" */
-&(nid_objs[ 4]),/* "MD5" */
-&(nid_objs[114]),/* "MD5-SHA1" */
-&(nid_objs[95]),/* "MDC2" */
-&(nid_objs[388]),/* "Mail" */
-&(nid_objs[57]),/* "Netscape" */
-&(nid_objs[366]),/* "Nonce" */
-&(nid_objs[17]),/* "O" */
-&(nid_objs[178]),/* "OCSP" */
-&(nid_objs[180]),/* "OCSPSigning" */
-&(nid_objs[379]),/* "ORG" */
-&(nid_objs[18]),/* "OU" */
-&(nid_objs[ 9]),/* "PBE-MD2-DES" */
-&(nid_objs[168]),/* "PBE-MD2-RC2-64" */
-&(nid_objs[10]),/* "PBE-MD5-DES" */
-&(nid_objs[169]),/* "PBE-MD5-RC2-64" */
-&(nid_objs[147]),/* "PBE-SHA1-2DES" */
-&(nid_objs[146]),/* "PBE-SHA1-3DES" */
-&(nid_objs[170]),/* "PBE-SHA1-DES" */
-&(nid_objs[148]),/* "PBE-SHA1-RC2-128" */
-&(nid_objs[149]),/* "PBE-SHA1-RC2-40" */
-&(nid_objs[68]),/* "PBE-SHA1-RC2-64" */
-&(nid_objs[144]),/* "PBE-SHA1-RC4-128" */
-&(nid_objs[145]),/* "PBE-SHA1-RC4-40" */
-&(nid_objs[161]),/* "PBES2" */
-&(nid_objs[69]),/* "PBKDF2" */
-&(nid_objs[162]),/* "PBMAC1" */
-&(nid_objs[127]),/* "PKIX" */
-&(nid_objs[98]),/* "RC2-40-CBC" */
-&(nid_objs[166]),/* "RC2-64-CBC" */
-&(nid_objs[37]),/* "RC2-CBC" */
-&(nid_objs[39]),/* "RC2-CFB" */
-&(nid_objs[38]),/* "RC2-ECB" */
-&(nid_objs[40]),/* "RC2-OFB" */
-&(nid_objs[ 5]),/* "RC4" */
-&(nid_objs[97]),/* "RC4-40" */
-&(nid_objs[120]),/* "RC5-CBC" */
-&(nid_objs[122]),/* "RC5-CFB" */
-&(nid_objs[121]),/* "RC5-ECB" */
-&(nid_objs[123]),/* "RC5-OFB" */
-&(nid_objs[117]),/* "RIPEMD160" */
-&(nid_objs[124]),/* "RLE" */
-&(nid_objs[19]),/* "RSA" */
-&(nid_objs[ 7]),/* "RSA-MD2" */
-&(nid_objs[396]),/* "RSA-MD4" */
-&(nid_objs[ 8]),/* "RSA-MD5" */
-&(nid_objs[96]),/* "RSA-MDC2" */
-&(nid_objs[104]),/* "RSA-NP-MD5" */
-&(nid_objs[119]),/* "RSA-RIPEMD160" */
-&(nid_objs[42]),/* "RSA-SHA" */
-&(nid_objs[65]),/* "RSA-SHA1" */
-&(nid_objs[115]),/* "RSA-SHA1-2" */
-&(nid_objs[671]),/* "RSA-SHA224" */
-&(nid_objs[668]),/* "RSA-SHA256" */
-&(nid_objs[669]),/* "RSA-SHA384" */
-&(nid_objs[670]),/* "RSA-SHA512" */
-&(nid_objs[41]),/* "SHA" */
-&(nid_objs[64]),/* "SHA1" */
-&(nid_objs[675]),/* "SHA224" */
-&(nid_objs[672]),/* "SHA256" */
-&(nid_objs[673]),/* "SHA384" */
-&(nid_objs[674]),/* "SHA512" */
-&(nid_objs[188]),/* "SMIME" */
-&(nid_objs[167]),/* "SMIME-CAPS" */
-&(nid_objs[100]),/* "SN" */
-&(nid_objs[16]),/* "ST" */
-&(nid_objs[143]),/* "SXNetID" */
-&(nid_objs[458]),/* "UID" */
-&(nid_objs[ 0]),/* "UNDEF" */
-&(nid_objs[11]),/* "X500" */
-&(nid_objs[378]),/* "X500algorithms" */
-&(nid_objs[12]),/* "X509" */
-&(nid_objs[184]),/* "X9-57" */
-&(nid_objs[185]),/* "X9cm" */
-&(nid_objs[125]),/* "ZLIB" */
-&(nid_objs[478]),/* "aRecord" */
-&(nid_objs[289]),/* "aaControls" */
-&(nid_objs[287]),/* "ac-auditEntity" */
-&(nid_objs[397]),/* "ac-proxying" */
-&(nid_objs[288]),/* "ac-targeting" */
-&(nid_objs[368]),/* "acceptableResponses" */
-&(nid_objs[446]),/* "account" */
-&(nid_objs[363]),/* "ad_timestamping" */
-&(nid_objs[376]),/* "algorithm" */
-&(nid_objs[405]),/* "ansi-X9-62" */
-&(nid_objs[370]),/* "archiveCutoff" */
-&(nid_objs[484]),/* "associatedDomain" */
-&(nid_objs[485]),/* "associatedName" */
-&(nid_objs[501]),/* "audio" */
-&(nid_objs[177]),/* "authorityInfoAccess" */
-&(nid_objs[90]),/* "authorityKeyIdentifier" */
-&(nid_objs[87]),/* "basicConstraints" */
-&(nid_objs[365]),/* "basicOCSPResponse" */
-&(nid_objs[285]),/* "biometricInfo" */
-&(nid_objs[494]),/* "buildingName" */
-&(nid_objs[483]),/* "cNAMERecord" */
-&(nid_objs[179]),/* "caIssuers" */
-&(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */
-&(nid_objs[152]),/* "certBag" */
-&(nid_objs[89]),/* "certificatePolicies" */
-&(nid_objs[54]),/* "challengePassword" */
-&(nid_objs[407]),/* "characteristic-two-field" */
-&(nid_objs[395]),/* "clearance" */
-&(nid_objs[130]),/* "clientAuth" */
-&(nid_objs[131]),/* "codeSigning" */
-&(nid_objs[50]),/* "contentType" */
-&(nid_objs[53]),/* "countersignature" */
-&(nid_objs[153]),/* "crlBag" */
-&(nid_objs[103]),/* "crlDistributionPoints" */
-&(nid_objs[88]),/* "crlNumber" */
-&(nid_objs[500]),/* "dITRedirect" */
-&(nid_objs[451]),/* "dNSDomain" */
-&(nid_objs[495]),/* "dSAQuality" */
-&(nid_objs[434]),/* "data" */
-&(nid_objs[390]),/* "dcobject" */
-&(nid_objs[140]),/* "deltaCRL" */
-&(nid_objs[107]),/* "description" */
-&(nid_objs[28]),/* "dhKeyAgreement" */
-&(nid_objs[382]),/* "directory" */
-&(nid_objs[174]),/* "dnQualifier" */
-&(nid_objs[447]),/* "document" */
-&(nid_objs[471]),/* "documentAuthor" */
-&(nid_objs[468]),/* "documentIdentifier" */
-&(nid_objs[472]),/* "documentLocation" */
-&(nid_objs[502]),/* "documentPublisher" */
-&(nid_objs[449]),/* "documentSeries" */
-&(nid_objs[469]),/* "documentTitle" */
-&(nid_objs[470]),/* "documentVersion" */
-&(nid_objs[392]),/* "domain" */
-&(nid_objs[452]),/* "domainRelatedObject" */
-&(nid_objs[416]),/* "ecdsa-with-SHA1" */
-&(nid_objs[48]),/* "emailAddress" */
-&(nid_objs[132]),/* "emailProtection" */
-&(nid_objs[389]),/* "enterprises" */
-&(nid_objs[384]),/* "experimental" */
-&(nid_objs[172]),/* "extReq" */
-&(nid_objs[56]),/* "extendedCertificateAttributes" */
-&(nid_objs[126]),/* "extendedKeyUsage" */
-&(nid_objs[372]),/* "extendedStatus" */
-&(nid_objs[462]),/* "favouriteDrink" */
-&(nid_objs[453]),/* "friendlyCountry" */
-&(nid_objs[490]),/* "friendlyCountryName" */
-&(nid_objs[156]),/* "friendlyName" */
-&(nid_objs[509]),/* "generationQualifier" */
-&(nid_objs[163]),/* "hmacWithSHA1" */
-&(nid_objs[432]),/* "holdInstructionCallIssuer" */
-&(nid_objs[430]),/* "holdInstructionCode" */
-&(nid_objs[431]),/* "holdInstructionNone" */
-&(nid_objs[433]),/* "holdInstructionReject" */
-&(nid_objs[486]),/* "homePostalAddress" */
-&(nid_objs[473]),/* "homeTelephoneNumber" */
-&(nid_objs[466]),/* "host" */
-&(nid_objs[442]),/* "iA5StringSyntax" */
-&(nid_objs[266]),/* "id-aca" */
-&(nid_objs[355]),/* "id-aca-accessIdentity" */
-&(nid_objs[354]),/* "id-aca-authenticationInfo" */
-&(nid_objs[356]),/* "id-aca-chargingIdentity" */
-&(nid_objs[399]),/* "id-aca-encAttrs" */
-&(nid_objs[357]),/* "id-aca-group" */
-&(nid_objs[358]),/* "id-aca-role" */
-&(nid_objs[176]),/* "id-ad" */
-&(nid_objs[262]),/* "id-alg" */
-&(nid_objs[323]),/* "id-alg-des40" */
-&(nid_objs[326]),/* "id-alg-dh-pop" */
-&(nid_objs[325]),/* "id-alg-dh-sig-hmac-sha1" */
-&(nid_objs[324]),/* "id-alg-noSignature" */
-&(nid_objs[268]),/* "id-cct" */
-&(nid_objs[361]),/* "id-cct-PKIData" */
-&(nid_objs[362]),/* "id-cct-PKIResponse" */
-&(nid_objs[360]),/* "id-cct-crs" */
-&(nid_objs[81]),/* "id-ce" */
-&(nid_objs[263]),/* "id-cmc" */
-&(nid_objs[334]),/* "id-cmc-addExtensions" */
-&(nid_objs[346]),/* "id-cmc-confirmCertAcceptance" */
-&(nid_objs[330]),/* "id-cmc-dataReturn" */
-&(nid_objs[336]),/* "id-cmc-decryptedPOP" */
-&(nid_objs[335]),/* "id-cmc-encryptedPOP" */
-&(nid_objs[339]),/* "id-cmc-getCRL" */
-&(nid_objs[338]),/* "id-cmc-getCert" */
-&(nid_objs[328]),/* "id-cmc-identification" */
-&(nid_objs[329]),/* "id-cmc-identityProof" */
-&(nid_objs[337]),/* "id-cmc-lraPOPWitness" */
-&(nid_objs[344]),/* "id-cmc-popLinkRandom" */
-&(nid_objs[345]),/* "id-cmc-popLinkWitness" */
-&(nid_objs[343]),/* "id-cmc-queryPending" */
-&(nid_objs[333]),/* "id-cmc-recipientNonce" */
-&(nid_objs[341]),/* "id-cmc-regInfo" */
-&(nid_objs[342]),/* "id-cmc-responseInfo" */
-&(nid_objs[340]),/* "id-cmc-revokeRequest" */
-&(nid_objs[332]),/* "id-cmc-senderNonce" */
-&(nid_objs[327]),/* "id-cmc-statusInfo" */
-&(nid_objs[331]),/* "id-cmc-transactionId" */
-&(nid_objs[408]),/* "id-ecPublicKey" */
-&(nid_objs[508]),/* "id-hex-multipart-message" */
-&(nid_objs[507]),/* "id-hex-partial-message" */
-&(nid_objs[260]),/* "id-it" */
-&(nid_objs[302]),/* "id-it-caKeyUpdateInfo" */
-&(nid_objs[298]),/* "id-it-caProtEncCert" */
-&(nid_objs[311]),/* "id-it-confirmWaitTime" */
-&(nid_objs[303]),/* "id-it-currentCRL" */
-&(nid_objs[300]),/* "id-it-encKeyPairTypes" */
-&(nid_objs[310]),/* "id-it-implicitConfirm" */
-&(nid_objs[308]),/* "id-it-keyPairParamRep" */
-&(nid_objs[307]),/* "id-it-keyPairParamReq" */
-&(nid_objs[312]),/* "id-it-origPKIMessage" */
-&(nid_objs[301]),/* "id-it-preferredSymmAlg" */
-&(nid_objs[309]),/* "id-it-revPassphrase" */
-&(nid_objs[299]),/* "id-it-signKeyPairTypes" */
-&(nid_objs[305]),/* "id-it-subscriptionRequest" */
-&(nid_objs[306]),/* "id-it-subscriptionResponse" */
-&(nid_objs[304]),/* "id-it-unsupportedOIDs" */
-&(nid_objs[128]),/* "id-kp" */
-&(nid_objs[280]),/* "id-mod-attribute-cert" */
-&(nid_objs[274]),/* "id-mod-cmc" */
-&(nid_objs[277]),/* "id-mod-cmp" */
-&(nid_objs[284]),/* "id-mod-cmp2000" */
-&(nid_objs[273]),/* "id-mod-crmf" */
-&(nid_objs[283]),/* "id-mod-dvcs" */
-&(nid_objs[275]),/* "id-mod-kea-profile-88" */
-&(nid_objs[276]),/* "id-mod-kea-profile-93" */
-&(nid_objs[282]),/* "id-mod-ocsp" */
-&(nid_objs[278]),/* "id-mod-qualified-cert-88" */
-&(nid_objs[279]),/* "id-mod-qualified-cert-93" */
-&(nid_objs[281]),/* "id-mod-timestamp-protocol" */
-&(nid_objs[264]),/* "id-on" */
-&(nid_objs[347]),/* "id-on-personalData" */
-&(nid_objs[265]),/* "id-pda" */
-&(nid_objs[352]),/* "id-pda-countryOfCitizenship" */
-&(nid_objs[353]),/* "id-pda-countryOfResidence" */
-&(nid_objs[348]),/* "id-pda-dateOfBirth" */
-&(nid_objs[351]),/* "id-pda-gender" */
-&(nid_objs[349]),/* "id-pda-placeOfBirth" */
-&(nid_objs[175]),/* "id-pe" */
-&(nid_objs[261]),/* "id-pkip" */
-&(nid_objs[258]),/* "id-pkix-mod" */
-&(nid_objs[269]),/* "id-pkix1-explicit-88" */
-&(nid_objs[271]),/* "id-pkix1-explicit-93" */
-&(nid_objs[270]),/* "id-pkix1-implicit-88" */
-&(nid_objs[272]),/* "id-pkix1-implicit-93" */
-&(nid_objs[662]),/* "id-ppl" */
-&(nid_objs[664]),/* "id-ppl-anyLanguage" */
-&(nid_objs[667]),/* "id-ppl-independent" */
-&(nid_objs[665]),/* "id-ppl-inheritAll" */
-&(nid_objs[267]),/* "id-qcs" */
-&(nid_objs[359]),/* "id-qcs-pkixQCSyntax-v1" */
-&(nid_objs[259]),/* "id-qt" */
-&(nid_objs[164]),/* "id-qt-cps" */
-&(nid_objs[165]),/* "id-qt-unotice" */
-&(nid_objs[313]),/* "id-regCtrl" */
-&(nid_objs[316]),/* "id-regCtrl-authenticator" */
-&(nid_objs[319]),/* "id-regCtrl-oldCertID" */
-&(nid_objs[318]),/* "id-regCtrl-pkiArchiveOptions" */
-&(nid_objs[317]),/* "id-regCtrl-pkiPublicationInfo" */
-&(nid_objs[320]),/* "id-regCtrl-protocolEncrKey" */
-&(nid_objs[315]),/* "id-regCtrl-regToken" */
-&(nid_objs[314]),/* "id-regInfo" */
-&(nid_objs[322]),/* "id-regInfo-certReq" */
-&(nid_objs[321]),/* "id-regInfo-utf8Pairs" */
-&(nid_objs[512]),/* "id-set" */
-&(nid_objs[191]),/* "id-smime-aa" */
-&(nid_objs[215]),/* "id-smime-aa-contentHint" */
-&(nid_objs[218]),/* "id-smime-aa-contentIdentifier" */
-&(nid_objs[221]),/* "id-smime-aa-contentReference" */
-&(nid_objs[240]),/* "id-smime-aa-dvcs-dvc" */
-&(nid_objs[217]),/* "id-smime-aa-encapContentType" */
-&(nid_objs[222]),/* "id-smime-aa-encrypKeyPref" */
-&(nid_objs[220]),/* "id-smime-aa-equivalentLabels" */
-&(nid_objs[232]),/* "id-smime-aa-ets-CertificateRefs" */
-&(nid_objs[233]),/* "id-smime-aa-ets-RevocationRefs" */
-&(nid_objs[238]),/* "id-smime-aa-ets-archiveTimeStamp" */
-&(nid_objs[237]),/* "id-smime-aa-ets-certCRLTimestamp" */
-&(nid_objs[234]),/* "id-smime-aa-ets-certValues" */
-&(nid_objs[227]),/* "id-smime-aa-ets-commitmentType" */
-&(nid_objs[231]),/* "id-smime-aa-ets-contentTimestamp" */
-&(nid_objs[236]),/* "id-smime-aa-ets-escTimeStamp" */
-&(nid_objs[230]),/* "id-smime-aa-ets-otherSigCert" */
-&(nid_objs[235]),/* "id-smime-aa-ets-revocationValues" */
-&(nid_objs[226]),/* "id-smime-aa-ets-sigPolicyId" */
-&(nid_objs[229]),/* "id-smime-aa-ets-signerAttr" */
-&(nid_objs[228]),/* "id-smime-aa-ets-signerLocation" */
-&(nid_objs[219]),/* "id-smime-aa-macValue" */
-&(nid_objs[214]),/* "id-smime-aa-mlExpandHistory" */
-&(nid_objs[216]),/* "id-smime-aa-msgSigDigest" */
-&(nid_objs[212]),/* "id-smime-aa-receiptRequest" */
-&(nid_objs[213]),/* "id-smime-aa-securityLabel" */
-&(nid_objs[239]),/* "id-smime-aa-signatureType" */
-&(nid_objs[223]),/* "id-smime-aa-signingCertificate" */
-&(nid_objs[224]),/* "id-smime-aa-smimeEncryptCerts" */
-&(nid_objs[225]),/* "id-smime-aa-timeStampToken" */
-&(nid_objs[192]),/* "id-smime-alg" */
-&(nid_objs[243]),/* "id-smime-alg-3DESwrap" */
-&(nid_objs[246]),/* "id-smime-alg-CMS3DESwrap" */
-&(nid_objs[247]),/* "id-smime-alg-CMSRC2wrap" */
-&(nid_objs[245]),/* "id-smime-alg-ESDH" */
-&(nid_objs[241]),/* "id-smime-alg-ESDHwith3DES" */
-&(nid_objs[242]),/* "id-smime-alg-ESDHwithRC2" */
-&(nid_objs[244]),/* "id-smime-alg-RC2wrap" */
-&(nid_objs[193]),/* "id-smime-cd" */
-&(nid_objs[248]),/* "id-smime-cd-ldap" */
-&(nid_objs[190]),/* "id-smime-ct" */
-&(nid_objs[210]),/* "id-smime-ct-DVCSRequestData" */
-&(nid_objs[211]),/* "id-smime-ct-DVCSResponseData" */
-&(nid_objs[208]),/* "id-smime-ct-TDTInfo" */
-&(nid_objs[207]),/* "id-smime-ct-TSTInfo" */
-&(nid_objs[205]),/* "id-smime-ct-authData" */
-&(nid_objs[209]),/* "id-smime-ct-contentInfo" */
-&(nid_objs[206]),/* "id-smime-ct-publishCert" */
-&(nid_objs[204]),/* "id-smime-ct-receipt" */
-&(nid_objs[195]),/* "id-smime-cti" */
-&(nid_objs[255]),/* "id-smime-cti-ets-proofOfApproval" */
-&(nid_objs[256]),/* "id-smime-cti-ets-proofOfCreation" */
-&(nid_objs[253]),/* "id-smime-cti-ets-proofOfDelivery" */
-&(nid_objs[251]),/* "id-smime-cti-ets-proofOfOrigin" */
-&(nid_objs[252]),/* "id-smime-cti-ets-proofOfReceipt" */
-&(nid_objs[254]),/* "id-smime-cti-ets-proofOfSender" */
-&(nid_objs[189]),/* "id-smime-mod" */
-&(nid_objs[196]),/* "id-smime-mod-cms" */
-&(nid_objs[197]),/* "id-smime-mod-ess" */
-&(nid_objs[202]),/* "id-smime-mod-ets-eSigPolicy-88" */
-&(nid_objs[203]),/* "id-smime-mod-ets-eSigPolicy-97" */
-&(nid_objs[200]),/* "id-smime-mod-ets-eSignature-88" */
-&(nid_objs[201]),/* "id-smime-mod-ets-eSignature-97" */
-&(nid_objs[199]),/* "id-smime-mod-msg-v3" */
-&(nid_objs[198]),/* "id-smime-mod-oid" */
-&(nid_objs[194]),/* "id-smime-spq" */
-&(nid_objs[250]),/* "id-smime-spq-ets-sqt-unotice" */
-&(nid_objs[249]),/* "id-smime-spq-ets-sqt-uri" */
-&(nid_objs[461]),/* "info" */
-&(nid_objs[101]),/* "initials" */
-&(nid_objs[142]),/* "invalidityDate" */
-&(nid_objs[294]),/* "ipsecEndSystem" */
-&(nid_objs[295]),/* "ipsecTunnel" */
-&(nid_objs[296]),/* "ipsecUser" */
-&(nid_objs[86]),/* "issuerAltName" */
-&(nid_objs[492]),/* "janetMailbox" */
-&(nid_objs[150]),/* "keyBag" */
-&(nid_objs[83]),/* "keyUsage" */
-&(nid_objs[477]),/* "lastModifiedBy" */
-&(nid_objs[476]),/* "lastModifiedTime" */
-&(nid_objs[157]),/* "localKeyID" */
-&(nid_objs[480]),/* "mXRecord" */
-&(nid_objs[460]),/* "mail" */
-&(nid_objs[493]),/* "mailPreferenceOption" */
-&(nid_objs[467]),/* "manager" */
-&(nid_objs[182]),/* "member-body" */
-&(nid_objs[51]),/* "messageDigest" */
-&(nid_objs[383]),/* "mgmt" */
-&(nid_objs[504]),/* "mime-mhs" */
-&(nid_objs[506]),/* "mime-mhs-bodies" */
-&(nid_objs[505]),/* "mime-mhs-headings" */
-&(nid_objs[488]),/* "mobileTelephoneNumber" */
-&(nid_objs[136]),/* "msCTLSign" */
-&(nid_objs[135]),/* "msCodeCom" */
-&(nid_objs[134]),/* "msCodeInd" */
-&(nid_objs[138]),/* "msEFS" */
-&(nid_objs[171]),/* "msExtReq" */
-&(nid_objs[137]),/* "msSGC" */
-&(nid_objs[648]),/* "msSmartcardLogin" */
-&(nid_objs[649]),/* "msUPN" */
-&(nid_objs[481]),/* "nSRecord" */
-&(nid_objs[173]),/* "name" */
-&(nid_objs[666]),/* "nameConstraints" */
-&(nid_objs[369]),/* "noCheck" */
-&(nid_objs[403]),/* "noRevAvail" */
-&(nid_objs[72]),/* "nsBaseUrl" */
-&(nid_objs[76]),/* "nsCaPolicyUrl" */
-&(nid_objs[74]),/* "nsCaRevocationUrl" */
-&(nid_objs[58]),/* "nsCertExt" */
-&(nid_objs[79]),/* "nsCertSequence" */
-&(nid_objs[71]),/* "nsCertType" */
-&(nid_objs[78]),/* "nsComment" */
-&(nid_objs[59]),/* "nsDataType" */
-&(nid_objs[75]),/* "nsRenewalUrl" */
-&(nid_objs[73]),/* "nsRevocationUrl" */
-&(nid_objs[139]),/* "nsSGC" */
-&(nid_objs[77]),/* "nsSslServerName" */
-&(nid_objs[491]),/* "organizationalStatus" */
-&(nid_objs[475]),/* "otherMailbox" */
-&(nid_objs[489]),/* "pagerTelephoneNumber" */
-&(nid_objs[374]),/* "path" */
-&(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */
-&(nid_objs[499]),/* "personalSignature" */
-&(nid_objs[487]),/* "personalTitle" */
-&(nid_objs[464]),/* "photo" */
-&(nid_objs[437]),/* "pilot" */
-&(nid_objs[439]),/* "pilotAttributeSyntax" */
-&(nid_objs[438]),/* "pilotAttributeType" */
-&(nid_objs[479]),/* "pilotAttributeType27" */
-&(nid_objs[456]),/* "pilotDSA" */
-&(nid_objs[441]),/* "pilotGroups" */
-&(nid_objs[444]),/* "pilotObject" */
-&(nid_objs[440]),/* "pilotObjectClass" */
-&(nid_objs[455]),/* "pilotOrganization" */
-&(nid_objs[445]),/* "pilotPerson" */
-&(nid_objs[ 2]),/* "pkcs" */
-&(nid_objs[186]),/* "pkcs1" */
-&(nid_objs[27]),/* "pkcs3" */
-&(nid_objs[187]),/* "pkcs5" */
-&(nid_objs[20]),/* "pkcs7" */
-&(nid_objs[21]),/* "pkcs7-data" */
-&(nid_objs[25]),/* "pkcs7-digestData" */
-&(nid_objs[26]),/* "pkcs7-encryptedData" */
-&(nid_objs[23]),/* "pkcs7-envelopedData" */
-&(nid_objs[24]),/* "pkcs7-signedAndEnvelopedData" */
-&(nid_objs[22]),/* "pkcs7-signedData" */
-&(nid_objs[151]),/* "pkcs8ShroudedKeyBag" */
-&(nid_objs[47]),/* "pkcs9" */
-&(nid_objs[401]),/* "policyConstraints" */
-&(nid_objs[661]),/* "postalCode" */
-&(nid_objs[406]),/* "prime-field" */
-&(nid_objs[409]),/* "prime192v1" */
-&(nid_objs[410]),/* "prime192v2" */
-&(nid_objs[411]),/* "prime192v3" */
-&(nid_objs[412]),/* "prime239v1" */
-&(nid_objs[413]),/* "prime239v2" */
-&(nid_objs[414]),/* "prime239v3" */
-&(nid_objs[415]),/* "prime256v1" */
-&(nid_objs[385]),/* "private" */
-&(nid_objs[84]),/* "privateKeyUsagePeriod" */
-&(nid_objs[663]),/* "proxyCertInfo" */
-&(nid_objs[510]),/* "pseudonym" */
-&(nid_objs[435]),/* "pss" */
-&(nid_objs[286]),/* "qcStatements" */
-&(nid_objs[457]),/* "qualityLabelledData" */
-&(nid_objs[450]),/* "rFC822localPart" */
-&(nid_objs[400]),/* "role" */
-&(nid_objs[448]),/* "room" */
-&(nid_objs[463]),/* "roomNumber" */
-&(nid_objs[ 6]),/* "rsaEncryption" */
-&(nid_objs[644]),/* "rsaOAEPEncryptionSET" */
-&(nid_objs[377]),/* "rsaSignature" */
-&(nid_objs[ 1]),/* "rsadsi" */
-&(nid_objs[482]),/* "sOARecord" */
-&(nid_objs[155]),/* "safeContentsBag" */
-&(nid_objs[291]),/* "sbgp-autonomousSysNum" */
-&(nid_objs[290]),/* "sbgp-ipAddrBlock" */
-&(nid_objs[292]),/* "sbgp-routerIdentifier" */
-&(nid_objs[159]),/* "sdsiCertificate" */
-&(nid_objs[154]),/* "secretBag" */
-&(nid_objs[474]),/* "secretary" */
-&(nid_objs[386]),/* "security" */
-&(nid_objs[394]),/* "selected-attribute-types" */
-&(nid_objs[105]),/* "serialNumber" */
-&(nid_objs[129]),/* "serverAuth" */
-&(nid_objs[371]),/* "serviceLocator" */
-&(nid_objs[625]),/* "set-addPolicy" */
-&(nid_objs[515]),/* "set-attr" */
-&(nid_objs[518]),/* "set-brand" */
-&(nid_objs[638]),/* "set-brand-AmericanExpress" */
-&(nid_objs[637]),/* "set-brand-Diners" */
-&(nid_objs[636]),/* "set-brand-IATA-ATA" */
-&(nid_objs[639]),/* "set-brand-JCB" */
-&(nid_objs[641]),/* "set-brand-MasterCard" */
-&(nid_objs[642]),/* "set-brand-Novus" */
-&(nid_objs[640]),/* "set-brand-Visa" */
-&(nid_objs[517]),/* "set-certExt" */
-&(nid_objs[513]),/* "set-ctype" */
-&(nid_objs[514]),/* "set-msgExt" */
-&(nid_objs[516]),/* "set-policy" */
-&(nid_objs[607]),/* "set-policy-root" */
-&(nid_objs[624]),/* "set-rootKeyThumb" */
-&(nid_objs[620]),/* "setAttr-Cert" */
-&(nid_objs[631]),/* "setAttr-GenCryptgrm" */
-&(nid_objs[623]),/* "setAttr-IssCap" */
-&(nid_objs[628]),/* "setAttr-IssCap-CVM" */
-&(nid_objs[630]),/* "setAttr-IssCap-Sig" */
-&(nid_objs[629]),/* "setAttr-IssCap-T2" */
-&(nid_objs[621]),/* "setAttr-PGWYcap" */
-&(nid_objs[635]),/* "setAttr-SecDevSig" */
-&(nid_objs[632]),/* "setAttr-T2Enc" */
-&(nid_objs[633]),/* "setAttr-T2cleartxt" */
-&(nid_objs[634]),/* "setAttr-TokICCsig" */
-&(nid_objs[627]),/* "setAttr-Token-B0Prime" */
-&(nid_objs[626]),/* "setAttr-Token-EMV" */
-&(nid_objs[622]),/* "setAttr-TokenType" */
-&(nid_objs[619]),/* "setCext-IssuerCapabilities" */
-&(nid_objs[615]),/* "setCext-PGWYcapabilities" */
-&(nid_objs[616]),/* "setCext-TokenIdentifier" */
-&(nid_objs[618]),/* "setCext-TokenType" */
-&(nid_objs[617]),/* "setCext-Track2Data" */
-&(nid_objs[611]),/* "setCext-cCertRequired" */
-&(nid_objs[609]),/* "setCext-certType" */
-&(nid_objs[608]),/* "setCext-hashedRoot" */
-&(nid_objs[610]),/* "setCext-merchData" */
-&(nid_objs[613]),/* "setCext-setExt" */
-&(nid_objs[614]),/* "setCext-setQualf" */
-&(nid_objs[612]),/* "setCext-tunneling" */
-&(nid_objs[540]),/* "setct-AcqCardCodeMsg" */
-&(nid_objs[576]),/* "setct-AcqCardCodeMsgTBE" */
-&(nid_objs[570]),/* "setct-AuthReqTBE" */
-&(nid_objs[534]),/* "setct-AuthReqTBS" */
-&(nid_objs[527]),/* "setct-AuthResBaggage" */
-&(nid_objs[571]),/* "setct-AuthResTBE" */
-&(nid_objs[572]),/* "setct-AuthResTBEX" */
-&(nid_objs[535]),/* "setct-AuthResTBS" */
-&(nid_objs[536]),/* "setct-AuthResTBSX" */
-&(nid_objs[528]),/* "setct-AuthRevReqBaggage" */
-&(nid_objs[577]),/* "setct-AuthRevReqTBE" */
-&(nid_objs[541]),/* "setct-AuthRevReqTBS" */
-&(nid_objs[529]),/* "setct-AuthRevResBaggage" */
-&(nid_objs[542]),/* "setct-AuthRevResData" */
-&(nid_objs[578]),/* "setct-AuthRevResTBE" */
-&(nid_objs[579]),/* "setct-AuthRevResTBEB" */
-&(nid_objs[543]),/* "setct-AuthRevResTBS" */
-&(nid_objs[573]),/* "setct-AuthTokenTBE" */
-&(nid_objs[537]),/* "setct-AuthTokenTBS" */
-&(nid_objs[600]),/* "setct-BCIDistributionTBS" */
-&(nid_objs[558]),/* "setct-BatchAdminReqData" */
-&(nid_objs[592]),/* "setct-BatchAdminReqTBE" */
-&(nid_objs[559]),/* "setct-BatchAdminResData" */
-&(nid_objs[593]),/* "setct-BatchAdminResTBE" */
-&(nid_objs[599]),/* "setct-CRLNotificationResTBS" */
-&(nid_objs[598]),/* "setct-CRLNotificationTBS" */
-&(nid_objs[580]),/* "setct-CapReqTBE" */
-&(nid_objs[581]),/* "setct-CapReqTBEX" */
-&(nid_objs[544]),/* "setct-CapReqTBS" */
-&(nid_objs[545]),/* "setct-CapReqTBSX" */
-&(nid_objs[546]),/* "setct-CapResData" */
-&(nid_objs[582]),/* "setct-CapResTBE" */
-&(nid_objs[583]),/* "setct-CapRevReqTBE" */
-&(nid_objs[584]),/* "setct-CapRevReqTBEX" */
-&(nid_objs[547]),/* "setct-CapRevReqTBS" */
-&(nid_objs[548]),/* "setct-CapRevReqTBSX" */
-&(nid_objs[549]),/* "setct-CapRevResData" */
-&(nid_objs[585]),/* "setct-CapRevResTBE" */
-&(nid_objs[538]),/* "setct-CapTokenData" */
-&(nid_objs[530]),/* "setct-CapTokenSeq" */
-&(nid_objs[574]),/* "setct-CapTokenTBE" */
-&(nid_objs[575]),/* "setct-CapTokenTBEX" */
-&(nid_objs[539]),/* "setct-CapTokenTBS" */
-&(nid_objs[560]),/* "setct-CardCInitResTBS" */
-&(nid_objs[566]),/* "setct-CertInqReqTBS" */
-&(nid_objs[563]),/* "setct-CertReqData" */
-&(nid_objs[595]),/* "setct-CertReqTBE" */
-&(nid_objs[596]),/* "setct-CertReqTBEX" */
-&(nid_objs[564]),/* "setct-CertReqTBS" */
-&(nid_objs[565]),/* "setct-CertResData" */
-&(nid_objs[597]),/* "setct-CertResTBE" */
-&(nid_objs[586]),/* "setct-CredReqTBE" */
-&(nid_objs[587]),/* "setct-CredReqTBEX" */
-&(nid_objs[550]),/* "setct-CredReqTBS" */
-&(nid_objs[551]),/* "setct-CredReqTBSX" */
-&(nid_objs[552]),/* "setct-CredResData" */
-&(nid_objs[588]),/* "setct-CredResTBE" */
-&(nid_objs[589]),/* "setct-CredRevReqTBE" */
-&(nid_objs[590]),/* "setct-CredRevReqTBEX" */
-&(nid_objs[553]),/* "setct-CredRevReqTBS" */
-&(nid_objs[554]),/* "setct-CredRevReqTBSX" */
-&(nid_objs[555]),/* "setct-CredRevResData" */
-&(nid_objs[591]),/* "setct-CredRevResTBE" */
-&(nid_objs[567]),/* "setct-ErrorTBS" */
-&(nid_objs[526]),/* "setct-HODInput" */
-&(nid_objs[561]),/* "setct-MeAqCInitResTBS" */
-&(nid_objs[522]),/* "setct-OIData" */
-&(nid_objs[519]),/* "setct-PANData" */
-&(nid_objs[521]),/* "setct-PANOnly" */
-&(nid_objs[520]),/* "setct-PANToken" */
-&(nid_objs[556]),/* "setct-PCertReqData" */
-&(nid_objs[557]),/* "setct-PCertResTBS" */
-&(nid_objs[523]),/* "setct-PI" */
-&(nid_objs[532]),/* "setct-PI-TBS" */
-&(nid_objs[524]),/* "setct-PIData" */
-&(nid_objs[525]),/* "setct-PIDataUnsigned" */
-&(nid_objs[568]),/* "setct-PIDualSignedTBE" */
-&(nid_objs[569]),/* "setct-PIUnsignedTBE" */
-&(nid_objs[531]),/* "setct-PInitResData" */
-&(nid_objs[533]),/* "setct-PResData" */
-&(nid_objs[594]),/* "setct-RegFormReqTBE" */
-&(nid_objs[562]),/* "setct-RegFormResTBS" */
-&(nid_objs[606]),/* "setext-cv" */
-&(nid_objs[601]),/* "setext-genCrypt" */
-&(nid_objs[602]),/* "setext-miAuth" */
-&(nid_objs[604]),/* "setext-pinAny" */
-&(nid_objs[603]),/* "setext-pinSecure" */
-&(nid_objs[605]),/* "setext-track2" */
-&(nid_objs[52]),/* "signingTime" */
-&(nid_objs[454]),/* "simpleSecurityObject" */
-&(nid_objs[496]),/* "singleLevelQuality" */
-&(nid_objs[387]),/* "snmpv2" */
-&(nid_objs[660]),/* "streetAddress" */
-&(nid_objs[85]),/* "subjectAltName" */
-&(nid_objs[398]),/* "subjectInfoAccess" */
-&(nid_objs[82]),/* "subjectKeyIdentifier" */
-&(nid_objs[498]),/* "subtreeMaximumQuality" */
-&(nid_objs[497]),/* "subtreeMinimumQuality" */
-&(nid_objs[402]),/* "targetInformation" */
-&(nid_objs[459]),/* "textEncodedORAddress" */
-&(nid_objs[293]),/* "textNotice" */
-&(nid_objs[133]),/* "timeStamping" */
-&(nid_objs[106]),/* "title" */
-&(nid_objs[375]),/* "trustRoot" */
-&(nid_objs[436]),/* "ucl" */
-&(nid_objs[55]),/* "unstructuredAddress" */
-&(nid_objs[49]),/* "unstructuredName" */
-&(nid_objs[465]),/* "userClass" */
-&(nid_objs[373]),/* "valid" */
-&(nid_objs[503]),/* "x500UniqueIdentifier" */
-&(nid_objs[158]),/* "x509Certificate" */
-&(nid_objs[160]),/* "x509Crl" */
-};
-
-static ASN1_OBJECT *ln_objs[NUM_LN]={
-&(nid_objs[363]),/* "AD Time Stamping" */
-&(nid_objs[405]),/* "ANSI X9.62" */
-&(nid_objs[368]),/* "Acceptable OCSP Responses" */
-&(nid_objs[664]),/* "Any language" */
-&(nid_objs[177]),/* "Authority Information Access" */
-&(nid_objs[365]),/* "Basic OCSP Response" */
-&(nid_objs[285]),/* "Biometric Info" */
-&(nid_objs[179]),/* "CA Issuers" */
-&(nid_objs[131]),/* "Code Signing" */
-&(nid_objs[382]),/* "Directory" */
-&(nid_objs[392]),/* "Domain" */
-&(nid_objs[132]),/* "E-mail Protection" */
-&(nid_objs[389]),/* "Enterprises" */
-&(nid_objs[384]),/* "Experimental" */
-&(nid_objs[372]),/* "Extended OCSP Status" */
-&(nid_objs[172]),/* "Extension Request" */
-&(nid_objs[432]),/* "Hold Instruction Call Issuer" */
-&(nid_objs[430]),/* "Hold Instruction Code" */
-&(nid_objs[431]),/* "Hold Instruction None" */
-&(nid_objs[433]),/* "Hold Instruction Reject" */
-&(nid_objs[634]),/* "ICC or token signature" */
-&(nid_objs[294]),/* "IPSec End System" */
-&(nid_objs[295]),/* "IPSec Tunnel" */
-&(nid_objs[296]),/* "IPSec User" */
-&(nid_objs[182]),/* "ISO Member Body" */
-&(nid_objs[183]),/* "ISO US Member Body" */
-&(nid_objs[667]),/* "Independent" */
-&(nid_objs[665]),/* "Inherit all" */
-&(nid_objs[142]),/* "Invalidity Date" */
-&(nid_objs[504]),/* "MIME MHS" */
-&(nid_objs[388]),/* "Mail" */
-&(nid_objs[383]),/* "Management" */
-&(nid_objs[417]),/* "Microsoft CSP Name" */
-&(nid_objs[135]),/* "Microsoft Commercial Code Signing" */
-&(nid_objs[138]),/* "Microsoft Encrypted File System" */
-&(nid_objs[171]),/* "Microsoft Extension Request" */
-&(nid_objs[134]),/* "Microsoft Individual Code Signing" */
-&(nid_objs[137]),/* "Microsoft Server Gated Crypto" */
-&(nid_objs[648]),/* "Microsoft Smartcardlogin" */
-&(nid_objs[136]),/* "Microsoft Trust List Signing" */
-&(nid_objs[649]),/* "Microsoft Universal Principal Name" */
-&(nid_objs[72]),/* "Netscape Base Url" */
-&(nid_objs[76]),/* "Netscape CA Policy Url" */
-&(nid_objs[74]),/* "Netscape CA Revocation Url" */
-&(nid_objs[71]),/* "Netscape Cert Type" */
-&(nid_objs[58]),/* "Netscape Certificate Extension" */
-&(nid_objs[79]),/* "Netscape Certificate Sequence" */
-&(nid_objs[78]),/* "Netscape Comment" */
-&(nid_objs[57]),/* "Netscape Communications Corp." */
-&(nid_objs[59]),/* "Netscape Data Type" */
-&(nid_objs[75]),/* "Netscape Renewal Url" */
-&(nid_objs[73]),/* "Netscape Revocation Url" */
-&(nid_objs[77]),/* "Netscape SSL Server Name" */
-&(nid_objs[139]),/* "Netscape Server Gated Crypto" */
-&(nid_objs[178]),/* "OCSP" */
-&(nid_objs[370]),/* "OCSP Archive Cutoff" */
-&(nid_objs[367]),/* "OCSP CRL ID" */
-&(nid_objs[369]),/* "OCSP No Check" */
-&(nid_objs[366]),/* "OCSP Nonce" */
-&(nid_objs[371]),/* "OCSP Service Locator" */
-&(nid_objs[180]),/* "OCSP Signing" */
-&(nid_objs[161]),/* "PBES2" */
-&(nid_objs[69]),/* "PBKDF2" */
-&(nid_objs[162]),/* "PBMAC1" */
-&(nid_objs[127]),/* "PKIX" */
-&(nid_objs[164]),/* "Policy Qualifier CPS" */
-&(nid_objs[165]),/* "Policy Qualifier User Notice" */
-&(nid_objs[385]),/* "Private" */
-&(nid_objs[663]),/* "Proxy Certificate Information" */
-&(nid_objs[ 1]),/* "RSA Data Security, Inc." */
-&(nid_objs[ 2]),/* "RSA Data Security, Inc. PKCS" */
-&(nid_objs[188]),/* "S/MIME" */
-&(nid_objs[167]),/* "S/MIME Capabilities" */
-&(nid_objs[387]),/* "SNMPv2" */
-&(nid_objs[512]),/* "Secure Electronic Transactions" */
-&(nid_objs[386]),/* "Security" */
-&(nid_objs[394]),/* "Selected Attribute Types" */
-&(nid_objs[143]),/* "Strong Extranet ID" */
-&(nid_objs[398]),/* "Subject Information Access" */
-&(nid_objs[130]),/* "TLS Web Client Authentication" */
-&(nid_objs[129]),/* "TLS Web Server Authentication" */
-&(nid_objs[133]),/* "Time Stamping" */
-&(nid_objs[375]),/* "Trust Root" */
-&(nid_objs[12]),/* "X509" */
-&(nid_objs[402]),/* "X509v3 AC Targeting" */
-&(nid_objs[90]),/* "X509v3 Authority Key Identifier" */
-&(nid_objs[87]),/* "X509v3 Basic Constraints" */
-&(nid_objs[103]),/* "X509v3 CRL Distribution Points" */
-&(nid_objs[88]),/* "X509v3 CRL Number" */
-&(nid_objs[141]),/* "X509v3 CRL Reason Code" */
-&(nid_objs[89]),/* "X509v3 Certificate Policies" */
-&(nid_objs[140]),/* "X509v3 Delta CRL Indicator" */
-&(nid_objs[126]),/* "X509v3 Extended Key Usage" */
-&(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */
-&(nid_objs[83]),/* "X509v3 Key Usage" */
-&(nid_objs[666]),/* "X509v3 Name Constraints" */
-&(nid_objs[403]),/* "X509v3 No Revocation Available" */
-&(nid_objs[401]),/* "X509v3 Policy Constraints" */
-&(nid_objs[84]),/* "X509v3 Private Key Usage Period" */
-&(nid_objs[85]),/* "X509v3 Subject Alternative Name" */
-&(nid_objs[82]),/* "X509v3 Subject Key Identifier" */
-&(nid_objs[184]),/* "X9.57" */
-&(nid_objs[185]),/* "X9.57 CM ?" */
-&(nid_objs[478]),/* "aRecord" */
-&(nid_objs[289]),/* "aaControls" */
-&(nid_objs[287]),/* "ac-auditEntity" */
-&(nid_objs[397]),/* "ac-proxying" */
-&(nid_objs[288]),/* "ac-targeting" */
-&(nid_objs[446]),/* "account" */
-&(nid_objs[364]),/* "ad dvcs" */
-&(nid_objs[606]),/* "additional verification" */
-&(nid_objs[419]),/* "aes-128-cbc" */
-&(nid_objs[421]),/* "aes-128-cfb" */
-&(nid_objs[650]),/* "aes-128-cfb1" */
-&(nid_objs[653]),/* "aes-128-cfb8" */
-&(nid_objs[418]),/* "aes-128-ecb" */
-&(nid_objs[420]),/* "aes-128-ofb" */
-&(nid_objs[423]),/* "aes-192-cbc" */
-&(nid_objs[425]),/* "aes-192-cfb" */
-&(nid_objs[651]),/* "aes-192-cfb1" */
-&(nid_objs[654]),/* "aes-192-cfb8" */
-&(nid_objs[422]),/* "aes-192-ecb" */
-&(nid_objs[424]),/* "aes-192-ofb" */
-&(nid_objs[427]),/* "aes-256-cbc" */
-&(nid_objs[429]),/* "aes-256-cfb" */
-&(nid_objs[652]),/* "aes-256-cfb1" */
-&(nid_objs[655]),/* "aes-256-cfb8" */
-&(nid_objs[426]),/* "aes-256-ecb" */
-&(nid_objs[428]),/* "aes-256-ofb" */
-&(nid_objs[376]),/* "algorithm" */
-&(nid_objs[484]),/* "associatedDomain" */
-&(nid_objs[485]),/* "associatedName" */
-&(nid_objs[501]),/* "audio" */
-&(nid_objs[91]),/* "bf-cbc" */
-&(nid_objs[93]),/* "bf-cfb" */
-&(nid_objs[92]),/* "bf-ecb" */
-&(nid_objs[94]),/* "bf-ofb" */
-&(nid_objs[494]),/* "buildingName" */
-&(nid_objs[483]),/* "cNAMERecord" */
-&(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */
-&(nid_objs[108]),/* "cast5-cbc" */
-&(nid_objs[110]),/* "cast5-cfb" */
-&(nid_objs[109]),/* "cast5-ecb" */
-&(nid_objs[111]),/* "cast5-ofb" */
-&(nid_objs[404]),/* "ccitt" */
-&(nid_objs[152]),/* "certBag" */
-&(nid_objs[517]),/* "certificate extensions" */
-&(nid_objs[54]),/* "challengePassword" */
-&(nid_objs[407]),/* "characteristic-two-field" */
-&(nid_objs[395]),/* "clearance" */
-&(nid_objs[633]),/* "cleartext track 2" */
-&(nid_objs[13]),/* "commonName" */
-&(nid_objs[513]),/* "content types" */
-&(nid_objs[50]),/* "contentType" */
-&(nid_objs[53]),/* "countersignature" */
-&(nid_objs[14]),/* "countryName" */
-&(nid_objs[153]),/* "crlBag" */
-&(nid_objs[500]),/* "dITRedirect" */
-&(nid_objs[451]),/* "dNSDomain" */
-&(nid_objs[495]),/* "dSAQuality" */
-&(nid_objs[434]),/* "data" */
-&(nid_objs[390]),/* "dcObject" */
-&(nid_objs[31]),/* "des-cbc" */
-&(nid_objs[643]),/* "des-cdmf" */
-&(nid_objs[30]),/* "des-cfb" */
-&(nid_objs[656]),/* "des-cfb1" */
-&(nid_objs[657]),/* "des-cfb8" */
-&(nid_objs[29]),/* "des-ecb" */
-&(nid_objs[32]),/* "des-ede" */
-&(nid_objs[43]),/* "des-ede-cbc" */
-&(nid_objs[60]),/* "des-ede-cfb" */
-&(nid_objs[62]),/* "des-ede-ofb" */
-&(nid_objs[33]),/* "des-ede3" */
-&(nid_objs[44]),/* "des-ede3-cbc" */
-&(nid_objs[61]),/* "des-ede3-cfb" */
-&(nid_objs[658]),/* "des-ede3-cfb1" */
-&(nid_objs[659]),/* "des-ede3-cfb8" */
-&(nid_objs[63]),/* "des-ede3-ofb" */
-&(nid_objs[45]),/* "des-ofb" */
-&(nid_objs[107]),/* "description" */
-&(nid_objs[80]),/* "desx-cbc" */
-&(nid_objs[28]),/* "dhKeyAgreement" */
-&(nid_objs[11]),/* "directory services (X.500)" */
-&(nid_objs[378]),/* "directory services - algorithms" */
-&(nid_objs[174]),/* "dnQualifier" */
-&(nid_objs[447]),/* "document" */
-&(nid_objs[471]),/* "documentAuthor" */
-&(nid_objs[468]),/* "documentIdentifier" */
-&(nid_objs[472]),/* "documentLocation" */
-&(nid_objs[502]),/* "documentPublisher" */
-&(nid_objs[449]),/* "documentSeries" */
-&(nid_objs[469]),/* "documentTitle" */
-&(nid_objs[470]),/* "documentVersion" */
-&(nid_objs[380]),/* "dod" */
-&(nid_objs[391]),/* "domainComponent" */
-&(nid_objs[452]),/* "domainRelatedObject" */
-&(nid_objs[116]),/* "dsaEncryption" */
-&(nid_objs[67]),/* "dsaEncryption-old" */
-&(nid_objs[66]),/* "dsaWithSHA" */
-&(nid_objs[113]),/* "dsaWithSHA1" */
-&(nid_objs[70]),/* "dsaWithSHA1-old" */
-&(nid_objs[297]),/* "dvcs" */
-&(nid_objs[416]),/* "ecdsa-with-SHA1" */
-&(nid_objs[48]),/* "emailAddress" */
-&(nid_objs[632]),/* "encrypted track 2" */
-&(nid_objs[56]),/* "extendedCertificateAttributes" */
-&(nid_objs[462]),/* "favouriteDrink" */
-&(nid_objs[453]),/* "friendlyCountry" */
-&(nid_objs[490]),/* "friendlyCountryName" */
-&(nid_objs[156]),/* "friendlyName" */
-&(nid_objs[631]),/* "generate cryptogram" */
-&(nid_objs[509]),/* "generationQualifier" */
-&(nid_objs[601]),/* "generic cryptogram" */
-&(nid_objs[99]),/* "givenName" */
-&(nid_objs[163]),/* "hmacWithSHA1" */
-&(nid_objs[486]),/* "homePostalAddress" */
-&(nid_objs[473]),/* "homeTelephoneNumber" */
-&(nid_objs[466]),/* "host" */
-&(nid_objs[442]),/* "iA5StringSyntax" */
-&(nid_objs[381]),/* "iana" */
-&(nid_objs[266]),/* "id-aca" */
-&(nid_objs[355]),/* "id-aca-accessIdentity" */
-&(nid_objs[354]),/* "id-aca-authenticationInfo" */
-&(nid_objs[356]),/* "id-aca-chargingIdentity" */
-&(nid_objs[399]),/* "id-aca-encAttrs" */
-&(nid_objs[357]),/* "id-aca-group" */
-&(nid_objs[358]),/* "id-aca-role" */
-&(nid_objs[176]),/* "id-ad" */
-&(nid_objs[262]),/* "id-alg" */
-&(nid_objs[323]),/* "id-alg-des40" */
-&(nid_objs[326]),/* "id-alg-dh-pop" */
-&(nid_objs[325]),/* "id-alg-dh-sig-hmac-sha1" */
-&(nid_objs[324]),/* "id-alg-noSignature" */
-&(nid_objs[268]),/* "id-cct" */
-&(nid_objs[361]),/* "id-cct-PKIData" */
-&(nid_objs[362]),/* "id-cct-PKIResponse" */
-&(nid_objs[360]),/* "id-cct-crs" */
-&(nid_objs[81]),/* "id-ce" */
-&(nid_objs[263]),/* "id-cmc" */
-&(nid_objs[334]),/* "id-cmc-addExtensions" */
-&(nid_objs[346]),/* "id-cmc-confirmCertAcceptance" */
-&(nid_objs[330]),/* "id-cmc-dataReturn" */
-&(nid_objs[336]),/* "id-cmc-decryptedPOP" */
-&(nid_objs[335]),/* "id-cmc-encryptedPOP" */
-&(nid_objs[339]),/* "id-cmc-getCRL" */
-&(nid_objs[338]),/* "id-cmc-getCert" */
-&(nid_objs[328]),/* "id-cmc-identification" */
-&(nid_objs[329]),/* "id-cmc-identityProof" */
-&(nid_objs[337]),/* "id-cmc-lraPOPWitness" */
-&(nid_objs[344]),/* "id-cmc-popLinkRandom" */
-&(nid_objs[345]),/* "id-cmc-popLinkWitness" */
-&(nid_objs[343]),/* "id-cmc-queryPending" */
-&(nid_objs[333]),/* "id-cmc-recipientNonce" */
-&(nid_objs[341]),/* "id-cmc-regInfo" */
-&(nid_objs[342]),/* "id-cmc-responseInfo" */
-&(nid_objs[340]),/* "id-cmc-revokeRequest" */
-&(nid_objs[332]),/* "id-cmc-senderNonce" */
-&(nid_objs[327]),/* "id-cmc-statusInfo" */
-&(nid_objs[331]),/* "id-cmc-transactionId" */
-&(nid_objs[408]),/* "id-ecPublicKey" */
-&(nid_objs[508]),/* "id-hex-multipart-message" */
-&(nid_objs[507]),/* "id-hex-partial-message" */
-&(nid_objs[260]),/* "id-it" */
-&(nid_objs[302]),/* "id-it-caKeyUpdateInfo" */
-&(nid_objs[298]),/* "id-it-caProtEncCert" */
-&(nid_objs[311]),/* "id-it-confirmWaitTime" */
-&(nid_objs[303]),/* "id-it-currentCRL" */
-&(nid_objs[300]),/* "id-it-encKeyPairTypes" */
-&(nid_objs[310]),/* "id-it-implicitConfirm" */
-&(nid_objs[308]),/* "id-it-keyPairParamRep" */
-&(nid_objs[307]),/* "id-it-keyPairParamReq" */
-&(nid_objs[312]),/* "id-it-origPKIMessage" */
-&(nid_objs[301]),/* "id-it-preferredSymmAlg" */
-&(nid_objs[309]),/* "id-it-revPassphrase" */
-&(nid_objs[299]),/* "id-it-signKeyPairTypes" */
-&(nid_objs[305]),/* "id-it-subscriptionRequest" */
-&(nid_objs[306]),/* "id-it-subscriptionResponse" */
-&(nid_objs[304]),/* "id-it-unsupportedOIDs" */
-&(nid_objs[128]),/* "id-kp" */
-&(nid_objs[280]),/* "id-mod-attribute-cert" */
-&(nid_objs[274]),/* "id-mod-cmc" */
-&(nid_objs[277]),/* "id-mod-cmp" */
-&(nid_objs[284]),/* "id-mod-cmp2000" */
-&(nid_objs[273]),/* "id-mod-crmf" */
-&(nid_objs[283]),/* "id-mod-dvcs" */
-&(nid_objs[275]),/* "id-mod-kea-profile-88" */
-&(nid_objs[276]),/* "id-mod-kea-profile-93" */
-&(nid_objs[282]),/* "id-mod-ocsp" */
-&(nid_objs[278]),/* "id-mod-qualified-cert-88" */
-&(nid_objs[279]),/* "id-mod-qualified-cert-93" */
-&(nid_objs[281]),/* "id-mod-timestamp-protocol" */
-&(nid_objs[264]),/* "id-on" */
-&(nid_objs[347]),/* "id-on-personalData" */
-&(nid_objs[265]),/* "id-pda" */
-&(nid_objs[352]),/* "id-pda-countryOfCitizenship" */
-&(nid_objs[353]),/* "id-pda-countryOfResidence" */
-&(nid_objs[348]),/* "id-pda-dateOfBirth" */
-&(nid_objs[351]),/* "id-pda-gender" */
-&(nid_objs[349]),/* "id-pda-placeOfBirth" */
-&(nid_objs[175]),/* "id-pe" */
-&(nid_objs[261]),/* "id-pkip" */
-&(nid_objs[258]),/* "id-pkix-mod" */
-&(nid_objs[269]),/* "id-pkix1-explicit-88" */
-&(nid_objs[271]),/* "id-pkix1-explicit-93" */
-&(nid_objs[270]),/* "id-pkix1-implicit-88" */
-&(nid_objs[272]),/* "id-pkix1-implicit-93" */
-&(nid_objs[662]),/* "id-ppl" */
-&(nid_objs[267]),/* "id-qcs" */
-&(nid_objs[359]),/* "id-qcs-pkixQCSyntax-v1" */
-&(nid_objs[259]),/* "id-qt" */
-&(nid_objs[313]),/* "id-regCtrl" */
-&(nid_objs[316]),/* "id-regCtrl-authenticator" */
-&(nid_objs[319]),/* "id-regCtrl-oldCertID" */
-&(nid_objs[318]),/* "id-regCtrl-pkiArchiveOptions" */
-&(nid_objs[317]),/* "id-regCtrl-pkiPublicationInfo" */
-&(nid_objs[320]),/* "id-regCtrl-protocolEncrKey" */
-&(nid_objs[315]),/* "id-regCtrl-regToken" */
-&(nid_objs[314]),/* "id-regInfo" */
-&(nid_objs[322]),/* "id-regInfo-certReq" */
-&(nid_objs[321]),/* "id-regInfo-utf8Pairs" */
-&(nid_objs[191]),/* "id-smime-aa" */
-&(nid_objs[215]),/* "id-smime-aa-contentHint" */
-&(nid_objs[218]),/* "id-smime-aa-contentIdentifier" */
-&(nid_objs[221]),/* "id-smime-aa-contentReference" */
-&(nid_objs[240]),/* "id-smime-aa-dvcs-dvc" */
-&(nid_objs[217]),/* "id-smime-aa-encapContentType" */
-&(nid_objs[222]),/* "id-smime-aa-encrypKeyPref" */
-&(nid_objs[220]),/* "id-smime-aa-equivalentLabels" */
-&(nid_objs[232]),/* "id-smime-aa-ets-CertificateRefs" */
-&(nid_objs[233]),/* "id-smime-aa-ets-RevocationRefs" */
-&(nid_objs[238]),/* "id-smime-aa-ets-archiveTimeStamp" */
-&(nid_objs[237]),/* "id-smime-aa-ets-certCRLTimestamp" */
-&(nid_objs[234]),/* "id-smime-aa-ets-certValues" */
-&(nid_objs[227]),/* "id-smime-aa-ets-commitmentType" */
-&(nid_objs[231]),/* "id-smime-aa-ets-contentTimestamp" */
-&(nid_objs[236]),/* "id-smime-aa-ets-escTimeStamp" */
-&(nid_objs[230]),/* "id-smime-aa-ets-otherSigCert" */
-&(nid_objs[235]),/* "id-smime-aa-ets-revocationValues" */
-&(nid_objs[226]),/* "id-smime-aa-ets-sigPolicyId" */
-&(nid_objs[229]),/* "id-smime-aa-ets-signerAttr" */
-&(nid_objs[228]),/* "id-smime-aa-ets-signerLocation" */
-&(nid_objs[219]),/* "id-smime-aa-macValue" */
-&(nid_objs[214]),/* "id-smime-aa-mlExpandHistory" */
-&(nid_objs[216]),/* "id-smime-aa-msgSigDigest" */
-&(nid_objs[212]),/* "id-smime-aa-receiptRequest" */
-&(nid_objs[213]),/* "id-smime-aa-securityLabel" */
-&(nid_objs[239]),/* "id-smime-aa-signatureType" */
-&(nid_objs[223]),/* "id-smime-aa-signingCertificate" */
-&(nid_objs[224]),/* "id-smime-aa-smimeEncryptCerts" */
-&(nid_objs[225]),/* "id-smime-aa-timeStampToken" */
-&(nid_objs[192]),/* "id-smime-alg" */
-&(nid_objs[243]),/* "id-smime-alg-3DESwrap" */
-&(nid_objs[246]),/* "id-smime-alg-CMS3DESwrap" */
-&(nid_objs[247]),/* "id-smime-alg-CMSRC2wrap" */
-&(nid_objs[245]),/* "id-smime-alg-ESDH" */
-&(nid_objs[241]),/* "id-smime-alg-ESDHwith3DES" */
-&(nid_objs[242]),/* "id-smime-alg-ESDHwithRC2" */
-&(nid_objs[244]),/* "id-smime-alg-RC2wrap" */
-&(nid_objs[193]),/* "id-smime-cd" */
-&(nid_objs[248]),/* "id-smime-cd-ldap" */
-&(nid_objs[190]),/* "id-smime-ct" */
-&(nid_objs[210]),/* "id-smime-ct-DVCSRequestData" */
-&(nid_objs[211]),/* "id-smime-ct-DVCSResponseData" */
-&(nid_objs[208]),/* "id-smime-ct-TDTInfo" */
-&(nid_objs[207]),/* "id-smime-ct-TSTInfo" */
-&(nid_objs[205]),/* "id-smime-ct-authData" */
-&(nid_objs[209]),/* "id-smime-ct-contentInfo" */
-&(nid_objs[206]),/* "id-smime-ct-publishCert" */
-&(nid_objs[204]),/* "id-smime-ct-receipt" */
-&(nid_objs[195]),/* "id-smime-cti" */
-&(nid_objs[255]),/* "id-smime-cti-ets-proofOfApproval" */
-&(nid_objs[256]),/* "id-smime-cti-ets-proofOfCreation" */
-&(nid_objs[253]),/* "id-smime-cti-ets-proofOfDelivery" */
-&(nid_objs[251]),/* "id-smime-cti-ets-proofOfOrigin" */
-&(nid_objs[252]),/* "id-smime-cti-ets-proofOfReceipt" */
-&(nid_objs[254]),/* "id-smime-cti-ets-proofOfSender" */
-&(nid_objs[189]),/* "id-smime-mod" */
-&(nid_objs[196]),/* "id-smime-mod-cms" */
-&(nid_objs[197]),/* "id-smime-mod-ess" */
-&(nid_objs[202]),/* "id-smime-mod-ets-eSigPolicy-88" */
-&(nid_objs[203]),/* "id-smime-mod-ets-eSigPolicy-97" */
-&(nid_objs[200]),/* "id-smime-mod-ets-eSignature-88" */
-&(nid_objs[201]),/* "id-smime-mod-ets-eSignature-97" */
-&(nid_objs[199]),/* "id-smime-mod-msg-v3" */
-&(nid_objs[198]),/* "id-smime-mod-oid" */
-&(nid_objs[194]),/* "id-smime-spq" */
-&(nid_objs[250]),/* "id-smime-spq-ets-sqt-unotice" */
-&(nid_objs[249]),/* "id-smime-spq-ets-sqt-uri" */
-&(nid_objs[34]),/* "idea-cbc" */
-&(nid_objs[35]),/* "idea-cfb" */
-&(nid_objs[36]),/* "idea-ecb" */
-&(nid_objs[46]),/* "idea-ofb" */
-&(nid_objs[461]),/* "info" */
-&(nid_objs[101]),/* "initials" */
-&(nid_objs[181]),/* "iso" */
-&(nid_objs[623]),/* "issuer capabilities" */
-&(nid_objs[492]),/* "janetMailbox" */
-&(nid_objs[393]),/* "joint-iso-ccitt" */
-&(nid_objs[150]),/* "keyBag" */
-&(nid_objs[477]),/* "lastModifiedBy" */
-&(nid_objs[476]),/* "lastModifiedTime" */
-&(nid_objs[157]),/* "localKeyID" */
-&(nid_objs[15]),/* "localityName" */
-&(nid_objs[480]),/* "mXRecord" */
-&(nid_objs[493]),/* "mailPreferenceOption" */
-&(nid_objs[467]),/* "manager" */
-&(nid_objs[ 3]),/* "md2" */
-&(nid_objs[ 7]),/* "md2WithRSAEncryption" */
-&(nid_objs[257]),/* "md4" */
-&(nid_objs[396]),/* "md4WithRSAEncryption" */
-&(nid_objs[ 4]),/* "md5" */
-&(nid_objs[114]),/* "md5-sha1" */
-&(nid_objs[104]),/* "md5WithRSA" */
-&(nid_objs[ 8]),/* "md5WithRSAEncryption" */
-&(nid_objs[95]),/* "mdc2" */
-&(nid_objs[96]),/* "mdc2WithRSA" */
-&(nid_objs[602]),/* "merchant initiated auth" */
-&(nid_objs[514]),/* "message extensions" */
-&(nid_objs[51]),/* "messageDigest" */
-&(nid_objs[506]),/* "mime-mhs-bodies" */
-&(nid_objs[505]),/* "mime-mhs-headings" */
-&(nid_objs[488]),/* "mobileTelephoneNumber" */
-&(nid_objs[481]),/* "nSRecord" */
-&(nid_objs[173]),/* "name" */
-&(nid_objs[379]),/* "org" */
-&(nid_objs[17]),/* "organizationName" */
-&(nid_objs[491]),/* "organizationalStatus" */
-&(nid_objs[18]),/* "organizationalUnitName" */
-&(nid_objs[475]),/* "otherMailbox" */
-&(nid_objs[489]),/* "pagerTelephoneNumber" */
-&(nid_objs[374]),/* "path" */
-&(nid_objs[621]),/* "payment gateway capabilities" */
-&(nid_objs[ 9]),/* "pbeWithMD2AndDES-CBC" */
-&(nid_objs[168]),/* "pbeWithMD2AndRC2-CBC" */
-&(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */
-&(nid_objs[10]),/* "pbeWithMD5AndDES-CBC" */
-&(nid_objs[169]),/* "pbeWithMD5AndRC2-CBC" */
-&(nid_objs[148]),/* "pbeWithSHA1And128BitRC2-CBC" */
-&(nid_objs[144]),/* "pbeWithSHA1And128BitRC4" */
-&(nid_objs[147]),/* "pbeWithSHA1And2-KeyTripleDES-CBC" */
-&(nid_objs[146]),/* "pbeWithSHA1And3-KeyTripleDES-CBC" */
-&(nid_objs[149]),/* "pbeWithSHA1And40BitRC2-CBC" */
-&(nid_objs[145]),/* "pbeWithSHA1And40BitRC4" */
-&(nid_objs[170]),/* "pbeWithSHA1AndDES-CBC" */
-&(nid_objs[68]),/* "pbeWithSHA1AndRC2-CBC" */
-&(nid_objs[499]),/* "personalSignature" */
-&(nid_objs[487]),/* "personalTitle" */
-&(nid_objs[464]),/* "photo" */
-&(nid_objs[437]),/* "pilot" */
-&(nid_objs[439]),/* "pilotAttributeSyntax" */
-&(nid_objs[438]),/* "pilotAttributeType" */
-&(nid_objs[479]),/* "pilotAttributeType27" */
-&(nid_objs[456]),/* "pilotDSA" */
-&(nid_objs[441]),/* "pilotGroups" */
-&(nid_objs[444]),/* "pilotObject" */
-&(nid_objs[440]),/* "pilotObjectClass" */
-&(nid_objs[455]),/* "pilotOrganization" */
-&(nid_objs[445]),/* "pilotPerson" */
-&(nid_objs[186]),/* "pkcs1" */
-&(nid_objs[27]),/* "pkcs3" */
-&(nid_objs[187]),/* "pkcs5" */
-&(nid_objs[20]),/* "pkcs7" */
-&(nid_objs[21]),/* "pkcs7-data" */
-&(nid_objs[25]),/* "pkcs7-digestData" */
-&(nid_objs[26]),/* "pkcs7-encryptedData" */
-&(nid_objs[23]),/* "pkcs7-envelopedData" */
-&(nid_objs[24]),/* "pkcs7-signedAndEnvelopedData" */
-&(nid_objs[22]),/* "pkcs7-signedData" */
-&(nid_objs[151]),/* "pkcs8ShroudedKeyBag" */
-&(nid_objs[47]),/* "pkcs9" */
-&(nid_objs[661]),/* "postalCode" */
-&(nid_objs[406]),/* "prime-field" */
-&(nid_objs[409]),/* "prime192v1" */
-&(nid_objs[410]),/* "prime192v2" */
-&(nid_objs[411]),/* "prime192v3" */
-&(nid_objs[412]),/* "prime239v1" */
-&(nid_objs[413]),/* "prime239v2" */
-&(nid_objs[414]),/* "prime239v3" */
-&(nid_objs[415]),/* "prime256v1" */
-&(nid_objs[510]),/* "pseudonym" */
-&(nid_objs[435]),/* "pss" */
-&(nid_objs[286]),/* "qcStatements" */
-&(nid_objs[457]),/* "qualityLabelledData" */
-&(nid_objs[450]),/* "rFC822localPart" */
-&(nid_objs[98]),/* "rc2-40-cbc" */
-&(nid_objs[166]),/* "rc2-64-cbc" */
-&(nid_objs[37]),/* "rc2-cbc" */
-&(nid_objs[39]),/* "rc2-cfb" */
-&(nid_objs[38]),/* "rc2-ecb" */
-&(nid_objs[40]),/* "rc2-ofb" */
-&(nid_objs[ 5]),/* "rc4" */
-&(nid_objs[97]),/* "rc4-40" */
-&(nid_objs[120]),/* "rc5-cbc" */
-&(nid_objs[122]),/* "rc5-cfb" */
-&(nid_objs[121]),/* "rc5-ecb" */
-&(nid_objs[123]),/* "rc5-ofb" */
-&(nid_objs[460]),/* "rfc822Mailbox" */
-&(nid_objs[117]),/* "ripemd160" */
-&(nid_objs[119]),/* "ripemd160WithRSA" */
-&(nid_objs[400]),/* "role" */
-&(nid_objs[448]),/* "room" */
-&(nid_objs[463]),/* "roomNumber" */
-&(nid_objs[19]),/* "rsa" */
-&(nid_objs[ 6]),/* "rsaEncryption" */
-&(nid_objs[644]),/* "rsaOAEPEncryptionSET" */
-&(nid_objs[377]),/* "rsaSignature" */
-&(nid_objs[124]),/* "run length compression" */
-&(nid_objs[482]),/* "sOARecord" */
-&(nid_objs[155]),/* "safeContentsBag" */
-&(nid_objs[291]),/* "sbgp-autonomousSysNum" */
-&(nid_objs[290]),/* "sbgp-ipAddrBlock" */
-&(nid_objs[292]),/* "sbgp-routerIdentifier" */
-&(nid_objs[159]),/* "sdsiCertificate" */
-&(nid_objs[154]),/* "secretBag" */
-&(nid_objs[474]),/* "secretary" */
-&(nid_objs[635]),/* "secure device signature" */
-&(nid_objs[105]),/* "serialNumber" */
-&(nid_objs[625]),/* "set-addPolicy" */
-&(nid_objs[515]),/* "set-attr" */
-&(nid_objs[518]),/* "set-brand" */
-&(nid_objs[638]),/* "set-brand-AmericanExpress" */
-&(nid_objs[637]),/* "set-brand-Diners" */
-&(nid_objs[636]),/* "set-brand-IATA-ATA" */
-&(nid_objs[639]),/* "set-brand-JCB" */
-&(nid_objs[641]),/* "set-brand-MasterCard" */
-&(nid_objs[642]),/* "set-brand-Novus" */
-&(nid_objs[640]),/* "set-brand-Visa" */
-&(nid_objs[516]),/* "set-policy" */
-&(nid_objs[607]),/* "set-policy-root" */
-&(nid_objs[624]),/* "set-rootKeyThumb" */
-&(nid_objs[620]),/* "setAttr-Cert" */
-&(nid_objs[628]),/* "setAttr-IssCap-CVM" */
-&(nid_objs[630]),/* "setAttr-IssCap-Sig" */
-&(nid_objs[629]),/* "setAttr-IssCap-T2" */
-&(nid_objs[627]),/* "setAttr-Token-B0Prime" */
-&(nid_objs[626]),/* "setAttr-Token-EMV" */
-&(nid_objs[622]),/* "setAttr-TokenType" */
-&(nid_objs[619]),/* "setCext-IssuerCapabilities" */
-&(nid_objs[615]),/* "setCext-PGWYcapabilities" */
-&(nid_objs[616]),/* "setCext-TokenIdentifier" */
-&(nid_objs[618]),/* "setCext-TokenType" */
-&(nid_objs[617]),/* "setCext-Track2Data" */
-&(nid_objs[611]),/* "setCext-cCertRequired" */
-&(nid_objs[609]),/* "setCext-certType" */
-&(nid_objs[608]),/* "setCext-hashedRoot" */
-&(nid_objs[610]),/* "setCext-merchData" */
-&(nid_objs[613]),/* "setCext-setExt" */
-&(nid_objs[614]),/* "setCext-setQualf" */
-&(nid_objs[612]),/* "setCext-tunneling" */
-&(nid_objs[540]),/* "setct-AcqCardCodeMsg" */
-&(nid_objs[576]),/* "setct-AcqCardCodeMsgTBE" */
-&(nid_objs[570]),/* "setct-AuthReqTBE" */
-&(nid_objs[534]),/* "setct-AuthReqTBS" */
-&(nid_objs[527]),/* "setct-AuthResBaggage" */
-&(nid_objs[571]),/* "setct-AuthResTBE" */
-&(nid_objs[572]),/* "setct-AuthResTBEX" */
-&(nid_objs[535]),/* "setct-AuthResTBS" */
-&(nid_objs[536]),/* "setct-AuthResTBSX" */
-&(nid_objs[528]),/* "setct-AuthRevReqBaggage" */
-&(nid_objs[577]),/* "setct-AuthRevReqTBE" */
-&(nid_objs[541]),/* "setct-AuthRevReqTBS" */
-&(nid_objs[529]),/* "setct-AuthRevResBaggage" */
-&(nid_objs[542]),/* "setct-AuthRevResData" */
-&(nid_objs[578]),/* "setct-AuthRevResTBE" */
-&(nid_objs[579]),/* "setct-AuthRevResTBEB" */
-&(nid_objs[543]),/* "setct-AuthRevResTBS" */
-&(nid_objs[573]),/* "setct-AuthTokenTBE" */
-&(nid_objs[537]),/* "setct-AuthTokenTBS" */
-&(nid_objs[600]),/* "setct-BCIDistributionTBS" */
-&(nid_objs[558]),/* "setct-BatchAdminReqData" */
-&(nid_objs[592]),/* "setct-BatchAdminReqTBE" */
-&(nid_objs[559]),/* "setct-BatchAdminResData" */
-&(nid_objs[593]),/* "setct-BatchAdminResTBE" */
-&(nid_objs[599]),/* "setct-CRLNotificationResTBS" */
-&(nid_objs[598]),/* "setct-CRLNotificationTBS" */
-&(nid_objs[580]),/* "setct-CapReqTBE" */
-&(nid_objs[581]),/* "setct-CapReqTBEX" */
-&(nid_objs[544]),/* "setct-CapReqTBS" */
-&(nid_objs[545]),/* "setct-CapReqTBSX" */
-&(nid_objs[546]),/* "setct-CapResData" */
-&(nid_objs[582]),/* "setct-CapResTBE" */
-&(nid_objs[583]),/* "setct-CapRevReqTBE" */
-&(nid_objs[584]),/* "setct-CapRevReqTBEX" */
-&(nid_objs[547]),/* "setct-CapRevReqTBS" */
-&(nid_objs[548]),/* "setct-CapRevReqTBSX" */
-&(nid_objs[549]),/* "setct-CapRevResData" */
-&(nid_objs[585]),/* "setct-CapRevResTBE" */
-&(nid_objs[538]),/* "setct-CapTokenData" */
-&(nid_objs[530]),/* "setct-CapTokenSeq" */
-&(nid_objs[574]),/* "setct-CapTokenTBE" */
-&(nid_objs[575]),/* "setct-CapTokenTBEX" */
-&(nid_objs[539]),/* "setct-CapTokenTBS" */
-&(nid_objs[560]),/* "setct-CardCInitResTBS" */
-&(nid_objs[566]),/* "setct-CertInqReqTBS" */
-&(nid_objs[563]),/* "setct-CertReqData" */
-&(nid_objs[595]),/* "setct-CertReqTBE" */
-&(nid_objs[596]),/* "setct-CertReqTBEX" */
-&(nid_objs[564]),/* "setct-CertReqTBS" */
-&(nid_objs[565]),/* "setct-CertResData" */
-&(nid_objs[597]),/* "setct-CertResTBE" */
-&(nid_objs[586]),/* "setct-CredReqTBE" */
-&(nid_objs[587]),/* "setct-CredReqTBEX" */
-&(nid_objs[550]),/* "setct-CredReqTBS" */
-&(nid_objs[551]),/* "setct-CredReqTBSX" */
-&(nid_objs[552]),/* "setct-CredResData" */
-&(nid_objs[588]),/* "setct-CredResTBE" */
-&(nid_objs[589]),/* "setct-CredRevReqTBE" */
-&(nid_objs[590]),/* "setct-CredRevReqTBEX" */
-&(nid_objs[553]),/* "setct-CredRevReqTBS" */
-&(nid_objs[554]),/* "setct-CredRevReqTBSX" */
-&(nid_objs[555]),/* "setct-CredRevResData" */
-&(nid_objs[591]),/* "setct-CredRevResTBE" */
-&(nid_objs[567]),/* "setct-ErrorTBS" */
-&(nid_objs[526]),/* "setct-HODInput" */
-&(nid_objs[561]),/* "setct-MeAqCInitResTBS" */
-&(nid_objs[522]),/* "setct-OIData" */
-&(nid_objs[519]),/* "setct-PANData" */
-&(nid_objs[521]),/* "setct-PANOnly" */
-&(nid_objs[520]),/* "setct-PANToken" */
-&(nid_objs[556]),/* "setct-PCertReqData" */
-&(nid_objs[557]),/* "setct-PCertResTBS" */
-&(nid_objs[523]),/* "setct-PI" */
-&(nid_objs[532]),/* "setct-PI-TBS" */
-&(nid_objs[524]),/* "setct-PIData" */
-&(nid_objs[525]),/* "setct-PIDataUnsigned" */
-&(nid_objs[568]),/* "setct-PIDualSignedTBE" */
-&(nid_objs[569]),/* "setct-PIUnsignedTBE" */
-&(nid_objs[531]),/* "setct-PInitResData" */
-&(nid_objs[533]),/* "setct-PResData" */
-&(nid_objs[594]),/* "setct-RegFormReqTBE" */
-&(nid_objs[562]),/* "setct-RegFormResTBS" */
-&(nid_objs[604]),/* "setext-pinAny" */
-&(nid_objs[603]),/* "setext-pinSecure" */
-&(nid_objs[605]),/* "setext-track2" */
-&(nid_objs[41]),/* "sha" */
-&(nid_objs[64]),/* "sha1" */
-&(nid_objs[115]),/* "sha1WithRSA" */
-&(nid_objs[65]),/* "sha1WithRSAEncryption" */
-&(nid_objs[675]),/* "sha224" */
-&(nid_objs[671]),/* "sha224WithRSAEncryption" */
-&(nid_objs[672]),/* "sha256" */
-&(nid_objs[668]),/* "sha256WithRSAEncryption" */
-&(nid_objs[673]),/* "sha384" */
-&(nid_objs[669]),/* "sha384WithRSAEncryption" */
-&(nid_objs[674]),/* "sha512" */
-&(nid_objs[670]),/* "sha512WithRSAEncryption" */
-&(nid_objs[42]),/* "shaWithRSAEncryption" */
-&(nid_objs[52]),/* "signingTime" */
-&(nid_objs[454]),/* "simpleSecurityObject" */
-&(nid_objs[496]),/* "singleLevelQuality" */
-&(nid_objs[16]),/* "stateOrProvinceName" */
-&(nid_objs[660]),/* "streetAddress" */
-&(nid_objs[498]),/* "subtreeMaximumQuality" */
-&(nid_objs[497]),/* "subtreeMinimumQuality" */
-&(nid_objs[100]),/* "surname" */
-&(nid_objs[459]),/* "textEncodedORAddress" */
-&(nid_objs[293]),/* "textNotice" */
-&(nid_objs[106]),/* "title" */
-&(nid_objs[436]),/* "ucl" */
-&(nid_objs[ 0]),/* "undefined" */
-&(nid_objs[55]),/* "unstructuredAddress" */
-&(nid_objs[49]),/* "unstructuredName" */
-&(nid_objs[465]),/* "userClass" */
-&(nid_objs[458]),/* "userId" */
-&(nid_objs[373]),/* "valid" */
-&(nid_objs[503]),/* "x500UniqueIdentifier" */
-&(nid_objs[158]),/* "x509Certificate" */
-&(nid_objs[160]),/* "x509Crl" */
-&(nid_objs[125]),/* "zlib compression" */
-};
-
-static ASN1_OBJECT *obj_objs[NUM_OBJ]={
-&(nid_objs[ 0]),/* OBJ_undef                        0 */
-&(nid_objs[404]),/* OBJ_ccitt                        0 */
-&(nid_objs[434]),/* OBJ_data                         0 9 */
-&(nid_objs[181]),/* OBJ_iso                          1 */
-&(nid_objs[182]),/* OBJ_member_body                  1 2 */
-&(nid_objs[379]),/* OBJ_org                          1 3 */
-&(nid_objs[393]),/* OBJ_joint_iso_ccitt              2 */
-&(nid_objs[11]),/* OBJ_X500                         2 5 */
-&(nid_objs[380]),/* OBJ_dod                          1 3 6 */
-&(nid_objs[12]),/* OBJ_X509                         2 5 4 */
-&(nid_objs[378]),/* OBJ_X500algorithms               2 5 8 */
-&(nid_objs[81]),/* OBJ_id_ce                        2 5 29 */
-&(nid_objs[512]),/* OBJ_id_set                       2 23 42 */
-&(nid_objs[435]),/* OBJ_pss                          0 9 2342 */
-&(nid_objs[183]),/* OBJ_ISO_US                       1 2 840 */
-&(nid_objs[381]),/* OBJ_iana                         1 3 6 1 */
-&(nid_objs[394]),/* OBJ_selected_attribute_types     2 5 1 5 */
-&(nid_objs[13]),/* OBJ_commonName                   2 5 4 3 */
-&(nid_objs[100]),/* OBJ_surname                      2 5 4 4 */
-&(nid_objs[105]),/* OBJ_serialNumber                 2 5 4 5 */
-&(nid_objs[14]),/* OBJ_countryName                  2 5 4 6 */
-&(nid_objs[15]),/* OBJ_localityName                 2 5 4 7 */
-&(nid_objs[16]),/* OBJ_stateOrProvinceName          2 5 4 8 */
-&(nid_objs[660]),/* OBJ_streetAddress                2 5 4 9 */
-&(nid_objs[17]),/* OBJ_organizationName             2 5 4 10 */
-&(nid_objs[18]),/* OBJ_organizationalUnitName       2 5 4 11 */
-&(nid_objs[106]),/* OBJ_title                        2 5 4 12 */
-&(nid_objs[107]),/* OBJ_description                  2 5 4 13 */
-&(nid_objs[661]),/* OBJ_postalCode                   2 5 4 17 */
-&(nid_objs[173]),/* OBJ_name                         2 5 4 41 */
-&(nid_objs[99]),/* OBJ_givenName                    2 5 4 42 */
-&(nid_objs[101]),/* OBJ_initials                     2 5 4 43 */
-&(nid_objs[509]),/* OBJ_generationQualifier          2 5 4 44 */
-&(nid_objs[503]),/* OBJ_x500UniqueIdentifier         2 5 4 45 */
-&(nid_objs[174]),/* OBJ_dnQualifier                  2 5 4 46 */
-&(nid_objs[510]),/* OBJ_pseudonym                    2 5 4 65 */
-&(nid_objs[400]),/* OBJ_role                         2 5 4 72 */
-&(nid_objs[82]),/* OBJ_subject_key_identifier       2 5 29 14 */
-&(nid_objs[83]),/* OBJ_key_usage                    2 5 29 15 */
-&(nid_objs[84]),/* OBJ_private_key_usage_period     2 5 29 16 */
-&(nid_objs[85]),/* OBJ_subject_alt_name             2 5 29 17 */
-&(nid_objs[86]),/* OBJ_issuer_alt_name              2 5 29 18 */
-&(nid_objs[87]),/* OBJ_basic_constraints            2 5 29 19 */
-&(nid_objs[88]),/* OBJ_crl_number                   2 5 29 20 */
-&(nid_objs[141]),/* OBJ_crl_reason                   2 5 29 21 */
-&(nid_objs[430]),/* OBJ_hold_instruction_code        2 5 29 23 */
-&(nid_objs[142]),/* OBJ_invalidity_date              2 5 29 24 */
-&(nid_objs[140]),/* OBJ_delta_crl                    2 5 29 27 */
-&(nid_objs[666]),/* OBJ_name_constraints             2 5 29 30 */
-&(nid_objs[103]),/* OBJ_crl_distribution_points      2 5 29 31 */
-&(nid_objs[89]),/* OBJ_certificate_policies         2 5 29 32 */
-&(nid_objs[90]),/* OBJ_authority_key_identifier     2 5 29 35 */
-&(nid_objs[401]),/* OBJ_policy_constraints           2 5 29 36 */
-&(nid_objs[126]),/* OBJ_ext_key_usage                2 5 29 37 */
-&(nid_objs[402]),/* OBJ_target_information           2 5 29 55 */
-&(nid_objs[403]),/* OBJ_no_rev_avail                 2 5 29 56 */
-&(nid_objs[513]),/* OBJ_set_ctype                    2 23 42 0 */
-&(nid_objs[514]),/* OBJ_set_msgExt                   2 23 42 1 */
-&(nid_objs[515]),/* OBJ_set_attr                     2 23 42 3 */
-&(nid_objs[516]),/* OBJ_set_policy                   2 23 42 5 */
-&(nid_objs[517]),/* OBJ_set_certExt                  2 23 42 7 */
-&(nid_objs[518]),/* OBJ_set_brand                    2 23 42 8 */
-&(nid_objs[382]),/* OBJ_Directory                    1 3 6 1 1 */
-&(nid_objs[383]),/* OBJ_Management                   1 3 6 1 2 */
-&(nid_objs[384]),/* OBJ_Experimental                 1 3 6 1 3 */
-&(nid_objs[385]),/* OBJ_Private                      1 3 6 1 4 */
-&(nid_objs[386]),/* OBJ_Security                     1 3 6 1 5 */
-&(nid_objs[387]),/* OBJ_SNMPv2                       1 3 6 1 6 */
-&(nid_objs[388]),/* OBJ_Mail                         1 3 6 1 7 */
-&(nid_objs[376]),/* OBJ_algorithm                    1 3 14 3 2 */
-&(nid_objs[395]),/* OBJ_clearance                    2 5 1 5 55 */
-&(nid_objs[19]),/* OBJ_rsa                          2 5 8 1 1 */
-&(nid_objs[96]),/* OBJ_mdc2WithRSA                  2 5 8 3 100 */
-&(nid_objs[95]),/* OBJ_mdc2                         2 5 8 3 101 */
-&(nid_objs[519]),/* OBJ_setct_PANData                2 23 42 0 0 */
-&(nid_objs[520]),/* OBJ_setct_PANToken               2 23 42 0 1 */
-&(nid_objs[521]),/* OBJ_setct_PANOnly                2 23 42 0 2 */
-&(nid_objs[522]),/* OBJ_setct_OIData                 2 23 42 0 3 */
-&(nid_objs[523]),/* OBJ_setct_PI                     2 23 42 0 4 */
-&(nid_objs[524]),/* OBJ_setct_PIData                 2 23 42 0 5 */
-&(nid_objs[525]),/* OBJ_setct_PIDataUnsigned         2 23 42 0 6 */
-&(nid_objs[526]),/* OBJ_setct_HODInput               2 23 42 0 7 */
-&(nid_objs[527]),/* OBJ_setct_AuthResBaggage         2 23 42 0 8 */
-&(nid_objs[528]),/* OBJ_setct_AuthRevReqBaggage      2 23 42 0 9 */
-&(nid_objs[529]),/* OBJ_setct_AuthRevResBaggage      2 23 42 0 10 */
-&(nid_objs[530]),/* OBJ_setct_CapTokenSeq            2 23 42 0 11 */
-&(nid_objs[531]),/* OBJ_setct_PInitResData           2 23 42 0 12 */
-&(nid_objs[532]),/* OBJ_setct_PI_TBS                 2 23 42 0 13 */
-&(nid_objs[533]),/* OBJ_setct_PResData               2 23 42 0 14 */
-&(nid_objs[534]),/* OBJ_setct_AuthReqTBS             2 23 42 0 16 */
-&(nid_objs[535]),/* OBJ_setct_AuthResTBS             2 23 42 0 17 */
-&(nid_objs[536]),/* OBJ_setct_AuthResTBSX            2 23 42 0 18 */
-&(nid_objs[537]),/* OBJ_setct_AuthTokenTBS           2 23 42 0 19 */
-&(nid_objs[538]),/* OBJ_setct_CapTokenData           2 23 42 0 20 */
-&(nid_objs[539]),/* OBJ_setct_CapTokenTBS            2 23 42 0 21 */
-&(nid_objs[540]),/* OBJ_setct_AcqCardCodeMsg         2 23 42 0 22 */
-&(nid_objs[541]),/* OBJ_setct_AuthRevReqTBS          2 23 42 0 23 */
-&(nid_objs[542]),/* OBJ_setct_AuthRevResData         2 23 42 0 24 */
-&(nid_objs[543]),/* OBJ_setct_AuthRevResTBS          2 23 42 0 25 */
-&(nid_objs[544]),/* OBJ_setct_CapReqTBS              2 23 42 0 26 */
-&(nid_objs[545]),/* OBJ_setct_CapReqTBSX             2 23 42 0 27 */
-&(nid_objs[546]),/* OBJ_setct_CapResData             2 23 42 0 28 */
-&(nid_objs[547]),/* OBJ_setct_CapRevReqTBS           2 23 42 0 29 */
-&(nid_objs[548]),/* OBJ_setct_CapRevReqTBSX          2 23 42 0 30 */
-&(nid_objs[549]),/* OBJ_setct_CapRevResData          2 23 42 0 31 */
-&(nid_objs[550]),/* OBJ_setct_CredReqTBS             2 23 42 0 32 */
-&(nid_objs[551]),/* OBJ_setct_CredReqTBSX            2 23 42 0 33 */
-&(nid_objs[552]),/* OBJ_setct_CredResData            2 23 42 0 34 */
-&(nid_objs[553]),/* OBJ_setct_CredRevReqTBS          2 23 42 0 35 */
-&(nid_objs[554]),/* OBJ_setct_CredRevReqTBSX         2 23 42 0 36 */
-&(nid_objs[555]),/* OBJ_setct_CredRevResData         2 23 42 0 37 */
-&(nid_objs[556]),/* OBJ_setct_PCertReqData           2 23 42 0 38 */
-&(nid_objs[557]),/* OBJ_setct_PCertResTBS            2 23 42 0 39 */
-&(nid_objs[558]),/* OBJ_setct_BatchAdminReqData      2 23 42 0 40 */
-&(nid_objs[559]),/* OBJ_setct_BatchAdminResData      2 23 42 0 41 */
-&(nid_objs[560]),/* OBJ_setct_CardCInitResTBS        2 23 42 0 42 */
-&(nid_objs[561]),/* OBJ_setct_MeAqCInitResTBS        2 23 42 0 43 */
-&(nid_objs[562]),/* OBJ_setct_RegFormResTBS          2 23 42 0 44 */
-&(nid_objs[563]),/* OBJ_setct_CertReqData            2 23 42 0 45 */
-&(nid_objs[564]),/* OBJ_setct_CertReqTBS             2 23 42 0 46 */
-&(nid_objs[565]),/* OBJ_setct_CertResData            2 23 42 0 47 */
-&(nid_objs[566]),/* OBJ_setct_CertInqReqTBS          2 23 42 0 48 */
-&(nid_objs[567]),/* OBJ_setct_ErrorTBS               2 23 42 0 49 */
-&(nid_objs[568]),/* OBJ_setct_PIDualSignedTBE        2 23 42 0 50 */
-&(nid_objs[569]),/* OBJ_setct_PIUnsignedTBE          2 23 42 0 51 */
-&(nid_objs[570]),/* OBJ_setct_AuthReqTBE             2 23 42 0 52 */
-&(nid_objs[571]),/* OBJ_setct_AuthResTBE             2 23 42 0 53 */
-&(nid_objs[572]),/* OBJ_setct_AuthResTBEX            2 23 42 0 54 */
-&(nid_objs[573]),/* OBJ_setct_AuthTokenTBE           2 23 42 0 55 */
-&(nid_objs[574]),/* OBJ_setct_CapTokenTBE            2 23 42 0 56 */
-&(nid_objs[575]),/* OBJ_setct_CapTokenTBEX           2 23 42 0 57 */
-&(nid_objs[576]),/* OBJ_setct_AcqCardCodeMsgTBE      2 23 42 0 58 */
-&(nid_objs[577]),/* OBJ_setct_AuthRevReqTBE          2 23 42 0 59 */
-&(nid_objs[578]),/* OBJ_setct_AuthRevResTBE          2 23 42 0 60 */
-&(nid_objs[579]),/* OBJ_setct_AuthRevResTBEB         2 23 42 0 61 */
-&(nid_objs[580]),/* OBJ_setct_CapReqTBE              2 23 42 0 62 */
-&(nid_objs[581]),/* OBJ_setct_CapReqTBEX             2 23 42 0 63 */
-&(nid_objs[582]),/* OBJ_setct_CapResTBE              2 23 42 0 64 */
-&(nid_objs[583]),/* OBJ_setct_CapRevReqTBE           2 23 42 0 65 */
-&(nid_objs[584]),/* OBJ_setct_CapRevReqTBEX          2 23 42 0 66 */
-&(nid_objs[585]),/* OBJ_setct_CapRevResTBE           2 23 42 0 67 */
-&(nid_objs[586]),/* OBJ_setct_CredReqTBE             2 23 42 0 68 */
-&(nid_objs[587]),/* OBJ_setct_CredReqTBEX            2 23 42 0 69 */
-&(nid_objs[588]),/* OBJ_setct_CredResTBE             2 23 42 0 70 */
-&(nid_objs[589]),/* OBJ_setct_CredRevReqTBE          2 23 42 0 71 */
-&(nid_objs[590]),/* OBJ_setct_CredRevReqTBEX         2 23 42 0 72 */
-&(nid_objs[591]),/* OBJ_setct_CredRevResTBE          2 23 42 0 73 */
-&(nid_objs[592]),/* OBJ_setct_BatchAdminReqTBE       2 23 42 0 74 */
-&(nid_objs[593]),/* OBJ_setct_BatchAdminResTBE       2 23 42 0 75 */
-&(nid_objs[594]),/* OBJ_setct_RegFormReqTBE          2 23 42 0 76 */
-&(nid_objs[595]),/* OBJ_setct_CertReqTBE             2 23 42 0 77 */
-&(nid_objs[596]),/* OBJ_setct_CertReqTBEX            2 23 42 0 78 */
-&(nid_objs[597]),/* OBJ_setct_CertResTBE             2 23 42 0 79 */
-&(nid_objs[598]),/* OBJ_setct_CRLNotificationTBS     2 23 42 0 80 */
-&(nid_objs[599]),/* OBJ_setct_CRLNotificationResTBS  2 23 42 0 81 */
-&(nid_objs[600]),/* OBJ_setct_BCIDistributionTBS     2 23 42 0 82 */
-&(nid_objs[601]),/* OBJ_setext_genCrypt              2 23 42 1 1 */
-&(nid_objs[602]),/* OBJ_setext_miAuth                2 23 42 1 3 */
-&(nid_objs[603]),/* OBJ_setext_pinSecure             2 23 42 1 4 */
-&(nid_objs[604]),/* OBJ_setext_pinAny                2 23 42 1 5 */
-&(nid_objs[605]),/* OBJ_setext_track2                2 23 42 1 7 */
-&(nid_objs[606]),/* OBJ_setext_cv                    2 23 42 1 8 */
-&(nid_objs[620]),/* OBJ_setAttr_Cert                 2 23 42 3 0 */
-&(nid_objs[621]),/* OBJ_setAttr_PGWYcap              2 23 42 3 1 */
-&(nid_objs[622]),/* OBJ_setAttr_TokenType            2 23 42 3 2 */
-&(nid_objs[623]),/* OBJ_setAttr_IssCap               2 23 42 3 3 */
-&(nid_objs[607]),/* OBJ_set_policy_root              2 23 42 5 0 */
-&(nid_objs[608]),/* OBJ_setCext_hashedRoot           2 23 42 7 0 */
-&(nid_objs[609]),/* OBJ_setCext_certType             2 23 42 7 1 */
-&(nid_objs[610]),/* OBJ_setCext_merchData            2 23 42 7 2 */
-&(nid_objs[611]),/* OBJ_setCext_cCertRequired        2 23 42 7 3 */
-&(nid_objs[612]),/* OBJ_setCext_tunneling            2 23 42 7 4 */
-&(nid_objs[613]),/* OBJ_setCext_setExt               2 23 42 7 5 */
-&(nid_objs[614]),/* OBJ_setCext_setQualf             2 23 42 7 6 */
-&(nid_objs[615]),/* OBJ_setCext_PGWYcapabilities     2 23 42 7 7 */
-&(nid_objs[616]),/* OBJ_setCext_TokenIdentifier      2 23 42 7 8 */
-&(nid_objs[617]),/* OBJ_setCext_Track2Data           2 23 42 7 9 */
-&(nid_objs[618]),/* OBJ_setCext_TokenType            2 23 42 7 10 */
-&(nid_objs[619]),/* OBJ_setCext_IssuerCapabilities   2 23 42 7 11 */
-&(nid_objs[636]),/* OBJ_set_brand_IATA_ATA           2 23 42 8 1 */
-&(nid_objs[640]),/* OBJ_set_brand_Visa               2 23 42 8 4 */
-&(nid_objs[641]),/* OBJ_set_brand_MasterCard         2 23 42 8 5 */
-&(nid_objs[637]),/* OBJ_set_brand_Diners             2 23 42 8 30 */
-&(nid_objs[638]),/* OBJ_set_brand_AmericanExpress    2 23 42 8 34 */
-&(nid_objs[639]),/* OBJ_set_brand_JCB                2 23 42 8 35 */
-&(nid_objs[184]),/* OBJ_X9_57                        1 2 840 10040 */
-&(nid_objs[405]),/* OBJ_ansi_X9_62                   1 2 840 10045 */
-&(nid_objs[389]),/* OBJ_Enterprises                  1 3 6 1 4 1 */
-&(nid_objs[504]),/* OBJ_mime_mhs                     1 3 6 1 7 1 */
-&(nid_objs[104]),/* OBJ_md5WithRSA                   1 3 14 3 2 3 */
-&(nid_objs[29]),/* OBJ_des_ecb                      1 3 14 3 2 6 */
-&(nid_objs[31]),/* OBJ_des_cbc                      1 3 14 3 2 7 */
-&(nid_objs[45]),/* OBJ_des_ofb64                    1 3 14 3 2 8 */
-&(nid_objs[30]),/* OBJ_des_cfb64                    1 3 14 3 2 9 */
-&(nid_objs[377]),/* OBJ_rsaSignature                 1 3 14 3 2 11 */
-&(nid_objs[67]),/* OBJ_dsa_2                        1 3 14 3 2 12 */
-&(nid_objs[66]),/* OBJ_dsaWithSHA                   1 3 14 3 2 13 */
-&(nid_objs[42]),/* OBJ_shaWithRSAEncryption         1 3 14 3 2 15 */
-&(nid_objs[32]),/* OBJ_des_ede_ecb                  1 3 14 3 2 17 */
-&(nid_objs[41]),/* OBJ_sha                          1 3 14 3 2 18 */
-&(nid_objs[64]),/* OBJ_sha1                         1 3 14 3 2 26 */
-&(nid_objs[70]),/* OBJ_dsaWithSHA1_2                1 3 14 3 2 27 */
-&(nid_objs[115]),/* OBJ_sha1WithRSA                  1 3 14 3 2 29 */
-&(nid_objs[117]),/* OBJ_ripemd160                    1 3 36 3 2 1 */
-&(nid_objs[143]),/* OBJ_sxnet                        1 3 101 1 4 1 */
-&(nid_objs[624]),/* OBJ_set_rootKeyThumb             2 23 42 3 0 0 */
-&(nid_objs[625]),/* OBJ_set_addPolicy                2 23 42 3 0 1 */
-&(nid_objs[626]),/* OBJ_setAttr_Token_EMV            2 23 42 3 2 1 */
-&(nid_objs[627]),/* OBJ_setAttr_Token_B0Prime        2 23 42 3 2 2 */
-&(nid_objs[628]),/* OBJ_setAttr_IssCap_CVM           2 23 42 3 3 3 */
-&(nid_objs[629]),/* OBJ_setAttr_IssCap_T2            2 23 42 3 3 4 */
-&(nid_objs[630]),/* OBJ_setAttr_IssCap_Sig           2 23 42 3 3 5 */
-&(nid_objs[642]),/* OBJ_set_brand_Novus              2 23 42 8 6011 */
-&(nid_objs[124]),/* OBJ_rle_compression              1 1 1 1 666 1 */
-&(nid_objs[125]),/* OBJ_zlib_compression             1 1 1 1 666 2 */
-&(nid_objs[ 1]),/* OBJ_rsadsi                       1 2 840 113549 */
-&(nid_objs[185]),/* OBJ_X9cm                         1 2 840 10040 4 */
-&(nid_objs[127]),/* OBJ_id_pkix                      1 3 6 1 5 5 7 */
-&(nid_objs[505]),/* OBJ_mime_mhs_headings            1 3 6 1 7 1 1 */
-&(nid_objs[506]),/* OBJ_mime_mhs_bodies              1 3 6 1 7 1 2 */
-&(nid_objs[119]),/* OBJ_ripemd160WithRSA             1 3 36 3 3 1 2 */
-&(nid_objs[631]),/* OBJ_setAttr_GenCryptgrm          2 23 42 3 3 3 1 */
-&(nid_objs[632]),/* OBJ_setAttr_T2Enc                2 23 42 3 3 4 1 */
-&(nid_objs[633]),/* OBJ_setAttr_T2cleartxt           2 23 42 3 3 4 2 */
-&(nid_objs[634]),/* OBJ_setAttr_TokICCsig            2 23 42 3 3 5 1 */
-&(nid_objs[635]),/* OBJ_setAttr_SecDevSig            2 23 42 3 3 5 2 */
-&(nid_objs[436]),/* OBJ_ucl                          0 9 2342 19200300 */
-&(nid_objs[ 2]),/* OBJ_pkcs                         1 2 840 113549 1 */
-&(nid_objs[431]),/* OBJ_hold_instruction_none        1 2 840 10040 2 1 */
-&(nid_objs[432]),/* OBJ_hold_instruction_call_issuer 1 2 840 10040 2 2 */
-&(nid_objs[433]),/* OBJ_hold_instruction_reject      1 2 840 10040 2 3 */
-&(nid_objs[116]),/* OBJ_dsa                          1 2 840 10040 4 1 */
-&(nid_objs[113]),/* OBJ_dsaWithSHA1                  1 2 840 10040 4 3 */
-&(nid_objs[406]),/* OBJ_X9_62_prime_field            1 2 840 10045 1 1 */
-&(nid_objs[407]),/* OBJ_X9_62_characteristic_two_field 1 2 840 10045 1 2 */
-&(nid_objs[408]),/* OBJ_X9_62_id_ecPublicKey         1 2 840 10045 2 1 */
-&(nid_objs[416]),/* OBJ_ecdsa_with_SHA1              1 2 840 10045 4 1 */
-&(nid_objs[258]),/* OBJ_id_pkix_mod                  1 3 6 1 5 5 7 0 */
-&(nid_objs[175]),/* OBJ_id_pe                        1 3 6 1 5 5 7 1 */
-&(nid_objs[259]),/* OBJ_id_qt                        1 3 6 1 5 5 7 2 */
-&(nid_objs[128]),/* OBJ_id_kp                        1 3 6 1 5 5 7 3 */
-&(nid_objs[260]),/* OBJ_id_it                        1 3 6 1 5 5 7 4 */
-&(nid_objs[261]),/* OBJ_id_pkip                      1 3 6 1 5 5 7 5 */
-&(nid_objs[262]),/* OBJ_id_alg                       1 3 6 1 5 5 7 6 */
-&(nid_objs[263]),/* OBJ_id_cmc                       1 3 6 1 5 5 7 7 */
-&(nid_objs[264]),/* OBJ_id_on                        1 3 6 1 5 5 7 8 */
-&(nid_objs[265]),/* OBJ_id_pda                       1 3 6 1 5 5 7 9 */
-&(nid_objs[266]),/* OBJ_id_aca                       1 3 6 1 5 5 7 10 */
-&(nid_objs[267]),/* OBJ_id_qcs                       1 3 6 1 5 5 7 11 */
-&(nid_objs[268]),/* OBJ_id_cct                       1 3 6 1 5 5 7 12 */
-&(nid_objs[662]),/* OBJ_id_ppl                       1 3 6 1 5 5 7 21 */
-&(nid_objs[176]),/* OBJ_id_ad                        1 3 6 1 5 5 7 48 */
-&(nid_objs[507]),/* OBJ_id_hex_partial_message       1 3 6 1 7 1 1 1 */
-&(nid_objs[508]),/* OBJ_id_hex_multipart_message     1 3 6 1 7 1 1 2 */
-&(nid_objs[57]),/* OBJ_netscape                     2 16 840 1 113730 */
-&(nid_objs[437]),/* OBJ_pilot                        0 9 2342 19200300 100 */
-&(nid_objs[186]),/* OBJ_pkcs1                        1 2 840 113549 1 1 */
-&(nid_objs[27]),/* OBJ_pkcs3                        1 2 840 113549 1 3 */
-&(nid_objs[187]),/* OBJ_pkcs5                        1 2 840 113549 1 5 */
-&(nid_objs[20]),/* OBJ_pkcs7                        1 2 840 113549 1 7 */
-&(nid_objs[47]),/* OBJ_pkcs9                        1 2 840 113549 1 9 */
-&(nid_objs[ 3]),/* OBJ_md2                          1 2 840 113549 2 2 */
-&(nid_objs[257]),/* OBJ_md4                          1 2 840 113549 2 4 */
-&(nid_objs[ 4]),/* OBJ_md5                          1 2 840 113549 2 5 */
-&(nid_objs[163]),/* OBJ_hmacWithSHA1                 1 2 840 113549 2 7 */
-&(nid_objs[37]),/* OBJ_rc2_cbc                      1 2 840 113549 3 2 */
-&(nid_objs[ 5]),/* OBJ_rc4                          1 2 840 113549 3 4 */
-&(nid_objs[44]),/* OBJ_des_ede3_cbc                 1 2 840 113549 3 7 */
-&(nid_objs[120]),/* OBJ_rc5_cbc                      1 2 840 113549 3 8 */
-&(nid_objs[643]),/* OBJ_des_cdmf                     1 2 840 113549 3 10 */
-&(nid_objs[409]),/* OBJ_X9_62_prime192v1             1 2 840 10045 3 1 1 */
-&(nid_objs[410]),/* OBJ_X9_62_prime192v2             1 2 840 10045 3 1 2 */
-&(nid_objs[411]),/* OBJ_X9_62_prime192v3             1 2 840 10045 3 1 3 */
-&(nid_objs[412]),/* OBJ_X9_62_prime239v1             1 2 840 10045 3 1 4 */
-&(nid_objs[413]),/* OBJ_X9_62_prime239v2             1 2 840 10045 3 1 5 */
-&(nid_objs[414]),/* OBJ_X9_62_prime239v3             1 2 840 10045 3 1 6 */
-&(nid_objs[415]),/* OBJ_X9_62_prime256v1             1 2 840 10045 3 1 7 */
-&(nid_objs[269]),/* OBJ_id_pkix1_explicit_88         1 3 6 1 5 5 7 0 1 */
-&(nid_objs[270]),/* OBJ_id_pkix1_implicit_88         1 3 6 1 5 5 7 0 2 */
-&(nid_objs[271]),/* OBJ_id_pkix1_explicit_93         1 3 6 1 5 5 7 0 3 */
-&(nid_objs[272]),/* OBJ_id_pkix1_implicit_93         1 3 6 1 5 5 7 0 4 */
-&(nid_objs[273]),/* OBJ_id_mod_crmf                  1 3 6 1 5 5 7 0 5 */
-&(nid_objs[274]),/* OBJ_id_mod_cmc                   1 3 6 1 5 5 7 0 6 */
-&(nid_objs[275]),/* OBJ_id_mod_kea_profile_88        1 3 6 1 5 5 7 0 7 */
-&(nid_objs[276]),/* OBJ_id_mod_kea_profile_93        1 3 6 1 5 5 7 0 8 */
-&(nid_objs[277]),/* OBJ_id_mod_cmp                   1 3 6 1 5 5 7 0 9 */
-&(nid_objs[278]),/* OBJ_id_mod_qualified_cert_88     1 3 6 1 5 5 7 0 10 */
-&(nid_objs[279]),/* OBJ_id_mod_qualified_cert_93     1 3 6 1 5 5 7 0 11 */
-&(nid_objs[280]),/* OBJ_id_mod_attribute_cert        1 3 6 1 5 5 7 0 12 */
-&(nid_objs[281]),/* OBJ_id_mod_timestamp_protocol    1 3 6 1 5 5 7 0 13 */
-&(nid_objs[282]),/* OBJ_id_mod_ocsp                  1 3 6 1 5 5 7 0 14 */
-&(nid_objs[283]),/* OBJ_id_mod_dvcs                  1 3 6 1 5 5 7 0 15 */
-&(nid_objs[284]),/* OBJ_id_mod_cmp2000               1 3 6 1 5 5 7 0 16 */
-&(nid_objs[177]),/* OBJ_info_access                  1 3 6 1 5 5 7 1 1 */
-&(nid_objs[285]),/* OBJ_biometricInfo                1 3 6 1 5 5 7 1 2 */
-&(nid_objs[286]),/* OBJ_qcStatements                 1 3 6 1 5 5 7 1 3 */
-&(nid_objs[287]),/* OBJ_ac_auditEntity               1 3 6 1 5 5 7 1 4 */
-&(nid_objs[288]),/* OBJ_ac_targeting                 1 3 6 1 5 5 7 1 5 */
-&(nid_objs[289]),/* OBJ_aaControls                   1 3 6 1 5 5 7 1 6 */
-&(nid_objs[290]),/* OBJ_sbgp_ipAddrBlock             1 3 6 1 5 5 7 1 7 */
-&(nid_objs[291]),/* OBJ_sbgp_autonomousSysNum        1 3 6 1 5 5 7 1 8 */
-&(nid_objs[292]),/* OBJ_sbgp_routerIdentifier        1 3 6 1 5 5 7 1 9 */
-&(nid_objs[397]),/* OBJ_ac_proxying                  1 3 6 1 5 5 7 1 10 */
-&(nid_objs[398]),/* OBJ_sinfo_access                 1 3 6 1 5 5 7 1 11 */
-&(nid_objs[663]),/* OBJ_proxyCertInfo                1 3 6 1 5 5 7 1 14 */
-&(nid_objs[164]),/* OBJ_id_qt_cps                    1 3 6 1 5 5 7 2 1 */
-&(nid_objs[165]),/* OBJ_id_qt_unotice                1 3 6 1 5 5 7 2 2 */
-&(nid_objs[293]),/* OBJ_textNotice                   1 3 6 1 5 5 7 2 3 */
-&(nid_objs[129]),/* OBJ_server_auth                  1 3 6 1 5 5 7 3 1 */
-&(nid_objs[130]),/* OBJ_client_auth                  1 3 6 1 5 5 7 3 2 */
-&(nid_objs[131]),/* OBJ_code_sign                    1 3 6 1 5 5 7 3 3 */
-&(nid_objs[132]),/* OBJ_email_protect                1 3 6 1 5 5 7 3 4 */
-&(nid_objs[294]),/* OBJ_ipsecEndSystem               1 3 6 1 5 5 7 3 5 */
-&(nid_objs[295]),/* OBJ_ipsecTunnel                  1 3 6 1 5 5 7 3 6 */
-&(nid_objs[296]),/* OBJ_ipsecUser                    1 3 6 1 5 5 7 3 7 */
-&(nid_objs[133]),/* OBJ_time_stamp                   1 3 6 1 5 5 7 3 8 */
-&(nid_objs[180]),/* OBJ_OCSP_sign                    1 3 6 1 5 5 7 3 9 */
-&(nid_objs[297]),/* OBJ_dvcs                         1 3 6 1 5 5 7 3 10 */
-&(nid_objs[298]),/* OBJ_id_it_caProtEncCert          1 3 6 1 5 5 7 4 1 */
-&(nid_objs[299]),/* OBJ_id_it_signKeyPairTypes       1 3 6 1 5 5 7 4 2 */
-&(nid_objs[300]),/* OBJ_id_it_encKeyPairTypes        1 3 6 1 5 5 7 4 3 */
-&(nid_objs[301]),/* OBJ_id_it_preferredSymmAlg       1 3 6 1 5 5 7 4 4 */
-&(nid_objs[302]),/* OBJ_id_it_caKeyUpdateInfo        1 3 6 1 5 5 7 4 5 */
-&(nid_objs[303]),/* OBJ_id_it_currentCRL             1 3 6 1 5 5 7 4 6 */
-&(nid_objs[304]),/* OBJ_id_it_unsupportedOIDs        1 3 6 1 5 5 7 4 7 */
-&(nid_objs[305]),/* OBJ_id_it_subscriptionRequest    1 3 6 1 5 5 7 4 8 */
-&(nid_objs[306]),/* OBJ_id_it_subscriptionResponse   1 3 6 1 5 5 7 4 9 */
-&(nid_objs[307]),/* OBJ_id_it_keyPairParamReq        1 3 6 1 5 5 7 4 10 */
-&(nid_objs[308]),/* OBJ_id_it_keyPairParamRep        1 3 6 1 5 5 7 4 11 */
-&(nid_objs[309]),/* OBJ_id_it_revPassphrase          1 3 6 1 5 5 7 4 12 */
-&(nid_objs[310]),/* OBJ_id_it_implicitConfirm        1 3 6 1 5 5 7 4 13 */
-&(nid_objs[311]),/* OBJ_id_it_confirmWaitTime        1 3 6 1 5 5 7 4 14 */
-&(nid_objs[312]),/* OBJ_id_it_origPKIMessage         1 3 6 1 5 5 7 4 15 */
-&(nid_objs[313]),/* OBJ_id_regCtrl                   1 3 6 1 5 5 7 5 1 */
-&(nid_objs[314]),/* OBJ_id_regInfo                   1 3 6 1 5 5 7 5 2 */
-&(nid_objs[323]),/* OBJ_id_alg_des40                 1 3 6 1 5 5 7 6 1 */
-&(nid_objs[324]),/* OBJ_id_alg_noSignature           1 3 6 1 5 5 7 6 2 */
-&(nid_objs[325]),/* OBJ_id_alg_dh_sig_hmac_sha1      1 3 6 1 5 5 7 6 3 */
-&(nid_objs[326]),/* OBJ_id_alg_dh_pop                1 3 6 1 5 5 7 6 4 */
-&(nid_objs[327]),/* OBJ_id_cmc_statusInfo            1 3 6 1 5 5 7 7 1 */
-&(nid_objs[328]),/* OBJ_id_cmc_identification        1 3 6 1 5 5 7 7 2 */
-&(nid_objs[329]),/* OBJ_id_cmc_identityProof         1 3 6 1 5 5 7 7 3 */
-&(nid_objs[330]),/* OBJ_id_cmc_dataReturn            1 3 6 1 5 5 7 7 4 */
-&(nid_objs[331]),/* OBJ_id_cmc_transactionId         1 3 6 1 5 5 7 7 5 */
-&(nid_objs[332]),/* OBJ_id_cmc_senderNonce           1 3 6 1 5 5 7 7 6 */
-&(nid_objs[333]),/* OBJ_id_cmc_recipientNonce        1 3 6 1 5 5 7 7 7 */
-&(nid_objs[334]),/* OBJ_id_cmc_addExtensions         1 3 6 1 5 5 7 7 8 */
-&(nid_objs[335]),/* OBJ_id_cmc_encryptedPOP          1 3 6 1 5 5 7 7 9 */
-&(nid_objs[336]),/* OBJ_id_cmc_decryptedPOP          1 3 6 1 5 5 7 7 10 */
-&(nid_objs[337]),/* OBJ_id_cmc_lraPOPWitness         1 3 6 1 5 5 7 7 11 */
-&(nid_objs[338]),/* OBJ_id_cmc_getCert               1 3 6 1 5 5 7 7 15 */
-&(nid_objs[339]),/* OBJ_id_cmc_getCRL                1 3 6 1 5 5 7 7 16 */
-&(nid_objs[340]),/* OBJ_id_cmc_revokeRequest         1 3 6 1 5 5 7 7 17 */
-&(nid_objs[341]),/* OBJ_id_cmc_regInfo               1 3 6 1 5 5 7 7 18 */
-&(nid_objs[342]),/* OBJ_id_cmc_responseInfo          1 3 6 1 5 5 7 7 19 */
-&(nid_objs[343]),/* OBJ_id_cmc_queryPending          1 3 6 1 5 5 7 7 21 */
-&(nid_objs[344]),/* OBJ_id_cmc_popLinkRandom         1 3 6 1 5 5 7 7 22 */
-&(nid_objs[345]),/* OBJ_id_cmc_popLinkWitness        1 3 6 1 5 5 7 7 23 */
-&(nid_objs[346]),/* OBJ_id_cmc_confirmCertAcceptance 1 3 6 1 5 5 7 7 24 */
-&(nid_objs[347]),/* OBJ_id_on_personalData           1 3 6 1 5 5 7 8 1 */
-&(nid_objs[348]),/* OBJ_id_pda_dateOfBirth           1 3 6 1 5 5 7 9 1 */
-&(nid_objs[349]),/* OBJ_id_pda_placeOfBirth          1 3 6 1 5 5 7 9 2 */
-&(nid_objs[351]),/* OBJ_id_pda_gender                1 3 6 1 5 5 7 9 3 */
-&(nid_objs[352]),/* OBJ_id_pda_countryOfCitizenship  1 3 6 1 5 5 7 9 4 */
-&(nid_objs[353]),/* OBJ_id_pda_countryOfResidence    1 3 6 1 5 5 7 9 5 */
-&(nid_objs[354]),/* OBJ_id_aca_authenticationInfo    1 3 6 1 5 5 7 10 1 */
-&(nid_objs[355]),/* OBJ_id_aca_accessIdentity        1 3 6 1 5 5 7 10 2 */
-&(nid_objs[356]),/* OBJ_id_aca_chargingIdentity      1 3 6 1 5 5 7 10 3 */
-&(nid_objs[357]),/* OBJ_id_aca_group                 1 3 6 1 5 5 7 10 4 */
-&(nid_objs[358]),/* OBJ_id_aca_role                  1 3 6 1 5 5 7 10 5 */
-&(nid_objs[399]),/* OBJ_id_aca_encAttrs              1 3 6 1 5 5 7 10 6 */
-&(nid_objs[359]),/* OBJ_id_qcs_pkixQCSyntax_v1       1 3 6 1 5 5 7 11 1 */
-&(nid_objs[360]),/* OBJ_id_cct_crs                   1 3 6 1 5 5 7 12 1 */
-&(nid_objs[361]),/* OBJ_id_cct_PKIData               1 3 6 1 5 5 7 12 2 */
-&(nid_objs[362]),/* OBJ_id_cct_PKIResponse           1 3 6 1 5 5 7 12 3 */
-&(nid_objs[664]),/* OBJ_id_ppl_anyLanguage           1 3 6 1 5 5 7 21 0 */
-&(nid_objs[665]),/* OBJ_id_ppl_inheritAll            1 3 6 1 5 5 7 21 1 */
-&(nid_objs[667]),/* OBJ_Independent                  1 3 6 1 5 5 7 21 2 */
-&(nid_objs[178]),/* OBJ_ad_OCSP                      1 3 6 1 5 5 7 48 1 */
-&(nid_objs[179]),/* OBJ_ad_ca_issuers                1 3 6 1 5 5 7 48 2 */
-&(nid_objs[363]),/* OBJ_ad_timeStamping              1 3 6 1 5 5 7 48 3 */
-&(nid_objs[364]),/* OBJ_ad_dvcs                      1 3 6 1 5 5 7 48 4 */
-&(nid_objs[58]),/* OBJ_netscape_cert_extension      2 16 840 1 113730 1 */
-&(nid_objs[59]),/* OBJ_netscape_data_type           2 16 840 1 113730 2 */
-&(nid_objs[438]),/* OBJ_pilotAttributeType           0 9 2342 19200300 100 1 */
-&(nid_objs[439]),/* OBJ_pilotAttributeSyntax         0 9 2342 19200300 100 3 */
-&(nid_objs[440]),/* OBJ_pilotObjectClass             0 9 2342 19200300 100 4 */
-&(nid_objs[441]),/* OBJ_pilotGroups                  0 9 2342 19200300 100 10 */
-&(nid_objs[108]),/* OBJ_cast5_cbc                    1 2 840 113533 7 66 10 */
-&(nid_objs[112]),/* OBJ_pbeWithMD5AndCast5_CBC       1 2 840 113533 7 66 12 */
-&(nid_objs[ 6]),/* OBJ_rsaEncryption                1 2 840 113549 1 1 1 */
-&(nid_objs[ 7]),/* OBJ_md2WithRSAEncryption         1 2 840 113549 1 1 2 */
-&(nid_objs[396]),/* OBJ_md4WithRSAEncryption         1 2 840 113549 1 1 3 */
-&(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption         1 2 840 113549 1 1 4 */
-&(nid_objs[65]),/* OBJ_sha1WithRSAEncryption        1 2 840 113549 1 1 5 */
-&(nid_objs[644]),/* OBJ_rsaOAEPEncryptionSET         1 2 840 113549 1 1 6 */
-&(nid_objs[668]),/* OBJ_sha256WithRSAEncryption      1 2 840 113549 1 1 11 */
-&(nid_objs[669]),/* OBJ_sha384WithRSAEncryption      1 2 840 113549 1 1 12 */
-&(nid_objs[670]),/* OBJ_sha512WithRSAEncryption      1 2 840 113549 1 1 13 */
-&(nid_objs[671]),/* OBJ_sha224WithRSAEncryption      1 2 840 113549 1 1 14 */
-&(nid_objs[28]),/* OBJ_dhKeyAgreement               1 2 840 113549 1 3 1 */
-&(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC         1 2 840 113549 1 5 1 */
-&(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC         1 2 840 113549 1 5 3 */
-&(nid_objs[168]),/* OBJ_pbeWithMD2AndRC2_CBC         1 2 840 113549 1 5 4 */
-&(nid_objs[169]),/* OBJ_pbeWithMD5AndRC2_CBC         1 2 840 113549 1 5 6 */
-&(nid_objs[170]),/* OBJ_pbeWithSHA1AndDES_CBC        1 2 840 113549 1 5 10 */
-&(nid_objs[68]),/* OBJ_pbeWithSHA1AndRC2_CBC        1 2 840 113549 1 5 11 */
-&(nid_objs[69]),/* OBJ_id_pbkdf2                    1 2 840 113549 1 5 12 */
-&(nid_objs[161]),/* OBJ_pbes2                        1 2 840 113549 1 5 13 */
-&(nid_objs[162]),/* OBJ_pbmac1                       1 2 840 113549 1 5 14 */
-&(nid_objs[21]),/* OBJ_pkcs7_data                   1 2 840 113549 1 7 1 */
-&(nid_objs[22]),/* OBJ_pkcs7_signed                 1 2 840 113549 1 7 2 */
-&(nid_objs[23]),/* OBJ_pkcs7_enveloped              1 2 840 113549 1 7 3 */
-&(nid_objs[24]),/* OBJ_pkcs7_signedAndEnveloped     1 2 840 113549 1 7 4 */
-&(nid_objs[25]),/* OBJ_pkcs7_digest                 1 2 840 113549 1 7 5 */
-&(nid_objs[26]),/* OBJ_pkcs7_encrypted              1 2 840 113549 1 7 6 */
-&(nid_objs[48]),/* OBJ_pkcs9_emailAddress           1 2 840 113549 1 9 1 */
-&(nid_objs[49]),/* OBJ_pkcs9_unstructuredName       1 2 840 113549 1 9 2 */
-&(nid_objs[50]),/* OBJ_pkcs9_contentType            1 2 840 113549 1 9 3 */
-&(nid_objs[51]),/* OBJ_pkcs9_messageDigest          1 2 840 113549 1 9 4 */
-&(nid_objs[52]),/* OBJ_pkcs9_signingTime            1 2 840 113549 1 9 5 */
-&(nid_objs[53]),/* OBJ_pkcs9_countersignature       1 2 840 113549 1 9 6 */
-&(nid_objs[54]),/* OBJ_pkcs9_challengePassword      1 2 840 113549 1 9 7 */
-&(nid_objs[55]),/* OBJ_pkcs9_unstructuredAddress    1 2 840 113549 1 9 8 */
-&(nid_objs[56]),/* OBJ_pkcs9_extCertAttributes      1 2 840 113549 1 9 9 */
-&(nid_objs[172]),/* OBJ_ext_req                      1 2 840 113549 1 9 14 */
-&(nid_objs[167]),/* OBJ_SMIMECapabilities            1 2 840 113549 1 9 15 */
-&(nid_objs[188]),/* OBJ_SMIME                        1 2 840 113549 1 9 16 */
-&(nid_objs[156]),/* OBJ_friendlyName                 1 2 840 113549 1 9 20 */
-&(nid_objs[157]),/* OBJ_localKeyID                   1 2 840 113549 1 9 21 */
-&(nid_objs[417]),/* OBJ_ms_csp_name                  1 3 6 1 4 1 311 17 1 */
-&(nid_objs[390]),/* OBJ_dcObject                     1 3 6 1 4 1 1466 344 */
-&(nid_objs[91]),/* OBJ_bf_cbc                       1 3 6 1 4 1 3029 1 2 */
-&(nid_objs[315]),/* OBJ_id_regCtrl_regToken          1 3 6 1 5 5 7 5 1 1 */
-&(nid_objs[316]),/* OBJ_id_regCtrl_authenticator     1 3 6 1 5 5 7 5 1 2 */
-&(nid_objs[317]),/* OBJ_id_regCtrl_pkiPublicationInfo 1 3 6 1 5 5 7 5 1 3 */
-&(nid_objs[318]),/* OBJ_id_regCtrl_pkiArchiveOptions 1 3 6 1 5 5 7 5 1 4 */
-&(nid_objs[319]),/* OBJ_id_regCtrl_oldCertID         1 3 6 1 5 5 7 5 1 5 */
-&(nid_objs[320]),/* OBJ_id_regCtrl_protocolEncrKey   1 3 6 1 5 5 7 5 1 6 */
-&(nid_objs[321]),/* OBJ_id_regInfo_utf8Pairs         1 3 6 1 5 5 7 5 2 1 */
-&(nid_objs[322]),/* OBJ_id_regInfo_certReq           1 3 6 1 5 5 7 5 2 2 */
-&(nid_objs[365]),/* OBJ_id_pkix_OCSP_basic           1 3 6 1 5 5 7 48 1 1 */
-&(nid_objs[366]),/* OBJ_id_pkix_OCSP_Nonce           1 3 6 1 5 5 7 48 1 2 */
-&(nid_objs[367]),/* OBJ_id_pkix_OCSP_CrlID           1 3 6 1 5 5 7 48 1 3 */
-&(nid_objs[368]),/* OBJ_id_pkix_OCSP_acceptableResponses 1 3 6 1 5 5 7 48 1 4 */
-&(nid_objs[369]),/* OBJ_id_pkix_OCSP_noCheck         1 3 6 1 5 5 7 48 1 5 */
-&(nid_objs[370]),/* OBJ_id_pkix_OCSP_archiveCutoff   1 3 6 1 5 5 7 48 1 6 */
-&(nid_objs[371]),/* OBJ_id_pkix_OCSP_serviceLocator  1 3 6 1 5 5 7 48 1 7 */
-&(nid_objs[372]),/* OBJ_id_pkix_OCSP_extendedStatus  1 3 6 1 5 5 7 48 1 8 */
-&(nid_objs[373]),/* OBJ_id_pkix_OCSP_valid           1 3 6 1 5 5 7 48 1 9 */
-&(nid_objs[374]),/* OBJ_id_pkix_OCSP_path            1 3 6 1 5 5 7 48 1 10 */
-&(nid_objs[375]),/* OBJ_id_pkix_OCSP_trustRoot       1 3 6 1 5 5 7 48 1 11 */
-&(nid_objs[418]),/* OBJ_aes_128_ecb                  2 16 840 1 101 3 4 1 1 */
-&(nid_objs[419]),/* OBJ_aes_128_cbc                  2 16 840 1 101 3 4 1 2 */
-&(nid_objs[420]),/* OBJ_aes_128_ofb128               2 16 840 1 101 3 4 1 3 */
-&(nid_objs[421]),/* OBJ_aes_128_cfb128               2 16 840 1 101 3 4 1 4 */
-&(nid_objs[422]),/* OBJ_aes_192_ecb                  2 16 840 1 101 3 4 1 21 */
-&(nid_objs[423]),/* OBJ_aes_192_cbc                  2 16 840 1 101 3 4 1 22 */
-&(nid_objs[424]),/* OBJ_aes_192_ofb128               2 16 840 1 101 3 4 1 23 */
-&(nid_objs[425]),/* OBJ_aes_192_cfb128               2 16 840 1 101 3 4 1 24 */
-&(nid_objs[426]),/* OBJ_aes_256_ecb                  2 16 840 1 101 3 4 1 41 */
-&(nid_objs[427]),/* OBJ_aes_256_cbc                  2 16 840 1 101 3 4 1 42 */
-&(nid_objs[428]),/* OBJ_aes_256_ofb128               2 16 840 1 101 3 4 1 43 */
-&(nid_objs[429]),/* OBJ_aes_256_cfb128               2 16 840 1 101 3 4 1 44 */
-&(nid_objs[672]),/* OBJ_sha256                       2 16 840 1 101 3 4 2 1 */
-&(nid_objs[673]),/* OBJ_sha384                       2 16 840 1 101 3 4 2 2 */
-&(nid_objs[674]),/* OBJ_sha512                       2 16 840 1 101 3 4 2 3 */
-&(nid_objs[675]),/* OBJ_sha224                       2 16 840 1 101 3 4 2 4 */
-&(nid_objs[71]),/* OBJ_netscape_cert_type           2 16 840 1 113730 1 1 */
-&(nid_objs[72]),/* OBJ_netscape_base_url            2 16 840 1 113730 1 2 */
-&(nid_objs[73]),/* OBJ_netscape_revocation_url      2 16 840 1 113730 1 3 */
-&(nid_objs[74]),/* OBJ_netscape_ca_revocation_url   2 16 840 1 113730 1 4 */
-&(nid_objs[75]),/* OBJ_netscape_renewal_url         2 16 840 1 113730 1 7 */
-&(nid_objs[76]),/* OBJ_netscape_ca_policy_url       2 16 840 1 113730 1 8 */
-&(nid_objs[77]),/* OBJ_netscape_ssl_server_name     2 16 840 1 113730 1 12 */
-&(nid_objs[78]),/* OBJ_netscape_comment             2 16 840 1 113730 1 13 */
-&(nid_objs[79]),/* OBJ_netscape_cert_sequence       2 16 840 1 113730 2 5 */
-&(nid_objs[139]),/* OBJ_ns_sgc                       2 16 840 1 113730 4 1 */
-&(nid_objs[458]),/* OBJ_userId                       0 9 2342 19200300 100 1 1 */
-&(nid_objs[459]),/* OBJ_textEncodedORAddress         0 9 2342 19200300 100 1 2 */
-&(nid_objs[460]),/* OBJ_rfc822Mailbox                0 9 2342 19200300 100 1 3 */
-&(nid_objs[461]),/* OBJ_info                         0 9 2342 19200300 100 1 4 */
-&(nid_objs[462]),/* OBJ_favouriteDrink               0 9 2342 19200300 100 1 5 */
-&(nid_objs[463]),/* OBJ_roomNumber                   0 9 2342 19200300 100 1 6 */
-&(nid_objs[464]),/* OBJ_photo                        0 9 2342 19200300 100 1 7 */
-&(nid_objs[465]),/* OBJ_userClass                    0 9 2342 19200300 100 1 8 */
-&(nid_objs[466]),/* OBJ_host                         0 9 2342 19200300 100 1 9 */
-&(nid_objs[467]),/* OBJ_manager                      0 9 2342 19200300 100 1 10 */
-&(nid_objs[468]),/* OBJ_documentIdentifier           0 9 2342 19200300 100 1 11 */
-&(nid_objs[469]),/* OBJ_documentTitle                0 9 2342 19200300 100 1 12 */
-&(nid_objs[470]),/* OBJ_documentVersion              0 9 2342 19200300 100 1 13 */
-&(nid_objs[471]),/* OBJ_documentAuthor               0 9 2342 19200300 100 1 14 */
-&(nid_objs[472]),/* OBJ_documentLocation             0 9 2342 19200300 100 1 15 */
-&(nid_objs[473]),/* OBJ_homeTelephoneNumber          0 9 2342 19200300 100 1 20 */
-&(nid_objs[474]),/* OBJ_secretary                    0 9 2342 19200300 100 1 21 */
-&(nid_objs[475]),/* OBJ_otherMailbox                 0 9 2342 19200300 100 1 22 */
-&(nid_objs[476]),/* OBJ_lastModifiedTime             0 9 2342 19200300 100 1 23 */
-&(nid_objs[477]),/* OBJ_lastModifiedBy               0 9 2342 19200300 100 1 24 */
-&(nid_objs[391]),/* OBJ_domainComponent              0 9 2342 19200300 100 1 25 */
-&(nid_objs[478]),/* OBJ_aRecord                      0 9 2342 19200300 100 1 26 */
-&(nid_objs[479]),/* OBJ_pilotAttributeType27         0 9 2342 19200300 100 1 27 */
-&(nid_objs[480]),/* OBJ_mXRecord                     0 9 2342 19200300 100 1 28 */
-&(nid_objs[481]),/* OBJ_nSRecord                     0 9 2342 19200300 100 1 29 */
-&(nid_objs[482]),/* OBJ_sOARecord                    0 9 2342 19200300 100 1 30 */
-&(nid_objs[483]),/* OBJ_cNAMERecord                  0 9 2342 19200300 100 1 31 */
-&(nid_objs[484]),/* OBJ_associatedDomain             0 9 2342 19200300 100 1 37 */
-&(nid_objs[485]),/* OBJ_associatedName               0 9 2342 19200300 100 1 38 */
-&(nid_objs[486]),/* OBJ_homePostalAddress            0 9 2342 19200300 100 1 39 */
-&(nid_objs[487]),/* OBJ_personalTitle                0 9 2342 19200300 100 1 40 */
-&(nid_objs[488]),/* OBJ_mobileTelephoneNumber        0 9 2342 19200300 100 1 41 */
-&(nid_objs[489]),/* OBJ_pagerTelephoneNumber         0 9 2342 19200300 100 1 42 */
-&(nid_objs[490]),/* OBJ_friendlyCountryName          0 9 2342 19200300 100 1 43 */
-&(nid_objs[491]),/* OBJ_organizationalStatus         0 9 2342 19200300 100 1 45 */
-&(nid_objs[492]),/* OBJ_janetMailbox                 0 9 2342 19200300 100 1 46 */
-&(nid_objs[493]),/* OBJ_mailPreferenceOption         0 9 2342 19200300 100 1 47 */
-&(nid_objs[494]),/* OBJ_buildingName                 0 9 2342 19200300 100 1 48 */
-&(nid_objs[495]),/* OBJ_dSAQuality                   0 9 2342 19200300 100 1 49 */
-&(nid_objs[496]),/* OBJ_singleLevelQuality           0 9 2342 19200300 100 1 50 */
-&(nid_objs[497]),/* OBJ_subtreeMinimumQuality        0 9 2342 19200300 100 1 51 */
-&(nid_objs[498]),/* OBJ_subtreeMaximumQuality        0 9 2342 19200300 100 1 52 */
-&(nid_objs[499]),/* OBJ_personalSignature            0 9 2342 19200300 100 1 53 */
-&(nid_objs[500]),/* OBJ_dITRedirect                  0 9 2342 19200300 100 1 54 */
-&(nid_objs[501]),/* OBJ_audio                        0 9 2342 19200300 100 1 55 */
-&(nid_objs[502]),/* OBJ_documentPublisher            0 9 2342 19200300 100 1 56 */
-&(nid_objs[442]),/* OBJ_iA5StringSyntax              0 9 2342 19200300 100 3 4 */
-&(nid_objs[443]),/* OBJ_caseIgnoreIA5StringSyntax    0 9 2342 19200300 100 3 5 */
-&(nid_objs[444]),/* OBJ_pilotObject                  0 9 2342 19200300 100 4 3 */
-&(nid_objs[445]),/* OBJ_pilotPerson                  0 9 2342 19200300 100 4 4 */
-&(nid_objs[446]),/* OBJ_account                      0 9 2342 19200300 100 4 5 */
-&(nid_objs[447]),/* OBJ_document                     0 9 2342 19200300 100 4 6 */
-&(nid_objs[448]),/* OBJ_room                         0 9 2342 19200300 100 4 7 */
-&(nid_objs[449]),/* OBJ_documentSeries               0 9 2342 19200300 100 4 9 */
-&(nid_objs[392]),/* OBJ_Domain                       0 9 2342 19200300 100 4 13 */
-&(nid_objs[450]),/* OBJ_rFC822localPart              0 9 2342 19200300 100 4 14 */
-&(nid_objs[451]),/* OBJ_dNSDomain                    0 9 2342 19200300 100 4 15 */
-&(nid_objs[452]),/* OBJ_domainRelatedObject          0 9 2342 19200300 100 4 17 */
-&(nid_objs[453]),/* OBJ_friendlyCountry              0 9 2342 19200300 100 4 18 */
-&(nid_objs[454]),/* OBJ_simpleSecurityObject         0 9 2342 19200300 100 4 19 */
-&(nid_objs[455]),/* OBJ_pilotOrganization            0 9 2342 19200300 100 4 20 */
-&(nid_objs[456]),/* OBJ_pilotDSA                     0 9 2342 19200300 100 4 21 */
-&(nid_objs[457]),/* OBJ_qualityLabelledData          0 9 2342 19200300 100 4 22 */
-&(nid_objs[189]),/* OBJ_id_smime_mod                 1 2 840 113549 1 9 16 0 */
-&(nid_objs[190]),/* OBJ_id_smime_ct                  1 2 840 113549 1 9 16 1 */
-&(nid_objs[191]),/* OBJ_id_smime_aa                  1 2 840 113549 1 9 16 2 */
-&(nid_objs[192]),/* OBJ_id_smime_alg                 1 2 840 113549 1 9 16 3 */
-&(nid_objs[193]),/* OBJ_id_smime_cd                  1 2 840 113549 1 9 16 4 */
-&(nid_objs[194]),/* OBJ_id_smime_spq                 1 2 840 113549 1 9 16 5 */
-&(nid_objs[195]),/* OBJ_id_smime_cti                 1 2 840 113549 1 9 16 6 */
-&(nid_objs[158]),/* OBJ_x509Certificate              1 2 840 113549 1 9 22 1 */
-&(nid_objs[159]),/* OBJ_sdsiCertificate              1 2 840 113549 1 9 22 2 */
-&(nid_objs[160]),/* OBJ_x509Crl                      1 2 840 113549 1 9 23 1 */
-&(nid_objs[144]),/* OBJ_pbe_WithSHA1And128BitRC4     1 2 840 113549 1 12 1 1 */
-&(nid_objs[145]),/* OBJ_pbe_WithSHA1And40BitRC4      1 2 840 113549 1 12 1 2 */
-&(nid_objs[146]),/* OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC 1 2 840 113549 1 12 1 3 */
-&(nid_objs[147]),/* OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC 1 2 840 113549 1 12 1 4 */
-&(nid_objs[148]),/* OBJ_pbe_WithSHA1And128BitRC2_CBC 1 2 840 113549 1 12 1 5 */
-&(nid_objs[149]),/* OBJ_pbe_WithSHA1And40BitRC2_CBC  1 2 840 113549 1 12 1 6 */
-&(nid_objs[171]),/* OBJ_ms_ext_req                   1 3 6 1 4 1 311 2 1 14 */
-&(nid_objs[134]),/* OBJ_ms_code_ind                  1 3 6 1 4 1 311 2 1 21 */
-&(nid_objs[135]),/* OBJ_ms_code_com                  1 3 6 1 4 1 311 2 1 22 */
-&(nid_objs[136]),/* OBJ_ms_ctl_sign                  1 3 6 1 4 1 311 10 3 1 */
-&(nid_objs[137]),/* OBJ_ms_sgc                       1 3 6 1 4 1 311 10 3 3 */
-&(nid_objs[138]),/* OBJ_ms_efs                       1 3 6 1 4 1 311 10 3 4 */
-&(nid_objs[648]),/* OBJ_ms_smartcard_login           1 3 6 1 4 1 311 20 2 2 */
-&(nid_objs[649]),/* OBJ_ms_upn                       1 3 6 1 4 1 311 20 2 3 */
-&(nid_objs[196]),/* OBJ_id_smime_mod_cms             1 2 840 113549 1 9 16 0 1 */
-&(nid_objs[197]),/* OBJ_id_smime_mod_ess             1 2 840 113549 1 9 16 0 2 */
-&(nid_objs[198]),/* OBJ_id_smime_mod_oid             1 2 840 113549 1 9 16 0 3 */
-&(nid_objs[199]),/* OBJ_id_smime_mod_msg_v3          1 2 840 113549 1 9 16 0 4 */
-&(nid_objs[200]),/* OBJ_id_smime_mod_ets_eSignature_88 1 2 840 113549 1 9 16 0 5 */
-&(nid_objs[201]),/* OBJ_id_smime_mod_ets_eSignature_97 1 2 840 113549 1 9 16 0 6 */
-&(nid_objs[202]),/* OBJ_id_smime_mod_ets_eSigPolicy_88 1 2 840 113549 1 9 16 0 7 */
-&(nid_objs[203]),/* OBJ_id_smime_mod_ets_eSigPolicy_97 1 2 840 113549 1 9 16 0 8 */
-&(nid_objs[204]),/* OBJ_id_smime_ct_receipt          1 2 840 113549 1 9 16 1 1 */
-&(nid_objs[205]),/* OBJ_id_smime_ct_authData         1 2 840 113549 1 9 16 1 2 */
-&(nid_objs[206]),/* OBJ_id_smime_ct_publishCert      1 2 840 113549 1 9 16 1 3 */
-&(nid_objs[207]),/* OBJ_id_smime_ct_TSTInfo          1 2 840 113549 1 9 16 1 4 */
-&(nid_objs[208]),/* OBJ_id_smime_ct_TDTInfo          1 2 840 113549 1 9 16 1 5 */
-&(nid_objs[209]),/* OBJ_id_smime_ct_contentInfo      1 2 840 113549 1 9 16 1 6 */
-&(nid_objs[210]),/* OBJ_id_smime_ct_DVCSRequestData  1 2 840 113549 1 9 16 1 7 */
-&(nid_objs[211]),/* OBJ_id_smime_ct_DVCSResponseData 1 2 840 113549 1 9 16 1 8 */
-&(nid_objs[212]),/* OBJ_id_smime_aa_receiptRequest   1 2 840 113549 1 9 16 2 1 */
-&(nid_objs[213]),/* OBJ_id_smime_aa_securityLabel    1 2 840 113549 1 9 16 2 2 */
-&(nid_objs[214]),/* OBJ_id_smime_aa_mlExpandHistory  1 2 840 113549 1 9 16 2 3 */
-&(nid_objs[215]),/* OBJ_id_smime_aa_contentHint      1 2 840 113549 1 9 16 2 4 */
-&(nid_objs[216]),/* OBJ_id_smime_aa_msgSigDigest     1 2 840 113549 1 9 16 2 5 */
-&(nid_objs[217]),/* OBJ_id_smime_aa_encapContentType 1 2 840 113549 1 9 16 2 6 */
-&(nid_objs[218]),/* OBJ_id_smime_aa_contentIdentifier 1 2 840 113549 1 9 16 2 7 */
-&(nid_objs[219]),/* OBJ_id_smime_aa_macValue         1 2 840 113549 1 9 16 2 8 */
-&(nid_objs[220]),/* OBJ_id_smime_aa_equivalentLabels 1 2 840 113549 1 9 16 2 9 */
-&(nid_objs[221]),/* OBJ_id_smime_aa_contentReference 1 2 840 113549 1 9 16 2 10 */
-&(nid_objs[222]),/* OBJ_id_smime_aa_encrypKeyPref    1 2 840 113549 1 9 16 2 11 */
-&(nid_objs[223]),/* OBJ_id_smime_aa_signingCertificate 1 2 840 113549 1 9 16 2 12 */
-&(nid_objs[224]),/* OBJ_id_smime_aa_smimeEncryptCerts 1 2 840 113549 1 9 16 2 13 */
-&(nid_objs[225]),/* OBJ_id_smime_aa_timeStampToken   1 2 840 113549 1 9 16 2 14 */
-&(nid_objs[226]),/* OBJ_id_smime_aa_ets_sigPolicyId  1 2 840 113549 1 9 16 2 15 */
-&(nid_objs[227]),/* OBJ_id_smime_aa_ets_commitmentType 1 2 840 113549 1 9 16 2 16 */
-&(nid_objs[228]),/* OBJ_id_smime_aa_ets_signerLocation 1 2 840 113549 1 9 16 2 17 */
-&(nid_objs[229]),/* OBJ_id_smime_aa_ets_signerAttr   1 2 840 113549 1 9 16 2 18 */
-&(nid_objs[230]),/* OBJ_id_smime_aa_ets_otherSigCert 1 2 840 113549 1 9 16 2 19 */
-&(nid_objs[231]),/* OBJ_id_smime_aa_ets_contentTimestamp 1 2 840 113549 1 9 16 2 20 */
-&(nid_objs[232]),/* OBJ_id_smime_aa_ets_CertificateRefs 1 2 840 113549 1 9 16 2 21 */
-&(nid_objs[233]),/* OBJ_id_smime_aa_ets_RevocationRefs 1 2 840 113549 1 9 16 2 22 */
-&(nid_objs[234]),/* OBJ_id_smime_aa_ets_certValues   1 2 840 113549 1 9 16 2 23 */
-&(nid_objs[235]),/* OBJ_id_smime_aa_ets_revocationValues 1 2 840 113549 1 9 16 2 24 */
-&(nid_objs[236]),/* OBJ_id_smime_aa_ets_escTimeStamp 1 2 840 113549 1 9 16 2 25 */
-&(nid_objs[237]),/* OBJ_id_smime_aa_ets_certCRLTimestamp 1 2 840 113549 1 9 16 2 26 */
-&(nid_objs[238]),/* OBJ_id_smime_aa_ets_archiveTimeStamp 1 2 840 113549 1 9 16 2 27 */
-&(nid_objs[239]),/* OBJ_id_smime_aa_signatureType    1 2 840 113549 1 9 16 2 28 */
-&(nid_objs[240]),/* OBJ_id_smime_aa_dvcs_dvc         1 2 840 113549 1 9 16 2 29 */
-&(nid_objs[241]),/* OBJ_id_smime_alg_ESDHwith3DES    1 2 840 113549 1 9 16 3 1 */
-&(nid_objs[242]),/* OBJ_id_smime_alg_ESDHwithRC2     1 2 840 113549 1 9 16 3 2 */
-&(nid_objs[243]),/* OBJ_id_smime_alg_3DESwrap        1 2 840 113549 1 9 16 3 3 */
-&(nid_objs[244]),/* OBJ_id_smime_alg_RC2wrap         1 2 840 113549 1 9 16 3 4 */
-&(nid_objs[245]),/* OBJ_id_smime_alg_ESDH            1 2 840 113549 1 9 16 3 5 */
-&(nid_objs[246]),/* OBJ_id_smime_alg_CMS3DESwrap     1 2 840 113549 1 9 16 3 6 */
-&(nid_objs[247]),/* OBJ_id_smime_alg_CMSRC2wrap      1 2 840 113549 1 9 16 3 7 */
-&(nid_objs[248]),/* OBJ_id_smime_cd_ldap             1 2 840 113549 1 9 16 4 1 */
-&(nid_objs[249]),/* OBJ_id_smime_spq_ets_sqt_uri     1 2 840 113549 1 9 16 5 1 */
-&(nid_objs[250]),/* OBJ_id_smime_spq_ets_sqt_unotice 1 2 840 113549 1 9 16 5 2 */
-&(nid_objs[251]),/* OBJ_id_smime_cti_ets_proofOfOrigin 1 2 840 113549 1 9 16 6 1 */
-&(nid_objs[252]),/* OBJ_id_smime_cti_ets_proofOfReceipt 1 2 840 113549 1 9 16 6 2 */
-&(nid_objs[253]),/* OBJ_id_smime_cti_ets_proofOfDelivery 1 2 840 113549 1 9 16 6 3 */
-&(nid_objs[254]),/* OBJ_id_smime_cti_ets_proofOfSender 1 2 840 113549 1 9 16 6 4 */
-&(nid_objs[255]),/* OBJ_id_smime_cti_ets_proofOfApproval 1 2 840 113549 1 9 16 6 5 */
-&(nid_objs[256]),/* OBJ_id_smime_cti_ets_proofOfCreation 1 2 840 113549 1 9 16 6 6 */
-&(nid_objs[150]),/* OBJ_keyBag                       1 2 840 113549 1 12 10 1 1 */
-&(nid_objs[151]),/* OBJ_pkcs8ShroudedKeyBag          1 2 840 113549 1 12 10 1 2 */
-&(nid_objs[152]),/* OBJ_certBag                      1 2 840 113549 1 12 10 1 3 */
-&(nid_objs[153]),/* OBJ_crlBag                       1 2 840 113549 1 12 10 1 4 */
-&(nid_objs[154]),/* OBJ_secretBag                    1 2 840 113549 1 12 10 1 5 */
-&(nid_objs[155]),/* OBJ_safeContentsBag              1 2 840 113549 1 12 10 1 6 */
-&(nid_objs[34]),/* OBJ_idea_cbc                     1 3 6 1 4 1 188 7 1 1 2 */
-};
-
diff --git a/src/lib/libssl/src/crypto/objects/obj_err.c b/src/lib/libssl/src/crypto/objects/obj_err.c
index 0682979b38..2b5f43e3cc 100644
--- a/src/lib/libssl/src/crypto/objects/obj_err.c
+++ b/src/lib/libssl/src/crypto/objects/obj_err.c
@@ -1,6 +1,6 @@
 /* crypto/objects/obj_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,26 +64,22 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_OBJ,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_OBJ,0,reason)
-
 static ERR_STRING_DATA OBJ_str_functs[]=
         {
-{ERR_FUNC(OBJ_F_OBJ_ADD_OBJECT),        "OBJ_add_object"},
-{ERR_FUNC(OBJ_F_OBJ_CREATE),    "OBJ_create"},
-{ERR_FUNC(OBJ_F_OBJ_DUP),       "OBJ_dup"},
-{ERR_FUNC(OBJ_F_OBJ_NAME_NEW_INDEX),    "OBJ_NAME_new_index"},
-{ERR_FUNC(OBJ_F_OBJ_NID2LN),    "OBJ_nid2ln"},
-{ERR_FUNC(OBJ_F_OBJ_NID2OBJ),   "OBJ_nid2obj"},
-{ERR_FUNC(OBJ_F_OBJ_NID2SN),    "OBJ_nid2sn"},
+{ERR_PACK(0,OBJ_F_OBJ_ADD_OBJECT,0),    "OBJ_add_object"},
+{ERR_PACK(0,OBJ_F_OBJ_CREATE,0),        "OBJ_create"},
+{ERR_PACK(0,OBJ_F_OBJ_DUP,0),   "OBJ_dup"},
+{ERR_PACK(0,OBJ_F_OBJ_NAME_NEW_INDEX,0),        "OBJ_NAME_new_index"},
+{ERR_PACK(0,OBJ_F_OBJ_NID2LN,0),        "OBJ_nid2ln"},
+{ERR_PACK(0,OBJ_F_OBJ_NID2OBJ,0),       "OBJ_nid2obj"},
+{ERR_PACK(0,OBJ_F_OBJ_NID2SN,0),        "OBJ_nid2sn"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA OBJ_str_reasons[]=
         {
-{ERR_REASON(OBJ_R_MALLOC_FAILURE)        ,"malloc failure"},
-{ERR_REASON(OBJ_R_UNKNOWN_NID)           ,"unknown nid"},
+{OBJ_R_MALLOC_FAILURE                    ,"malloc failure"},
+{OBJ_R_UNKNOWN_NID                       ,"unknown nid"},
 {0,NULL}
         };
 
@@ -97,8 +93,8 @@ void ERR_load_OBJ_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,OBJ_str_functs);
-                ERR_load_strings(0,OBJ_str_reasons);
+                ERR_load_strings(ERR_LIB_OBJ,OBJ_str_functs);
+                ERR_load_strings(ERR_LIB_OBJ,OBJ_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/crypto/objects/obj_mac.h b/src/lib/libssl/src/crypto/objects/obj_mac.h
deleted file mode 100644
index 51bb50047f..0000000000
--- a/src/lib/libssl/src/crypto/objects/obj_mac.h
+++ /dev/null
@@ -1,2987 +0,0 @@
-/* crypto/objects/obj_mac.h */
-
-/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the
- * following command:
- * perl objects.pl objects.txt obj_mac.num obj_mac.h
- */
-
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define SN_undef                        "UNDEF"
-#define LN_undef                        "undefined"
-#define NID_undef                       0
-#define OBJ_undef                       0L
-
-#define SN_ccitt                "CCITT"
-#define LN_ccitt                "ccitt"
-#define NID_ccitt               404
-#define OBJ_ccitt               0L
-
-#define SN_iso          "ISO"
-#define LN_iso          "iso"
-#define NID_iso         181
-#define OBJ_iso         1L
-
-#define SN_joint_iso_ccitt              "JOINT-ISO-CCITT"
-#define LN_joint_iso_ccitt              "joint-iso-ccitt"
-#define NID_joint_iso_ccitt             393
-#define OBJ_joint_iso_ccitt             2L
-
-#define SN_member_body          "member-body"
-#define LN_member_body          "ISO Member Body"
-#define NID_member_body         182
-#define OBJ_member_body         OBJ_iso,2L
-
-#define SN_selected_attribute_types             "selected-attribute-types"
-#define LN_selected_attribute_types             "Selected Attribute Types"
-#define NID_selected_attribute_types            394
-#define OBJ_selected_attribute_types            OBJ_joint_iso_ccitt,5L,1L,5L
-
-#define SN_clearance            "clearance"
-#define NID_clearance           395
-#define OBJ_clearance           OBJ_selected_attribute_types,55L
-
-#define SN_ISO_US               "ISO-US"
-#define LN_ISO_US               "ISO US Member Body"
-#define NID_ISO_US              183
-#define OBJ_ISO_US              OBJ_member_body,840L
-
-#define SN_X9_57                "X9-57"
-#define LN_X9_57                "X9.57"
-#define NID_X9_57               184
-#define OBJ_X9_57               OBJ_ISO_US,10040L
-
-#define SN_X9cm         "X9cm"
-#define LN_X9cm         "X9.57 CM ?"
-#define NID_X9cm                185
-#define OBJ_X9cm                OBJ_X9_57,4L
-
-#define SN_dsa          "DSA"
-#define LN_dsa          "dsaEncryption"
-#define NID_dsa         116
-#define OBJ_dsa         OBJ_X9cm,1L
-
-#define SN_dsaWithSHA1          "DSA-SHA1"
-#define LN_dsaWithSHA1          "dsaWithSHA1"
-#define NID_dsaWithSHA1         113
-#define OBJ_dsaWithSHA1         OBJ_X9cm,3L
-
-#define SN_ansi_X9_62           "ansi-X9-62"
-#define LN_ansi_X9_62           "ANSI X9.62"
-#define NID_ansi_X9_62          405
-#define OBJ_ansi_X9_62          OBJ_ISO_US,10045L
-
-#define OBJ_X9_62_id_fieldType          OBJ_ansi_X9_62,1L
-
-#define SN_X9_62_prime_field            "prime-field"
-#define NID_X9_62_prime_field           406
-#define OBJ_X9_62_prime_field           OBJ_X9_62_id_fieldType,1L
-
-#define SN_X9_62_characteristic_two_field               "characteristic-two-field"
-#define NID_X9_62_characteristic_two_field              407
-#define OBJ_X9_62_characteristic_two_field              OBJ_X9_62_id_fieldType,2L
-
-#define OBJ_X9_62_id_publicKeyType              OBJ_ansi_X9_62,2L
-
-#define SN_X9_62_id_ecPublicKey         "id-ecPublicKey"
-#define NID_X9_62_id_ecPublicKey                408
-#define OBJ_X9_62_id_ecPublicKey                OBJ_X9_62_id_publicKeyType,1L
-
-#define OBJ_X9_62_ellipticCurve         OBJ_ansi_X9_62,3L
-
-#define OBJ_X9_62_c_TwoCurve            OBJ_X9_62_ellipticCurve,0L
-
-#define OBJ_X9_62_primeCurve            OBJ_X9_62_ellipticCurve,1L
-
-#define SN_X9_62_prime192v1             "prime192v1"
-#define NID_X9_62_prime192v1            409
-#define OBJ_X9_62_prime192v1            OBJ_X9_62_primeCurve,1L
-
-#define SN_X9_62_prime192v2             "prime192v2"
-#define NID_X9_62_prime192v2            410
-#define OBJ_X9_62_prime192v2            OBJ_X9_62_primeCurve,2L
-
-#define SN_X9_62_prime192v3             "prime192v3"
-#define NID_X9_62_prime192v3            411
-#define OBJ_X9_62_prime192v3            OBJ_X9_62_primeCurve,3L
-
-#define SN_X9_62_prime239v1             "prime239v1"
-#define NID_X9_62_prime239v1            412
-#define OBJ_X9_62_prime239v1            OBJ_X9_62_primeCurve,4L
-
-#define SN_X9_62_prime239v2             "prime239v2"
-#define NID_X9_62_prime239v2            413
-#define OBJ_X9_62_prime239v2            OBJ_X9_62_primeCurve,5L
-
-#define SN_X9_62_prime239v3             "prime239v3"
-#define NID_X9_62_prime239v3            414
-#define OBJ_X9_62_prime239v3            OBJ_X9_62_primeCurve,6L
-
-#define SN_X9_62_prime256v1             "prime256v1"
-#define NID_X9_62_prime256v1            415
-#define OBJ_X9_62_prime256v1            OBJ_X9_62_primeCurve,7L
-
-#define OBJ_X9_62_id_ecSigType          OBJ_ansi_X9_62,4L
-
-#define SN_ecdsa_with_SHA1              "ecdsa-with-SHA1"
-#define NID_ecdsa_with_SHA1             416
-#define OBJ_ecdsa_with_SHA1             OBJ_X9_62_id_ecSigType,1L
-
-#define SN_cast5_cbc            "CAST5-CBC"
-#define LN_cast5_cbc            "cast5-cbc"
-#define NID_cast5_cbc           108
-#define OBJ_cast5_cbc           OBJ_ISO_US,113533L,7L,66L,10L
-
-#define SN_cast5_ecb            "CAST5-ECB"
-#define LN_cast5_ecb            "cast5-ecb"
-#define NID_cast5_ecb           109
-
-#define SN_cast5_cfb64          "CAST5-CFB"
-#define LN_cast5_cfb64          "cast5-cfb"
-#define NID_cast5_cfb64         110
-
-#define SN_cast5_ofb64          "CAST5-OFB"
-#define LN_cast5_ofb64          "cast5-ofb"
-#define NID_cast5_ofb64         111
-
-#define LN_pbeWithMD5AndCast5_CBC               "pbeWithMD5AndCast5CBC"
-#define NID_pbeWithMD5AndCast5_CBC              112
-#define OBJ_pbeWithMD5AndCast5_CBC              OBJ_ISO_US,113533L,7L,66L,12L
-
-#define SN_rsadsi               "rsadsi"
-#define LN_rsadsi               "RSA Data Security, Inc."
-#define NID_rsadsi              1
-#define OBJ_rsadsi              OBJ_ISO_US,113549L
-
-#define SN_pkcs         "pkcs"
-#define LN_pkcs         "RSA Data Security, Inc. PKCS"
-#define NID_pkcs                2
-#define OBJ_pkcs                OBJ_rsadsi,1L
-
-#define SN_pkcs1                "pkcs1"
-#define NID_pkcs1               186
-#define OBJ_pkcs1               OBJ_pkcs,1L
-
-#define LN_rsaEncryption                "rsaEncryption"
-#define NID_rsaEncryption               6
-#define OBJ_rsaEncryption               OBJ_pkcs1,1L
-
-#define SN_md2WithRSAEncryption         "RSA-MD2"
-#define LN_md2WithRSAEncryption         "md2WithRSAEncryption"
-#define NID_md2WithRSAEncryption                7
-#define OBJ_md2WithRSAEncryption                OBJ_pkcs1,2L
-
-#define SN_md4WithRSAEncryption         "RSA-MD4"
-#define LN_md4WithRSAEncryption         "md4WithRSAEncryption"
-#define NID_md4WithRSAEncryption                396
-#define OBJ_md4WithRSAEncryption                OBJ_pkcs1,3L
-
-#define SN_md5WithRSAEncryption         "RSA-MD5"
-#define LN_md5WithRSAEncryption         "md5WithRSAEncryption"
-#define NID_md5WithRSAEncryption                8
-#define OBJ_md5WithRSAEncryption                OBJ_pkcs1,4L
-
-#define SN_sha1WithRSAEncryption                "RSA-SHA1"
-#define LN_sha1WithRSAEncryption                "sha1WithRSAEncryption"
-#define NID_sha1WithRSAEncryption               65
-#define OBJ_sha1WithRSAEncryption               OBJ_pkcs1,5L
-
-#define SN_sha256WithRSAEncryption              "RSA-SHA256"
-#define LN_sha256WithRSAEncryption              "sha256WithRSAEncryption"
-#define NID_sha256WithRSAEncryption             668
-#define OBJ_sha256WithRSAEncryption             OBJ_pkcs1,11L
-
-#define SN_sha384WithRSAEncryption              "RSA-SHA384"
-#define LN_sha384WithRSAEncryption              "sha384WithRSAEncryption"
-#define NID_sha384WithRSAEncryption             669
-#define OBJ_sha384WithRSAEncryption             OBJ_pkcs1,12L
-
-#define SN_sha512WithRSAEncryption              "RSA-SHA512"
-#define LN_sha512WithRSAEncryption              "sha512WithRSAEncryption"
-#define NID_sha512WithRSAEncryption             670
-#define OBJ_sha512WithRSAEncryption             OBJ_pkcs1,13L
-
-#define SN_sha224WithRSAEncryption              "RSA-SHA224"
-#define LN_sha224WithRSAEncryption              "sha224WithRSAEncryption"
-#define NID_sha224WithRSAEncryption             671
-#define OBJ_sha224WithRSAEncryption             OBJ_pkcs1,14L
-
-#define SN_pkcs3                "pkcs3"
-#define NID_pkcs3               27
-#define OBJ_pkcs3               OBJ_pkcs,3L
-
-#define LN_dhKeyAgreement               "dhKeyAgreement"
-#define NID_dhKeyAgreement              28
-#define OBJ_dhKeyAgreement              OBJ_pkcs3,1L
-
-#define SN_pkcs5                "pkcs5"
-#define NID_pkcs5               187
-#define OBJ_pkcs5               OBJ_pkcs,5L
-
-#define SN_pbeWithMD2AndDES_CBC         "PBE-MD2-DES"
-#define LN_pbeWithMD2AndDES_CBC         "pbeWithMD2AndDES-CBC"
-#define NID_pbeWithMD2AndDES_CBC                9
-#define OBJ_pbeWithMD2AndDES_CBC                OBJ_pkcs5,1L
-
-#define SN_pbeWithMD5AndDES_CBC         "PBE-MD5-DES"
-#define LN_pbeWithMD5AndDES_CBC         "pbeWithMD5AndDES-CBC"
-#define NID_pbeWithMD5AndDES_CBC                10
-#define OBJ_pbeWithMD5AndDES_CBC                OBJ_pkcs5,3L
-
-#define SN_pbeWithMD2AndRC2_CBC         "PBE-MD2-RC2-64"
-#define LN_pbeWithMD2AndRC2_CBC         "pbeWithMD2AndRC2-CBC"
-#define NID_pbeWithMD2AndRC2_CBC                168
-#define OBJ_pbeWithMD2AndRC2_CBC                OBJ_pkcs5,4L
-
-#define SN_pbeWithMD5AndRC2_CBC         "PBE-MD5-RC2-64"
-#define LN_pbeWithMD5AndRC2_CBC         "pbeWithMD5AndRC2-CBC"
-#define NID_pbeWithMD5AndRC2_CBC                169
-#define OBJ_pbeWithMD5AndRC2_CBC                OBJ_pkcs5,6L
-
-#define SN_pbeWithSHA1AndDES_CBC                "PBE-SHA1-DES"
-#define LN_pbeWithSHA1AndDES_CBC                "pbeWithSHA1AndDES-CBC"
-#define NID_pbeWithSHA1AndDES_CBC               170
-#define OBJ_pbeWithSHA1AndDES_CBC               OBJ_pkcs5,10L
-
-#define SN_pbeWithSHA1AndRC2_CBC                "PBE-SHA1-RC2-64"
-#define LN_pbeWithSHA1AndRC2_CBC                "pbeWithSHA1AndRC2-CBC"
-#define NID_pbeWithSHA1AndRC2_CBC               68
-#define OBJ_pbeWithSHA1AndRC2_CBC               OBJ_pkcs5,11L
-
-#define LN_id_pbkdf2            "PBKDF2"
-#define NID_id_pbkdf2           69
-#define OBJ_id_pbkdf2           OBJ_pkcs5,12L
-
-#define LN_pbes2                "PBES2"
-#define NID_pbes2               161
-#define OBJ_pbes2               OBJ_pkcs5,13L
-
-#define LN_pbmac1               "PBMAC1"
-#define NID_pbmac1              162
-#define OBJ_pbmac1              OBJ_pkcs5,14L
-
-#define SN_pkcs7                "pkcs7"
-#define NID_pkcs7               20
-#define OBJ_pkcs7               OBJ_pkcs,7L
-
-#define LN_pkcs7_data           "pkcs7-data"
-#define NID_pkcs7_data          21
-#define OBJ_pkcs7_data          OBJ_pkcs7,1L
-
-#define LN_pkcs7_signed         "pkcs7-signedData"
-#define NID_pkcs7_signed                22
-#define OBJ_pkcs7_signed                OBJ_pkcs7,2L
-
-#define LN_pkcs7_enveloped              "pkcs7-envelopedData"
-#define NID_pkcs7_enveloped             23
-#define OBJ_pkcs7_enveloped             OBJ_pkcs7,3L
-
-#define LN_pkcs7_signedAndEnveloped             "pkcs7-signedAndEnvelopedData"
-#define NID_pkcs7_signedAndEnveloped            24
-#define OBJ_pkcs7_signedAndEnveloped            OBJ_pkcs7,4L
-
-#define LN_pkcs7_digest         "pkcs7-digestData"
-#define NID_pkcs7_digest                25
-#define OBJ_pkcs7_digest                OBJ_pkcs7,5L
-
-#define LN_pkcs7_encrypted              "pkcs7-encryptedData"
-#define NID_pkcs7_encrypted             26
-#define OBJ_pkcs7_encrypted             OBJ_pkcs7,6L
-
-#define SN_pkcs9                "pkcs9"
-#define NID_pkcs9               47
-#define OBJ_pkcs9               OBJ_pkcs,9L
-
-#define LN_pkcs9_emailAddress           "emailAddress"
-#define NID_pkcs9_emailAddress          48
-#define OBJ_pkcs9_emailAddress          OBJ_pkcs9,1L
-
-#define LN_pkcs9_unstructuredName               "unstructuredName"
-#define NID_pkcs9_unstructuredName              49
-#define OBJ_pkcs9_unstructuredName              OBJ_pkcs9,2L
-
-#define LN_pkcs9_contentType            "contentType"
-#define NID_pkcs9_contentType           50
-#define OBJ_pkcs9_contentType           OBJ_pkcs9,3L
-
-#define LN_pkcs9_messageDigest          "messageDigest"
-#define NID_pkcs9_messageDigest         51
-#define OBJ_pkcs9_messageDigest         OBJ_pkcs9,4L
-
-#define LN_pkcs9_signingTime            "signingTime"
-#define NID_pkcs9_signingTime           52
-#define OBJ_pkcs9_signingTime           OBJ_pkcs9,5L
-
-#define LN_pkcs9_countersignature               "countersignature"
-#define NID_pkcs9_countersignature              53
-#define OBJ_pkcs9_countersignature              OBJ_pkcs9,6L
-
-#define LN_pkcs9_challengePassword              "challengePassword"
-#define NID_pkcs9_challengePassword             54
-#define OBJ_pkcs9_challengePassword             OBJ_pkcs9,7L
-
-#define LN_pkcs9_unstructuredAddress            "unstructuredAddress"
-#define NID_pkcs9_unstructuredAddress           55
-#define OBJ_pkcs9_unstructuredAddress           OBJ_pkcs9,8L
-
-#define LN_pkcs9_extCertAttributes              "extendedCertificateAttributes"
-#define NID_pkcs9_extCertAttributes             56
-#define OBJ_pkcs9_extCertAttributes             OBJ_pkcs9,9L
-
-#define SN_ext_req              "extReq"
-#define LN_ext_req              "Extension Request"
-#define NID_ext_req             172
-#define OBJ_ext_req             OBJ_pkcs9,14L
-
-#define SN_SMIMECapabilities            "SMIME-CAPS"
-#define LN_SMIMECapabilities            "S/MIME Capabilities"
-#define NID_SMIMECapabilities           167
-#define OBJ_SMIMECapabilities           OBJ_pkcs9,15L
-
-#define SN_SMIME                "SMIME"
-#define LN_SMIME                "S/MIME"
-#define NID_SMIME               188
-#define OBJ_SMIME               OBJ_pkcs9,16L
-
-#define SN_id_smime_mod         "id-smime-mod"
-#define NID_id_smime_mod                189
-#define OBJ_id_smime_mod                OBJ_SMIME,0L
-
-#define SN_id_smime_ct          "id-smime-ct"
-#define NID_id_smime_ct         190
-#define OBJ_id_smime_ct         OBJ_SMIME,1L
-
-#define SN_id_smime_aa          "id-smime-aa"
-#define NID_id_smime_aa         191
-#define OBJ_id_smime_aa         OBJ_SMIME,2L
-
-#define SN_id_smime_alg         "id-smime-alg"
-#define NID_id_smime_alg                192
-#define OBJ_id_smime_alg                OBJ_SMIME,3L
-
-#define SN_id_smime_cd          "id-smime-cd"
-#define NID_id_smime_cd         193
-#define OBJ_id_smime_cd         OBJ_SMIME,4L
-
-#define SN_id_smime_spq         "id-smime-spq"
-#define NID_id_smime_spq                194
-#define OBJ_id_smime_spq                OBJ_SMIME,5L
-
-#define SN_id_smime_cti         "id-smime-cti"
-#define NID_id_smime_cti                195
-#define OBJ_id_smime_cti                OBJ_SMIME,6L
-
-#define SN_id_smime_mod_cms             "id-smime-mod-cms"
-#define NID_id_smime_mod_cms            196
-#define OBJ_id_smime_mod_cms            OBJ_id_smime_mod,1L
-
-#define SN_id_smime_mod_ess             "id-smime-mod-ess"
-#define NID_id_smime_mod_ess            197
-#define OBJ_id_smime_mod_ess            OBJ_id_smime_mod,2L
-
-#define SN_id_smime_mod_oid             "id-smime-mod-oid"
-#define NID_id_smime_mod_oid            198
-#define OBJ_id_smime_mod_oid            OBJ_id_smime_mod,3L
-
-#define SN_id_smime_mod_msg_v3          "id-smime-mod-msg-v3"
-#define NID_id_smime_mod_msg_v3         199
-#define OBJ_id_smime_mod_msg_v3         OBJ_id_smime_mod,4L
-
-#define SN_id_smime_mod_ets_eSignature_88               "id-smime-mod-ets-eSignature-88"
-#define NID_id_smime_mod_ets_eSignature_88              200
-#define OBJ_id_smime_mod_ets_eSignature_88              OBJ_id_smime_mod,5L
-
-#define SN_id_smime_mod_ets_eSignature_97               "id-smime-mod-ets-eSignature-97"
-#define NID_id_smime_mod_ets_eSignature_97              201
-#define OBJ_id_smime_mod_ets_eSignature_97              OBJ_id_smime_mod,6L
-
-#define SN_id_smime_mod_ets_eSigPolicy_88               "id-smime-mod-ets-eSigPolicy-88"
-#define NID_id_smime_mod_ets_eSigPolicy_88              202
-#define OBJ_id_smime_mod_ets_eSigPolicy_88              OBJ_id_smime_mod,7L
-
-#define SN_id_smime_mod_ets_eSigPolicy_97               "id-smime-mod-ets-eSigPolicy-97"
-#define NID_id_smime_mod_ets_eSigPolicy_97              203
-#define OBJ_id_smime_mod_ets_eSigPolicy_97              OBJ_id_smime_mod,8L
-
-#define SN_id_smime_ct_receipt          "id-smime-ct-receipt"
-#define NID_id_smime_ct_receipt         204
-#define OBJ_id_smime_ct_receipt         OBJ_id_smime_ct,1L
-
-#define SN_id_smime_ct_authData         "id-smime-ct-authData"
-#define NID_id_smime_ct_authData                205
-#define OBJ_id_smime_ct_authData                OBJ_id_smime_ct,2L
-
-#define SN_id_smime_ct_publishCert              "id-smime-ct-publishCert"
-#define NID_id_smime_ct_publishCert             206
-#define OBJ_id_smime_ct_publishCert             OBJ_id_smime_ct,3L
-
-#define SN_id_smime_ct_TSTInfo          "id-smime-ct-TSTInfo"
-#define NID_id_smime_ct_TSTInfo         207
-#define OBJ_id_smime_ct_TSTInfo         OBJ_id_smime_ct,4L
-
-#define SN_id_smime_ct_TDTInfo          "id-smime-ct-TDTInfo"
-#define NID_id_smime_ct_TDTInfo         208
-#define OBJ_id_smime_ct_TDTInfo         OBJ_id_smime_ct,5L
-
-#define SN_id_smime_ct_contentInfo              "id-smime-ct-contentInfo"
-#define NID_id_smime_ct_contentInfo             209
-#define OBJ_id_smime_ct_contentInfo             OBJ_id_smime_ct,6L
-
-#define SN_id_smime_ct_DVCSRequestData          "id-smime-ct-DVCSRequestData"
-#define NID_id_smime_ct_DVCSRequestData         210
-#define OBJ_id_smime_ct_DVCSRequestData         OBJ_id_smime_ct,7L
-
-#define SN_id_smime_ct_DVCSResponseData         "id-smime-ct-DVCSResponseData"
-#define NID_id_smime_ct_DVCSResponseData                211
-#define OBJ_id_smime_ct_DVCSResponseData                OBJ_id_smime_ct,8L
-
-#define SN_id_smime_aa_receiptRequest           "id-smime-aa-receiptRequest"
-#define NID_id_smime_aa_receiptRequest          212
-#define OBJ_id_smime_aa_receiptRequest          OBJ_id_smime_aa,1L
-
-#define SN_id_smime_aa_securityLabel            "id-smime-aa-securityLabel"
-#define NID_id_smime_aa_securityLabel           213
-#define OBJ_id_smime_aa_securityLabel           OBJ_id_smime_aa,2L
-
-#define SN_id_smime_aa_mlExpandHistory          "id-smime-aa-mlExpandHistory"
-#define NID_id_smime_aa_mlExpandHistory         214
-#define OBJ_id_smime_aa_mlExpandHistory         OBJ_id_smime_aa,3L
-
-#define SN_id_smime_aa_contentHint              "id-smime-aa-contentHint"
-#define NID_id_smime_aa_contentHint             215
-#define OBJ_id_smime_aa_contentHint             OBJ_id_smime_aa,4L
-
-#define SN_id_smime_aa_msgSigDigest             "id-smime-aa-msgSigDigest"
-#define NID_id_smime_aa_msgSigDigest            216
-#define OBJ_id_smime_aa_msgSigDigest            OBJ_id_smime_aa,5L
-
-#define SN_id_smime_aa_encapContentType         "id-smime-aa-encapContentType"
-#define NID_id_smime_aa_encapContentType                217
-#define OBJ_id_smime_aa_encapContentType                OBJ_id_smime_aa,6L
-
-#define SN_id_smime_aa_contentIdentifier                "id-smime-aa-contentIdentifier"
-#define NID_id_smime_aa_contentIdentifier               218
-#define OBJ_id_smime_aa_contentIdentifier               OBJ_id_smime_aa,7L
-
-#define SN_id_smime_aa_macValue         "id-smime-aa-macValue"
-#define NID_id_smime_aa_macValue                219
-#define OBJ_id_smime_aa_macValue                OBJ_id_smime_aa,8L
-
-#define SN_id_smime_aa_equivalentLabels         "id-smime-aa-equivalentLabels"
-#define NID_id_smime_aa_equivalentLabels                220
-#define OBJ_id_smime_aa_equivalentLabels                OBJ_id_smime_aa,9L
-
-#define SN_id_smime_aa_contentReference         "id-smime-aa-contentReference"
-#define NID_id_smime_aa_contentReference                221
-#define OBJ_id_smime_aa_contentReference                OBJ_id_smime_aa,10L
-
-#define SN_id_smime_aa_encrypKeyPref            "id-smime-aa-encrypKeyPref"
-#define NID_id_smime_aa_encrypKeyPref           222
-#define OBJ_id_smime_aa_encrypKeyPref           OBJ_id_smime_aa,11L
-
-#define SN_id_smime_aa_signingCertificate               "id-smime-aa-signingCertificate"
-#define NID_id_smime_aa_signingCertificate              223
-#define OBJ_id_smime_aa_signingCertificate              OBJ_id_smime_aa,12L
-
-#define SN_id_smime_aa_smimeEncryptCerts                "id-smime-aa-smimeEncryptCerts"
-#define NID_id_smime_aa_smimeEncryptCerts               224
-#define OBJ_id_smime_aa_smimeEncryptCerts               OBJ_id_smime_aa,13L
-
-#define SN_id_smime_aa_timeStampToken           "id-smime-aa-timeStampToken"
-#define NID_id_smime_aa_timeStampToken          225
-#define OBJ_id_smime_aa_timeStampToken          OBJ_id_smime_aa,14L
-
-#define SN_id_smime_aa_ets_sigPolicyId          "id-smime-aa-ets-sigPolicyId"
-#define NID_id_smime_aa_ets_sigPolicyId         226
-#define OBJ_id_smime_aa_ets_sigPolicyId         OBJ_id_smime_aa,15L
-
-#define SN_id_smime_aa_ets_commitmentType               "id-smime-aa-ets-commitmentType"
-#define NID_id_smime_aa_ets_commitmentType              227
-#define OBJ_id_smime_aa_ets_commitmentType              OBJ_id_smime_aa,16L
-
-#define SN_id_smime_aa_ets_signerLocation               "id-smime-aa-ets-signerLocation"
-#define NID_id_smime_aa_ets_signerLocation              228
-#define OBJ_id_smime_aa_ets_signerLocation              OBJ_id_smime_aa,17L
-
-#define SN_id_smime_aa_ets_signerAttr           "id-smime-aa-ets-signerAttr"
-#define NID_id_smime_aa_ets_signerAttr          229
-#define OBJ_id_smime_aa_ets_signerAttr          OBJ_id_smime_aa,18L
-
-#define SN_id_smime_aa_ets_otherSigCert         "id-smime-aa-ets-otherSigCert"
-#define NID_id_smime_aa_ets_otherSigCert                230
-#define OBJ_id_smime_aa_ets_otherSigCert                OBJ_id_smime_aa,19L
-
-#define SN_id_smime_aa_ets_contentTimestamp             "id-smime-aa-ets-contentTimestamp"
-#define NID_id_smime_aa_ets_contentTimestamp            231
-#define OBJ_id_smime_aa_ets_contentTimestamp            OBJ_id_smime_aa,20L
-
-#define SN_id_smime_aa_ets_CertificateRefs              "id-smime-aa-ets-CertificateRefs"
-#define NID_id_smime_aa_ets_CertificateRefs             232
-#define OBJ_id_smime_aa_ets_CertificateRefs             OBJ_id_smime_aa,21L
-
-#define SN_id_smime_aa_ets_RevocationRefs               "id-smime-aa-ets-RevocationRefs"
-#define NID_id_smime_aa_ets_RevocationRefs              233
-#define OBJ_id_smime_aa_ets_RevocationRefs              OBJ_id_smime_aa,22L
-
-#define SN_id_smime_aa_ets_certValues           "id-smime-aa-ets-certValues"
-#define NID_id_smime_aa_ets_certValues          234
-#define OBJ_id_smime_aa_ets_certValues          OBJ_id_smime_aa,23L
-
-#define SN_id_smime_aa_ets_revocationValues             "id-smime-aa-ets-revocationValues"
-#define NID_id_smime_aa_ets_revocationValues            235
-#define OBJ_id_smime_aa_ets_revocationValues            OBJ_id_smime_aa,24L
-
-#define SN_id_smime_aa_ets_escTimeStamp         "id-smime-aa-ets-escTimeStamp"
-#define NID_id_smime_aa_ets_escTimeStamp                236
-#define OBJ_id_smime_aa_ets_escTimeStamp                OBJ_id_smime_aa,25L
-
-#define SN_id_smime_aa_ets_certCRLTimestamp             "id-smime-aa-ets-certCRLTimestamp"
-#define NID_id_smime_aa_ets_certCRLTimestamp            237
-#define OBJ_id_smime_aa_ets_certCRLTimestamp            OBJ_id_smime_aa,26L
-
-#define SN_id_smime_aa_ets_archiveTimeStamp             "id-smime-aa-ets-archiveTimeStamp"
-#define NID_id_smime_aa_ets_archiveTimeStamp            238
-#define OBJ_id_smime_aa_ets_archiveTimeStamp            OBJ_id_smime_aa,27L
-
-#define SN_id_smime_aa_signatureType            "id-smime-aa-signatureType"
-#define NID_id_smime_aa_signatureType           239
-#define OBJ_id_smime_aa_signatureType           OBJ_id_smime_aa,28L
-
-#define SN_id_smime_aa_dvcs_dvc         "id-smime-aa-dvcs-dvc"
-#define NID_id_smime_aa_dvcs_dvc                240
-#define OBJ_id_smime_aa_dvcs_dvc                OBJ_id_smime_aa,29L
-
-#define SN_id_smime_alg_ESDHwith3DES            "id-smime-alg-ESDHwith3DES"
-#define NID_id_smime_alg_ESDHwith3DES           241
-#define OBJ_id_smime_alg_ESDHwith3DES           OBJ_id_smime_alg,1L
-
-#define SN_id_smime_alg_ESDHwithRC2             "id-smime-alg-ESDHwithRC2"
-#define NID_id_smime_alg_ESDHwithRC2            242
-#define OBJ_id_smime_alg_ESDHwithRC2            OBJ_id_smime_alg,2L
-
-#define SN_id_smime_alg_3DESwrap                "id-smime-alg-3DESwrap"
-#define NID_id_smime_alg_3DESwrap               243
-#define OBJ_id_smime_alg_3DESwrap               OBJ_id_smime_alg,3L
-
-#define SN_id_smime_alg_RC2wrap         "id-smime-alg-RC2wrap"
-#define NID_id_smime_alg_RC2wrap                244
-#define OBJ_id_smime_alg_RC2wrap                OBJ_id_smime_alg,4L
-
-#define SN_id_smime_alg_ESDH            "id-smime-alg-ESDH"
-#define NID_id_smime_alg_ESDH           245
-#define OBJ_id_smime_alg_ESDH           OBJ_id_smime_alg,5L
-
-#define SN_id_smime_alg_CMS3DESwrap             "id-smime-alg-CMS3DESwrap"
-#define NID_id_smime_alg_CMS3DESwrap            246
-#define OBJ_id_smime_alg_CMS3DESwrap            OBJ_id_smime_alg,6L
-
-#define SN_id_smime_alg_CMSRC2wrap              "id-smime-alg-CMSRC2wrap"
-#define NID_id_smime_alg_CMSRC2wrap             247
-#define OBJ_id_smime_alg_CMSRC2wrap             OBJ_id_smime_alg,7L
-
-#define SN_id_smime_cd_ldap             "id-smime-cd-ldap"
-#define NID_id_smime_cd_ldap            248
-#define OBJ_id_smime_cd_ldap            OBJ_id_smime_cd,1L
-
-#define SN_id_smime_spq_ets_sqt_uri             "id-smime-spq-ets-sqt-uri"
-#define NID_id_smime_spq_ets_sqt_uri            249
-#define OBJ_id_smime_spq_ets_sqt_uri            OBJ_id_smime_spq,1L
-
-#define SN_id_smime_spq_ets_sqt_unotice         "id-smime-spq-ets-sqt-unotice"
-#define NID_id_smime_spq_ets_sqt_unotice                250
-#define OBJ_id_smime_spq_ets_sqt_unotice                OBJ_id_smime_spq,2L
-
-#define SN_id_smime_cti_ets_proofOfOrigin               "id-smime-cti-ets-proofOfOrigin"
-#define NID_id_smime_cti_ets_proofOfOrigin              251
-#define OBJ_id_smime_cti_ets_proofOfOrigin              OBJ_id_smime_cti,1L
-
-#define SN_id_smime_cti_ets_proofOfReceipt              "id-smime-cti-ets-proofOfReceipt"
-#define NID_id_smime_cti_ets_proofOfReceipt             252
-#define OBJ_id_smime_cti_ets_proofOfReceipt             OBJ_id_smime_cti,2L
-
-#define SN_id_smime_cti_ets_proofOfDelivery             "id-smime-cti-ets-proofOfDelivery"
-#define NID_id_smime_cti_ets_proofOfDelivery            253
-#define OBJ_id_smime_cti_ets_proofOfDelivery            OBJ_id_smime_cti,3L
-
-#define SN_id_smime_cti_ets_proofOfSender               "id-smime-cti-ets-proofOfSender"
-#define NID_id_smime_cti_ets_proofOfSender              254
-#define OBJ_id_smime_cti_ets_proofOfSender              OBJ_id_smime_cti,4L
-
-#define SN_id_smime_cti_ets_proofOfApproval             "id-smime-cti-ets-proofOfApproval"
-#define NID_id_smime_cti_ets_proofOfApproval            255
-#define OBJ_id_smime_cti_ets_proofOfApproval            OBJ_id_smime_cti,5L
-
-#define SN_id_smime_cti_ets_proofOfCreation             "id-smime-cti-ets-proofOfCreation"
-#define NID_id_smime_cti_ets_proofOfCreation            256
-#define OBJ_id_smime_cti_ets_proofOfCreation            OBJ_id_smime_cti,6L
-
-#define LN_friendlyName         "friendlyName"
-#define NID_friendlyName                156
-#define OBJ_friendlyName                OBJ_pkcs9,20L
-
-#define LN_localKeyID           "localKeyID"
-#define NID_localKeyID          157
-#define OBJ_localKeyID          OBJ_pkcs9,21L
-
-#define SN_ms_csp_name          "CSPName"
-#define LN_ms_csp_name          "Microsoft CSP Name"
-#define NID_ms_csp_name         417
-#define OBJ_ms_csp_name         1L,3L,6L,1L,4L,1L,311L,17L,1L
-
-#define OBJ_certTypes           OBJ_pkcs9,22L
-
-#define LN_x509Certificate              "x509Certificate"
-#define NID_x509Certificate             158
-#define OBJ_x509Certificate             OBJ_certTypes,1L
-
-#define LN_sdsiCertificate              "sdsiCertificate"
-#define NID_sdsiCertificate             159
-#define OBJ_sdsiCertificate             OBJ_certTypes,2L
-
-#define OBJ_crlTypes            OBJ_pkcs9,23L
-
-#define LN_x509Crl              "x509Crl"
-#define NID_x509Crl             160
-#define OBJ_x509Crl             OBJ_crlTypes,1L
-
-#define OBJ_pkcs12              OBJ_pkcs,12L
-
-#define OBJ_pkcs12_pbeids               OBJ_pkcs12,1L
-
-#define SN_pbe_WithSHA1And128BitRC4             "PBE-SHA1-RC4-128"
-#define LN_pbe_WithSHA1And128BitRC4             "pbeWithSHA1And128BitRC4"
-#define NID_pbe_WithSHA1And128BitRC4            144
-#define OBJ_pbe_WithSHA1And128BitRC4            OBJ_pkcs12_pbeids,1L
-
-#define SN_pbe_WithSHA1And40BitRC4              "PBE-SHA1-RC4-40"
-#define LN_pbe_WithSHA1And40BitRC4              "pbeWithSHA1And40BitRC4"
-#define NID_pbe_WithSHA1And40BitRC4             145
-#define OBJ_pbe_WithSHA1And40BitRC4             OBJ_pkcs12_pbeids,2L
-
-#define SN_pbe_WithSHA1And3_Key_TripleDES_CBC           "PBE-SHA1-3DES"
-#define LN_pbe_WithSHA1And3_Key_TripleDES_CBC           "pbeWithSHA1And3-KeyTripleDES-CBC"
-#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC          146
-#define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC          OBJ_pkcs12_pbeids,3L
-
-#define SN_pbe_WithSHA1And2_Key_TripleDES_CBC           "PBE-SHA1-2DES"
-#define LN_pbe_WithSHA1And2_Key_TripleDES_CBC           "pbeWithSHA1And2-KeyTripleDES-CBC"
-#define NID_pbe_WithSHA1And2_Key_TripleDES_CBC          147
-#define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC          OBJ_pkcs12_pbeids,4L
-
-#define SN_pbe_WithSHA1And128BitRC2_CBC         "PBE-SHA1-RC2-128"
-#define LN_pbe_WithSHA1And128BitRC2_CBC         "pbeWithSHA1And128BitRC2-CBC"
-#define NID_pbe_WithSHA1And128BitRC2_CBC                148
-#define OBJ_pbe_WithSHA1And128BitRC2_CBC                OBJ_pkcs12_pbeids,5L
-
-#define SN_pbe_WithSHA1And40BitRC2_CBC          "PBE-SHA1-RC2-40"
-#define LN_pbe_WithSHA1And40BitRC2_CBC          "pbeWithSHA1And40BitRC2-CBC"
-#define NID_pbe_WithSHA1And40BitRC2_CBC         149
-#define OBJ_pbe_WithSHA1And40BitRC2_CBC         OBJ_pkcs12_pbeids,6L
-
-#define OBJ_pkcs12_Version1             OBJ_pkcs12,10L
-
-#define OBJ_pkcs12_BagIds               OBJ_pkcs12_Version1,1L
-
-#define LN_keyBag               "keyBag"
-#define NID_keyBag              150
-#define OBJ_keyBag              OBJ_pkcs12_BagIds,1L
-
-#define LN_pkcs8ShroudedKeyBag          "pkcs8ShroudedKeyBag"
-#define NID_pkcs8ShroudedKeyBag         151
-#define OBJ_pkcs8ShroudedKeyBag         OBJ_pkcs12_BagIds,2L
-
-#define LN_certBag              "certBag"
-#define NID_certBag             152
-#define OBJ_certBag             OBJ_pkcs12_BagIds,3L
-
-#define LN_crlBag               "crlBag"
-#define NID_crlBag              153
-#define OBJ_crlBag              OBJ_pkcs12_BagIds,4L
-
-#define LN_secretBag            "secretBag"
-#define NID_secretBag           154
-#define OBJ_secretBag           OBJ_pkcs12_BagIds,5L
-
-#define LN_safeContentsBag              "safeContentsBag"
-#define NID_safeContentsBag             155
-#define OBJ_safeContentsBag             OBJ_pkcs12_BagIds,6L
-
-#define SN_md2          "MD2"
-#define LN_md2          "md2"
-#define NID_md2         3
-#define OBJ_md2         OBJ_rsadsi,2L,2L
-
-#define SN_md4          "MD4"
-#define LN_md4          "md4"
-#define NID_md4         257
-#define OBJ_md4         OBJ_rsadsi,2L,4L
-
-#define SN_md5          "MD5"
-#define LN_md5          "md5"
-#define NID_md5         4
-#define OBJ_md5         OBJ_rsadsi,2L,5L
-
-#define SN_md5_sha1             "MD5-SHA1"
-#define LN_md5_sha1             "md5-sha1"
-#define NID_md5_sha1            114
-
-#define LN_hmacWithSHA1         "hmacWithSHA1"
-#define NID_hmacWithSHA1                163
-#define OBJ_hmacWithSHA1                OBJ_rsadsi,2L,7L
-
-#define SN_rc2_cbc              "RC2-CBC"
-#define LN_rc2_cbc              "rc2-cbc"
-#define NID_rc2_cbc             37
-#define OBJ_rc2_cbc             OBJ_rsadsi,3L,2L
-
-#define SN_rc2_ecb              "RC2-ECB"
-#define LN_rc2_ecb              "rc2-ecb"
-#define NID_rc2_ecb             38
-
-#define SN_rc2_cfb64            "RC2-CFB"
-#define LN_rc2_cfb64            "rc2-cfb"
-#define NID_rc2_cfb64           39
-
-#define SN_rc2_ofb64            "RC2-OFB"
-#define LN_rc2_ofb64            "rc2-ofb"
-#define NID_rc2_ofb64           40
-
-#define SN_rc2_40_cbc           "RC2-40-CBC"
-#define LN_rc2_40_cbc           "rc2-40-cbc"
-#define NID_rc2_40_cbc          98
-
-#define SN_rc2_64_cbc           "RC2-64-CBC"
-#define LN_rc2_64_cbc           "rc2-64-cbc"
-#define NID_rc2_64_cbc          166
-
-#define SN_rc4          "RC4"
-#define LN_rc4          "rc4"
-#define NID_rc4         5
-#define OBJ_rc4         OBJ_rsadsi,3L,4L
-
-#define SN_rc4_40               "RC4-40"
-#define LN_rc4_40               "rc4-40"
-#define NID_rc4_40              97
-
-#define SN_des_ede3_cbc         "DES-EDE3-CBC"
-#define LN_des_ede3_cbc         "des-ede3-cbc"
-#define NID_des_ede3_cbc                44
-#define OBJ_des_ede3_cbc                OBJ_rsadsi,3L,7L
-
-#define SN_rc5_cbc              "RC5-CBC"
-#define LN_rc5_cbc              "rc5-cbc"
-#define NID_rc5_cbc             120
-#define OBJ_rc5_cbc             OBJ_rsadsi,3L,8L
-
-#define SN_rc5_ecb              "RC5-ECB"
-#define LN_rc5_ecb              "rc5-ecb"
-#define NID_rc5_ecb             121
-
-#define SN_rc5_cfb64            "RC5-CFB"
-#define LN_rc5_cfb64            "rc5-cfb"
-#define NID_rc5_cfb64           122
-
-#define SN_rc5_ofb64            "RC5-OFB"
-#define LN_rc5_ofb64            "rc5-ofb"
-#define NID_rc5_ofb64           123
-
-#define SN_ms_ext_req           "msExtReq"
-#define LN_ms_ext_req           "Microsoft Extension Request"
-#define NID_ms_ext_req          171
-#define OBJ_ms_ext_req          1L,3L,6L,1L,4L,1L,311L,2L,1L,14L
-
-#define SN_ms_code_ind          "msCodeInd"
-#define LN_ms_code_ind          "Microsoft Individual Code Signing"
-#define NID_ms_code_ind         134
-#define OBJ_ms_code_ind         1L,3L,6L,1L,4L,1L,311L,2L,1L,21L
-
-#define SN_ms_code_com          "msCodeCom"
-#define LN_ms_code_com          "Microsoft Commercial Code Signing"
-#define NID_ms_code_com         135
-#define OBJ_ms_code_com         1L,3L,6L,1L,4L,1L,311L,2L,1L,22L
-
-#define SN_ms_ctl_sign          "msCTLSign"
-#define LN_ms_ctl_sign          "Microsoft Trust List Signing"
-#define NID_ms_ctl_sign         136
-#define OBJ_ms_ctl_sign         1L,3L,6L,1L,4L,1L,311L,10L,3L,1L
-
-#define SN_ms_sgc               "msSGC"
-#define LN_ms_sgc               "Microsoft Server Gated Crypto"
-#define NID_ms_sgc              137
-#define OBJ_ms_sgc              1L,3L,6L,1L,4L,1L,311L,10L,3L,3L
-
-#define SN_ms_efs               "msEFS"
-#define LN_ms_efs               "Microsoft Encrypted File System"
-#define NID_ms_efs              138
-#define OBJ_ms_efs              1L,3L,6L,1L,4L,1L,311L,10L,3L,4L
-
-#define SN_ms_smartcard_login           "msSmartcardLogin"
-#define LN_ms_smartcard_login           "Microsoft Smartcardlogin"
-#define NID_ms_smartcard_login          648
-#define OBJ_ms_smartcard_login          1L,3L,6L,1L,4L,1L,311L,20L,2L,2L
-
-#define SN_ms_upn               "msUPN"
-#define LN_ms_upn               "Microsoft Universal Principal Name"
-#define NID_ms_upn              649
-#define OBJ_ms_upn              1L,3L,6L,1L,4L,1L,311L,20L,2L,3L
-
-#define SN_idea_cbc             "IDEA-CBC"
-#define LN_idea_cbc             "idea-cbc"
-#define NID_idea_cbc            34
-#define OBJ_idea_cbc            1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L
-
-#define SN_idea_ecb             "IDEA-ECB"
-#define LN_idea_ecb             "idea-ecb"
-#define NID_idea_ecb            36
-
-#define SN_idea_cfb64           "IDEA-CFB"
-#define LN_idea_cfb64           "idea-cfb"
-#define NID_idea_cfb64          35
-
-#define SN_idea_ofb64           "IDEA-OFB"
-#define LN_idea_ofb64           "idea-ofb"
-#define NID_idea_ofb64          46
-
-#define SN_bf_cbc               "BF-CBC"
-#define LN_bf_cbc               "bf-cbc"
-#define NID_bf_cbc              91
-#define OBJ_bf_cbc              1L,3L,6L,1L,4L,1L,3029L,1L,2L
-
-#define SN_bf_ecb               "BF-ECB"
-#define LN_bf_ecb               "bf-ecb"
-#define NID_bf_ecb              92
-
-#define SN_bf_cfb64             "BF-CFB"
-#define LN_bf_cfb64             "bf-cfb"
-#define NID_bf_cfb64            93
-
-#define SN_bf_ofb64             "BF-OFB"
-#define LN_bf_ofb64             "bf-ofb"
-#define NID_bf_ofb64            94
-
-#define SN_id_pkix              "PKIX"
-#define NID_id_pkix             127
-#define OBJ_id_pkix             1L,3L,6L,1L,5L,5L,7L
-
-#define SN_id_pkix_mod          "id-pkix-mod"
-#define NID_id_pkix_mod         258
-#define OBJ_id_pkix_mod         OBJ_id_pkix,0L
-
-#define SN_id_pe                "id-pe"
-#define NID_id_pe               175
-#define OBJ_id_pe               OBJ_id_pkix,1L
-
-#define SN_id_qt                "id-qt"
-#define NID_id_qt               259
-#define OBJ_id_qt               OBJ_id_pkix,2L
-
-#define SN_id_kp                "id-kp"
-#define NID_id_kp               128
-#define OBJ_id_kp               OBJ_id_pkix,3L
-
-#define SN_id_it                "id-it"
-#define NID_id_it               260
-#define OBJ_id_it               OBJ_id_pkix,4L
-
-#define SN_id_pkip              "id-pkip"
-#define NID_id_pkip             261
-#define OBJ_id_pkip             OBJ_id_pkix,5L
-
-#define SN_id_alg               "id-alg"
-#define NID_id_alg              262
-#define OBJ_id_alg              OBJ_id_pkix,6L
-
-#define SN_id_cmc               "id-cmc"
-#define NID_id_cmc              263
-#define OBJ_id_cmc              OBJ_id_pkix,7L
-
-#define SN_id_on                "id-on"
-#define NID_id_on               264
-#define OBJ_id_on               OBJ_id_pkix,8L
-
-#define SN_id_pda               "id-pda"
-#define NID_id_pda              265
-#define OBJ_id_pda              OBJ_id_pkix,9L
-
-#define SN_id_aca               "id-aca"
-#define NID_id_aca              266
-#define OBJ_id_aca              OBJ_id_pkix,10L
-
-#define SN_id_qcs               "id-qcs"
-#define NID_id_qcs              267
-#define OBJ_id_qcs              OBJ_id_pkix,11L
-
-#define SN_id_cct               "id-cct"
-#define NID_id_cct              268
-#define OBJ_id_cct              OBJ_id_pkix,12L
-
-#define SN_id_ppl               "id-ppl"
-#define NID_id_ppl              662
-#define OBJ_id_ppl              OBJ_id_pkix,21L
-
-#define SN_id_ad                "id-ad"
-#define NID_id_ad               176
-#define OBJ_id_ad               OBJ_id_pkix,48L
-
-#define SN_id_pkix1_explicit_88         "id-pkix1-explicit-88"
-#define NID_id_pkix1_explicit_88                269
-#define OBJ_id_pkix1_explicit_88                OBJ_id_pkix_mod,1L
-
-#define SN_id_pkix1_implicit_88         "id-pkix1-implicit-88"
-#define NID_id_pkix1_implicit_88                270
-#define OBJ_id_pkix1_implicit_88                OBJ_id_pkix_mod,2L
-
-#define SN_id_pkix1_explicit_93         "id-pkix1-explicit-93"
-#define NID_id_pkix1_explicit_93                271
-#define OBJ_id_pkix1_explicit_93                OBJ_id_pkix_mod,3L
-
-#define SN_id_pkix1_implicit_93         "id-pkix1-implicit-93"
-#define NID_id_pkix1_implicit_93                272
-#define OBJ_id_pkix1_implicit_93                OBJ_id_pkix_mod,4L
-
-#define SN_id_mod_crmf          "id-mod-crmf"
-#define NID_id_mod_crmf         273
-#define OBJ_id_mod_crmf         OBJ_id_pkix_mod,5L
-
-#define SN_id_mod_cmc           "id-mod-cmc"
-#define NID_id_mod_cmc          274
-#define OBJ_id_mod_cmc          OBJ_id_pkix_mod,6L
-
-#define SN_id_mod_kea_profile_88                "id-mod-kea-profile-88"
-#define NID_id_mod_kea_profile_88               275
-#define OBJ_id_mod_kea_profile_88               OBJ_id_pkix_mod,7L
-
-#define SN_id_mod_kea_profile_93                "id-mod-kea-profile-93"
-#define NID_id_mod_kea_profile_93               276
-#define OBJ_id_mod_kea_profile_93               OBJ_id_pkix_mod,8L
-
-#define SN_id_mod_cmp           "id-mod-cmp"
-#define NID_id_mod_cmp          277
-#define OBJ_id_mod_cmp          OBJ_id_pkix_mod,9L
-
-#define SN_id_mod_qualified_cert_88             "id-mod-qualified-cert-88"
-#define NID_id_mod_qualified_cert_88            278
-#define OBJ_id_mod_qualified_cert_88            OBJ_id_pkix_mod,10L
-
-#define SN_id_mod_qualified_cert_93             "id-mod-qualified-cert-93"
-#define NID_id_mod_qualified_cert_93            279
-#define OBJ_id_mod_qualified_cert_93            OBJ_id_pkix_mod,11L
-
-#define SN_id_mod_attribute_cert                "id-mod-attribute-cert"
-#define NID_id_mod_attribute_cert               280
-#define OBJ_id_mod_attribute_cert               OBJ_id_pkix_mod,12L
-
-#define SN_id_mod_timestamp_protocol            "id-mod-timestamp-protocol"
-#define NID_id_mod_timestamp_protocol           281
-#define OBJ_id_mod_timestamp_protocol           OBJ_id_pkix_mod,13L
-
-#define SN_id_mod_ocsp          "id-mod-ocsp"
-#define NID_id_mod_ocsp         282
-#define OBJ_id_mod_ocsp         OBJ_id_pkix_mod,14L
-
-#define SN_id_mod_dvcs          "id-mod-dvcs"
-#define NID_id_mod_dvcs         283
-#define OBJ_id_mod_dvcs         OBJ_id_pkix_mod,15L
-
-#define SN_id_mod_cmp2000               "id-mod-cmp2000"
-#define NID_id_mod_cmp2000              284
-#define OBJ_id_mod_cmp2000              OBJ_id_pkix_mod,16L
-
-#define SN_info_access          "authorityInfoAccess"
-#define LN_info_access          "Authority Information Access"
-#define NID_info_access         177
-#define OBJ_info_access         OBJ_id_pe,1L
-
-#define SN_biometricInfo                "biometricInfo"
-#define LN_biometricInfo                "Biometric Info"
-#define NID_biometricInfo               285
-#define OBJ_biometricInfo               OBJ_id_pe,2L
-
-#define SN_qcStatements         "qcStatements"
-#define NID_qcStatements                286
-#define OBJ_qcStatements                OBJ_id_pe,3L
-
-#define SN_ac_auditEntity               "ac-auditEntity"
-#define NID_ac_auditEntity              287
-#define OBJ_ac_auditEntity              OBJ_id_pe,4L
-
-#define SN_ac_targeting         "ac-targeting"
-#define NID_ac_targeting                288
-#define OBJ_ac_targeting                OBJ_id_pe,5L
-
-#define SN_aaControls           "aaControls"
-#define NID_aaControls          289
-#define OBJ_aaControls          OBJ_id_pe,6L
-
-#define SN_sbgp_ipAddrBlock             "sbgp-ipAddrBlock"
-#define NID_sbgp_ipAddrBlock            290
-#define OBJ_sbgp_ipAddrBlock            OBJ_id_pe,7L
-
-#define SN_sbgp_autonomousSysNum                "sbgp-autonomousSysNum"
-#define NID_sbgp_autonomousSysNum               291
-#define OBJ_sbgp_autonomousSysNum               OBJ_id_pe,8L
-
-#define SN_sbgp_routerIdentifier                "sbgp-routerIdentifier"
-#define NID_sbgp_routerIdentifier               292
-#define OBJ_sbgp_routerIdentifier               OBJ_id_pe,9L
-
-#define SN_ac_proxying          "ac-proxying"
-#define NID_ac_proxying         397
-#define OBJ_ac_proxying         OBJ_id_pe,10L
-
-#define SN_sinfo_access         "subjectInfoAccess"
-#define LN_sinfo_access         "Subject Information Access"
-#define NID_sinfo_access                398
-#define OBJ_sinfo_access                OBJ_id_pe,11L
-
-#define SN_proxyCertInfo                "proxyCertInfo"
-#define LN_proxyCertInfo                "Proxy Certificate Information"
-#define NID_proxyCertInfo               663
-#define OBJ_proxyCertInfo               OBJ_id_pe,14L
-
-#define SN_id_qt_cps            "id-qt-cps"
-#define LN_id_qt_cps            "Policy Qualifier CPS"
-#define NID_id_qt_cps           164
-#define OBJ_id_qt_cps           OBJ_id_qt,1L
-
-#define SN_id_qt_unotice                "id-qt-unotice"
-#define LN_id_qt_unotice                "Policy Qualifier User Notice"
-#define NID_id_qt_unotice               165
-#define OBJ_id_qt_unotice               OBJ_id_qt,2L
-
-#define SN_textNotice           "textNotice"
-#define NID_textNotice          293
-#define OBJ_textNotice          OBJ_id_qt,3L
-
-#define SN_server_auth          "serverAuth"
-#define LN_server_auth          "TLS Web Server Authentication"
-#define NID_server_auth         129
-#define OBJ_server_auth         OBJ_id_kp,1L
-
-#define SN_client_auth          "clientAuth"
-#define LN_client_auth          "TLS Web Client Authentication"
-#define NID_client_auth         130
-#define OBJ_client_auth         OBJ_id_kp,2L
-
-#define SN_code_sign            "codeSigning"
-#define LN_code_sign            "Code Signing"
-#define NID_code_sign           131
-#define OBJ_code_sign           OBJ_id_kp,3L
-
-#define SN_email_protect                "emailProtection"
-#define LN_email_protect                "E-mail Protection"
-#define NID_email_protect               132
-#define OBJ_email_protect               OBJ_id_kp,4L
-
-#define SN_ipsecEndSystem               "ipsecEndSystem"
-#define LN_ipsecEndSystem               "IPSec End System"
-#define NID_ipsecEndSystem              294
-#define OBJ_ipsecEndSystem              OBJ_id_kp,5L
-
-#define SN_ipsecTunnel          "ipsecTunnel"
-#define LN_ipsecTunnel          "IPSec Tunnel"
-#define NID_ipsecTunnel         295
-#define OBJ_ipsecTunnel         OBJ_id_kp,6L
-
-#define SN_ipsecUser            "ipsecUser"
-#define LN_ipsecUser            "IPSec User"
-#define NID_ipsecUser           296
-#define OBJ_ipsecUser           OBJ_id_kp,7L
-
-#define SN_time_stamp           "timeStamping"
-#define LN_time_stamp           "Time Stamping"
-#define NID_time_stamp          133
-#define OBJ_time_stamp          OBJ_id_kp,8L
-
-#define SN_OCSP_sign            "OCSPSigning"
-#define LN_OCSP_sign            "OCSP Signing"
-#define NID_OCSP_sign           180
-#define OBJ_OCSP_sign           OBJ_id_kp,9L
-
-#define SN_dvcs         "DVCS"
-#define LN_dvcs         "dvcs"
-#define NID_dvcs                297
-#define OBJ_dvcs                OBJ_id_kp,10L
-
-#define SN_id_it_caProtEncCert          "id-it-caProtEncCert"
-#define NID_id_it_caProtEncCert         298
-#define OBJ_id_it_caProtEncCert         OBJ_id_it,1L
-
-#define SN_id_it_signKeyPairTypes               "id-it-signKeyPairTypes"
-#define NID_id_it_signKeyPairTypes              299
-#define OBJ_id_it_signKeyPairTypes              OBJ_id_it,2L
-
-#define SN_id_it_encKeyPairTypes                "id-it-encKeyPairTypes"
-#define NID_id_it_encKeyPairTypes               300
-#define OBJ_id_it_encKeyPairTypes               OBJ_id_it,3L
-
-#define SN_id_it_preferredSymmAlg               "id-it-preferredSymmAlg"
-#define NID_id_it_preferredSymmAlg              301
-#define OBJ_id_it_preferredSymmAlg              OBJ_id_it,4L
-
-#define SN_id_it_caKeyUpdateInfo                "id-it-caKeyUpdateInfo"
-#define NID_id_it_caKeyUpdateInfo               302
-#define OBJ_id_it_caKeyUpdateInfo               OBJ_id_it,5L
-
-#define SN_id_it_currentCRL             "id-it-currentCRL"
-#define NID_id_it_currentCRL            303
-#define OBJ_id_it_currentCRL            OBJ_id_it,6L
-
-#define SN_id_it_unsupportedOIDs                "id-it-unsupportedOIDs"
-#define NID_id_it_unsupportedOIDs               304
-#define OBJ_id_it_unsupportedOIDs               OBJ_id_it,7L
-
-#define SN_id_it_subscriptionRequest            "id-it-subscriptionRequest"
-#define NID_id_it_subscriptionRequest           305
-#define OBJ_id_it_subscriptionRequest           OBJ_id_it,8L
-
-#define SN_id_it_subscriptionResponse           "id-it-subscriptionResponse"
-#define NID_id_it_subscriptionResponse          306
-#define OBJ_id_it_subscriptionResponse          OBJ_id_it,9L
-
-#define SN_id_it_keyPairParamReq                "id-it-keyPairParamReq"
-#define NID_id_it_keyPairParamReq               307
-#define OBJ_id_it_keyPairParamReq               OBJ_id_it,10L
-
-#define SN_id_it_keyPairParamRep                "id-it-keyPairParamRep"
-#define NID_id_it_keyPairParamRep               308
-#define OBJ_id_it_keyPairParamRep               OBJ_id_it,11L
-
-#define SN_id_it_revPassphrase          "id-it-revPassphrase"
-#define NID_id_it_revPassphrase         309
-#define OBJ_id_it_revPassphrase         OBJ_id_it,12L
-
-#define SN_id_it_implicitConfirm                "id-it-implicitConfirm"
-#define NID_id_it_implicitConfirm               310
-#define OBJ_id_it_implicitConfirm               OBJ_id_it,13L
-
-#define SN_id_it_confirmWaitTime                "id-it-confirmWaitTime"
-#define NID_id_it_confirmWaitTime               311
-#define OBJ_id_it_confirmWaitTime               OBJ_id_it,14L
-
-#define SN_id_it_origPKIMessage         "id-it-origPKIMessage"
-#define NID_id_it_origPKIMessage                312
-#define OBJ_id_it_origPKIMessage                OBJ_id_it,15L
-
-#define SN_id_regCtrl           "id-regCtrl"
-#define NID_id_regCtrl          313
-#define OBJ_id_regCtrl          OBJ_id_pkip,1L
-
-#define SN_id_regInfo           "id-regInfo"
-#define NID_id_regInfo          314
-#define OBJ_id_regInfo          OBJ_id_pkip,2L
-
-#define SN_id_regCtrl_regToken          "id-regCtrl-regToken"
-#define NID_id_regCtrl_regToken         315
-#define OBJ_id_regCtrl_regToken         OBJ_id_regCtrl,1L
-
-#define SN_id_regCtrl_authenticator             "id-regCtrl-authenticator"
-#define NID_id_regCtrl_authenticator            316
-#define OBJ_id_regCtrl_authenticator            OBJ_id_regCtrl,2L
-
-#define SN_id_regCtrl_pkiPublicationInfo                "id-regCtrl-pkiPublicationInfo"
-#define NID_id_regCtrl_pkiPublicationInfo               317
-#define OBJ_id_regCtrl_pkiPublicationInfo               OBJ_id_regCtrl,3L
-
-#define SN_id_regCtrl_pkiArchiveOptions         "id-regCtrl-pkiArchiveOptions"
-#define NID_id_regCtrl_pkiArchiveOptions                318
-#define OBJ_id_regCtrl_pkiArchiveOptions                OBJ_id_regCtrl,4L
-
-#define SN_id_regCtrl_oldCertID         "id-regCtrl-oldCertID"
-#define NID_id_regCtrl_oldCertID                319
-#define OBJ_id_regCtrl_oldCertID                OBJ_id_regCtrl,5L
-
-#define SN_id_regCtrl_protocolEncrKey           "id-regCtrl-protocolEncrKey"
-#define NID_id_regCtrl_protocolEncrKey          320
-#define OBJ_id_regCtrl_protocolEncrKey          OBJ_id_regCtrl,6L
-
-#define SN_id_regInfo_utf8Pairs         "id-regInfo-utf8Pairs"
-#define NID_id_regInfo_utf8Pairs                321
-#define OBJ_id_regInfo_utf8Pairs                OBJ_id_regInfo,1L
-
-#define SN_id_regInfo_certReq           "id-regInfo-certReq"
-#define NID_id_regInfo_certReq          322
-#define OBJ_id_regInfo_certReq          OBJ_id_regInfo,2L
-
-#define SN_id_alg_des40         "id-alg-des40"
-#define NID_id_alg_des40                323
-#define OBJ_id_alg_des40                OBJ_id_alg,1L
-
-#define SN_id_alg_noSignature           "id-alg-noSignature"
-#define NID_id_alg_noSignature          324
-#define OBJ_id_alg_noSignature          OBJ_id_alg,2L
-
-#define SN_id_alg_dh_sig_hmac_sha1              "id-alg-dh-sig-hmac-sha1"
-#define NID_id_alg_dh_sig_hmac_sha1             325
-#define OBJ_id_alg_dh_sig_hmac_sha1             OBJ_id_alg,3L
-
-#define SN_id_alg_dh_pop                "id-alg-dh-pop"
-#define NID_id_alg_dh_pop               326
-#define OBJ_id_alg_dh_pop               OBJ_id_alg,4L
-
-#define SN_id_cmc_statusInfo            "id-cmc-statusInfo"
-#define NID_id_cmc_statusInfo           327
-#define OBJ_id_cmc_statusInfo           OBJ_id_cmc,1L
-
-#define SN_id_cmc_identification                "id-cmc-identification"
-#define NID_id_cmc_identification               328
-#define OBJ_id_cmc_identification               OBJ_id_cmc,2L
-
-#define SN_id_cmc_identityProof         "id-cmc-identityProof"
-#define NID_id_cmc_identityProof                329
-#define OBJ_id_cmc_identityProof                OBJ_id_cmc,3L
-
-#define SN_id_cmc_dataReturn            "id-cmc-dataReturn"
-#define NID_id_cmc_dataReturn           330
-#define OBJ_id_cmc_dataReturn           OBJ_id_cmc,4L
-
-#define SN_id_cmc_transactionId         "id-cmc-transactionId"
-#define NID_id_cmc_transactionId                331
-#define OBJ_id_cmc_transactionId                OBJ_id_cmc,5L
-
-#define SN_id_cmc_senderNonce           "id-cmc-senderNonce"
-#define NID_id_cmc_senderNonce          332
-#define OBJ_id_cmc_senderNonce          OBJ_id_cmc,6L
-
-#define SN_id_cmc_recipientNonce                "id-cmc-recipientNonce"
-#define NID_id_cmc_recipientNonce               333
-#define OBJ_id_cmc_recipientNonce               OBJ_id_cmc,7L
-
-#define SN_id_cmc_addExtensions         "id-cmc-addExtensions"
-#define NID_id_cmc_addExtensions                334
-#define OBJ_id_cmc_addExtensions                OBJ_id_cmc,8L
-
-#define SN_id_cmc_encryptedPOP          "id-cmc-encryptedPOP"
-#define NID_id_cmc_encryptedPOP         335
-#define OBJ_id_cmc_encryptedPOP         OBJ_id_cmc,9L
-
-#define SN_id_cmc_decryptedPOP          "id-cmc-decryptedPOP"
-#define NID_id_cmc_decryptedPOP         336
-#define OBJ_id_cmc_decryptedPOP         OBJ_id_cmc,10L
-
-#define SN_id_cmc_lraPOPWitness         "id-cmc-lraPOPWitness"
-#define NID_id_cmc_lraPOPWitness                337
-#define OBJ_id_cmc_lraPOPWitness                OBJ_id_cmc,11L
-
-#define SN_id_cmc_getCert               "id-cmc-getCert"
-#define NID_id_cmc_getCert              338
-#define OBJ_id_cmc_getCert              OBJ_id_cmc,15L
-
-#define SN_id_cmc_getCRL                "id-cmc-getCRL"
-#define NID_id_cmc_getCRL               339
-#define OBJ_id_cmc_getCRL               OBJ_id_cmc,16L
-
-#define SN_id_cmc_revokeRequest         "id-cmc-revokeRequest"
-#define NID_id_cmc_revokeRequest                340
-#define OBJ_id_cmc_revokeRequest                OBJ_id_cmc,17L
-
-#define SN_id_cmc_regInfo               "id-cmc-regInfo"
-#define NID_id_cmc_regInfo              341
-#define OBJ_id_cmc_regInfo              OBJ_id_cmc,18L
-
-#define SN_id_cmc_responseInfo          "id-cmc-responseInfo"
-#define NID_id_cmc_responseInfo         342
-#define OBJ_id_cmc_responseInfo         OBJ_id_cmc,19L
-
-#define SN_id_cmc_queryPending          "id-cmc-queryPending"
-#define NID_id_cmc_queryPending         343
-#define OBJ_id_cmc_queryPending         OBJ_id_cmc,21L
-
-#define SN_id_cmc_popLinkRandom         "id-cmc-popLinkRandom"
-#define NID_id_cmc_popLinkRandom                344
-#define OBJ_id_cmc_popLinkRandom                OBJ_id_cmc,22L
-
-#define SN_id_cmc_popLinkWitness                "id-cmc-popLinkWitness"
-#define NID_id_cmc_popLinkWitness               345
-#define OBJ_id_cmc_popLinkWitness               OBJ_id_cmc,23L
-
-#define SN_id_cmc_confirmCertAcceptance         "id-cmc-confirmCertAcceptance"
-#define NID_id_cmc_confirmCertAcceptance                346
-#define OBJ_id_cmc_confirmCertAcceptance                OBJ_id_cmc,24L
-
-#define SN_id_on_personalData           "id-on-personalData"
-#define NID_id_on_personalData          347
-#define OBJ_id_on_personalData          OBJ_id_on,1L
-
-#define SN_id_pda_dateOfBirth           "id-pda-dateOfBirth"
-#define NID_id_pda_dateOfBirth          348
-#define OBJ_id_pda_dateOfBirth          OBJ_id_pda,1L
-
-#define SN_id_pda_placeOfBirth          "id-pda-placeOfBirth"
-#define NID_id_pda_placeOfBirth         349
-#define OBJ_id_pda_placeOfBirth         OBJ_id_pda,2L
-
-#define SN_id_pda_gender                "id-pda-gender"
-#define NID_id_pda_gender               351
-#define OBJ_id_pda_gender               OBJ_id_pda,3L
-
-#define SN_id_pda_countryOfCitizenship          "id-pda-countryOfCitizenship"
-#define NID_id_pda_countryOfCitizenship         352
-#define OBJ_id_pda_countryOfCitizenship         OBJ_id_pda,4L
-
-#define SN_id_pda_countryOfResidence            "id-pda-countryOfResidence"
-#define NID_id_pda_countryOfResidence           353
-#define OBJ_id_pda_countryOfResidence           OBJ_id_pda,5L
-
-#define SN_id_aca_authenticationInfo            "id-aca-authenticationInfo"
-#define NID_id_aca_authenticationInfo           354
-#define OBJ_id_aca_authenticationInfo           OBJ_id_aca,1L
-
-#define SN_id_aca_accessIdentity                "id-aca-accessIdentity"
-#define NID_id_aca_accessIdentity               355
-#define OBJ_id_aca_accessIdentity               OBJ_id_aca,2L
-
-#define SN_id_aca_chargingIdentity              "id-aca-chargingIdentity"
-#define NID_id_aca_chargingIdentity             356
-#define OBJ_id_aca_chargingIdentity             OBJ_id_aca,3L
-
-#define SN_id_aca_group         "id-aca-group"
-#define NID_id_aca_group                357
-#define OBJ_id_aca_group                OBJ_id_aca,4L
-
-#define SN_id_aca_role          "id-aca-role"
-#define NID_id_aca_role         358
-#define OBJ_id_aca_role         OBJ_id_aca,5L
-
-#define SN_id_aca_encAttrs              "id-aca-encAttrs"
-#define NID_id_aca_encAttrs             399
-#define OBJ_id_aca_encAttrs             OBJ_id_aca,6L
-
-#define SN_id_qcs_pkixQCSyntax_v1               "id-qcs-pkixQCSyntax-v1"
-#define NID_id_qcs_pkixQCSyntax_v1              359
-#define OBJ_id_qcs_pkixQCSyntax_v1              OBJ_id_qcs,1L
-
-#define SN_id_cct_crs           "id-cct-crs"
-#define NID_id_cct_crs          360
-#define OBJ_id_cct_crs          OBJ_id_cct,1L
-
-#define SN_id_cct_PKIData               "id-cct-PKIData"
-#define NID_id_cct_PKIData              361
-#define OBJ_id_cct_PKIData              OBJ_id_cct,2L
-
-#define SN_id_cct_PKIResponse           "id-cct-PKIResponse"
-#define NID_id_cct_PKIResponse          362
-#define OBJ_id_cct_PKIResponse          OBJ_id_cct,3L
-
-#define SN_id_ppl_anyLanguage           "id-ppl-anyLanguage"
-#define LN_id_ppl_anyLanguage           "Any language"
-#define NID_id_ppl_anyLanguage          664
-#define OBJ_id_ppl_anyLanguage          OBJ_id_ppl,0L
-
-#define SN_id_ppl_inheritAll            "id-ppl-inheritAll"
-#define LN_id_ppl_inheritAll            "Inherit all"
-#define NID_id_ppl_inheritAll           665
-#define OBJ_id_ppl_inheritAll           OBJ_id_ppl,1L
-
-#define SN_Independent          "id-ppl-independent"
-#define LN_Independent          "Independent"
-#define NID_Independent         667
-#define OBJ_Independent         OBJ_id_ppl,2L
-
-#define SN_ad_OCSP              "OCSP"
-#define LN_ad_OCSP              "OCSP"
-#define NID_ad_OCSP             178
-#define OBJ_ad_OCSP             OBJ_id_ad,1L
-
-#define SN_ad_ca_issuers                "caIssuers"
-#define LN_ad_ca_issuers                "CA Issuers"
-#define NID_ad_ca_issuers               179
-#define OBJ_ad_ca_issuers               OBJ_id_ad,2L
-
-#define SN_ad_timeStamping              "ad_timestamping"
-#define LN_ad_timeStamping              "AD Time Stamping"
-#define NID_ad_timeStamping             363
-#define OBJ_ad_timeStamping             OBJ_id_ad,3L
-
-#define SN_ad_dvcs              "AD_DVCS"
-#define LN_ad_dvcs              "ad dvcs"
-#define NID_ad_dvcs             364
-#define OBJ_ad_dvcs             OBJ_id_ad,4L
-
-#define OBJ_id_pkix_OCSP                OBJ_ad_OCSP
-
-#define SN_id_pkix_OCSP_basic           "basicOCSPResponse"
-#define LN_id_pkix_OCSP_basic           "Basic OCSP Response"
-#define NID_id_pkix_OCSP_basic          365
-#define OBJ_id_pkix_OCSP_basic          OBJ_id_pkix_OCSP,1L
-
-#define SN_id_pkix_OCSP_Nonce           "Nonce"
-#define LN_id_pkix_OCSP_Nonce           "OCSP Nonce"
-#define NID_id_pkix_OCSP_Nonce          366
-#define OBJ_id_pkix_OCSP_Nonce          OBJ_id_pkix_OCSP,2L
-
-#define SN_id_pkix_OCSP_CrlID           "CrlID"
-#define LN_id_pkix_OCSP_CrlID           "OCSP CRL ID"
-#define NID_id_pkix_OCSP_CrlID          367
-#define OBJ_id_pkix_OCSP_CrlID          OBJ_id_pkix_OCSP,3L
-
-#define SN_id_pkix_OCSP_acceptableResponses             "acceptableResponses"
-#define LN_id_pkix_OCSP_acceptableResponses             "Acceptable OCSP Responses"
-#define NID_id_pkix_OCSP_acceptableResponses            368
-#define OBJ_id_pkix_OCSP_acceptableResponses            OBJ_id_pkix_OCSP,4L
-
-#define SN_id_pkix_OCSP_noCheck         "noCheck"
-#define LN_id_pkix_OCSP_noCheck         "OCSP No Check"
-#define NID_id_pkix_OCSP_noCheck                369
-#define OBJ_id_pkix_OCSP_noCheck                OBJ_id_pkix_OCSP,5L
-
-#define SN_id_pkix_OCSP_archiveCutoff           "archiveCutoff"
-#define LN_id_pkix_OCSP_archiveCutoff           "OCSP Archive Cutoff"
-#define NID_id_pkix_OCSP_archiveCutoff          370
-#define OBJ_id_pkix_OCSP_archiveCutoff          OBJ_id_pkix_OCSP,6L
-
-#define SN_id_pkix_OCSP_serviceLocator          "serviceLocator"
-#define LN_id_pkix_OCSP_serviceLocator          "OCSP Service Locator"
-#define NID_id_pkix_OCSP_serviceLocator         371
-#define OBJ_id_pkix_OCSP_serviceLocator         OBJ_id_pkix_OCSP,7L
-
-#define SN_id_pkix_OCSP_extendedStatus          "extendedStatus"
-#define LN_id_pkix_OCSP_extendedStatus          "Extended OCSP Status"
-#define NID_id_pkix_OCSP_extendedStatus         372
-#define OBJ_id_pkix_OCSP_extendedStatus         OBJ_id_pkix_OCSP,8L
-
-#define SN_id_pkix_OCSP_valid           "valid"
-#define NID_id_pkix_OCSP_valid          373
-#define OBJ_id_pkix_OCSP_valid          OBJ_id_pkix_OCSP,9L
-
-#define SN_id_pkix_OCSP_path            "path"
-#define NID_id_pkix_OCSP_path           374
-#define OBJ_id_pkix_OCSP_path           OBJ_id_pkix_OCSP,10L
-
-#define SN_id_pkix_OCSP_trustRoot               "trustRoot"
-#define LN_id_pkix_OCSP_trustRoot               "Trust Root"
-#define NID_id_pkix_OCSP_trustRoot              375
-#define OBJ_id_pkix_OCSP_trustRoot              OBJ_id_pkix_OCSP,11L
-
-#define SN_algorithm            "algorithm"
-#define LN_algorithm            "algorithm"
-#define NID_algorithm           376
-#define OBJ_algorithm           1L,3L,14L,3L,2L
-
-#define SN_md5WithRSA           "RSA-NP-MD5"
-#define LN_md5WithRSA           "md5WithRSA"
-#define NID_md5WithRSA          104
-#define OBJ_md5WithRSA          OBJ_algorithm,3L
-
-#define SN_des_ecb              "DES-ECB"
-#define LN_des_ecb              "des-ecb"
-#define NID_des_ecb             29
-#define OBJ_des_ecb             OBJ_algorithm,6L
-
-#define SN_des_cbc              "DES-CBC"
-#define LN_des_cbc              "des-cbc"
-#define NID_des_cbc             31
-#define OBJ_des_cbc             OBJ_algorithm,7L
-
-#define SN_des_ofb64            "DES-OFB"
-#define LN_des_ofb64            "des-ofb"
-#define NID_des_ofb64           45
-#define OBJ_des_ofb64           OBJ_algorithm,8L
-
-#define SN_des_cfb64            "DES-CFB"
-#define LN_des_cfb64            "des-cfb"
-#define NID_des_cfb64           30
-#define OBJ_des_cfb64           OBJ_algorithm,9L
-
-#define SN_rsaSignature         "rsaSignature"
-#define NID_rsaSignature                377
-#define OBJ_rsaSignature                OBJ_algorithm,11L
-
-#define SN_dsa_2                "DSA-old"
-#define LN_dsa_2                "dsaEncryption-old"
-#define NID_dsa_2               67
-#define OBJ_dsa_2               OBJ_algorithm,12L
-
-#define SN_dsaWithSHA           "DSA-SHA"
-#define LN_dsaWithSHA           "dsaWithSHA"
-#define NID_dsaWithSHA          66
-#define OBJ_dsaWithSHA          OBJ_algorithm,13L
-
-#define SN_shaWithRSAEncryption         "RSA-SHA"
-#define LN_shaWithRSAEncryption         "shaWithRSAEncryption"
-#define NID_shaWithRSAEncryption                42
-#define OBJ_shaWithRSAEncryption                OBJ_algorithm,15L
-
-#define SN_des_ede_ecb          "DES-EDE"
-#define LN_des_ede_ecb          "des-ede"
-#define NID_des_ede_ecb         32
-#define OBJ_des_ede_ecb         OBJ_algorithm,17L
-
-#define SN_des_ede3_ecb         "DES-EDE3"
-#define LN_des_ede3_ecb         "des-ede3"
-#define NID_des_ede3_ecb                33
-
-#define SN_des_ede_cbc          "DES-EDE-CBC"
-#define LN_des_ede_cbc          "des-ede-cbc"
-#define NID_des_ede_cbc         43
-
-#define SN_des_ede_cfb64                "DES-EDE-CFB"
-#define LN_des_ede_cfb64                "des-ede-cfb"
-#define NID_des_ede_cfb64               60
-
-#define SN_des_ede3_cfb64               "DES-EDE3-CFB"
-#define LN_des_ede3_cfb64               "des-ede3-cfb"
-#define NID_des_ede3_cfb64              61
-
-#define SN_des_ede_ofb64                "DES-EDE-OFB"
-#define LN_des_ede_ofb64                "des-ede-ofb"
-#define NID_des_ede_ofb64               62
-
-#define SN_des_ede3_ofb64               "DES-EDE3-OFB"
-#define LN_des_ede3_ofb64               "des-ede3-ofb"
-#define NID_des_ede3_ofb64              63
-
-#define SN_desx_cbc             "DESX-CBC"
-#define LN_desx_cbc             "desx-cbc"
-#define NID_desx_cbc            80
-
-#define SN_sha          "SHA"
-#define LN_sha          "sha"
-#define NID_sha         41
-#define OBJ_sha         OBJ_algorithm,18L
-
-#define SN_sha1         "SHA1"
-#define LN_sha1         "sha1"
-#define NID_sha1                64
-#define OBJ_sha1                OBJ_algorithm,26L
-
-#define SN_dsaWithSHA1_2                "DSA-SHA1-old"
-#define LN_dsaWithSHA1_2                "dsaWithSHA1-old"
-#define NID_dsaWithSHA1_2               70
-#define OBJ_dsaWithSHA1_2               OBJ_algorithm,27L
-
-#define SN_sha1WithRSA          "RSA-SHA1-2"
-#define LN_sha1WithRSA          "sha1WithRSA"
-#define NID_sha1WithRSA         115
-#define OBJ_sha1WithRSA         OBJ_algorithm,29L
-
-#define SN_ripemd160            "RIPEMD160"
-#define LN_ripemd160            "ripemd160"
-#define NID_ripemd160           117
-#define OBJ_ripemd160           1L,3L,36L,3L,2L,1L
-
-#define SN_ripemd160WithRSA             "RSA-RIPEMD160"
-#define LN_ripemd160WithRSA             "ripemd160WithRSA"
-#define NID_ripemd160WithRSA            119
-#define OBJ_ripemd160WithRSA            1L,3L,36L,3L,3L,1L,2L
-
-#define SN_sxnet                "SXNetID"
-#define LN_sxnet                "Strong Extranet ID"
-#define NID_sxnet               143
-#define OBJ_sxnet               1L,3L,101L,1L,4L,1L
-
-#define SN_X500         "X500"
-#define LN_X500         "directory services (X.500)"
-#define NID_X500                11
-#define OBJ_X500                2L,5L
-
-#define SN_X509         "X509"
-#define NID_X509                12
-#define OBJ_X509                OBJ_X500,4L
-
-#define SN_commonName           "CN"
-#define LN_commonName           "commonName"
-#define NID_commonName          13
-#define OBJ_commonName          OBJ_X509,3L
-
-#define SN_surname              "SN"
-#define LN_surname              "surname"
-#define NID_surname             100
-#define OBJ_surname             OBJ_X509,4L
-
-#define LN_serialNumber         "serialNumber"
-#define NID_serialNumber                105
-#define OBJ_serialNumber                OBJ_X509,5L
-
-#define SN_countryName          "C"
-#define LN_countryName          "countryName"
-#define NID_countryName         14
-#define OBJ_countryName         OBJ_X509,6L
-
-#define SN_localityName         "L"
-#define LN_localityName         "localityName"
-#define NID_localityName                15
-#define OBJ_localityName                OBJ_X509,7L
-
-#define SN_stateOrProvinceName          "ST"
-#define LN_stateOrProvinceName          "stateOrProvinceName"
-#define NID_stateOrProvinceName         16
-#define OBJ_stateOrProvinceName         OBJ_X509,8L
-
-#define LN_streetAddress                "streetAddress"
-#define NID_streetAddress               660
-#define OBJ_streetAddress               OBJ_X509,9L
-
-#define SN_organizationName             "O"
-#define LN_organizationName             "organizationName"
-#define NID_organizationName            17
-#define OBJ_organizationName            OBJ_X509,10L
-
-#define SN_organizationalUnitName               "OU"
-#define LN_organizationalUnitName               "organizationalUnitName"
-#define NID_organizationalUnitName              18
-#define OBJ_organizationalUnitName              OBJ_X509,11L
-
-#define LN_title                "title"
-#define NID_title               106
-#define OBJ_title               OBJ_X509,12L
-
-#define LN_description          "description"
-#define NID_description         107
-#define OBJ_description         OBJ_X509,13L
-
-#define LN_postalCode           "postalCode"
-#define NID_postalCode          661
-#define OBJ_postalCode          OBJ_X509,17L
-
-#define SN_name         "name"
-#define LN_name         "name"
-#define NID_name                173
-#define OBJ_name                OBJ_X509,41L
-
-#define SN_givenName            "GN"
-#define LN_givenName            "givenName"
-#define NID_givenName           99
-#define OBJ_givenName           OBJ_X509,42L
-
-#define LN_initials             "initials"
-#define NID_initials            101
-#define OBJ_initials            OBJ_X509,43L
-
-#define LN_generationQualifier          "generationQualifier"
-#define NID_generationQualifier         509
-#define OBJ_generationQualifier         OBJ_X509,44L
-
-#define LN_x500UniqueIdentifier         "x500UniqueIdentifier"
-#define NID_x500UniqueIdentifier                503
-#define OBJ_x500UniqueIdentifier                OBJ_X509,45L
-
-#define SN_dnQualifier          "dnQualifier"
-#define LN_dnQualifier          "dnQualifier"
-#define NID_dnQualifier         174
-#define OBJ_dnQualifier         OBJ_X509,46L
-
-#define LN_pseudonym            "pseudonym"
-#define NID_pseudonym           510
-#define OBJ_pseudonym           OBJ_X509,65L
-
-#define SN_role         "role"
-#define LN_role         "role"
-#define NID_role                400
-#define OBJ_role                OBJ_X509,72L
-
-#define SN_X500algorithms               "X500algorithms"
-#define LN_X500algorithms               "directory services - algorithms"
-#define NID_X500algorithms              378
-#define OBJ_X500algorithms              OBJ_X500,8L
-
-#define SN_rsa          "RSA"
-#define LN_rsa          "rsa"
-#define NID_rsa         19
-#define OBJ_rsa         OBJ_X500algorithms,1L,1L
-
-#define SN_mdc2WithRSA          "RSA-MDC2"
-#define LN_mdc2WithRSA          "mdc2WithRSA"
-#define NID_mdc2WithRSA         96
-#define OBJ_mdc2WithRSA         OBJ_X500algorithms,3L,100L
-
-#define SN_mdc2         "MDC2"
-#define LN_mdc2         "mdc2"
-#define NID_mdc2                95
-#define OBJ_mdc2                OBJ_X500algorithms,3L,101L
-
-#define SN_id_ce                "id-ce"
-#define NID_id_ce               81
-#define OBJ_id_ce               OBJ_X500,29L
-
-#define SN_subject_key_identifier               "subjectKeyIdentifier"
-#define LN_subject_key_identifier               "X509v3 Subject Key Identifier"
-#define NID_subject_key_identifier              82
-#define OBJ_subject_key_identifier              OBJ_id_ce,14L
-
-#define SN_key_usage            "keyUsage"
-#define LN_key_usage            "X509v3 Key Usage"
-#define NID_key_usage           83
-#define OBJ_key_usage           OBJ_id_ce,15L
-
-#define SN_private_key_usage_period             "privateKeyUsagePeriod"
-#define LN_private_key_usage_period             "X509v3 Private Key Usage Period"
-#define NID_private_key_usage_period            84
-#define OBJ_private_key_usage_period            OBJ_id_ce,16L
-
-#define SN_subject_alt_name             "subjectAltName"
-#define LN_subject_alt_name             "X509v3 Subject Alternative Name"
-#define NID_subject_alt_name            85
-#define OBJ_subject_alt_name            OBJ_id_ce,17L
-
-#define SN_issuer_alt_name              "issuerAltName"
-#define LN_issuer_alt_name              "X509v3 Issuer Alternative Name"
-#define NID_issuer_alt_name             86
-#define OBJ_issuer_alt_name             OBJ_id_ce,18L
-
-#define SN_basic_constraints            "basicConstraints"
-#define LN_basic_constraints            "X509v3 Basic Constraints"
-#define NID_basic_constraints           87
-#define OBJ_basic_constraints           OBJ_id_ce,19L
-
-#define SN_crl_number           "crlNumber"
-#define LN_crl_number           "X509v3 CRL Number"
-#define NID_crl_number          88
-#define OBJ_crl_number          OBJ_id_ce,20L
-
-#define SN_crl_reason           "CRLReason"
-#define LN_crl_reason           "X509v3 CRL Reason Code"
-#define NID_crl_reason          141
-#define OBJ_crl_reason          OBJ_id_ce,21L
-
-#define SN_invalidity_date              "invalidityDate"
-#define LN_invalidity_date              "Invalidity Date"
-#define NID_invalidity_date             142
-#define OBJ_invalidity_date             OBJ_id_ce,24L
-
-#define SN_delta_crl            "deltaCRL"
-#define LN_delta_crl            "X509v3 Delta CRL Indicator"
-#define NID_delta_crl           140
-#define OBJ_delta_crl           OBJ_id_ce,27L
-
-#define SN_name_constraints             "nameConstraints"
-#define LN_name_constraints             "X509v3 Name Constraints"
-#define NID_name_constraints            666
-#define OBJ_name_constraints            OBJ_id_ce,30L
-
-#define SN_crl_distribution_points              "crlDistributionPoints"
-#define LN_crl_distribution_points              "X509v3 CRL Distribution Points"
-#define NID_crl_distribution_points             103
-#define OBJ_crl_distribution_points             OBJ_id_ce,31L
-
-#define SN_certificate_policies         "certificatePolicies"
-#define LN_certificate_policies         "X509v3 Certificate Policies"
-#define NID_certificate_policies                89
-#define OBJ_certificate_policies                OBJ_id_ce,32L
-
-#define SN_authority_key_identifier             "authorityKeyIdentifier"
-#define LN_authority_key_identifier             "X509v3 Authority Key Identifier"
-#define NID_authority_key_identifier            90
-#define OBJ_authority_key_identifier            OBJ_id_ce,35L
-
-#define SN_policy_constraints           "policyConstraints"
-#define LN_policy_constraints           "X509v3 Policy Constraints"
-#define NID_policy_constraints          401
-#define OBJ_policy_constraints          OBJ_id_ce,36L
-
-#define SN_ext_key_usage                "extendedKeyUsage"
-#define LN_ext_key_usage                "X509v3 Extended Key Usage"
-#define NID_ext_key_usage               126
-#define OBJ_ext_key_usage               OBJ_id_ce,37L
-
-#define SN_target_information           "targetInformation"
-#define LN_target_information           "X509v3 AC Targeting"
-#define NID_target_information          402
-#define OBJ_target_information          OBJ_id_ce,55L
-
-#define SN_no_rev_avail         "noRevAvail"
-#define LN_no_rev_avail         "X509v3 No Revocation Available"
-#define NID_no_rev_avail                403
-#define OBJ_no_rev_avail                OBJ_id_ce,56L
-
-#define SN_netscape             "Netscape"
-#define LN_netscape             "Netscape Communications Corp."
-#define NID_netscape            57
-#define OBJ_netscape            2L,16L,840L,1L,113730L
-
-#define SN_netscape_cert_extension              "nsCertExt"
-#define LN_netscape_cert_extension              "Netscape Certificate Extension"
-#define NID_netscape_cert_extension             58
-#define OBJ_netscape_cert_extension             OBJ_netscape,1L
-
-#define SN_netscape_data_type           "nsDataType"
-#define LN_netscape_data_type           "Netscape Data Type"
-#define NID_netscape_data_type          59
-#define OBJ_netscape_data_type          OBJ_netscape,2L
-
-#define SN_netscape_cert_type           "nsCertType"
-#define LN_netscape_cert_type           "Netscape Cert Type"
-#define NID_netscape_cert_type          71
-#define OBJ_netscape_cert_type          OBJ_netscape_cert_extension,1L
-
-#define SN_netscape_base_url            "nsBaseUrl"
-#define LN_netscape_base_url            "Netscape Base Url"
-#define NID_netscape_base_url           72
-#define OBJ_netscape_base_url           OBJ_netscape_cert_extension,2L
-
-#define SN_netscape_revocation_url              "nsRevocationUrl"
-#define LN_netscape_revocation_url              "Netscape Revocation Url"
-#define NID_netscape_revocation_url             73
-#define OBJ_netscape_revocation_url             OBJ_netscape_cert_extension,3L
-
-#define SN_netscape_ca_revocation_url           "nsCaRevocationUrl"
-#define LN_netscape_ca_revocation_url           "Netscape CA Revocation Url"
-#define NID_netscape_ca_revocation_url          74
-#define OBJ_netscape_ca_revocation_url          OBJ_netscape_cert_extension,4L
-
-#define SN_netscape_renewal_url         "nsRenewalUrl"
-#define LN_netscape_renewal_url         "Netscape Renewal Url"
-#define NID_netscape_renewal_url                75
-#define OBJ_netscape_renewal_url                OBJ_netscape_cert_extension,7L
-
-#define SN_netscape_ca_policy_url               "nsCaPolicyUrl"
-#define LN_netscape_ca_policy_url               "Netscape CA Policy Url"
-#define NID_netscape_ca_policy_url              76
-#define OBJ_netscape_ca_policy_url              OBJ_netscape_cert_extension,8L
-
-#define SN_netscape_ssl_server_name             "nsSslServerName"
-#define LN_netscape_ssl_server_name             "Netscape SSL Server Name"
-#define NID_netscape_ssl_server_name            77
-#define OBJ_netscape_ssl_server_name            OBJ_netscape_cert_extension,12L
-
-#define SN_netscape_comment             "nsComment"
-#define LN_netscape_comment             "Netscape Comment"
-#define NID_netscape_comment            78
-#define OBJ_netscape_comment            OBJ_netscape_cert_extension,13L
-
-#define SN_netscape_cert_sequence               "nsCertSequence"
-#define LN_netscape_cert_sequence               "Netscape Certificate Sequence"
-#define NID_netscape_cert_sequence              79
-#define OBJ_netscape_cert_sequence              OBJ_netscape_data_type,5L
-
-#define SN_ns_sgc               "nsSGC"
-#define LN_ns_sgc               "Netscape Server Gated Crypto"
-#define NID_ns_sgc              139
-#define OBJ_ns_sgc              OBJ_netscape,4L,1L
-
-#define SN_org          "ORG"
-#define LN_org          "org"
-#define NID_org         379
-#define OBJ_org         OBJ_iso,3L
-
-#define SN_dod          "DOD"
-#define LN_dod          "dod"
-#define NID_dod         380
-#define OBJ_dod         OBJ_org,6L
-
-#define SN_iana         "IANA"
-#define LN_iana         "iana"
-#define NID_iana                381
-#define OBJ_iana                OBJ_dod,1L
-
-#define OBJ_internet            OBJ_iana
-
-#define SN_Directory            "directory"
-#define LN_Directory            "Directory"
-#define NID_Directory           382
-#define OBJ_Directory           OBJ_internet,1L
-
-#define SN_Management           "mgmt"
-#define LN_Management           "Management"
-#define NID_Management          383
-#define OBJ_Management          OBJ_internet,2L
-
-#define SN_Experimental         "experimental"
-#define LN_Experimental         "Experimental"
-#define NID_Experimental                384
-#define OBJ_Experimental                OBJ_internet,3L
-
-#define SN_Private              "private"
-#define LN_Private              "Private"
-#define NID_Private             385
-#define OBJ_Private             OBJ_internet,4L
-
-#define SN_Security             "security"
-#define LN_Security             "Security"
-#define NID_Security            386
-#define OBJ_Security            OBJ_internet,5L
-
-#define SN_SNMPv2               "snmpv2"
-#define LN_SNMPv2               "SNMPv2"
-#define NID_SNMPv2              387
-#define OBJ_SNMPv2              OBJ_internet,6L
-
-#define LN_Mail         "Mail"
-#define NID_Mail                388
-#define OBJ_Mail                OBJ_internet,7L
-
-#define SN_Enterprises          "enterprises"
-#define LN_Enterprises          "Enterprises"
-#define NID_Enterprises         389
-#define OBJ_Enterprises         OBJ_Private,1L
-
-#define SN_dcObject             "dcobject"
-#define LN_dcObject             "dcObject"
-#define NID_dcObject            390
-#define OBJ_dcObject            OBJ_Enterprises,1466L,344L
-
-#define SN_mime_mhs             "mime-mhs"
-#define LN_mime_mhs             "MIME MHS"
-#define NID_mime_mhs            504
-#define OBJ_mime_mhs            OBJ_Mail,1L
-
-#define SN_mime_mhs_headings            "mime-mhs-headings"
-#define LN_mime_mhs_headings            "mime-mhs-headings"
-#define NID_mime_mhs_headings           505
-#define OBJ_mime_mhs_headings           OBJ_mime_mhs,1L
-
-#define SN_mime_mhs_bodies              "mime-mhs-bodies"
-#define LN_mime_mhs_bodies              "mime-mhs-bodies"
-#define NID_mime_mhs_bodies             506
-#define OBJ_mime_mhs_bodies             OBJ_mime_mhs,2L
-
-#define SN_id_hex_partial_message               "id-hex-partial-message"
-#define LN_id_hex_partial_message               "id-hex-partial-message"
-#define NID_id_hex_partial_message              507
-#define OBJ_id_hex_partial_message              OBJ_mime_mhs_headings,1L
-
-#define SN_id_hex_multipart_message             "id-hex-multipart-message"
-#define LN_id_hex_multipart_message             "id-hex-multipart-message"
-#define NID_id_hex_multipart_message            508
-#define OBJ_id_hex_multipart_message            OBJ_mime_mhs_headings,2L
-
-#define SN_rle_compression              "RLE"
-#define LN_rle_compression              "run length compression"
-#define NID_rle_compression             124
-#define OBJ_rle_compression             1L,1L,1L,1L,666L,1L
-
-#define SN_zlib_compression             "ZLIB"
-#define LN_zlib_compression             "zlib compression"
-#define NID_zlib_compression            125
-#define OBJ_zlib_compression            1L,1L,1L,1L,666L,2L
-
-#define OBJ_csor                2L,16L,840L,1L,101L,3L
-
-#define OBJ_nistAlgorithms              OBJ_csor,4L
-
-#define OBJ_aes         OBJ_nistAlgorithms,1L
-
-#define SN_aes_128_ecb          "AES-128-ECB"
-#define LN_aes_128_ecb          "aes-128-ecb"
-#define NID_aes_128_ecb         418
-#define OBJ_aes_128_ecb         OBJ_aes,1L
-
-#define SN_aes_128_cbc          "AES-128-CBC"
-#define LN_aes_128_cbc          "aes-128-cbc"
-#define NID_aes_128_cbc         419
-#define OBJ_aes_128_cbc         OBJ_aes,2L
-
-#define SN_aes_128_ofb128               "AES-128-OFB"
-#define LN_aes_128_ofb128               "aes-128-ofb"
-#define NID_aes_128_ofb128              420
-#define OBJ_aes_128_ofb128              OBJ_aes,3L
-
-#define SN_aes_128_cfb128               "AES-128-CFB"
-#define LN_aes_128_cfb128               "aes-128-cfb"
-#define NID_aes_128_cfb128              421
-#define OBJ_aes_128_cfb128              OBJ_aes,4L
-
-#define SN_aes_192_ecb          "AES-192-ECB"
-#define LN_aes_192_ecb          "aes-192-ecb"
-#define NID_aes_192_ecb         422
-#define OBJ_aes_192_ecb         OBJ_aes,21L
-
-#define SN_aes_192_cbc          "AES-192-CBC"
-#define LN_aes_192_cbc          "aes-192-cbc"
-#define NID_aes_192_cbc         423
-#define OBJ_aes_192_cbc         OBJ_aes,22L
-
-#define SN_aes_192_ofb128               "AES-192-OFB"
-#define LN_aes_192_ofb128               "aes-192-ofb"
-#define NID_aes_192_ofb128              424
-#define OBJ_aes_192_ofb128              OBJ_aes,23L
-
-#define SN_aes_192_cfb128               "AES-192-CFB"
-#define LN_aes_192_cfb128               "aes-192-cfb"
-#define NID_aes_192_cfb128              425
-#define OBJ_aes_192_cfb128              OBJ_aes,24L
-
-#define SN_aes_256_ecb          "AES-256-ECB"
-#define LN_aes_256_ecb          "aes-256-ecb"
-#define NID_aes_256_ecb         426
-#define OBJ_aes_256_ecb         OBJ_aes,41L
-
-#define SN_aes_256_cbc          "AES-256-CBC"
-#define LN_aes_256_cbc          "aes-256-cbc"
-#define NID_aes_256_cbc         427
-#define OBJ_aes_256_cbc         OBJ_aes,42L
-
-#define SN_aes_256_ofb128               "AES-256-OFB"
-#define LN_aes_256_ofb128               "aes-256-ofb"
-#define NID_aes_256_ofb128              428
-#define OBJ_aes_256_ofb128              OBJ_aes,43L
-
-#define SN_aes_256_cfb128               "AES-256-CFB"
-#define LN_aes_256_cfb128               "aes-256-cfb"
-#define NID_aes_256_cfb128              429
-#define OBJ_aes_256_cfb128              OBJ_aes,44L
-
-#define SN_aes_128_cfb1         "AES-128-CFB1"
-#define LN_aes_128_cfb1         "aes-128-cfb1"
-#define NID_aes_128_cfb1                650
-
-#define SN_aes_192_cfb1         "AES-192-CFB1"
-#define LN_aes_192_cfb1         "aes-192-cfb1"
-#define NID_aes_192_cfb1                651
-
-#define SN_aes_256_cfb1         "AES-256-CFB1"
-#define LN_aes_256_cfb1         "aes-256-cfb1"
-#define NID_aes_256_cfb1                652
-
-#define SN_aes_128_cfb8         "AES-128-CFB8"
-#define LN_aes_128_cfb8         "aes-128-cfb8"
-#define NID_aes_128_cfb8                653
-
-#define SN_aes_192_cfb8         "AES-192-CFB8"
-#define LN_aes_192_cfb8         "aes-192-cfb8"
-#define NID_aes_192_cfb8                654
-
-#define SN_aes_256_cfb8         "AES-256-CFB8"
-#define LN_aes_256_cfb8         "aes-256-cfb8"
-#define NID_aes_256_cfb8                655
-
-#define SN_des_cfb1             "DES-CFB1"
-#define LN_des_cfb1             "des-cfb1"
-#define NID_des_cfb1            656
-
-#define SN_des_cfb8             "DES-CFB8"
-#define LN_des_cfb8             "des-cfb8"
-#define NID_des_cfb8            657
-
-#define SN_des_ede3_cfb1                "DES-EDE3-CFB1"
-#define LN_des_ede3_cfb1                "des-ede3-cfb1"
-#define NID_des_ede3_cfb1               658
-
-#define SN_des_ede3_cfb8                "DES-EDE3-CFB8"
-#define LN_des_ede3_cfb8                "des-ede3-cfb8"
-#define NID_des_ede3_cfb8               659
-
-#define OBJ_nist_hashalgs               OBJ_nistAlgorithms,2L
-
-#define SN_sha256               "SHA256"
-#define LN_sha256               "sha256"
-#define NID_sha256              672
-#define OBJ_sha256              OBJ_nist_hashalgs,1L
-
-#define SN_sha384               "SHA384"
-#define LN_sha384               "sha384"
-#define NID_sha384              673
-#define OBJ_sha384              OBJ_nist_hashalgs,2L
-
-#define SN_sha512               "SHA512"
-#define LN_sha512               "sha512"
-#define NID_sha512              674
-#define OBJ_sha512              OBJ_nist_hashalgs,3L
-
-#define SN_sha224               "SHA224"
-#define LN_sha224               "sha224"
-#define NID_sha224              675
-#define OBJ_sha224              OBJ_nist_hashalgs,4L
-
-#define SN_hold_instruction_code                "holdInstructionCode"
-#define LN_hold_instruction_code                "Hold Instruction Code"
-#define NID_hold_instruction_code               430
-#define OBJ_hold_instruction_code               OBJ_id_ce,23L
-
-#define OBJ_holdInstruction             OBJ_X9_57,2L
-
-#define SN_hold_instruction_none                "holdInstructionNone"
-#define LN_hold_instruction_none                "Hold Instruction None"
-#define NID_hold_instruction_none               431
-#define OBJ_hold_instruction_none               OBJ_holdInstruction,1L
-
-#define SN_hold_instruction_call_issuer         "holdInstructionCallIssuer"
-#define LN_hold_instruction_call_issuer         "Hold Instruction Call Issuer"
-#define NID_hold_instruction_call_issuer                432
-#define OBJ_hold_instruction_call_issuer                OBJ_holdInstruction,2L
-
-#define SN_hold_instruction_reject              "holdInstructionReject"
-#define LN_hold_instruction_reject              "Hold Instruction Reject"
-#define NID_hold_instruction_reject             433
-#define OBJ_hold_instruction_reject             OBJ_holdInstruction,3L
-
-#define SN_data         "data"
-#define NID_data                434
-#define OBJ_data                OBJ_ccitt,9L
-
-#define SN_pss          "pss"
-#define NID_pss         435
-#define OBJ_pss         OBJ_data,2342L
-
-#define SN_ucl          "ucl"
-#define NID_ucl         436
-#define OBJ_ucl         OBJ_pss,19200300L
-
-#define SN_pilot                "pilot"
-#define NID_pilot               437
-#define OBJ_pilot               OBJ_ucl,100L
-
-#define LN_pilotAttributeType           "pilotAttributeType"
-#define NID_pilotAttributeType          438
-#define OBJ_pilotAttributeType          OBJ_pilot,1L
-
-#define LN_pilotAttributeSyntax         "pilotAttributeSyntax"
-#define NID_pilotAttributeSyntax                439
-#define OBJ_pilotAttributeSyntax                OBJ_pilot,3L
-
-#define LN_pilotObjectClass             "pilotObjectClass"
-#define NID_pilotObjectClass            440
-#define OBJ_pilotObjectClass            OBJ_pilot,4L
-
-#define LN_pilotGroups          "pilotGroups"
-#define NID_pilotGroups         441
-#define OBJ_pilotGroups         OBJ_pilot,10L
-
-#define LN_iA5StringSyntax              "iA5StringSyntax"
-#define NID_iA5StringSyntax             442
-#define OBJ_iA5StringSyntax             OBJ_pilotAttributeSyntax,4L
-
-#define LN_caseIgnoreIA5StringSyntax            "caseIgnoreIA5StringSyntax"
-#define NID_caseIgnoreIA5StringSyntax           443
-#define OBJ_caseIgnoreIA5StringSyntax           OBJ_pilotAttributeSyntax,5L
-
-#define LN_pilotObject          "pilotObject"
-#define NID_pilotObject         444
-#define OBJ_pilotObject         OBJ_pilotObjectClass,3L
-
-#define LN_pilotPerson          "pilotPerson"
-#define NID_pilotPerson         445
-#define OBJ_pilotPerson         OBJ_pilotObjectClass,4L
-
-#define SN_account              "account"
-#define NID_account             446
-#define OBJ_account             OBJ_pilotObjectClass,5L
-
-#define SN_document             "document"
-#define NID_document            447
-#define OBJ_document            OBJ_pilotObjectClass,6L
-
-#define SN_room         "room"
-#define NID_room                448
-#define OBJ_room                OBJ_pilotObjectClass,7L
-
-#define LN_documentSeries               "documentSeries"
-#define NID_documentSeries              449
-#define OBJ_documentSeries              OBJ_pilotObjectClass,9L
-
-#define SN_Domain               "domain"
-#define LN_Domain               "Domain"
-#define NID_Domain              392
-#define OBJ_Domain              OBJ_pilotObjectClass,13L
-
-#define LN_rFC822localPart              "rFC822localPart"
-#define NID_rFC822localPart             450
-#define OBJ_rFC822localPart             OBJ_pilotObjectClass,14L
-
-#define LN_dNSDomain            "dNSDomain"
-#define NID_dNSDomain           451
-#define OBJ_dNSDomain           OBJ_pilotObjectClass,15L
-
-#define LN_domainRelatedObject          "domainRelatedObject"
-#define NID_domainRelatedObject         452
-#define OBJ_domainRelatedObject         OBJ_pilotObjectClass,17L
-
-#define LN_friendlyCountry              "friendlyCountry"
-#define NID_friendlyCountry             453
-#define OBJ_friendlyCountry             OBJ_pilotObjectClass,18L
-
-#define LN_simpleSecurityObject         "simpleSecurityObject"
-#define NID_simpleSecurityObject                454
-#define OBJ_simpleSecurityObject                OBJ_pilotObjectClass,19L
-
-#define LN_pilotOrganization            "pilotOrganization"
-#define NID_pilotOrganization           455
-#define OBJ_pilotOrganization           OBJ_pilotObjectClass,20L
-
-#define LN_pilotDSA             "pilotDSA"
-#define NID_pilotDSA            456
-#define OBJ_pilotDSA            OBJ_pilotObjectClass,21L
-
-#define LN_qualityLabelledData          "qualityLabelledData"
-#define NID_qualityLabelledData         457
-#define OBJ_qualityLabelledData         OBJ_pilotObjectClass,22L
-
-#define SN_userId               "UID"
-#define LN_userId               "userId"
-#define NID_userId              458
-#define OBJ_userId              OBJ_pilotAttributeType,1L
-
-#define LN_textEncodedORAddress         "textEncodedORAddress"
-#define NID_textEncodedORAddress                459
-#define OBJ_textEncodedORAddress                OBJ_pilotAttributeType,2L
-
-#define SN_rfc822Mailbox                "mail"
-#define LN_rfc822Mailbox                "rfc822Mailbox"
-#define NID_rfc822Mailbox               460
-#define OBJ_rfc822Mailbox               OBJ_pilotAttributeType,3L
-
-#define SN_info         "info"
-#define NID_info                461
-#define OBJ_info                OBJ_pilotAttributeType,4L
-
-#define LN_favouriteDrink               "favouriteDrink"
-#define NID_favouriteDrink              462
-#define OBJ_favouriteDrink              OBJ_pilotAttributeType,5L
-
-#define LN_roomNumber           "roomNumber"
-#define NID_roomNumber          463
-#define OBJ_roomNumber          OBJ_pilotAttributeType,6L
-
-#define SN_photo                "photo"
-#define NID_photo               464
-#define OBJ_photo               OBJ_pilotAttributeType,7L
-
-#define LN_userClass            "userClass"
-#define NID_userClass           465
-#define OBJ_userClass           OBJ_pilotAttributeType,8L
-
-#define SN_host         "host"
-#define NID_host                466
-#define OBJ_host                OBJ_pilotAttributeType,9L
-
-#define SN_manager              "manager"
-#define NID_manager             467
-#define OBJ_manager             OBJ_pilotAttributeType,10L
-
-#define LN_documentIdentifier           "documentIdentifier"
-#define NID_documentIdentifier          468
-#define OBJ_documentIdentifier          OBJ_pilotAttributeType,11L
-
-#define LN_documentTitle                "documentTitle"
-#define NID_documentTitle               469
-#define OBJ_documentTitle               OBJ_pilotAttributeType,12L
-
-#define LN_documentVersion              "documentVersion"
-#define NID_documentVersion             470
-#define OBJ_documentVersion             OBJ_pilotAttributeType,13L
-
-#define LN_documentAuthor               "documentAuthor"
-#define NID_documentAuthor              471
-#define OBJ_documentAuthor              OBJ_pilotAttributeType,14L
-
-#define LN_documentLocation             "documentLocation"
-#define NID_documentLocation            472
-#define OBJ_documentLocation            OBJ_pilotAttributeType,15L
-
-#define LN_homeTelephoneNumber          "homeTelephoneNumber"
-#define NID_homeTelephoneNumber         473
-#define OBJ_homeTelephoneNumber         OBJ_pilotAttributeType,20L
-
-#define SN_secretary            "secretary"
-#define NID_secretary           474
-#define OBJ_secretary           OBJ_pilotAttributeType,21L
-
-#define LN_otherMailbox         "otherMailbox"
-#define NID_otherMailbox                475
-#define OBJ_otherMailbox                OBJ_pilotAttributeType,22L
-
-#define LN_lastModifiedTime             "lastModifiedTime"
-#define NID_lastModifiedTime            476
-#define OBJ_lastModifiedTime            OBJ_pilotAttributeType,23L
-
-#define LN_lastModifiedBy               "lastModifiedBy"
-#define NID_lastModifiedBy              477
-#define OBJ_lastModifiedBy              OBJ_pilotAttributeType,24L
-
-#define SN_domainComponent              "DC"
-#define LN_domainComponent              "domainComponent"
-#define NID_domainComponent             391
-#define OBJ_domainComponent             OBJ_pilotAttributeType,25L
-
-#define LN_aRecord              "aRecord"
-#define NID_aRecord             478
-#define OBJ_aRecord             OBJ_pilotAttributeType,26L
-
-#define LN_pilotAttributeType27         "pilotAttributeType27"
-#define NID_pilotAttributeType27                479
-#define OBJ_pilotAttributeType27                OBJ_pilotAttributeType,27L
-
-#define LN_mXRecord             "mXRecord"
-#define NID_mXRecord            480
-#define OBJ_mXRecord            OBJ_pilotAttributeType,28L
-
-#define LN_nSRecord             "nSRecord"
-#define NID_nSRecord            481
-#define OBJ_nSRecord            OBJ_pilotAttributeType,29L
-
-#define LN_sOARecord            "sOARecord"
-#define NID_sOARecord           482
-#define OBJ_sOARecord           OBJ_pilotAttributeType,30L
-
-#define LN_cNAMERecord          "cNAMERecord"
-#define NID_cNAMERecord         483
-#define OBJ_cNAMERecord         OBJ_pilotAttributeType,31L
-
-#define LN_associatedDomain             "associatedDomain"
-#define NID_associatedDomain            484
-#define OBJ_associatedDomain            OBJ_pilotAttributeType,37L
-
-#define LN_associatedName               "associatedName"
-#define NID_associatedName              485
-#define OBJ_associatedName              OBJ_pilotAttributeType,38L
-
-#define LN_homePostalAddress            "homePostalAddress"
-#define NID_homePostalAddress           486
-#define OBJ_homePostalAddress           OBJ_pilotAttributeType,39L
-
-#define LN_personalTitle                "personalTitle"
-#define NID_personalTitle               487
-#define OBJ_personalTitle               OBJ_pilotAttributeType,40L
-
-#define LN_mobileTelephoneNumber                "mobileTelephoneNumber"
-#define NID_mobileTelephoneNumber               488
-#define OBJ_mobileTelephoneNumber               OBJ_pilotAttributeType,41L
-
-#define LN_pagerTelephoneNumber         "pagerTelephoneNumber"
-#define NID_pagerTelephoneNumber                489
-#define OBJ_pagerTelephoneNumber                OBJ_pilotAttributeType,42L
-
-#define LN_friendlyCountryName          "friendlyCountryName"
-#define NID_friendlyCountryName         490
-#define OBJ_friendlyCountryName         OBJ_pilotAttributeType,43L
-
-#define LN_organizationalStatus         "organizationalStatus"
-#define NID_organizationalStatus                491
-#define OBJ_organizationalStatus                OBJ_pilotAttributeType,45L
-
-#define LN_janetMailbox         "janetMailbox"
-#define NID_janetMailbox                492
-#define OBJ_janetMailbox                OBJ_pilotAttributeType,46L
-
-#define LN_mailPreferenceOption         "mailPreferenceOption"
-#define NID_mailPreferenceOption                493
-#define OBJ_mailPreferenceOption                OBJ_pilotAttributeType,47L
-
-#define LN_buildingName         "buildingName"
-#define NID_buildingName                494
-#define OBJ_buildingName                OBJ_pilotAttributeType,48L
-
-#define LN_dSAQuality           "dSAQuality"
-#define NID_dSAQuality          495
-#define OBJ_dSAQuality          OBJ_pilotAttributeType,49L
-
-#define LN_singleLevelQuality           "singleLevelQuality"
-#define NID_singleLevelQuality          496
-#define OBJ_singleLevelQuality          OBJ_pilotAttributeType,50L
-
-#define LN_subtreeMinimumQuality                "subtreeMinimumQuality"
-#define NID_subtreeMinimumQuality               497
-#define OBJ_subtreeMinimumQuality               OBJ_pilotAttributeType,51L
-
-#define LN_subtreeMaximumQuality                "subtreeMaximumQuality"
-#define NID_subtreeMaximumQuality               498
-#define OBJ_subtreeMaximumQuality               OBJ_pilotAttributeType,52L
-
-#define LN_personalSignature            "personalSignature"
-#define NID_personalSignature           499
-#define OBJ_personalSignature           OBJ_pilotAttributeType,53L
-
-#define LN_dITRedirect          "dITRedirect"
-#define NID_dITRedirect         500
-#define OBJ_dITRedirect         OBJ_pilotAttributeType,54L
-
-#define SN_audio                "audio"
-#define NID_audio               501
-#define OBJ_audio               OBJ_pilotAttributeType,55L
-
-#define LN_documentPublisher            "documentPublisher"
-#define NID_documentPublisher           502
-#define OBJ_documentPublisher           OBJ_pilotAttributeType,56L
-
-#define SN_id_set               "id-set"
-#define LN_id_set               "Secure Electronic Transactions"
-#define NID_id_set              512
-#define OBJ_id_set              2L,23L,42L
-
-#define SN_set_ctype            "set-ctype"
-#define LN_set_ctype            "content types"
-#define NID_set_ctype           513
-#define OBJ_set_ctype           OBJ_id_set,0L
-
-#define SN_set_msgExt           "set-msgExt"
-#define LN_set_msgExt           "message extensions"
-#define NID_set_msgExt          514
-#define OBJ_set_msgExt          OBJ_id_set,1L
-
-#define SN_set_attr             "set-attr"
-#define NID_set_attr            515
-#define OBJ_set_attr            OBJ_id_set,3L
-
-#define SN_set_policy           "set-policy"
-#define NID_set_policy          516
-#define OBJ_set_policy          OBJ_id_set,5L
-
-#define SN_set_certExt          "set-certExt"
-#define LN_set_certExt          "certificate extensions"
-#define NID_set_certExt         517
-#define OBJ_set_certExt         OBJ_id_set,7L
-
-#define SN_set_brand            "set-brand"
-#define NID_set_brand           518
-#define OBJ_set_brand           OBJ_id_set,8L
-
-#define SN_setct_PANData                "setct-PANData"
-#define NID_setct_PANData               519
-#define OBJ_setct_PANData               OBJ_set_ctype,0L
-
-#define SN_setct_PANToken               "setct-PANToken"
-#define NID_setct_PANToken              520
-#define OBJ_setct_PANToken              OBJ_set_ctype,1L
-
-#define SN_setct_PANOnly                "setct-PANOnly"
-#define NID_setct_PANOnly               521
-#define OBJ_setct_PANOnly               OBJ_set_ctype,2L
-
-#define SN_setct_OIData         "setct-OIData"
-#define NID_setct_OIData                522
-#define OBJ_setct_OIData                OBJ_set_ctype,3L
-
-#define SN_setct_PI             "setct-PI"
-#define NID_setct_PI            523
-#define OBJ_setct_PI            OBJ_set_ctype,4L
-
-#define SN_setct_PIData         "setct-PIData"
-#define NID_setct_PIData                524
-#define OBJ_setct_PIData                OBJ_set_ctype,5L
-
-#define SN_setct_PIDataUnsigned         "setct-PIDataUnsigned"
-#define NID_setct_PIDataUnsigned                525
-#define OBJ_setct_PIDataUnsigned                OBJ_set_ctype,6L
-
-#define SN_setct_HODInput               "setct-HODInput"
-#define NID_setct_HODInput              526
-#define OBJ_setct_HODInput              OBJ_set_ctype,7L
-
-#define SN_setct_AuthResBaggage         "setct-AuthResBaggage"
-#define NID_setct_AuthResBaggage                527
-#define OBJ_setct_AuthResBaggage                OBJ_set_ctype,8L
-
-#define SN_setct_AuthRevReqBaggage              "setct-AuthRevReqBaggage"
-#define NID_setct_AuthRevReqBaggage             528
-#define OBJ_setct_AuthRevReqBaggage             OBJ_set_ctype,9L
-
-#define SN_setct_AuthRevResBaggage              "setct-AuthRevResBaggage"
-#define NID_setct_AuthRevResBaggage             529
-#define OBJ_setct_AuthRevResBaggage             OBJ_set_ctype,10L
-
-#define SN_setct_CapTokenSeq            "setct-CapTokenSeq"
-#define NID_setct_CapTokenSeq           530
-#define OBJ_setct_CapTokenSeq           OBJ_set_ctype,11L
-
-#define SN_setct_PInitResData           "setct-PInitResData"
-#define NID_setct_PInitResData          531
-#define OBJ_setct_PInitResData          OBJ_set_ctype,12L
-
-#define SN_setct_PI_TBS         "setct-PI-TBS"
-#define NID_setct_PI_TBS                532
-#define OBJ_setct_PI_TBS                OBJ_set_ctype,13L
-
-#define SN_setct_PResData               "setct-PResData"
-#define NID_setct_PResData              533
-#define OBJ_setct_PResData              OBJ_set_ctype,14L
-
-#define SN_setct_AuthReqTBS             "setct-AuthReqTBS"
-#define NID_setct_AuthReqTBS            534
-#define OBJ_setct_AuthReqTBS            OBJ_set_ctype,16L
-
-#define SN_setct_AuthResTBS             "setct-AuthResTBS"
-#define NID_setct_AuthResTBS            535
-#define OBJ_setct_AuthResTBS            OBJ_set_ctype,17L
-
-#define SN_setct_AuthResTBSX            "setct-AuthResTBSX"
-#define NID_setct_AuthResTBSX           536
-#define OBJ_setct_AuthResTBSX           OBJ_set_ctype,18L
-
-#define SN_setct_AuthTokenTBS           "setct-AuthTokenTBS"
-#define NID_setct_AuthTokenTBS          537
-#define OBJ_setct_AuthTokenTBS          OBJ_set_ctype,19L
-
-#define SN_setct_CapTokenData           "setct-CapTokenData"
-#define NID_setct_CapTokenData          538
-#define OBJ_setct_CapTokenData          OBJ_set_ctype,20L
-
-#define SN_setct_CapTokenTBS            "setct-CapTokenTBS"
-#define NID_setct_CapTokenTBS           539
-#define OBJ_setct_CapTokenTBS           OBJ_set_ctype,21L
-
-#define SN_setct_AcqCardCodeMsg         "setct-AcqCardCodeMsg"
-#define NID_setct_AcqCardCodeMsg                540
-#define OBJ_setct_AcqCardCodeMsg                OBJ_set_ctype,22L
-
-#define SN_setct_AuthRevReqTBS          "setct-AuthRevReqTBS"
-#define NID_setct_AuthRevReqTBS         541
-#define OBJ_setct_AuthRevReqTBS         OBJ_set_ctype,23L
-
-#define SN_setct_AuthRevResData         "setct-AuthRevResData"
-#define NID_setct_AuthRevResData                542
-#define OBJ_setct_AuthRevResData                OBJ_set_ctype,24L
-
-#define SN_setct_AuthRevResTBS          "setct-AuthRevResTBS"
-#define NID_setct_AuthRevResTBS         543
-#define OBJ_setct_AuthRevResTBS         OBJ_set_ctype,25L
-
-#define SN_setct_CapReqTBS              "setct-CapReqTBS"
-#define NID_setct_CapReqTBS             544
-#define OBJ_setct_CapReqTBS             OBJ_set_ctype,26L
-
-#define SN_setct_CapReqTBSX             "setct-CapReqTBSX"
-#define NID_setct_CapReqTBSX            545
-#define OBJ_setct_CapReqTBSX            OBJ_set_ctype,27L
-
-#define SN_setct_CapResData             "setct-CapResData"
-#define NID_setct_CapResData            546
-#define OBJ_setct_CapResData            OBJ_set_ctype,28L
-
-#define SN_setct_CapRevReqTBS           "setct-CapRevReqTBS"
-#define NID_setct_CapRevReqTBS          547
-#define OBJ_setct_CapRevReqTBS          OBJ_set_ctype,29L
-
-#define SN_setct_CapRevReqTBSX          "setct-CapRevReqTBSX"
-#define NID_setct_CapRevReqTBSX         548
-#define OBJ_setct_CapRevReqTBSX         OBJ_set_ctype,30L
-
-#define SN_setct_CapRevResData          "setct-CapRevResData"
-#define NID_setct_CapRevResData         549
-#define OBJ_setct_CapRevResData         OBJ_set_ctype,31L
-
-#define SN_setct_CredReqTBS             "setct-CredReqTBS"
-#define NID_setct_CredReqTBS            550
-#define OBJ_setct_CredReqTBS            OBJ_set_ctype,32L
-
-#define SN_setct_CredReqTBSX            "setct-CredReqTBSX"
-#define NID_setct_CredReqTBSX           551
-#define OBJ_setct_CredReqTBSX           OBJ_set_ctype,33L
-
-#define SN_setct_CredResData            "setct-CredResData"
-#define NID_setct_CredResData           552
-#define OBJ_setct_CredResData           OBJ_set_ctype,34L
-
-#define SN_setct_CredRevReqTBS          "setct-CredRevReqTBS"
-#define NID_setct_CredRevReqTBS         553
-#define OBJ_setct_CredRevReqTBS         OBJ_set_ctype,35L
-
-#define SN_setct_CredRevReqTBSX         "setct-CredRevReqTBSX"
-#define NID_setct_CredRevReqTBSX                554
-#define OBJ_setct_CredRevReqTBSX                OBJ_set_ctype,36L
-
-#define SN_setct_CredRevResData         "setct-CredRevResData"
-#define NID_setct_CredRevResData                555
-#define OBJ_setct_CredRevResData                OBJ_set_ctype,37L
-
-#define SN_setct_PCertReqData           "setct-PCertReqData"
-#define NID_setct_PCertReqData          556
-#define OBJ_setct_PCertReqData          OBJ_set_ctype,38L
-
-#define SN_setct_PCertResTBS            "setct-PCertResTBS"
-#define NID_setct_PCertResTBS           557
-#define OBJ_setct_PCertResTBS           OBJ_set_ctype,39L
-
-#define SN_setct_BatchAdminReqData              "setct-BatchAdminReqData"
-#define NID_setct_BatchAdminReqData             558
-#define OBJ_setct_BatchAdminReqData             OBJ_set_ctype,40L
-
-#define SN_setct_BatchAdminResData              "setct-BatchAdminResData"
-#define NID_setct_BatchAdminResData             559
-#define OBJ_setct_BatchAdminResData             OBJ_set_ctype,41L
-
-#define SN_setct_CardCInitResTBS                "setct-CardCInitResTBS"
-#define NID_setct_CardCInitResTBS               560
-#define OBJ_setct_CardCInitResTBS               OBJ_set_ctype,42L
-
-#define SN_setct_MeAqCInitResTBS                "setct-MeAqCInitResTBS"
-#define NID_setct_MeAqCInitResTBS               561
-#define OBJ_setct_MeAqCInitResTBS               OBJ_set_ctype,43L
-
-#define SN_setct_RegFormResTBS          "setct-RegFormResTBS"
-#define NID_setct_RegFormResTBS         562
-#define OBJ_setct_RegFormResTBS         OBJ_set_ctype,44L
-
-#define SN_setct_CertReqData            "setct-CertReqData"
-#define NID_setct_CertReqData           563
-#define OBJ_setct_CertReqData           OBJ_set_ctype,45L
-
-#define SN_setct_CertReqTBS             "setct-CertReqTBS"
-#define NID_setct_CertReqTBS            564
-#define OBJ_setct_CertReqTBS            OBJ_set_ctype,46L
-
-#define SN_setct_CertResData            "setct-CertResData"
-#define NID_setct_CertResData           565
-#define OBJ_setct_CertResData           OBJ_set_ctype,47L
-
-#define SN_setct_CertInqReqTBS          "setct-CertInqReqTBS"
-#define NID_setct_CertInqReqTBS         566
-#define OBJ_setct_CertInqReqTBS         OBJ_set_ctype,48L
-
-#define SN_setct_ErrorTBS               "setct-ErrorTBS"
-#define NID_setct_ErrorTBS              567
-#define OBJ_setct_ErrorTBS              OBJ_set_ctype,49L
-
-#define SN_setct_PIDualSignedTBE                "setct-PIDualSignedTBE"
-#define NID_setct_PIDualSignedTBE               568
-#define OBJ_setct_PIDualSignedTBE               OBJ_set_ctype,50L
-
-#define SN_setct_PIUnsignedTBE          "setct-PIUnsignedTBE"
-#define NID_setct_PIUnsignedTBE         569
-#define OBJ_setct_PIUnsignedTBE         OBJ_set_ctype,51L
-
-#define SN_setct_AuthReqTBE             "setct-AuthReqTBE"
-#define NID_setct_AuthReqTBE            570
-#define OBJ_setct_AuthReqTBE            OBJ_set_ctype,52L
-
-#define SN_setct_AuthResTBE             "setct-AuthResTBE"
-#define NID_setct_AuthResTBE            571
-#define OBJ_setct_AuthResTBE            OBJ_set_ctype,53L
-
-#define SN_setct_AuthResTBEX            "setct-AuthResTBEX"
-#define NID_setct_AuthResTBEX           572
-#define OBJ_setct_AuthResTBEX           OBJ_set_ctype,54L
-
-#define SN_setct_AuthTokenTBE           "setct-AuthTokenTBE"
-#define NID_setct_AuthTokenTBE          573
-#define OBJ_setct_AuthTokenTBE          OBJ_set_ctype,55L
-
-#define SN_setct_CapTokenTBE            "setct-CapTokenTBE"
-#define NID_setct_CapTokenTBE           574
-#define OBJ_setct_CapTokenTBE           OBJ_set_ctype,56L
-
-#define SN_setct_CapTokenTBEX           "setct-CapTokenTBEX"
-#define NID_setct_CapTokenTBEX          575
-#define OBJ_setct_CapTokenTBEX          OBJ_set_ctype,57L
-
-#define SN_setct_AcqCardCodeMsgTBE              "setct-AcqCardCodeMsgTBE"
-#define NID_setct_AcqCardCodeMsgTBE             576
-#define OBJ_setct_AcqCardCodeMsgTBE             OBJ_set_ctype,58L
-
-#define SN_setct_AuthRevReqTBE          "setct-AuthRevReqTBE"
-#define NID_setct_AuthRevReqTBE         577
-#define OBJ_setct_AuthRevReqTBE         OBJ_set_ctype,59L
-
-#define SN_setct_AuthRevResTBE          "setct-AuthRevResTBE"
-#define NID_setct_AuthRevResTBE         578
-#define OBJ_setct_AuthRevResTBE         OBJ_set_ctype,60L
-
-#define SN_setct_AuthRevResTBEB         "setct-AuthRevResTBEB"
-#define NID_setct_AuthRevResTBEB                579
-#define OBJ_setct_AuthRevResTBEB                OBJ_set_ctype,61L
-
-#define SN_setct_CapReqTBE              "setct-CapReqTBE"
-#define NID_setct_CapReqTBE             580
-#define OBJ_setct_CapReqTBE             OBJ_set_ctype,62L
-
-#define SN_setct_CapReqTBEX             "setct-CapReqTBEX"
-#define NID_setct_CapReqTBEX            581
-#define OBJ_setct_CapReqTBEX            OBJ_set_ctype,63L
-
-#define SN_setct_CapResTBE              "setct-CapResTBE"
-#define NID_setct_CapResTBE             582
-#define OBJ_setct_CapResTBE             OBJ_set_ctype,64L
-
-#define SN_setct_CapRevReqTBE           "setct-CapRevReqTBE"
-#define NID_setct_CapRevReqTBE          583
-#define OBJ_setct_CapRevReqTBE          OBJ_set_ctype,65L
-
-#define SN_setct_CapRevReqTBEX          "setct-CapRevReqTBEX"
-#define NID_setct_CapRevReqTBEX         584
-#define OBJ_setct_CapRevReqTBEX         OBJ_set_ctype,66L
-
-#define SN_setct_CapRevResTBE           "setct-CapRevResTBE"
-#define NID_setct_CapRevResTBE          585
-#define OBJ_setct_CapRevResTBE          OBJ_set_ctype,67L
-
-#define SN_setct_CredReqTBE             "setct-CredReqTBE"
-#define NID_setct_CredReqTBE            586
-#define OBJ_setct_CredReqTBE            OBJ_set_ctype,68L
-
-#define SN_setct_CredReqTBEX            "setct-CredReqTBEX"
-#define NID_setct_CredReqTBEX           587
-#define OBJ_setct_CredReqTBEX           OBJ_set_ctype,69L
-
-#define SN_setct_CredResTBE             "setct-CredResTBE"
-#define NID_setct_CredResTBE            588
-#define OBJ_setct_CredResTBE            OBJ_set_ctype,70L
-
-#define SN_setct_CredRevReqTBE          "setct-CredRevReqTBE"
-#define NID_setct_CredRevReqTBE         589
-#define OBJ_setct_CredRevReqTBE         OBJ_set_ctype,71L
-
-#define SN_setct_CredRevReqTBEX         "setct-CredRevReqTBEX"
-#define NID_setct_CredRevReqTBEX                590
-#define OBJ_setct_CredRevReqTBEX                OBJ_set_ctype,72L
-
-#define SN_setct_CredRevResTBE          "setct-CredRevResTBE"
-#define NID_setct_CredRevResTBE         591
-#define OBJ_setct_CredRevResTBE         OBJ_set_ctype,73L
-
-#define SN_setct_BatchAdminReqTBE               "setct-BatchAdminReqTBE"
-#define NID_setct_BatchAdminReqTBE              592
-#define OBJ_setct_BatchAdminReqTBE              OBJ_set_ctype,74L
-
-#define SN_setct_BatchAdminResTBE               "setct-BatchAdminResTBE"
-#define NID_setct_BatchAdminResTBE              593
-#define OBJ_setct_BatchAdminResTBE              OBJ_set_ctype,75L
-
-#define SN_setct_RegFormReqTBE          "setct-RegFormReqTBE"
-#define NID_setct_RegFormReqTBE         594
-#define OBJ_setct_RegFormReqTBE         OBJ_set_ctype,76L
-
-#define SN_setct_CertReqTBE             "setct-CertReqTBE"
-#define NID_setct_CertReqTBE            595
-#define OBJ_setct_CertReqTBE            OBJ_set_ctype,77L
-
-#define SN_setct_CertReqTBEX            "setct-CertReqTBEX"
-#define NID_setct_CertReqTBEX           596
-#define OBJ_setct_CertReqTBEX           OBJ_set_ctype,78L
-
-#define SN_setct_CertResTBE             "setct-CertResTBE"
-#define NID_setct_CertResTBE            597
-#define OBJ_setct_CertResTBE            OBJ_set_ctype,79L
-
-#define SN_setct_CRLNotificationTBS             "setct-CRLNotificationTBS"
-#define NID_setct_CRLNotificationTBS            598
-#define OBJ_setct_CRLNotificationTBS            OBJ_set_ctype,80L
-
-#define SN_setct_CRLNotificationResTBS          "setct-CRLNotificationResTBS"
-#define NID_setct_CRLNotificationResTBS         599
-#define OBJ_setct_CRLNotificationResTBS         OBJ_set_ctype,81L
-
-#define SN_setct_BCIDistributionTBS             "setct-BCIDistributionTBS"
-#define NID_setct_BCIDistributionTBS            600
-#define OBJ_setct_BCIDistributionTBS            OBJ_set_ctype,82L
-
-#define SN_setext_genCrypt              "setext-genCrypt"
-#define LN_setext_genCrypt              "generic cryptogram"
-#define NID_setext_genCrypt             601
-#define OBJ_setext_genCrypt             OBJ_set_msgExt,1L
-
-#define SN_setext_miAuth                "setext-miAuth"
-#define LN_setext_miAuth                "merchant initiated auth"
-#define NID_setext_miAuth               602
-#define OBJ_setext_miAuth               OBJ_set_msgExt,3L
-
-#define SN_setext_pinSecure             "setext-pinSecure"
-#define NID_setext_pinSecure            603
-#define OBJ_setext_pinSecure            OBJ_set_msgExt,4L
-
-#define SN_setext_pinAny                "setext-pinAny"
-#define NID_setext_pinAny               604
-#define OBJ_setext_pinAny               OBJ_set_msgExt,5L
-
-#define SN_setext_track2                "setext-track2"
-#define NID_setext_track2               605
-#define OBJ_setext_track2               OBJ_set_msgExt,7L
-
-#define SN_setext_cv            "setext-cv"
-#define LN_setext_cv            "additional verification"
-#define NID_setext_cv           606
-#define OBJ_setext_cv           OBJ_set_msgExt,8L
-
-#define SN_set_policy_root              "set-policy-root"
-#define NID_set_policy_root             607
-#define OBJ_set_policy_root             OBJ_set_policy,0L
-
-#define SN_setCext_hashedRoot           "setCext-hashedRoot"
-#define NID_setCext_hashedRoot          608
-#define OBJ_setCext_hashedRoot          OBJ_set_certExt,0L
-
-#define SN_setCext_certType             "setCext-certType"
-#define NID_setCext_certType            609
-#define OBJ_setCext_certType            OBJ_set_certExt,1L
-
-#define SN_setCext_merchData            "setCext-merchData"
-#define NID_setCext_merchData           610
-#define OBJ_setCext_merchData           OBJ_set_certExt,2L
-
-#define SN_setCext_cCertRequired                "setCext-cCertRequired"
-#define NID_setCext_cCertRequired               611
-#define OBJ_setCext_cCertRequired               OBJ_set_certExt,3L
-
-#define SN_setCext_tunneling            "setCext-tunneling"
-#define NID_setCext_tunneling           612
-#define OBJ_setCext_tunneling           OBJ_set_certExt,4L
-
-#define SN_setCext_setExt               "setCext-setExt"
-#define NID_setCext_setExt              613
-#define OBJ_setCext_setExt              OBJ_set_certExt,5L
-
-#define SN_setCext_setQualf             "setCext-setQualf"
-#define NID_setCext_setQualf            614
-#define OBJ_setCext_setQualf            OBJ_set_certExt,6L
-
-#define SN_setCext_PGWYcapabilities             "setCext-PGWYcapabilities"
-#define NID_setCext_PGWYcapabilities            615
-#define OBJ_setCext_PGWYcapabilities            OBJ_set_certExt,7L
-
-#define SN_setCext_TokenIdentifier              "setCext-TokenIdentifier"
-#define NID_setCext_TokenIdentifier             616
-#define OBJ_setCext_TokenIdentifier             OBJ_set_certExt,8L
-
-#define SN_setCext_Track2Data           "setCext-Track2Data"
-#define NID_setCext_Track2Data          617
-#define OBJ_setCext_Track2Data          OBJ_set_certExt,9L
-
-#define SN_setCext_TokenType            "setCext-TokenType"
-#define NID_setCext_TokenType           618
-#define OBJ_setCext_TokenType           OBJ_set_certExt,10L
-
-#define SN_setCext_IssuerCapabilities           "setCext-IssuerCapabilities"
-#define NID_setCext_IssuerCapabilities          619
-#define OBJ_setCext_IssuerCapabilities          OBJ_set_certExt,11L
-
-#define SN_setAttr_Cert         "setAttr-Cert"
-#define NID_setAttr_Cert                620
-#define OBJ_setAttr_Cert                OBJ_set_attr,0L
-
-#define SN_setAttr_PGWYcap              "setAttr-PGWYcap"
-#define LN_setAttr_PGWYcap              "payment gateway capabilities"
-#define NID_setAttr_PGWYcap             621
-#define OBJ_setAttr_PGWYcap             OBJ_set_attr,1L
-
-#define SN_setAttr_TokenType            "setAttr-TokenType"
-#define NID_setAttr_TokenType           622
-#define OBJ_setAttr_TokenType           OBJ_set_attr,2L
-
-#define SN_setAttr_IssCap               "setAttr-IssCap"
-#define LN_setAttr_IssCap               "issuer capabilities"
-#define NID_setAttr_IssCap              623
-#define OBJ_setAttr_IssCap              OBJ_set_attr,3L
-
-#define SN_set_rootKeyThumb             "set-rootKeyThumb"
-#define NID_set_rootKeyThumb            624
-#define OBJ_set_rootKeyThumb            OBJ_setAttr_Cert,0L
-
-#define SN_set_addPolicy                "set-addPolicy"
-#define NID_set_addPolicy               625
-#define OBJ_set_addPolicy               OBJ_setAttr_Cert,1L
-
-#define SN_setAttr_Token_EMV            "setAttr-Token-EMV"
-#define NID_setAttr_Token_EMV           626
-#define OBJ_setAttr_Token_EMV           OBJ_setAttr_TokenType,1L
-
-#define SN_setAttr_Token_B0Prime                "setAttr-Token-B0Prime"
-#define NID_setAttr_Token_B0Prime               627
-#define OBJ_setAttr_Token_B0Prime               OBJ_setAttr_TokenType,2L
-
-#define SN_setAttr_IssCap_CVM           "setAttr-IssCap-CVM"
-#define NID_setAttr_IssCap_CVM          628
-#define OBJ_setAttr_IssCap_CVM          OBJ_setAttr_IssCap,3L
-
-#define SN_setAttr_IssCap_T2            "setAttr-IssCap-T2"
-#define NID_setAttr_IssCap_T2           629
-#define OBJ_setAttr_IssCap_T2           OBJ_setAttr_IssCap,4L
-
-#define SN_setAttr_IssCap_Sig           "setAttr-IssCap-Sig"
-#define NID_setAttr_IssCap_Sig          630
-#define OBJ_setAttr_IssCap_Sig          OBJ_setAttr_IssCap,5L
-
-#define SN_setAttr_GenCryptgrm          "setAttr-GenCryptgrm"
-#define LN_setAttr_GenCryptgrm          "generate cryptogram"
-#define NID_setAttr_GenCryptgrm         631
-#define OBJ_setAttr_GenCryptgrm         OBJ_setAttr_IssCap_CVM,1L
-
-#define SN_setAttr_T2Enc                "setAttr-T2Enc"
-#define LN_setAttr_T2Enc                "encrypted track 2"
-#define NID_setAttr_T2Enc               632
-#define OBJ_setAttr_T2Enc               OBJ_setAttr_IssCap_T2,1L
-
-#define SN_setAttr_T2cleartxt           "setAttr-T2cleartxt"
-#define LN_setAttr_T2cleartxt           "cleartext track 2"
-#define NID_setAttr_T2cleartxt          633
-#define OBJ_setAttr_T2cleartxt          OBJ_setAttr_IssCap_T2,2L
-
-#define SN_setAttr_TokICCsig            "setAttr-TokICCsig"
-#define LN_setAttr_TokICCsig            "ICC or token signature"
-#define NID_setAttr_TokICCsig           634
-#define OBJ_setAttr_TokICCsig           OBJ_setAttr_IssCap_Sig,1L
-
-#define SN_setAttr_SecDevSig            "setAttr-SecDevSig"
-#define LN_setAttr_SecDevSig            "secure device signature"
-#define NID_setAttr_SecDevSig           635
-#define OBJ_setAttr_SecDevSig           OBJ_setAttr_IssCap_Sig,2L
-
-#define SN_set_brand_IATA_ATA           "set-brand-IATA-ATA"
-#define NID_set_brand_IATA_ATA          636
-#define OBJ_set_brand_IATA_ATA          OBJ_set_brand,1L
-
-#define SN_set_brand_Diners             "set-brand-Diners"
-#define NID_set_brand_Diners            637
-#define OBJ_set_brand_Diners            OBJ_set_brand,30L
-
-#define SN_set_brand_AmericanExpress            "set-brand-AmericanExpress"
-#define NID_set_brand_AmericanExpress           638
-#define OBJ_set_brand_AmericanExpress           OBJ_set_brand,34L
-
-#define SN_set_brand_JCB                "set-brand-JCB"
-#define NID_set_brand_JCB               639
-#define OBJ_set_brand_JCB               OBJ_set_brand,35L
-
-#define SN_set_brand_Visa               "set-brand-Visa"
-#define NID_set_brand_Visa              640
-#define OBJ_set_brand_Visa              OBJ_set_brand,4L
-
-#define SN_set_brand_MasterCard         "set-brand-MasterCard"
-#define NID_set_brand_MasterCard                641
-#define OBJ_set_brand_MasterCard                OBJ_set_brand,5L
-
-#define SN_set_brand_Novus              "set-brand-Novus"
-#define NID_set_brand_Novus             642
-#define OBJ_set_brand_Novus             OBJ_set_brand,6011L
-
-#define SN_des_cdmf             "DES-CDMF"
-#define LN_des_cdmf             "des-cdmf"
-#define NID_des_cdmf            643
-#define OBJ_des_cdmf            OBJ_rsadsi,3L,10L
-
-#define SN_rsaOAEPEncryptionSET         "rsaOAEPEncryptionSET"
-#define NID_rsaOAEPEncryptionSET                644
-#define OBJ_rsaOAEPEncryptionSET                OBJ_rsadsi,1L,1L,6L
-
diff --git a/src/lib/libssl/src/crypto/objects/obj_mac.num b/src/lib/libssl/src/crypto/objects/obj_mac.num
index 84555d936e..0e64a929ba 100644
--- a/src/lib/libssl/src/crypto/objects/obj_mac.num
+++ b/src/lib/libssl/src/crypto/objects/obj_mac.num
@@ -287,9 +287,9 @@ qcStatements		286
 ac_auditEntity          287
 ac_targeting            288
 aaControls              289
-sbgp_ipAddrBlock                290
-sbgp_autonomousSysNum           291
-sbgp_routerIdentifier           292
+sbqp_ipAddrBlock                290
+sbqp_autonomousSysNum           291
+sbqp_routerIdentifier           292
 textNotice              293
 ipsecEndSystem          294
 ipsecTunnel             295
@@ -663,13 +663,5 @@ id_ppl		662
 proxyCertInfo           663
 id_ppl_anyLanguage              664
 id_ppl_inheritAll               665
-name_constraints                666
+id_ppl_independent              666
 Independent             667
-sha256WithRSAEncryption         668
-sha384WithRSAEncryption         669
-sha512WithRSAEncryption         670
-sha224WithRSAEncryption         671
-sha256          672
-sha384          673
-sha512          674
-sha224          675
diff --git a/src/lib/libssl/src/crypto/objects/objects.pl b/src/lib/libssl/src/crypto/objects/objects.pl
index 76c06cc8f9..76bb8da677 100644
--- a/src/lib/libssl/src/crypto/objects/objects.pl
+++ b/src/lib/libssl/src/crypto/objects/objects.pl
@@ -107,12 +107,13 @@ while (<IN>)
         }
 close IN;
 
-open (NUMOUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]";
-foreach (sort { $a <=> $b } keys %nidn)
-        {
-        print NUMOUT $nidn{$_},"\t\t",$_,"\n";
-        }
-close NUMOUT;
+#XXX don't modify input files
+#open (NUMOUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]";
+#foreach (sort { $a <=> $b } keys %nidn)
+#       {
+#       print NUMOUT $nidn{$_},"\t\t",$_,"\n";
+#       }
+#close NUMOUT;
 
 open (OUT,">$ARGV[2]") || die "Can't open output file $ARGV[2]";
 print OUT <<'EOF';
diff --git a/src/lib/libssl/src/crypto/objects/objects.txt b/src/lib/libssl/src/crypto/objects/objects.txt
index 2635c4e667..50e9031e61 100644
--- a/src/lib/libssl/src/crypto/objects/objects.txt
+++ b/src/lib/libssl/src/crypto/objects/objects.txt
@@ -63,11 +63,6 @@ pkcs1 2			: RSA-MD2		: md2WithRSAEncryption
 pkcs1 3                 : RSA-MD4               : md4WithRSAEncryption
 pkcs1 4                 : RSA-MD5               : md5WithRSAEncryption
 pkcs1 5                 : RSA-SHA1              : sha1WithRSAEncryption
-# According to PKCS #1 version 2.1
-pkcs1 11                : RSA-SHA256            : sha256WithRSAEncryption
-pkcs1 12                : RSA-SHA384            : sha384WithRSAEncryption
-pkcs1 13                : RSA-SHA512            : sha512WithRSAEncryption
-pkcs1 14                : RSA-SHA224            : sha224WithRSAEncryption
 
 pkcs 3                  : pkcs3
 pkcs3 1                 :                       : dhKeyAgreement
@@ -346,9 +341,9 @@ id-pe 3			: qcStatements
 id-pe 4                 : ac-auditEntity
 id-pe 5                 : ac-targeting
 id-pe 6                 : aaControls
-id-pe 7                 : sbgp-ipAddrBlock
-id-pe 8                 : sbgp-autonomousSysNum
-id-pe 9                 : sbgp-routerIdentifier
+id-pe 7                 : sbqp-ipAddrBlock
+id-pe 8                 : sbqp-autonomousSysNum
+id-pe 9                 : sbqp-routerIdentifier
 id-pe 10                : ac-proxying
 !Cname sinfo-access
 id-pe 11                : subjectInfoAccess     : Subject Information Access
@@ -589,8 +584,6 @@ id-ce 21		: CRLReason		: X509v3 CRL Reason Code
 id-ce 24                : invalidityDate        : Invalidity Date
 !Cname delta-crl
 id-ce 27                : deltaCRL              : X509v3 Delta CRL Indicator
-!Cname name-constraints
-id-ce 30                : nameConstraints       : X509v3 Name Constraints
 !Cname crl-distribution-points
 id-ce 31                : crlDistributionPoints : X509v3 CRL Distribution Points
 !Cname certificate-policies
@@ -710,13 +703,6 @@ aes 44			: AES-256-CFB		: aes-256-cfb
                         : DES-EDE3-CFB1         : des-ede3-cfb1
                         : DES-EDE3-CFB8         : des-ede3-cfb8
 
-# OIDs for SHA224, SHA256, SHA385 and SHA512, according to x9.84.
-!Alias nist_hashalgs nistAlgorithms 2
-nist_hashalgs 1         : SHA256                : sha256
-nist_hashalgs 2         : SHA384                : sha384
-nist_hashalgs 3         : SHA512                : sha512
-nist_hashalgs 4         : SHA224                : sha224
-
 # Hold instruction CRL entry extension
 !Cname hold-instruction-code
 id-ce 23                : holdInstructionCode   : Hold Instruction Code
diff --git a/src/lib/libssl/src/crypto/ocsp/Makefile.ssl b/src/lib/libssl/src/crypto/ocsp/Makefile.ssl
new file mode 100644
index 0000000000..02477be538
--- /dev/null
+++ b/src/lib/libssl/src/crypto/ocsp/Makefile.ssl
@@ -0,0 +1,293 @@
+#
+# OpenSSL/ocsp/Makefile.ssl
+#
+
+DIR=    ocsp
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= ocsp_asn.c ocsp_ext.c ocsp_ht.c ocsp_lib.c ocsp_cl.c \
+        ocsp_srv.c ocsp_prn.c ocsp_vfy.c ocsp_err.c
+
+LIBOBJ= ocsp_asn.o ocsp_ext.o ocsp_ht.o ocsp_lib.o ocsp_cl.o \
+        ocsp_srv.o ocsp_prn.o ocsp_vfy.o ocsp_err.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= ocsp.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile ;
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ocsp_asn.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+ocsp_asn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+ocsp_asn.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+ocsp_asn.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+ocsp_asn.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ocsp_asn.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ocsp_asn.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ocsp_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
+ocsp_asn.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+ocsp_asn.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+ocsp_asn.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+ocsp_asn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ocsp_asn.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+ocsp_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+ocsp_asn.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+ocsp_asn.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+ocsp_asn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ocsp_asn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ocsp_asn.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ocsp_asn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ocsp_asn.o: ../../include/openssl/x509v3.h ocsp_asn.c
+ocsp_cl.o: ../../e_os.h ../../include/openssl/aes.h
+ocsp_cl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ocsp_cl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+ocsp_cl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+ocsp_cl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ocsp_cl.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ocsp_cl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ocsp_cl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ocsp_cl.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+ocsp_cl.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+ocsp_cl.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+ocsp_cl.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+ocsp_cl.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_cl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ocsp_cl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+ocsp_cl.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+ocsp_cl.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+ocsp_cl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+ocsp_cl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+ocsp_cl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ocsp_cl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ocsp_cl.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ocsp_cl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ocsp_cl.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_cl.c
+ocsp_err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+ocsp_err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+ocsp_err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+ocsp_err.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+ocsp_err.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+ocsp_err.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+ocsp_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+ocsp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ocsp_err.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+ocsp_err.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+ocsp_err.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+ocsp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ocsp_err.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+ocsp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+ocsp_err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+ocsp_err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+ocsp_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ocsp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ocsp_err.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ocsp_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ocsp_err.o: ../../include/openssl/x509v3.h ocsp_err.c
+ocsp_ext.o: ../../e_os.h ../../include/openssl/aes.h
+ocsp_ext.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ocsp_ext.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+ocsp_ext.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+ocsp_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ocsp_ext.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ocsp_ext.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ocsp_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ocsp_ext.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+ocsp_ext.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+ocsp_ext.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+ocsp_ext.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+ocsp_ext.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_ext.o: ../../include/openssl/opensslconf.h
+ocsp_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+ocsp_ext.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+ocsp_ext.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+ocsp_ext.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ocsp_ext.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ocsp_ext.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ocsp_ext.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+ocsp_ext.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ocsp_ext.o: ../cryptlib.h ocsp_ext.c
+ocsp_ht.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+ocsp_ht.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+ocsp_ht.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+ocsp_ht.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+ocsp_ht.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+ocsp_ht.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+ocsp_ht.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+ocsp_ht.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ocsp_ht.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+ocsp_ht.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+ocsp_ht.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+ocsp_ht.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ocsp_ht.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+ocsp_ht.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_ht.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+ocsp_ht.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+ocsp_ht.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+ocsp_ht.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ocsp_ht.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ocsp_ht.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ocsp_ht.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ocsp_ht.o: ../../include/openssl/x509v3.h ocsp_ht.c
+ocsp_lib.o: ../../e_os.h ../../include/openssl/aes.h
+ocsp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ocsp_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+ocsp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+ocsp_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ocsp_lib.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ocsp_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ocsp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ocsp_lib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+ocsp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+ocsp_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+ocsp_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+ocsp_lib.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_lib.o: ../../include/openssl/opensslconf.h
+ocsp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_lib.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+ocsp_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+ocsp_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+ocsp_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+ocsp_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ocsp_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ocsp_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ocsp_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+ocsp_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ocsp_lib.o: ../cryptlib.h ocsp_lib.c
+ocsp_prn.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+ocsp_prn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+ocsp_prn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+ocsp_prn.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+ocsp_prn.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+ocsp_prn.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+ocsp_prn.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+ocsp_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ocsp_prn.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+ocsp_prn.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+ocsp_prn.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+ocsp_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ocsp_prn.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+ocsp_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_prn.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+ocsp_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+ocsp_prn.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+ocsp_prn.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+ocsp_prn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ocsp_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ocsp_prn.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ocsp_prn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ocsp_prn.o: ../../include/openssl/x509v3.h ocsp_prn.c
+ocsp_srv.o: ../../e_os.h ../../include/openssl/aes.h
+ocsp_srv.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ocsp_srv.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+ocsp_srv.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+ocsp_srv.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ocsp_srv.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ocsp_srv.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ocsp_srv.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ocsp_srv.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+ocsp_srv.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+ocsp_srv.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+ocsp_srv.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+ocsp_srv.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_srv.o: ../../include/openssl/opensslconf.h
+ocsp_srv.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_srv.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+ocsp_srv.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+ocsp_srv.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+ocsp_srv.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+ocsp_srv.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ocsp_srv.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ocsp_srv.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ocsp_srv.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+ocsp_srv.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ocsp_srv.o: ../cryptlib.h ocsp_srv.c
+ocsp_vfy.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+ocsp_vfy.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+ocsp_vfy.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+ocsp_vfy.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+ocsp_vfy.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+ocsp_vfy.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+ocsp_vfy.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+ocsp_vfy.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ocsp_vfy.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+ocsp_vfy.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+ocsp_vfy.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+ocsp_vfy.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ocsp_vfy.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+ocsp_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+ocsp_vfy.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+ocsp_vfy.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+ocsp_vfy.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ocsp_vfy.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ocsp_vfy.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ocsp_vfy.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ocsp_vfy.o: ../../include/openssl/x509v3.h ocsp_vfy.c
diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp_err.c b/src/lib/libssl/src/crypto/ocsp/ocsp_err.c
index 65e6093fbc..4c4d8306f8 100644
--- a/src/lib/libssl/src/crypto/ocsp/ocsp_err.c
+++ b/src/lib/libssl/src/crypto/ocsp/ocsp_err.c
@@ -1,6 +1,6 @@
 /* crypto/ocsp/ocsp_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,64 +64,60 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_OCSP,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_OCSP,0,reason)
-
 static ERR_STRING_DATA OCSP_str_functs[]=
         {
-{ERR_FUNC(OCSP_F_ASN1_STRING_ENCODE),   "ASN1_STRING_encode"},
-{ERR_FUNC(OCSP_F_CERT_ID_NEW),  "CERT_ID_NEW"},
-{ERR_FUNC(OCSP_F_D2I_OCSP_NONCE),       "D2I_OCSP_NONCE"},
-{ERR_FUNC(OCSP_F_OCSP_BASIC_ADD1_STATUS),       "OCSP_basic_add1_status"},
-{ERR_FUNC(OCSP_F_OCSP_BASIC_SIGN),      "OCSP_basic_sign"},
-{ERR_FUNC(OCSP_F_OCSP_BASIC_VERIFY),    "OCSP_basic_verify"},
-{ERR_FUNC(OCSP_F_OCSP_CHECK_DELEGATED), "OCSP_CHECK_DELEGATED"},
-{ERR_FUNC(OCSP_F_OCSP_CHECK_IDS),       "OCSP_CHECK_IDS"},
-{ERR_FUNC(OCSP_F_OCSP_CHECK_ISSUER),    "OCSP_CHECK_ISSUER"},
-{ERR_FUNC(OCSP_F_OCSP_CHECK_VALIDITY),  "OCSP_check_validity"},
-{ERR_FUNC(OCSP_F_OCSP_MATCH_ISSUERID),  "OCSP_MATCH_ISSUERID"},
-{ERR_FUNC(OCSP_F_OCSP_PARSE_URL),       "OCSP_parse_url"},
-{ERR_FUNC(OCSP_F_OCSP_REQUEST_SIGN),    "OCSP_request_sign"},
-{ERR_FUNC(OCSP_F_OCSP_REQUEST_VERIFY),  "OCSP_request_verify"},
-{ERR_FUNC(OCSP_F_OCSP_RESPONSE_GET1_BASIC),     "OCSP_response_get1_basic"},
-{ERR_FUNC(OCSP_F_OCSP_SENDREQ_BIO),     "OCSP_sendreq_bio"},
-{ERR_FUNC(OCSP_F_REQUEST_VERIFY),       "REQUEST_VERIFY"},
+{ERR_PACK(0,OCSP_F_ASN1_STRING_ENCODE,0),       "ASN1_STRING_encode"},
+{ERR_PACK(0,OCSP_F_CERT_ID_NEW,0),      "CERT_ID_NEW"},
+{ERR_PACK(0,OCSP_F_D2I_OCSP_NONCE,0),   "D2I_OCSP_NONCE"},
+{ERR_PACK(0,OCSP_F_OCSP_BASIC_ADD1_STATUS,0),   "OCSP_basic_add1_status"},
+{ERR_PACK(0,OCSP_F_OCSP_BASIC_SIGN,0),  "OCSP_basic_sign"},
+{ERR_PACK(0,OCSP_F_OCSP_BASIC_VERIFY,0),        "OCSP_basic_verify"},
+{ERR_PACK(0,OCSP_F_OCSP_CHECK_DELEGATED,0),     "OCSP_CHECK_DELEGATED"},
+{ERR_PACK(0,OCSP_F_OCSP_CHECK_IDS,0),   "OCSP_CHECK_IDS"},
+{ERR_PACK(0,OCSP_F_OCSP_CHECK_ISSUER,0),        "OCSP_CHECK_ISSUER"},
+{ERR_PACK(0,OCSP_F_OCSP_CHECK_VALIDITY,0),      "OCSP_check_validity"},
+{ERR_PACK(0,OCSP_F_OCSP_MATCH_ISSUERID,0),      "OCSP_MATCH_ISSUERID"},
+{ERR_PACK(0,OCSP_F_OCSP_PARSE_URL,0),   "OCSP_parse_url"},
+{ERR_PACK(0,OCSP_F_OCSP_REQUEST_SIGN,0),        "OCSP_request_sign"},
+{ERR_PACK(0,OCSP_F_OCSP_REQUEST_VERIFY,0),      "OCSP_request_verify"},
+{ERR_PACK(0,OCSP_F_OCSP_RESPONSE_GET1_BASIC,0), "OCSP_response_get1_basic"},
+{ERR_PACK(0,OCSP_F_OCSP_SENDREQ_BIO,0), "OCSP_sendreq_bio"},
+{ERR_PACK(0,OCSP_F_REQUEST_VERIFY,0),   "REQUEST_VERIFY"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA OCSP_str_reasons[]=
         {
-{ERR_REASON(OCSP_R_BAD_DATA)             ,"bad data"},
-{ERR_REASON(OCSP_R_CERTIFICATE_VERIFY_ERROR),"certificate verify error"},
-{ERR_REASON(OCSP_R_DIGEST_ERR)           ,"digest err"},
-{ERR_REASON(OCSP_R_ERROR_IN_NEXTUPDATE_FIELD),"error in nextupdate field"},
-{ERR_REASON(OCSP_R_ERROR_IN_THISUPDATE_FIELD),"error in thisupdate field"},
-{ERR_REASON(OCSP_R_ERROR_PARSING_URL)    ,"error parsing url"},
-{ERR_REASON(OCSP_R_MISSING_OCSPSIGNING_USAGE),"missing ocspsigning usage"},
-{ERR_REASON(OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE),"nextupdate before thisupdate"},
-{ERR_REASON(OCSP_R_NOT_BASIC_RESPONSE)   ,"not basic response"},
-{ERR_REASON(OCSP_R_NO_CERTIFICATES_IN_CHAIN),"no certificates in chain"},
-{ERR_REASON(OCSP_R_NO_CONTENT)           ,"no content"},
-{ERR_REASON(OCSP_R_NO_PUBLIC_KEY)        ,"no public key"},
-{ERR_REASON(OCSP_R_NO_RESPONSE_DATA)     ,"no response data"},
-{ERR_REASON(OCSP_R_NO_REVOKED_TIME)      ,"no revoked time"},
-{ERR_REASON(OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),"private key does not match certificate"},
-{ERR_REASON(OCSP_R_REQUEST_NOT_SIGNED)   ,"request not signed"},
-{ERR_REASON(OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA),"response contains no revocation data"},
-{ERR_REASON(OCSP_R_ROOT_CA_NOT_TRUSTED)  ,"root ca not trusted"},
-{ERR_REASON(OCSP_R_SERVER_READ_ERROR)    ,"server read error"},
-{ERR_REASON(OCSP_R_SERVER_RESPONSE_ERROR),"server response error"},
-{ERR_REASON(OCSP_R_SERVER_RESPONSE_PARSE_ERROR),"server response parse error"},
-{ERR_REASON(OCSP_R_SERVER_WRITE_ERROR)   ,"server write error"},
-{ERR_REASON(OCSP_R_SIGNATURE_FAILURE)    ,"signature failure"},
-{ERR_REASON(OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND),"signer certificate not found"},
-{ERR_REASON(OCSP_R_STATUS_EXPIRED)       ,"status expired"},
-{ERR_REASON(OCSP_R_STATUS_NOT_YET_VALID) ,"status not yet valid"},
-{ERR_REASON(OCSP_R_STATUS_TOO_OLD)       ,"status too old"},
-{ERR_REASON(OCSP_R_UNKNOWN_MESSAGE_DIGEST),"unknown message digest"},
-{ERR_REASON(OCSP_R_UNKNOWN_NID)          ,"unknown nid"},
-{ERR_REASON(OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE),"unsupported requestorname type"},
+{OCSP_R_BAD_DATA                         ,"bad data"},
+{OCSP_R_CERTIFICATE_VERIFY_ERROR         ,"certificate verify error"},
+{OCSP_R_DIGEST_ERR                       ,"digest err"},
+{OCSP_R_ERROR_IN_NEXTUPDATE_FIELD        ,"error in nextupdate field"},
+{OCSP_R_ERROR_IN_THISUPDATE_FIELD        ,"error in thisupdate field"},
+{OCSP_R_ERROR_PARSING_URL                ,"error parsing url"},
+{OCSP_R_MISSING_OCSPSIGNING_USAGE        ,"missing ocspsigning usage"},
+{OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE     ,"nextupdate before thisupdate"},
+{OCSP_R_NOT_BASIC_RESPONSE               ,"not basic response"},
+{OCSP_R_NO_CERTIFICATES_IN_CHAIN         ,"no certificates in chain"},
+{OCSP_R_NO_CONTENT                       ,"no content"},
+{OCSP_R_NO_PUBLIC_KEY                    ,"no public key"},
+{OCSP_R_NO_RESPONSE_DATA                 ,"no response data"},
+{OCSP_R_NO_REVOKED_TIME                  ,"no revoked time"},
+{OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE,"private key does not match certificate"},
+{OCSP_R_REQUEST_NOT_SIGNED               ,"request not signed"},
+{OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA,"response contains no revocation data"},
+{OCSP_R_ROOT_CA_NOT_TRUSTED              ,"root ca not trusted"},
+{OCSP_R_SERVER_READ_ERROR                ,"server read error"},
+{OCSP_R_SERVER_RESPONSE_ERROR            ,"server response error"},
+{OCSP_R_SERVER_RESPONSE_PARSE_ERROR      ,"server response parse error"},
+{OCSP_R_SERVER_WRITE_ERROR               ,"server write error"},
+{OCSP_R_SIGNATURE_FAILURE                ,"signature failure"},
+{OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND     ,"signer certificate not found"},
+{OCSP_R_STATUS_EXPIRED                   ,"status expired"},
+{OCSP_R_STATUS_NOT_YET_VALID             ,"status not yet valid"},
+{OCSP_R_STATUS_TOO_OLD                   ,"status too old"},
+{OCSP_R_UNKNOWN_MESSAGE_DIGEST           ,"unknown message digest"},
+{OCSP_R_UNKNOWN_NID                      ,"unknown nid"},
+{OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE   ,"unsupported requestorname type"},
 {0,NULL}
         };
 
@@ -135,8 +131,8 @@ void ERR_load_OCSP_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,OCSP_str_functs);
-                ERR_load_strings(0,OCSP_str_reasons);
+                ERR_load_strings(ERR_LIB_OCSP,OCSP_str_functs);
+                ERR_load_strings(ERR_LIB_OCSP,OCSP_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/crypto/opensslv.h b/src/lib/libssl/src/crypto/opensslv.h
index e50c1baf00..5d5f688edd 100644
--- a/src/lib/libssl/src/crypto/opensslv.h
+++ b/src/lib/libssl/src/crypto/opensslv.h
@@ -25,11 +25,11 @@
  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
  *  major minor fix final patch/beta)
  */
-#define OPENSSL_VERSION_NUMBER  0x009070afL
+#define OPENSSL_VERSION_NUMBER  0x0090707fL
 #ifdef OPENSSL_FIPS
-#define OPENSSL_VERSION_TEXT    "OpenSSL 0.9.7j-fips 04 May 2006"
+#define OPENSSL_VERSION_TEXT    "OpenSSL 0.9.7g-fips 11 Apr 2005"
 #else
-#define OPENSSL_VERSION_TEXT    "OpenSSL 0.9.7j 04 May 2006"
+#define OPENSSL_VERSION_TEXT    "OpenSSL 0.9.7g 11 Apr 2005"
 #endif
 #define OPENSSL_VERSION_PTEXT   " part of " OPENSSL_VERSION_TEXT
 
diff --git a/src/lib/libssl/src/crypto/pem/Makefile.ssl b/src/lib/libssl/src/crypto/pem/Makefile.ssl
new file mode 100644
index 0000000000..d3043eb401
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pem/Makefile.ssl
@@ -0,0 +1,336 @@
+#
+# SSLeay/crypto/pem/Makefile
+#
+
+DIR=    pem
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c \
+        pem_x509.c pem_xaux.c pem_oth.c pem_pk8.c pem_pkey.c
+
+LIBOBJ= pem_sign.o pem_seal.o pem_info.o pem_lib.o pem_all.o pem_err.o \
+        pem_x509.o pem_xaux.o pem_oth.o pem_pk8.o pem_pkey.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= pem.h pem2.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links: $(EXHEADER)
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+pem_all.o: ../../e_os.h ../../include/openssl/aes.h
+pem_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pem_all.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+pem_all.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+pem_all.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+pem_all.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+pem_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+pem_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_all.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+pem_all.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+pem_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+pem_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pem_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+pem_all.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+pem_all.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+pem_all.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+pem_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+pem_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_all.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+pem_all.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+pem_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_all.c
+pem_err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+pem_err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+pem_err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+pem_err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+pem_err.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+pem_err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+pem_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pem_err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+pem_err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+pem_err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+pem_err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+pem_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_err.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+pem_err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+pem_err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+pem_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_err.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+pem_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_err.o: pem_err.c
+pem_info.o: ../../e_os.h ../../include/openssl/aes.h
+pem_info.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pem_info.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+pem_info.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+pem_info.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+pem_info.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+pem_info.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+pem_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_info.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+pem_info.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+pem_info.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+pem_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_info.o: ../../include/openssl/opensslconf.h
+pem_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_info.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+pem_info.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+pem_info.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+pem_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_info.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+pem_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_info.o: ../cryptlib.h pem_info.c
+pem_lib.o: ../../e_os.h ../../include/openssl/aes.h
+pem_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pem_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+pem_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+pem_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+pem_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+pem_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+pem_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+pem_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+pem_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+pem_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pem_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+pem_lib.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h
+pem_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pem_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+pem_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+pem_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+pem_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+pem_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+pem_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_lib.c
+pem_oth.o: ../../e_os.h ../../include/openssl/aes.h
+pem_oth.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pem_oth.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+pem_oth.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+pem_oth.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+pem_oth.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+pem_oth.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+pem_oth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_oth.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+pem_oth.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+pem_oth.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+pem_oth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_oth.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pem_oth.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+pem_oth.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+pem_oth.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+pem_oth.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+pem_oth.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+pem_oth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_oth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_oth.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+pem_oth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_oth.o: ../cryptlib.h pem_oth.c
+pem_pk8.o: ../../e_os.h ../../include/openssl/aes.h
+pem_pk8.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pem_pk8.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+pem_pk8.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+pem_pk8.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+pem_pk8.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+pem_pk8.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+pem_pk8.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_pk8.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+pem_pk8.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+pem_pk8.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+pem_pk8.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_pk8.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pem_pk8.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+pem_pk8.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h
+pem_pk8.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pem_pk8.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+pem_pk8.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+pem_pk8.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+pem_pk8.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_pk8.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+pem_pk8.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+pem_pk8.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_pk8.c
+pem_pkey.o: ../../e_os.h ../../include/openssl/aes.h
+pem_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pem_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+pem_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+pem_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+pem_pkey.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+pem_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+pem_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_pkey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+pem_pkey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+pem_pkey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+pem_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_pkey.o: ../../include/openssl/opensslconf.h
+pem_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_pkey.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_pkey.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+pem_pkey.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+pem_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+pem_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+pem_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_pkey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+pem_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_pkey.o: ../cryptlib.h pem_pkey.c
+pem_seal.o: ../../e_os.h ../../include/openssl/aes.h
+pem_seal.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pem_seal.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+pem_seal.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+pem_seal.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+pem_seal.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+pem_seal.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+pem_seal.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_seal.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+pem_seal.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+pem_seal.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+pem_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_seal.o: ../../include/openssl/opensslconf.h
+pem_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_seal.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pem_seal.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+pem_seal.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+pem_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+pem_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+pem_seal.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+pem_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_seal.c
+pem_sign.o: ../../e_os.h ../../include/openssl/aes.h
+pem_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pem_sign.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+pem_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+pem_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+pem_sign.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+pem_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+pem_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_sign.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+pem_sign.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+pem_sign.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+pem_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_sign.o: ../../include/openssl/opensslconf.h
+pem_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_sign.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pem_sign.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+pem_sign.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+pem_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+pem_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+pem_sign.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+pem_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_sign.c
+pem_x509.o: ../../e_os.h ../../include/openssl/aes.h
+pem_x509.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pem_x509.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+pem_x509.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+pem_x509.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+pem_x509.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+pem_x509.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+pem_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_x509.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+pem_x509.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+pem_x509.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+pem_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_x509.o: ../../include/openssl/opensslconf.h
+pem_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_x509.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+pem_x509.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+pem_x509.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+pem_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_x509.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+pem_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_x509.o: ../cryptlib.h pem_x509.c
+pem_xaux.o: ../../e_os.h ../../include/openssl/aes.h
+pem_xaux.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pem_xaux.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+pem_xaux.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+pem_xaux.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+pem_xaux.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+pem_xaux.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+pem_xaux.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_xaux.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+pem_xaux.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+pem_xaux.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+pem_xaux.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_xaux.o: ../../include/openssl/opensslconf.h
+pem_xaux.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_xaux.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_xaux.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+pem_xaux.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+pem_xaux.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+pem_xaux.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_xaux.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_xaux.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+pem_xaux.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_xaux.o: ../cryptlib.h pem_xaux.c
diff --git a/src/lib/libssl/src/crypto/pem/pem_err.c b/src/lib/libssl/src/crypto/pem/pem_err.c
index 8527028ebc..3b39b84d66 100644
--- a/src/lib/libssl/src/crypto/pem/pem_err.c
+++ b/src/lib/libssl/src/crypto/pem/pem_err.c
@@ -1,6 +1,6 @@
 /* crypto/pem/pem_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,56 +64,52 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_PEM,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_PEM,0,reason)
-
 static ERR_STRING_DATA PEM_str_functs[]=
         {
-{ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_BIO),       "d2i_PKCS8PrivateKey_bio"},
-{ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_FP),        "d2i_PKCS8PrivateKey_fp"},
-{ERR_FUNC(PEM_F_DEF_CALLBACK),  "DEF_CALLBACK"},
-{ERR_FUNC(PEM_F_LOAD_IV),       "LOAD_IV"},
-{ERR_FUNC(PEM_F_PEM_ASN1_READ), "PEM_ASN1_read"},
-{ERR_FUNC(PEM_F_PEM_ASN1_READ_BIO),     "PEM_ASN1_read_bio"},
-{ERR_FUNC(PEM_F_PEM_ASN1_WRITE),        "PEM_ASN1_write"},
-{ERR_FUNC(PEM_F_PEM_ASN1_WRITE_BIO),    "PEM_ASN1_write_bio"},
-{ERR_FUNC(PEM_F_PEM_DO_HEADER), "PEM_do_header"},
-{ERR_FUNC(PEM_F_PEM_F_DO_PK8KEY_FP),    "PEM_F_DO_PK8KEY_FP"},
-{ERR_FUNC(PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY),       "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"},
-{ERR_FUNC(PEM_F_PEM_GET_EVP_CIPHER_INFO),       "PEM_get_EVP_CIPHER_INFO"},
-{ERR_FUNC(PEM_F_PEM_READ),      "PEM_read"},
-{ERR_FUNC(PEM_F_PEM_READ_BIO),  "PEM_read_bio"},
-{ERR_FUNC(PEM_F_PEM_SEALFINAL), "PEM_SealFinal"},
-{ERR_FUNC(PEM_F_PEM_SEALINIT),  "PEM_SealInit"},
-{ERR_FUNC(PEM_F_PEM_SIGNFINAL), "PEM_SignFinal"},
-{ERR_FUNC(PEM_F_PEM_WRITE),     "PEM_write"},
-{ERR_FUNC(PEM_F_PEM_WRITE_BIO), "PEM_write_bio"},
-{ERR_FUNC(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY), "PEM_write_bio_PKCS8PrivateKey"},
-{ERR_FUNC(PEM_F_PEM_X509_INFO_READ),    "PEM_X509_INFO_read"},
-{ERR_FUNC(PEM_F_PEM_X509_INFO_READ_BIO),        "PEM_X509_INFO_read_bio"},
-{ERR_FUNC(PEM_F_PEM_X509_INFO_WRITE_BIO),       "PEM_X509_INFO_write_bio"},
+{ERR_PACK(0,PEM_F_D2I_PKCS8PRIVATEKEY_BIO,0),   "d2i_PKCS8PrivateKey_bio"},
+{ERR_PACK(0,PEM_F_D2I_PKCS8PRIVATEKEY_FP,0),    "d2i_PKCS8PrivateKey_fp"},
+{ERR_PACK(0,PEM_F_DEF_CALLBACK,0),      "DEF_CALLBACK"},
+{ERR_PACK(0,PEM_F_LOAD_IV,0),   "LOAD_IV"},
+{ERR_PACK(0,PEM_F_PEM_ASN1_READ,0),     "PEM_ASN1_read"},
+{ERR_PACK(0,PEM_F_PEM_ASN1_READ_BIO,0), "PEM_ASN1_read_bio"},
+{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE,0),    "PEM_ASN1_write"},
+{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE_BIO,0),        "PEM_ASN1_write_bio"},
+{ERR_PACK(0,PEM_F_PEM_DO_HEADER,0),     "PEM_do_header"},
+{ERR_PACK(0,PEM_F_PEM_F_DO_PK8KEY_FP,0),        "PEM_F_DO_PK8KEY_FP"},
+{ERR_PACK(0,PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY,0),   "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"},
+{ERR_PACK(0,PEM_F_PEM_GET_EVP_CIPHER_INFO,0),   "PEM_get_EVP_CIPHER_INFO"},
+{ERR_PACK(0,PEM_F_PEM_READ,0),  "PEM_read"},
+{ERR_PACK(0,PEM_F_PEM_READ_BIO,0),      "PEM_read_bio"},
+{ERR_PACK(0,PEM_F_PEM_SEALFINAL,0),     "PEM_SealFinal"},
+{ERR_PACK(0,PEM_F_PEM_SEALINIT,0),      "PEM_SealInit"},
+{ERR_PACK(0,PEM_F_PEM_SIGNFINAL,0),     "PEM_SignFinal"},
+{ERR_PACK(0,PEM_F_PEM_WRITE,0), "PEM_write"},
+{ERR_PACK(0,PEM_F_PEM_WRITE_BIO,0),     "PEM_write_bio"},
+{ERR_PACK(0,PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY,0),     "PEM_write_bio_PKCS8PrivateKey"},
+{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ,0),        "PEM_X509_INFO_read"},
+{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ_BIO,0),    "PEM_X509_INFO_read_bio"},
+{ERR_PACK(0,PEM_F_PEM_X509_INFO_WRITE_BIO,0),   "PEM_X509_INFO_write_bio"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA PEM_str_reasons[]=
         {
-{ERR_REASON(PEM_R_BAD_BASE64_DECODE)     ,"bad base64 decode"},
-{ERR_REASON(PEM_R_BAD_DECRYPT)           ,"bad decrypt"},
-{ERR_REASON(PEM_R_BAD_END_LINE)          ,"bad end line"},
-{ERR_REASON(PEM_R_BAD_IV_CHARS)          ,"bad iv chars"},
-{ERR_REASON(PEM_R_BAD_PASSWORD_READ)     ,"bad password read"},
-{ERR_REASON(PEM_R_ERROR_CONVERTING_PRIVATE_KEY),"error converting private key"},
-{ERR_REASON(PEM_R_NOT_DEK_INFO)          ,"not dek info"},
-{ERR_REASON(PEM_R_NOT_ENCRYPTED)         ,"not encrypted"},
-{ERR_REASON(PEM_R_NOT_PROC_TYPE)         ,"not proc type"},
-{ERR_REASON(PEM_R_NO_START_LINE)         ,"no start line"},
-{ERR_REASON(PEM_R_PROBLEMS_GETTING_PASSWORD),"problems getting password"},
-{ERR_REASON(PEM_R_PUBLIC_KEY_NO_RSA)     ,"public key no rsa"},
-{ERR_REASON(PEM_R_READ_KEY)              ,"read key"},
-{ERR_REASON(PEM_R_SHORT_HEADER)          ,"short header"},
-{ERR_REASON(PEM_R_UNSUPPORTED_CIPHER)    ,"unsupported cipher"},
-{ERR_REASON(PEM_R_UNSUPPORTED_ENCRYPTION),"unsupported encryption"},
+{PEM_R_BAD_BASE64_DECODE                 ,"bad base64 decode"},
+{PEM_R_BAD_DECRYPT                       ,"bad decrypt"},
+{PEM_R_BAD_END_LINE                      ,"bad end line"},
+{PEM_R_BAD_IV_CHARS                      ,"bad iv chars"},
+{PEM_R_BAD_PASSWORD_READ                 ,"bad password read"},
+{PEM_R_ERROR_CONVERTING_PRIVATE_KEY      ,"error converting private key"},
+{PEM_R_NOT_DEK_INFO                      ,"not dek info"},
+{PEM_R_NOT_ENCRYPTED                     ,"not encrypted"},
+{PEM_R_NOT_PROC_TYPE                     ,"not proc type"},
+{PEM_R_NO_START_LINE                     ,"no start line"},
+{PEM_R_PROBLEMS_GETTING_PASSWORD         ,"problems getting password"},
+{PEM_R_PUBLIC_KEY_NO_RSA                 ,"public key no rsa"},
+{PEM_R_READ_KEY                          ,"read key"},
+{PEM_R_SHORT_HEADER                      ,"short header"},
+{PEM_R_UNSUPPORTED_CIPHER                ,"unsupported cipher"},
+{PEM_R_UNSUPPORTED_ENCRYPTION            ,"unsupported encryption"},
 {0,NULL}
         };
 
@@ -127,8 +123,8 @@ void ERR_load_PEM_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,PEM_str_functs);
-                ERR_load_strings(0,PEM_str_reasons);
+                ERR_load_strings(ERR_LIB_PEM,PEM_str_functs);
+                ERR_load_strings(ERR_LIB_PEM,PEM_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/crypto/perlasm/x86asm.pl b/src/lib/libssl/src/crypto/perlasm/x86asm.pl
index ea54a1edc5..60233f80e8 100644
--- a/src/lib/libssl/src/crypto/perlasm/x86asm.pl
+++ b/src/lib/libssl/src/crypto/perlasm/x86asm.pl
@@ -18,9 +18,13 @@ sub main'asm_init
         ($type,$fn,$i386)=@_;
         $filename=$fn;
 
-        $elf=$cpp=$sol=$aout=$win32=$gaswin=0;
+        $elf=$cpp=$sol=$aout=$win32=$gaswin=$openbsd=0;
         if (    ($type eq "elf"))
                 { $elf=1; require "x86unix.pl"; }
+        elsif ( ($type eq "openbsd-elf"))
+                { $openbsd=$elf=1; require "x86unix.pl"; }
+        elsif ( ($type eq "openbsd-a.out"))
+                { $openbsd=1; require "x86unix.pl"; }
         elsif ( ($type eq "a.out"))
                 { $aout=1; require "x86unix.pl"; }
         elsif ( ($type eq "gaswin"))
@@ -43,6 +47,8 @@ Pick one target type from
         cpp     - format so x86unix.cpp can be used
         win32   - Windows 95/Windows NT
         win32n  - Windows 95/Windows NT NASM format
+        openbsd-elf     - OpenBSD elf
+        openbsd-a.out   - OpenBSD a.out
 EOF
                 exit(1);
                 }
@@ -90,7 +96,7 @@ $tmp
 #ifdef OUT
 #define OK      1
 #define ALIGN   4
-#if defined(__CYGWIN__) || defined(__DJGPP__) || defined(__MINGW32__)
+#if defined(__CYGWIN__) || defined(__DJGPP__)
 #undef SIZE
 #undef TYPE
 #define SIZE(a,b)
diff --git a/src/lib/libssl/src/crypto/perlasm/x86nasm.pl b/src/lib/libssl/src/crypto/perlasm/x86nasm.pl
index 4bdb3fe180..5009acb4b3 100644
--- a/src/lib/libssl/src/crypto/perlasm/x86nasm.pl
+++ b/src/lib/libssl/src/crypto/perlasm/x86nasm.pl
@@ -221,15 +221,7 @@ sub using486
 
 sub main'file
         {
-        local $tmp;
-        $tmp=<<___;
-%ifdef __omf__
-section code    use32 class=code
-%else
-section .text
-%endif
-___
-        push(@out,$tmp);
+        push(@out, "segment .text use32\n");
         }
 
 sub main'function_begin
diff --git a/src/lib/libssl/src/crypto/perlasm/x86unix.pl b/src/lib/libssl/src/crypto/perlasm/x86unix.pl
index a31a25c12b..b61425e951 100644
--- a/src/lib/libssl/src/crypto/perlasm/x86unix.pl
+++ b/src/lib/libssl/src/crypto/perlasm/x86unix.pl
@@ -15,6 +15,12 @@ sub main'asm_get_output { return(@out); }
 sub main'get_labels { return(@labels); }
 sub main'external_label { push(@labels,@_); }
 
+if ($main'openbsd)
+        {
+        $com_start='/*';
+        $com_end='*/';
+        }
+
 if ($main'cpp)
         {
         $align="ALIGN";
@@ -173,7 +179,9 @@ sub main'not	{ &out1("notl",@_); }
 sub main'call   { &out1("call",($_[0]=~/^\.L/?'':$under).$_[0]); }
 sub main'ret    { &out0("ret"); }
 sub main'nop    { &out0("nop"); }
+sub main'test   { &out2("testl",@_); }
 sub main'movz   { &out2("movzbl",@_); }
+sub main'neg    { &out1("negl",@_); }
 
 # The bswapl instruction is new for the 486. Emulate if i386.
 sub main'bswap
@@ -277,6 +285,9 @@ sub main'file
         {
         local($file)=@_;
 
+        if ($main'openbsd)
+                { push(@out,"#include <machine/asm.h>\n"); return; }
+
         local($tmp)=<<"EOF";
         .file   "$file.s"
         .version        "01.01"
@@ -292,6 +303,9 @@ sub main'function_begin
         &main'external_label($func);
         $func=$under.$func;
 
+        if ($main'openbsd)
+                { push (@out, "\nENTRY($func)\n"); goto skip; }
+
         local($tmp)=<<"EOF";
 .text
         .align $align
@@ -304,6 +318,7 @@ EOF
                 { $tmp=push(@out,"\t.def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); }
         else    { $tmp=push(@out,"\t.type\t$func,\@function\n"); }
         push(@out,"$func:\n");
+skip:
         $tmp=<<"EOF";
         pushl   %ebp
         pushl   %ebx
@@ -322,6 +337,9 @@ sub main'function_begin_B
         &main'external_label($func);
         $func=$under.$func;
 
+        if ($main'openbsd)
+                { push(@out, "\nENTRY($func)\n"); goto skip; }
+
         local($tmp)=<<"EOF";
 .text
         .align $align
@@ -334,6 +352,7 @@ EOF
                 { $tmp=push(@out,"\t.def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); }
         else    { push(@out,"\t.type    $func,\@function\n"); }
         push(@out,"$func:\n");
+skip:
         $stack=4;
         }
 
@@ -430,7 +449,8 @@ sub main'swtmp
 
 sub main'comment
         {
-        if ($main'elf)  # GNU and SVR4 as'es use different comment delimiters,
+        if (!$main'openbsd && $main'elf)
+                        # GNU and SVR4 as'es use different comment delimiters,
                 {       # so we just skip comments...
                 push(@out,"\n");
                 return;
@@ -444,6 +464,12 @@ sub main'comment
                 }
         }
 
+sub main'public_label
+        {
+        $label{$_[0]}="${under}${_[0]}" if (!defined($label{$_[0]}));
+        push(@out,".globl\t$label{$_[0]}\n");
+        }
+
 sub main'label
         {
         if (!defined($label{$_[0]}))
@@ -461,7 +487,10 @@ sub main'set_label
                 $label{$_[0]}=".${label}${_[0]}";
                 $label++;
                 }
-        push(@out,".align $align\n") if ($_[1] != 0);
+        if ($main'openbsd)
+                { push(@out,"_ALIGN_TEXT\n") if ($_[1] != 0); }
+        else
+                { push(@out,".align $align\n") if ($_[1] != 0); }
         push(@out,"$label{$_[0]}:\n");
         }
 
@@ -477,7 +506,7 @@ sub main'file_end
 
 sub main'data_word
         {
-        push(@out,"\t.long $_[0]\n");
+        push(@out,"\t.long\t".join(',',@_)."\n");
         }
 
 # debug output functions: puts, putx, printf
@@ -570,6 +599,16 @@ sub main'picmeup
 ___
                 push(@out,$tmp);
                 }
+        elsif ($main'openbsd)
+                {
+                push(@out, "#ifdef PIC\n");
+                push(@out, "\tPIC_PROLOGUE\n");
+                &main'mov($dst,"PIC_GOT($sym)");
+                push(@out, "\tPIC_EPILOGUE\n");
+                push(@out, "#else\n");
+                &main'lea($dst,&main'DWP($sym));
+                push(@out, "#endif\n");
+                }
         elsif ($main'pic && ($main'elf || $main'aout))
                 {
                 push(@out,"\t.align\t8\n");
diff --git a/src/lib/libssl/src/crypto/pkcs12/Makefile.ssl b/src/lib/libssl/src/crypto/pkcs12/Makefile.ssl
new file mode 100644
index 0000000000..a6e47b4085
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pkcs12/Makefile.ssl
@@ -0,0 +1,417 @@
+#
+# SSLeay/crypto/pkcs12/Makefile
+#
+
+DIR=    pkcs12
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= p12_add.c p12_asn.c p12_attr.c p12_crpt.c p12_crt.c p12_decr.c \
+        p12_init.c p12_key.c p12_kiss.c p12_mutl.c\
+        p12_utl.c p12_npas.c pk12err.c p12_p8d.c p12_p8e.c
+LIBOBJ= p12_add.o p12_asn.o p12_attr.o p12_crpt.o p12_crt.o p12_decr.o \
+        p12_init.o p12_key.o p12_kiss.o p12_mutl.o\
+        p12_utl.o p12_npas.o pk12err.o p12_p8d.o p12_p8e.o
+
+SRC= $(LIBSRC)
+
+EXHEADER=  pkcs12.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+p12_add.o: ../../e_os.h ../../include/openssl/aes.h
+p12_add.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p12_add.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+p12_add.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+p12_add.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+p12_add.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+p12_add.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p12_add.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_add.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+p12_add.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+p12_add.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+p12_add.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_add.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p12_add.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+p12_add.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+p12_add.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+p12_add.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+p12_add.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_add.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_add.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+p12_add.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_add.o: ../cryptlib.h p12_add.c
+p12_asn.o: ../../e_os.h ../../include/openssl/aes.h
+p12_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+p12_asn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+p12_asn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+p12_asn.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+p12_asn.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+p12_asn.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+p12_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p12_asn.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+p12_asn.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+p12_asn.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+p12_asn.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+p12_asn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_asn.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_asn.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+p12_asn.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+p12_asn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p12_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p12_asn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+p12_asn.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+p12_asn.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_asn.c
+p12_attr.o: ../../e_os.h ../../include/openssl/aes.h
+p12_attr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p12_attr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+p12_attr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+p12_attr.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+p12_attr.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+p12_attr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p12_attr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_attr.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+p12_attr.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+p12_attr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+p12_attr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_attr.o: ../../include/openssl/opensslconf.h
+p12_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_attr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_attr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+p12_attr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+p12_attr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p12_attr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p12_attr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+p12_attr.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+p12_attr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_attr.c
+p12_crpt.o: ../../e_os.h ../../include/openssl/aes.h
+p12_crpt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p12_crpt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+p12_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+p12_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+p12_crpt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+p12_crpt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p12_crpt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_crpt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+p12_crpt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+p12_crpt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+p12_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_crpt.o: ../../include/openssl/opensslconf.h
+p12_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_crpt.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_crpt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+p12_crpt.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+p12_crpt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p12_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p12_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+p12_crpt.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+p12_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_crpt.c
+p12_crt.o: ../../e_os.h ../../include/openssl/aes.h
+p12_crt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p12_crt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+p12_crt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+p12_crt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+p12_crt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+p12_crt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p12_crt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_crt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+p12_crt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+p12_crt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+p12_crt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_crt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p12_crt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+p12_crt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+p12_crt.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+p12_crt.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+p12_crt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_crt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_crt.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+p12_crt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_crt.o: ../cryptlib.h p12_crt.c
+p12_decr.o: ../../e_os.h ../../include/openssl/aes.h
+p12_decr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p12_decr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+p12_decr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+p12_decr.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+p12_decr.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+p12_decr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p12_decr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_decr.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+p12_decr.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+p12_decr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+p12_decr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_decr.o: ../../include/openssl/opensslconf.h
+p12_decr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_decr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_decr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+p12_decr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+p12_decr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p12_decr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p12_decr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+p12_decr.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+p12_decr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_decr.c
+p12_init.o: ../../e_os.h ../../include/openssl/aes.h
+p12_init.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p12_init.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+p12_init.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+p12_init.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+p12_init.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+p12_init.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p12_init.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_init.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+p12_init.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+p12_init.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+p12_init.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_init.o: ../../include/openssl/opensslconf.h
+p12_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_init.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_init.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+p12_init.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+p12_init.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p12_init.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p12_init.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+p12_init.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+p12_init.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_init.c
+p12_key.o: ../../e_os.h ../../include/openssl/aes.h
+p12_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p12_key.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+p12_key.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+p12_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+p12_key.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+p12_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p12_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_key.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+p12_key.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+p12_key.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+p12_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p12_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+p12_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+p12_key.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+p12_key.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+p12_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+p12_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_key.o: ../cryptlib.h p12_key.c
+p12_kiss.o: ../../e_os.h ../../include/openssl/aes.h
+p12_kiss.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p12_kiss.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+p12_kiss.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+p12_kiss.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+p12_kiss.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+p12_kiss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p12_kiss.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_kiss.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+p12_kiss.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+p12_kiss.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+p12_kiss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_kiss.o: ../../include/openssl/opensslconf.h
+p12_kiss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_kiss.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_kiss.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+p12_kiss.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+p12_kiss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p12_kiss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p12_kiss.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+p12_kiss.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+p12_kiss.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_kiss.c
+p12_mutl.o: ../../e_os.h ../../include/openssl/aes.h
+p12_mutl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p12_mutl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+p12_mutl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+p12_mutl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+p12_mutl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+p12_mutl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p12_mutl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_mutl.o: ../../include/openssl/hmac.h ../../include/openssl/idea.h
+p12_mutl.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+p12_mutl.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+p12_mutl.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+p12_mutl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_mutl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_mutl.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_mutl.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+p12_mutl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+p12_mutl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+p12_mutl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_mutl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_mutl.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+p12_mutl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_mutl.o: ../cryptlib.h p12_mutl.c
+p12_npas.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+p12_npas.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+p12_npas.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+p12_npas.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+p12_npas.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+p12_npas.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+p12_npas.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p12_npas.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+p12_npas.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+p12_npas.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+p12_npas.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+p12_npas.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_npas.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_npas.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+p12_npas.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_npas.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+p12_npas.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+p12_npas.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p12_npas.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p12_npas.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+p12_npas.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+p12_npas.o: ../../include/openssl/x509_vfy.h p12_npas.c
+p12_p8d.o: ../../e_os.h ../../include/openssl/aes.h
+p12_p8d.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p12_p8d.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+p12_p8d.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+p12_p8d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+p12_p8d.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+p12_p8d.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p12_p8d.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_p8d.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+p12_p8d.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+p12_p8d.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+p12_p8d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_p8d.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p12_p8d.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+p12_p8d.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+p12_p8d.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+p12_p8d.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+p12_p8d.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_p8d.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_p8d.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+p12_p8d.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_p8d.o: ../cryptlib.h p12_p8d.c
+p12_p8e.o: ../../e_os.h ../../include/openssl/aes.h
+p12_p8e.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p12_p8e.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+p12_p8e.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+p12_p8e.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+p12_p8e.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+p12_p8e.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p12_p8e.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_p8e.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+p12_p8e.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+p12_p8e.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+p12_p8e.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_p8e.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p12_p8e.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+p12_p8e.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+p12_p8e.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+p12_p8e.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+p12_p8e.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_p8e.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_p8e.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+p12_p8e.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_p8e.o: ../cryptlib.h p12_p8e.c
+p12_utl.o: ../../e_os.h ../../include/openssl/aes.h
+p12_utl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p12_utl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+p12_utl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+p12_utl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+p12_utl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+p12_utl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p12_utl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_utl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+p12_utl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+p12_utl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+p12_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p12_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+p12_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+p12_utl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+p12_utl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+p12_utl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_utl.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+p12_utl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_utl.o: ../cryptlib.h p12_utl.c
+pk12err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+pk12err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+pk12err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+pk12err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+pk12err.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+pk12err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+pk12err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pk12err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+pk12err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+pk12err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+pk12err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+pk12err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pk12err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk12err.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+pk12err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+pk12err.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+pk12err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+pk12err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk12err.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+pk12err.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+pk12err.o: ../../include/openssl/x509_vfy.h pk12err.c
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_add.c b/src/lib/libssl/src/crypto/pkcs12/p12_add.c
index 27015dd8c3..1909f28506 100644
--- a/src/lib/libssl/src/crypto/pkcs12/p12_add.c
+++ b/src/lib/libssl/src/crypto/pkcs12/p12_add.c
@@ -148,11 +148,7 @@ PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk)
 /* Unpack SAFEBAGS from PKCS#7 data ContentInfo */
 STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7)
 {
-        if(!PKCS7_type_is_data(p7))
-                {
-                PKCS12err(PKCS12_F_PKCS12_UNPACK_P7DATA,PKCS12_R_CONTENT_TYPE_NOT_DATA);
-                return NULL;
-                }
+        if(!PKCS7_type_is_data(p7)) return NULL;
         return ASN1_item_unpack(p7->d.data, ASN1_ITEM_rptr(PKCS12_SAFEBAGS));
 }
 
@@ -215,10 +211,5 @@ int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes)
 
 STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12)
 {
-        if (!PKCS7_type_is_data(p12->authsafes))
-                {
-                PKCS12err(PKCS12_F_PKCS12_UNPACK_AUTHSAFES,PKCS12_R_CONTENT_TYPE_NOT_DATA);
-                return NULL;
-                }
         return ASN1_item_unpack(p12->authsafes->d.data, ASN1_ITEM_rptr(PKCS12_AUTHSAFES));
 }
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_crt.c b/src/lib/libssl/src/crypto/pkcs12/p12_crt.c
index 40340a7bef..4c36c643ce 100644
--- a/src/lib/libssl/src/crypto/pkcs12/p12_crt.c
+++ b/src/lib/libssl/src/crypto/pkcs12/p12_crt.c
@@ -76,15 +76,7 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
         unsigned int keyidlen;
 
         /* Set defaults */
-        if(!nid_cert)
-                {
-#ifdef OPENSSL_FIPS
-                if (FIPS_mode())
-                        nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
-                else
-#endif
-                        nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC;
-                }
+        if(!nid_cert) nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC;
         if(!nid_key) nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
         if(!iter) iter = PKCS12_DEFAULT_ITER;
         if(!mac_iter) mac_iter = 1;
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_mutl.c b/src/lib/libssl/src/crypto/pkcs12/p12_mutl.c
index 140d21155e..4886b9b289 100644
--- a/src/lib/libssl/src/crypto/pkcs12/p12_mutl.c
+++ b/src/lib/libssl/src/crypto/pkcs12/p12_mutl.c
@@ -72,12 +72,6 @@ int PKCS12_gen_mac (PKCS12 *p12, const char *pass, int passlen,
         unsigned char key[PKCS12_MAC_KEY_LENGTH], *salt;
         int saltlen, iter;
 
-        if (!PKCS7_type_is_data(p12->authsafes))
-                {
-                PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_CONTENT_TYPE_NOT_DATA);
-                return 0;
-                }
-
         salt = p12->mac->salt->data;
         saltlen = p12->mac->salt->length;
         if (!p12->mac->iter) iter = 1;
diff --git a/src/lib/libssl/src/crypto/pkcs12/pk12err.c b/src/lib/libssl/src/crypto/pkcs12/pk12err.c
index a33b37b1c7..10ab80502c 100644
--- a/src/lib/libssl/src/crypto/pkcs12/pk12err.c
+++ b/src/lib/libssl/src/crypto/pkcs12/pk12err.c
@@ -1,6 +1,6 @@
 /* crypto/pkcs12/pk12err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,67 +64,60 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_PKCS12,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS12,0,reason)
-
 static ERR_STRING_DATA PKCS12_str_functs[]=
         {
-{ERR_FUNC(PKCS12_F_PARSE_BAGS), "PARSE_BAGS"},
-{ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME),    "PKCS12_ADD_FRIENDLYNAME"},
-{ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC),        "PKCS12_add_friendlyname_asc"},
-{ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI),        "PKCS12_add_friendlyname_uni"},
-{ERR_FUNC(PKCS12_F_PKCS12_ADD_LOCALKEYID),      "PKCS12_add_localkeyid"},
-{ERR_FUNC(PKCS12_F_PKCS12_CREATE),      "PKCS12_create"},
-{ERR_FUNC(PKCS12_F_PKCS12_DECRYPT_D2I), "PKCS12_DECRYPT_D2I"},
-{ERR_FUNC(PKCS12_F_PKCS12_GEN_MAC),     "PKCS12_gen_mac"},
-{ERR_FUNC(PKCS12_F_PKCS12_I2D_ENCRYPT), "PKCS12_I2D_ENCRYPT"},
-{ERR_FUNC(PKCS12_F_PKCS12_INIT),        "PKCS12_init"},
-{ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_ASC), "PKCS12_key_gen_asc"},
-{ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_UNI), "PKCS12_key_gen_uni"},
-{ERR_FUNC(PKCS12_F_PKCS12_MAKE_KEYBAG), "PKCS12_MAKE_KEYBAG"},
-{ERR_FUNC(PKCS12_F_PKCS12_MAKE_SHKEYBAG),       "PKCS12_MAKE_SHKEYBAG"},
-{ERR_FUNC(PKCS12_F_PKCS12_NEWPASS),     "PKCS12_newpass"},
-{ERR_FUNC(PKCS12_F_PKCS12_PACK_P7DATA), "PKCS12_pack_p7data"},
-{ERR_FUNC(PKCS12_F_PKCS12_PACK_P7ENCDATA),      "PKCS12_pack_p7encdata"},
-{ERR_FUNC(PKCS12_F_PKCS12_PACK_SAFEBAG),        "PKCS12_PACK_SAFEBAG"},
-{ERR_FUNC(PKCS12_F_PKCS12_PARSE),       "PKCS12_parse"},
-{ERR_FUNC(PKCS12_F_PKCS12_PBE_CRYPT),   "PKCS12_pbe_crypt"},
-{ERR_FUNC(PKCS12_F_PKCS12_PBE_KEYIVGEN),        "PKCS12_PBE_keyivgen"},
-{ERR_FUNC(PKCS12_F_PKCS12_SETUP_MAC),   "PKCS12_setup_mac"},
-{ERR_FUNC(PKCS12_F_PKCS12_SET_MAC),     "PKCS12_set_mac"},
-{ERR_FUNC(PKCS12_F_PKCS12_UNPACK_AUTHSAFES),    "PKCS12_unpack_authsafes"},
-{ERR_FUNC(PKCS12_F_PKCS12_UNPACK_P7DATA),       "PKCS12_unpack_p7data"},
-{ERR_FUNC(PKCS12_F_PKCS8_ADD_KEYUSAGE), "PKCS8_add_keyusage"},
-{ERR_FUNC(PKCS12_F_PKCS8_ENCRYPT),      "PKCS8_encrypt"},
-{ERR_FUNC(PKCS12_F_VERIFY_MAC), "VERIFY_MAC"},
+{ERR_PACK(0,PKCS12_F_PARSE_BAGS,0),     "PARSE_BAGS"},
+{ERR_PACK(0,PKCS12_F_PKCS12_ADD_FRIENDLYNAME,0),        "PKCS12_ADD_FRIENDLYNAME"},
+{ERR_PACK(0,PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC,0),    "PKCS12_add_friendlyname_asc"},
+{ERR_PACK(0,PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,0),    "PKCS12_add_friendlyname_uni"},
+{ERR_PACK(0,PKCS12_F_PKCS12_ADD_LOCALKEYID,0),  "PKCS12_add_localkeyid"},
+{ERR_PACK(0,PKCS12_F_PKCS12_CREATE,0),  "PKCS12_create"},
+{ERR_PACK(0,PKCS12_F_PKCS12_DECRYPT_D2I,0),     "PKCS12_decrypt_d2i"},
+{ERR_PACK(0,PKCS12_F_PKCS12_GEN_MAC,0), "PKCS12_gen_mac"},
+{ERR_PACK(0,PKCS12_F_PKCS12_I2D_ENCRYPT,0),     "PKCS12_i2d_encrypt"},
+{ERR_PACK(0,PKCS12_F_PKCS12_INIT,0),    "PKCS12_init"},
+{ERR_PACK(0,PKCS12_F_PKCS12_KEY_GEN_ASC,0),     "PKCS12_key_gen_asc"},
+{ERR_PACK(0,PKCS12_F_PKCS12_KEY_GEN_UNI,0),     "PKCS12_key_gen_uni"},
+{ERR_PACK(0,PKCS12_F_PKCS12_MAKE_KEYBAG,0),     "PKCS12_MAKE_KEYBAG"},
+{ERR_PACK(0,PKCS12_F_PKCS12_MAKE_SHKEYBAG,0),   "PKCS12_MAKE_SHKEYBAG"},
+{ERR_PACK(0,PKCS12_F_PKCS12_NEWPASS,0), "PKCS12_newpass"},
+{ERR_PACK(0,PKCS12_F_PKCS12_PACK_P7DATA,0),     "PKCS12_pack_p7data"},
+{ERR_PACK(0,PKCS12_F_PKCS12_PACK_P7ENCDATA,0),  "PKCS12_pack_p7encdata"},
+{ERR_PACK(0,PKCS12_F_PKCS12_PACK_SAFEBAG,0),    "PKCS12_pack_safebag"},
+{ERR_PACK(0,PKCS12_F_PKCS12_PARSE,0),   "PKCS12_parse"},
+{ERR_PACK(0,PKCS12_F_PKCS12_PBE_CRYPT,0),       "PKCS12_pbe_crypt"},
+{ERR_PACK(0,PKCS12_F_PKCS12_PBE_KEYIVGEN,0),    "PKCS12_PBE_keyivgen"},
+{ERR_PACK(0,PKCS12_F_PKCS12_SETUP_MAC,0),       "PKCS12_setup_mac"},
+{ERR_PACK(0,PKCS12_F_PKCS12_SET_MAC,0), "PKCS12_set_mac"},
+{ERR_PACK(0,PKCS12_F_PKCS8_ADD_KEYUSAGE,0),     "PKCS8_add_keyusage"},
+{ERR_PACK(0,PKCS12_F_PKCS8_ENCRYPT,0),  "PKCS8_encrypt"},
+{ERR_PACK(0,PKCS12_F_VERIFY_MAC,0),     "VERIFY_MAC"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA PKCS12_str_reasons[]=
         {
-{ERR_REASON(PKCS12_R_CANT_PACK_STRUCTURE),"cant pack structure"},
-{ERR_REASON(PKCS12_R_CONTENT_TYPE_NOT_DATA),"content type not data"},
-{ERR_REASON(PKCS12_R_DECODE_ERROR)       ,"decode error"},
-{ERR_REASON(PKCS12_R_ENCODE_ERROR)       ,"encode error"},
-{ERR_REASON(PKCS12_R_ENCRYPT_ERROR)      ,"encrypt error"},
-{ERR_REASON(PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE),"error setting encrypted data type"},
-{ERR_REASON(PKCS12_R_INVALID_NULL_ARGUMENT),"invalid null argument"},
-{ERR_REASON(PKCS12_R_INVALID_NULL_PKCS12_POINTER),"invalid null pkcs12 pointer"},
-{ERR_REASON(PKCS12_R_IV_GEN_ERROR)       ,"iv gen error"},
-{ERR_REASON(PKCS12_R_KEY_GEN_ERROR)      ,"key gen error"},
-{ERR_REASON(PKCS12_R_MAC_ABSENT)         ,"mac absent"},
-{ERR_REASON(PKCS12_R_MAC_GENERATION_ERROR),"mac generation error"},
-{ERR_REASON(PKCS12_R_MAC_SETUP_ERROR)    ,"mac setup error"},
-{ERR_REASON(PKCS12_R_MAC_STRING_SET_ERROR),"mac string set error"},
-{ERR_REASON(PKCS12_R_MAC_VERIFY_ERROR)   ,"mac verify error"},
-{ERR_REASON(PKCS12_R_MAC_VERIFY_FAILURE) ,"mac verify failure"},
-{ERR_REASON(PKCS12_R_PARSE_ERROR)        ,"parse error"},
-{ERR_REASON(PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR),"pkcs12 algor cipherinit error"},
-{ERR_REASON(PKCS12_R_PKCS12_CIPHERFINAL_ERROR),"pkcs12 cipherfinal error"},
-{ERR_REASON(PKCS12_R_PKCS12_PBE_CRYPT_ERROR),"pkcs12 pbe crypt error"},
-{ERR_REASON(PKCS12_R_UNKNOWN_DIGEST_ALGORITHM),"unknown digest algorithm"},
-{ERR_REASON(PKCS12_R_UNSUPPORTED_PKCS12_MODE),"unsupported pkcs12 mode"},
+{PKCS12_R_CANT_PACK_STRUCTURE            ,"cant pack structure"},
+{PKCS12_R_DECODE_ERROR                   ,"decode error"},
+{PKCS12_R_ENCODE_ERROR                   ,"encode error"},
+{PKCS12_R_ENCRYPT_ERROR                  ,"encrypt error"},
+{PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE,"error setting encrypted data type"},
+{PKCS12_R_INVALID_NULL_ARGUMENT          ,"invalid null argument"},
+{PKCS12_R_INVALID_NULL_PKCS12_POINTER    ,"invalid null pkcs12 pointer"},
+{PKCS12_R_IV_GEN_ERROR                   ,"iv gen error"},
+{PKCS12_R_KEY_GEN_ERROR                  ,"key gen error"},
+{PKCS12_R_MAC_ABSENT                     ,"mac absent"},
+{PKCS12_R_MAC_GENERATION_ERROR           ,"mac generation error"},
+{PKCS12_R_MAC_SETUP_ERROR                ,"mac setup error"},
+{PKCS12_R_MAC_STRING_SET_ERROR           ,"mac string set error"},
+{PKCS12_R_MAC_VERIFY_ERROR               ,"mac verify error"},
+{PKCS12_R_MAC_VERIFY_FAILURE             ,"mac verify failure"},
+{PKCS12_R_PARSE_ERROR                    ,"parse error"},
+{PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR  ,"pkcs12 algor cipherinit error"},
+{PKCS12_R_PKCS12_CIPHERFINAL_ERROR       ,"pkcs12 cipherfinal error"},
+{PKCS12_R_PKCS12_PBE_CRYPT_ERROR         ,"pkcs12 pbe crypt error"},
+{PKCS12_R_UNKNOWN_DIGEST_ALGORITHM       ,"unknown digest algorithm"},
+{PKCS12_R_UNSUPPORTED_PKCS12_MODE        ,"unsupported pkcs12 mode"},
 {0,NULL}
         };
 
@@ -138,8 +131,8 @@ void ERR_load_PKCS12_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,PKCS12_str_functs);
-                ERR_load_strings(0,PKCS12_str_reasons);
+                ERR_load_strings(ERR_LIB_PKCS12,PKCS12_str_functs);
+                ERR_load_strings(ERR_LIB_PKCS12,PKCS12_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/crypto/pkcs12/pkcs12.h b/src/lib/libssl/src/crypto/pkcs12/pkcs12.h
index fb8af82d4f..dd338f266c 100644
--- a/src/lib/libssl/src/crypto/pkcs12/pkcs12.h
+++ b/src/lib/libssl/src/crypto/pkcs12/pkcs12.h
@@ -287,15 +287,12 @@ void ERR_load_PKCS12_strings(void);
 #define PKCS12_F_PKCS12_PBE_KEYIVGEN                     120
 #define PKCS12_F_PKCS12_SETUP_MAC                        122
 #define PKCS12_F_PKCS12_SET_MAC                          123
-#define PKCS12_F_PKCS12_UNPACK_AUTHSAFES                 129
-#define PKCS12_F_PKCS12_UNPACK_P7DATA                    130
 #define PKCS12_F_PKCS8_ADD_KEYUSAGE                      124
 #define PKCS12_F_PKCS8_ENCRYPT                           125
 #define PKCS12_F_VERIFY_MAC                              126
 
 /* Reason codes. */
 #define PKCS12_R_CANT_PACK_STRUCTURE                     100
-#define PKCS12_R_CONTENT_TYPE_NOT_DATA                   121
 #define PKCS12_R_DECODE_ERROR                            101
 #define PKCS12_R_ENCODE_ERROR                            102
 #define PKCS12_R_ENCRYPT_ERROR                           103
diff --git a/src/lib/libssl/src/crypto/pkcs7/Makefile.ssl b/src/lib/libssl/src/crypto/pkcs7/Makefile.ssl
new file mode 100644
index 0000000000..c3bfc7d560
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pkcs7/Makefile.ssl
@@ -0,0 +1,243 @@
+#
+# SSLeay/crypto/pkcs7/Makefile
+#
+
+DIR=    pkcs7
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+PEX_LIBS=
+EX_LIBS=
+ 
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= pk7_asn1.c pk7_lib.c pkcs7err.c pk7_doit.c pk7_smime.c pk7_attr.c \
+        pk7_mime.c
+LIBOBJ= pk7_asn1.o pk7_lib.o pkcs7err.o pk7_doit.o pk7_smime.o pk7_attr.o \
+        pk7_mime.o
+
+SRC= $(LIBSRC)
+
+EXHEADER=  pkcs7.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:
+
+all:    lib
+
+testapps: enc dec sign verify
+
+enc: enc.o lib
+        $(CC) $(CFLAGS) -o enc enc.o $(PEX_LIBS) $(LIB) $(EX_LIBS)
+
+dec: dec.o lib
+        $(CC) $(CFLAGS) -o dec dec.o $(PEX_LIBS) $(LIB) $(EX_LIBS)
+
+sign: sign.o lib
+        $(CC) $(CFLAGS) -o sign sign.o $(PEX_LIBS) $(LIB) $(EX_LIBS)
+
+verify: verify.o example.o lib
+        $(CC) $(CFLAGS) -o verify verify.o $(PEX_LIBS) example.o $(LIB) $(EX_LIBS)
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff enc dec sign verify
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+pk7_asn1.o: ../../e_os.h ../../include/openssl/aes.h
+pk7_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+pk7_asn1.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+pk7_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+pk7_asn1.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+pk7_asn1.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+pk7_asn1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+pk7_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pk7_asn1.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+pk7_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+pk7_asn1.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+pk7_asn1.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+pk7_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pk7_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+pk7_asn1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+pk7_asn1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+pk7_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pk7_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pk7_asn1.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+pk7_asn1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pk7_asn1.o: ../cryptlib.h pk7_asn1.c
+pk7_attr.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+pk7_attr.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+pk7_attr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+pk7_attr.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+pk7_attr.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+pk7_attr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+pk7_attr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pk7_attr.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+pk7_attr.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+pk7_attr.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+pk7_attr.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+pk7_attr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pk7_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_attr.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pk7_attr.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+pk7_attr.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+pk7_attr.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+pk7_attr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pk7_attr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pk7_attr.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+pk7_attr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pk7_attr.o: pk7_attr.c
+pk7_doit.o: ../../e_os.h ../../include/openssl/aes.h
+pk7_doit.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pk7_doit.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+pk7_doit.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+pk7_doit.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pk7_doit.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+pk7_doit.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+pk7_doit.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pk7_doit.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+pk7_doit.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+pk7_doit.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+pk7_doit.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+pk7_doit.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pk7_doit.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_doit.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pk7_doit.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+pk7_doit.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+pk7_doit.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+pk7_doit.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk7_doit.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+pk7_doit.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+pk7_doit.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+pk7_doit.o: ../cryptlib.h pk7_doit.c
+pk7_lib.o: ../../e_os.h ../../include/openssl/aes.h
+pk7_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pk7_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+pk7_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+pk7_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+pk7_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+pk7_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+pk7_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pk7_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+pk7_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+pk7_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+pk7_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pk7_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pk7_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+pk7_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+pk7_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+pk7_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+pk7_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk7_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+pk7_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+pk7_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_lib.c
+pk7_mime.o: ../../e_os.h ../../include/openssl/aes.h
+pk7_mime.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pk7_mime.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+pk7_mime.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+pk7_mime.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+pk7_mime.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+pk7_mime.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+pk7_mime.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pk7_mime.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+pk7_mime.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+pk7_mime.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+pk7_mime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pk7_mime.o: ../../include/openssl/opensslconf.h
+pk7_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pk7_mime.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+pk7_mime.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+pk7_mime.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+pk7_mime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk7_mime.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+pk7_mime.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+pk7_mime.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_mime.c
+pk7_smime.o: ../../e_os.h ../../include/openssl/aes.h
+pk7_smime.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pk7_smime.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+pk7_smime.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+pk7_smime.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pk7_smime.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+pk7_smime.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+pk7_smime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pk7_smime.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+pk7_smime.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+pk7_smime.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+pk7_smime.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+pk7_smime.o: ../../include/openssl/objects.h
+pk7_smime.o: ../../include/openssl/opensslconf.h
+pk7_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+pk7_smime.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+pk7_smime.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+pk7_smime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pk7_smime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pk7_smime.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+pk7_smime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pk7_smime.o: ../../include/openssl/x509v3.h ../cryptlib.h pk7_smime.c
+pkcs7err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pkcs7err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+pkcs7err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pkcs7err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+pkcs7err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pkcs7err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pkcs7err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pkcs7err.o: pkcs7err.c
diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_mime.c b/src/lib/libssl/src/crypto/pkcs7/pk7_mime.c
index 927b88c3e7..5d2a97839d 100644
--- a/src/lib/libssl/src/crypto/pkcs7/pk7_mime.c
+++ b/src/lib/libssl/src/crypto/pkcs7/pk7_mime.c
@@ -3,7 +3,7 @@
  * project 1999.
  */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -152,12 +152,11 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
 {
         char bound[33], c;
         int i;
-        char *mime_prefix, *mime_eol, *msg_type=NULL;
+        char *mime_prefix, *mime_eol;
         if (flags & PKCS7_NOOLDMIMETYPE)
                 mime_prefix = "application/pkcs7-";
         else
                 mime_prefix = "application/x-pkcs7-";
-
         if (flags & PKCS7_CRLFEOL)
                 mime_eol = "\r\n";
         else
@@ -199,30 +198,11 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
                                                 mime_eol, mime_eol);
                 return 1;
         }
-
-        /* Determine smime-type header */
-
-        if (PKCS7_type_is_enveloped(p7))
-                msg_type = "enveloped-data";
-        else if (PKCS7_type_is_signed(p7))
-                {
-                /* If we have any signers it is signed-data othewise 
-                 * certs-only.
-                 */
-                STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
-                sinfos = PKCS7_get_signer_info(p7);
-                if (sk_PKCS7_SIGNER_INFO_num(sinfos) > 0)
-                        msg_type = "signed-data";
-                else
-                        msg_type = "certs-only";
-                }
         /* MIME headers */
         BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
         BIO_printf(bio, "Content-Disposition: attachment;");
         BIO_printf(bio, " filename=\"smime.p7m\"%s", mime_eol);
         BIO_printf(bio, "Content-Type: %smime;", mime_prefix);
-        if (msg_type)
-                BIO_printf(bio, " smime-type=%s;", msg_type);
         BIO_printf(bio, " name=\"smime.p7m\"%s", mime_eol);
         BIO_printf(bio, "Content-Transfer-Encoding: base64%s%s",
                                                 mime_eol, mime_eol);
diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c b/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c
index 99a0d63f38..a852b49235 100644
--- a/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c
+++ b/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c
@@ -296,9 +296,11 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
         
         if (tmpin == indata)
                 {
-                if (indata) BIO_pop(p7bio);
+                if(indata) BIO_pop(p7bio);
+                BIO_free_all(p7bio);
                 }
-        BIO_free_all(p7bio);
+        else
+                BIO_free_all(tmpin);
 
         sk_X509_free(signers);
 
diff --git a/src/lib/libssl/src/crypto/pkcs7/pkcs7err.c b/src/lib/libssl/src/crypto/pkcs7/pkcs7err.c
index 19894c80a4..5e51527a40 100644
--- a/src/lib/libssl/src/crypto/pkcs7/pkcs7err.c
+++ b/src/lib/libssl/src/crypto/pkcs7/pkcs7err.c
@@ -1,6 +1,6 @@
 /* crypto/pkcs7/pkcs7err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,85 +64,81 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_PKCS7,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS7,0,reason)
-
 static ERR_STRING_DATA PKCS7_str_functs[]=
         {
-{ERR_FUNC(PKCS7_F_B64_READ_PKCS7),      "B64_READ_PKCS7"},
-{ERR_FUNC(PKCS7_F_B64_WRITE_PKCS7),     "B64_WRITE_PKCS7"},
-{ERR_FUNC(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP),   "PKCS7_add_attrib_smimecap"},
-{ERR_FUNC(PKCS7_F_PKCS7_ADD_CERTIFICATE),       "PKCS7_add_certificate"},
-{ERR_FUNC(PKCS7_F_PKCS7_ADD_CRL),       "PKCS7_add_crl"},
-{ERR_FUNC(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO),    "PKCS7_add_recipient_info"},
-{ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNER),    "PKCS7_add_signer"},
-{ERR_FUNC(PKCS7_F_PKCS7_CTRL),  "PKCS7_ctrl"},
-{ERR_FUNC(PKCS7_F_PKCS7_DATADECODE),    "PKCS7_dataDecode"},
-{ERR_FUNC(PKCS7_F_PKCS7_DATAINIT),      "PKCS7_dataInit"},
-{ERR_FUNC(PKCS7_F_PKCS7_DATASIGN),      "PKCS7_DATASIGN"},
-{ERR_FUNC(PKCS7_F_PKCS7_DATAVERIFY),    "PKCS7_dataVerify"},
-{ERR_FUNC(PKCS7_F_PKCS7_DECRYPT),       "PKCS7_decrypt"},
-{ERR_FUNC(PKCS7_F_PKCS7_ENCRYPT),       "PKCS7_encrypt"},
-{ERR_FUNC(PKCS7_F_PKCS7_GET0_SIGNERS),  "PKCS7_get0_signers"},
-{ERR_FUNC(PKCS7_F_PKCS7_SET_CIPHER),    "PKCS7_set_cipher"},
-{ERR_FUNC(PKCS7_F_PKCS7_SET_CONTENT),   "PKCS7_set_content"},
-{ERR_FUNC(PKCS7_F_PKCS7_SET_TYPE),      "PKCS7_set_type"},
-{ERR_FUNC(PKCS7_F_PKCS7_SIGN),  "PKCS7_sign"},
-{ERR_FUNC(PKCS7_F_PKCS7_SIGNATUREVERIFY),       "PKCS7_signatureVerify"},
-{ERR_FUNC(PKCS7_F_PKCS7_SIMPLE_SMIMECAP),       "PKCS7_simple_smimecap"},
-{ERR_FUNC(PKCS7_F_PKCS7_VERIFY),        "PKCS7_verify"},
-{ERR_FUNC(PKCS7_F_SMIME_READ_PKCS7),    "SMIME_read_PKCS7"},
-{ERR_FUNC(PKCS7_F_SMIME_TEXT),  "SMIME_text"},
+{ERR_PACK(0,PKCS7_F_B64_READ_PKCS7,0),  "B64_READ_PKCS7"},
+{ERR_PACK(0,PKCS7_F_B64_WRITE_PKCS7,0), "B64_WRITE_PKCS7"},
+{ERR_PACK(0,PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,0),       "PKCS7_add_attrib_smimecap"},
+{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CERTIFICATE,0),   "PKCS7_add_certificate"},
+{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CRL,0),   "PKCS7_add_crl"},
+{ERR_PACK(0,PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,0),        "PKCS7_add_recipient_info"},
+{ERR_PACK(0,PKCS7_F_PKCS7_ADD_SIGNER,0),        "PKCS7_add_signer"},
+{ERR_PACK(0,PKCS7_F_PKCS7_CTRL,0),      "PKCS7_ctrl"},
+{ERR_PACK(0,PKCS7_F_PKCS7_DATADECODE,0),        "PKCS7_dataDecode"},
+{ERR_PACK(0,PKCS7_F_PKCS7_DATAINIT,0),  "PKCS7_dataInit"},
+{ERR_PACK(0,PKCS7_F_PKCS7_DATASIGN,0),  "PKCS7_DATASIGN"},
+{ERR_PACK(0,PKCS7_F_PKCS7_DATAVERIFY,0),        "PKCS7_dataVerify"},
+{ERR_PACK(0,PKCS7_F_PKCS7_DECRYPT,0),   "PKCS7_decrypt"},
+{ERR_PACK(0,PKCS7_F_PKCS7_ENCRYPT,0),   "PKCS7_encrypt"},
+{ERR_PACK(0,PKCS7_F_PKCS7_GET0_SIGNERS,0),      "PKCS7_get0_signers"},
+{ERR_PACK(0,PKCS7_F_PKCS7_SET_CIPHER,0),        "PKCS7_set_cipher"},
+{ERR_PACK(0,PKCS7_F_PKCS7_SET_CONTENT,0),       "PKCS7_set_content"},
+{ERR_PACK(0,PKCS7_F_PKCS7_SET_TYPE,0),  "PKCS7_set_type"},
+{ERR_PACK(0,PKCS7_F_PKCS7_SIGN,0),      "PKCS7_sign"},
+{ERR_PACK(0,PKCS7_F_PKCS7_SIGNATUREVERIFY,0),   "PKCS7_signatureVerify"},
+{ERR_PACK(0,PKCS7_F_PKCS7_SIMPLE_SMIMECAP,0),   "PKCS7_simple_smimecap"},
+{ERR_PACK(0,PKCS7_F_PKCS7_VERIFY,0),    "PKCS7_verify"},
+{ERR_PACK(0,PKCS7_F_SMIME_READ_PKCS7,0),        "SMIME_read_PKCS7"},
+{ERR_PACK(0,PKCS7_F_SMIME_TEXT,0),      "SMIME_text"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA PKCS7_str_reasons[]=
         {
-{ERR_REASON(PKCS7_R_CERTIFICATE_VERIFY_ERROR),"certificate verify error"},
-{ERR_REASON(PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),"cipher has no object identifier"},
-{ERR_REASON(PKCS7_R_CIPHER_NOT_INITIALIZED),"cipher not initialized"},
-{ERR_REASON(PKCS7_R_CONTENT_AND_DATA_PRESENT),"content and data present"},
-{ERR_REASON(PKCS7_R_DECODE_ERROR)        ,"decode error"},
-{ERR_REASON(PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH),"decrypted key is wrong length"},
-{ERR_REASON(PKCS7_R_DECRYPT_ERROR)       ,"decrypt error"},
-{ERR_REASON(PKCS7_R_DIGEST_FAILURE)      ,"digest failure"},
-{ERR_REASON(PKCS7_R_ERROR_ADDING_RECIPIENT),"error adding recipient"},
-{ERR_REASON(PKCS7_R_ERROR_SETTING_CIPHER),"error setting cipher"},
-{ERR_REASON(PKCS7_R_INVALID_MIME_TYPE)   ,"invalid mime type"},
-{ERR_REASON(PKCS7_R_INVALID_NULL_POINTER),"invalid null pointer"},
-{ERR_REASON(PKCS7_R_MIME_NO_CONTENT_TYPE),"mime no content type"},
-{ERR_REASON(PKCS7_R_MIME_PARSE_ERROR)    ,"mime parse error"},
-{ERR_REASON(PKCS7_R_MIME_SIG_PARSE_ERROR),"mime sig parse error"},
-{ERR_REASON(PKCS7_R_MISSING_CERIPEND_INFO),"missing ceripend info"},
-{ERR_REASON(PKCS7_R_NO_CONTENT)          ,"no content"},
-{ERR_REASON(PKCS7_R_NO_CONTENT_TYPE)     ,"no content type"},
-{ERR_REASON(PKCS7_R_NO_MULTIPART_BODY_FAILURE),"no multipart body failure"},
-{ERR_REASON(PKCS7_R_NO_MULTIPART_BOUNDARY),"no multipart boundary"},
-{ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE),"no recipient matches certificate"},
-{ERR_REASON(PKCS7_R_NO_SIGNATURES_ON_DATA),"no signatures on data"},
-{ERR_REASON(PKCS7_R_NO_SIGNERS)          ,"no signers"},
-{ERR_REASON(PKCS7_R_NO_SIG_CONTENT_TYPE) ,"no sig content type"},
-{ERR_REASON(PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE),"operation not supported on this type"},
-{ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR),"pkcs7 add signature error"},
-{ERR_REASON(PKCS7_R_PKCS7_DATAFINAL_ERROR),"pkcs7 datafinal error"},
-{ERR_REASON(PKCS7_R_PKCS7_DATASIGN)      ,"pkcs7 datasign"},
-{ERR_REASON(PKCS7_R_PKCS7_PARSE_ERROR)   ,"pkcs7 parse error"},
-{ERR_REASON(PKCS7_R_PKCS7_SIG_PARSE_ERROR),"pkcs7 sig parse error"},
-{ERR_REASON(PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),"private key does not match certificate"},
-{ERR_REASON(PKCS7_R_SIGNATURE_FAILURE)   ,"signature failure"},
-{ERR_REASON(PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND),"signer certificate not found"},
-{ERR_REASON(PKCS7_R_SIG_INVALID_MIME_TYPE),"sig invalid mime type"},
-{ERR_REASON(PKCS7_R_SMIME_TEXT_ERROR)    ,"smime text error"},
-{ERR_REASON(PKCS7_R_UNABLE_TO_FIND_CERTIFICATE),"unable to find certificate"},
-{ERR_REASON(PKCS7_R_UNABLE_TO_FIND_MEM_BIO),"unable to find mem bio"},
-{ERR_REASON(PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST),"unable to find message digest"},
-{ERR_REASON(PKCS7_R_UNKNOWN_DIGEST_TYPE) ,"unknown digest type"},
-{ERR_REASON(PKCS7_R_UNKNOWN_OPERATION)   ,"unknown operation"},
-{ERR_REASON(PKCS7_R_UNSUPPORTED_CIPHER_TYPE),"unsupported cipher type"},
-{ERR_REASON(PKCS7_R_UNSUPPORTED_CONTENT_TYPE),"unsupported content type"},
-{ERR_REASON(PKCS7_R_WRONG_CONTENT_TYPE)  ,"wrong content type"},
-{ERR_REASON(PKCS7_R_WRONG_PKCS7_TYPE)    ,"wrong pkcs7 type"},
+{PKCS7_R_CERTIFICATE_VERIFY_ERROR        ,"certificate verify error"},
+{PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER ,"cipher has no object identifier"},
+{PKCS7_R_CIPHER_NOT_INITIALIZED          ,"cipher not initialized"},
+{PKCS7_R_CONTENT_AND_DATA_PRESENT        ,"content and data present"},
+{PKCS7_R_DECODE_ERROR                    ,"decode error"},
+{PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH   ,"decrypted key is wrong length"},
+{PKCS7_R_DECRYPT_ERROR                   ,"decrypt error"},
+{PKCS7_R_DIGEST_FAILURE                  ,"digest failure"},
+{PKCS7_R_ERROR_ADDING_RECIPIENT          ,"error adding recipient"},
+{PKCS7_R_ERROR_SETTING_CIPHER            ,"error setting cipher"},
+{PKCS7_R_INVALID_MIME_TYPE               ,"invalid mime type"},
+{PKCS7_R_INVALID_NULL_POINTER            ,"invalid null pointer"},
+{PKCS7_R_MIME_NO_CONTENT_TYPE            ,"mime no content type"},
+{PKCS7_R_MIME_PARSE_ERROR                ,"mime parse error"},
+{PKCS7_R_MIME_SIG_PARSE_ERROR            ,"mime sig parse error"},
+{PKCS7_R_MISSING_CERIPEND_INFO           ,"missing ceripend info"},
+{PKCS7_R_NO_CONTENT                      ,"no content"},
+{PKCS7_R_NO_CONTENT_TYPE                 ,"no content type"},
+{PKCS7_R_NO_MULTIPART_BODY_FAILURE       ,"no multipart body failure"},
+{PKCS7_R_NO_MULTIPART_BOUNDARY           ,"no multipart boundary"},
+{PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE,"no recipient matches certificate"},
+{PKCS7_R_NO_SIGNATURES_ON_DATA           ,"no signatures on data"},
+{PKCS7_R_NO_SIGNERS                      ,"no signers"},
+{PKCS7_R_NO_SIG_CONTENT_TYPE             ,"no sig content type"},
+{PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE,"operation not supported on this type"},
+{PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR       ,"pkcs7 add signature error"},
+{PKCS7_R_PKCS7_DATAFINAL_ERROR           ,"pkcs7 datafinal error"},
+{PKCS7_R_PKCS7_DATASIGN                  ,"pkcs7 datasign"},
+{PKCS7_R_PKCS7_PARSE_ERROR               ,"pkcs7 parse error"},
+{PKCS7_R_PKCS7_SIG_PARSE_ERROR           ,"pkcs7 sig parse error"},
+{PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE,"private key does not match certificate"},
+{PKCS7_R_SIGNATURE_FAILURE               ,"signature failure"},
+{PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND    ,"signer certificate not found"},
+{PKCS7_R_SIG_INVALID_MIME_TYPE           ,"sig invalid mime type"},
+{PKCS7_R_SMIME_TEXT_ERROR                ,"smime text error"},
+{PKCS7_R_UNABLE_TO_FIND_CERTIFICATE      ,"unable to find certificate"},
+{PKCS7_R_UNABLE_TO_FIND_MEM_BIO          ,"unable to find mem bio"},
+{PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST   ,"unable to find message digest"},
+{PKCS7_R_UNKNOWN_DIGEST_TYPE             ,"unknown digest type"},
+{PKCS7_R_UNKNOWN_OPERATION               ,"unknown operation"},
+{PKCS7_R_UNSUPPORTED_CIPHER_TYPE         ,"unsupported cipher type"},
+{PKCS7_R_UNSUPPORTED_CONTENT_TYPE        ,"unsupported content type"},
+{PKCS7_R_WRONG_CONTENT_TYPE              ,"wrong content type"},
+{PKCS7_R_WRONG_PKCS7_TYPE                ,"wrong pkcs7 type"},
 {0,NULL}
         };
 
@@ -156,8 +152,8 @@ void ERR_load_PKCS7_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,PKCS7_str_functs);
-                ERR_load_strings(0,PKCS7_str_reasons);
+                ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_functs);
+                ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/crypto/rand/Makefile.ssl b/src/lib/libssl/src/crypto/rand/Makefile.ssl
new file mode 100644
index 0000000000..e5cbe5319c
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rand/Makefile.ssl
@@ -0,0 +1,196 @@
+#
+# SSLeay/crypto/rand/Makefile
+#
+
+DIR=    rand
+TOP=    ../..
+CC=     cc
+INCLUDES=
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST= randtest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c \
+        rand_win.c rand_unix.c rand_os2.c
+LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o \
+        rand_win.o rand_unix.o rand_os2.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rand.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+md_rand.o: ../../e_os.h ../../include/openssl/aes.h
+md_rand.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+md_rand.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+md_rand.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+md_rand.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+md_rand.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+md_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+md_rand.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+md_rand.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+md_rand.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+md_rand.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+md_rand.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+md_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+md_rand.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+md_rand.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+md_rand.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+md_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+md_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+md_rand.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+md_rand.o: md_rand.c rand_lcl.h
+rand_egd.o: ../../include/openssl/buffer.h ../../include/openssl/e_os2.h
+rand_egd.o: ../../include/openssl/opensslconf.h
+rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+rand_egd.o: rand_egd.c
+rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+rand_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rand_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rand_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_err.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rand_err.o: rand_err.c
+rand_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+rand_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rand_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rand_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+rand_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
+rand_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+rand_lib.o: ../../include/openssl/opensslconf.h
+rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rand_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rand_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+rand_lib.o: ../cryptlib.h rand_lib.c
+rand_os2.o: ../../e_os.h ../../include/openssl/aes.h
+rand_os2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+rand_os2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+rand_os2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+rand_os2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+rand_os2.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+rand_os2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+rand_os2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rand_os2.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+rand_os2.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+rand_os2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+rand_os2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rand_os2.o: ../../include/openssl/opensslconf.h
+rand_os2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_os2.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+rand_os2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+rand_os2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+rand_os2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rand_os2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rand_os2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+rand_os2.o: ../cryptlib.h rand_lcl.h rand_os2.c
+rand_unix.o: ../../e_os.h ../../include/openssl/aes.h
+rand_unix.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+rand_unix.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+rand_unix.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+rand_unix.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+rand_unix.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+rand_unix.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+rand_unix.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rand_unix.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+rand_unix.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+rand_unix.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+rand_unix.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rand_unix.o: ../../include/openssl/opensslconf.h
+rand_unix.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_unix.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+rand_unix.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+rand_unix.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+rand_unix.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rand_unix.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rand_unix.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+rand_unix.o: ../cryptlib.h rand_lcl.h rand_unix.c
+rand_win.o: ../../e_os.h ../../include/openssl/aes.h
+rand_win.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+rand_win.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+rand_win.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+rand_win.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+rand_win.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+rand_win.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rand_win.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+rand_win.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+rand_win.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+rand_win.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rand_win.o: ../../include/openssl/opensslconf.h
+rand_win.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_win.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+rand_win.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+rand_win.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+rand_win.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rand_win.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rand_win.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+rand_win.o: ../cryptlib.h rand_lcl.h rand_win.c
+randfile.o: ../../e_os.h ../../include/openssl/buffer.h
+randfile.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+randfile.o: ../../include/openssl/opensslconf.h
+randfile.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+randfile.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+randfile.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+randfile.o: randfile.c
diff --git a/src/lib/libssl/src/crypto/rand/rand_err.c b/src/lib/libssl/src/crypto/rand/rand_err.c
index 97f96e1aee..95574659ac 100644
--- a/src/lib/libssl/src/crypto/rand/rand_err.c
+++ b/src/lib/libssl/src/crypto/rand/rand_err.c
@@ -1,6 +1,6 @@
 /* crypto/rand/rand_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,26 +64,22 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_RAND,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_RAND,0,reason)
-
 static ERR_STRING_DATA RAND_str_functs[]=
         {
-{ERR_FUNC(RAND_F_FIPS_RAND_BYTES),      "FIPS_RAND_BYTES"},
-{ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD), "RAND_get_rand_method"},
-{ERR_FUNC(RAND_F_SSLEAY_RAND_BYTES),    "SSLEAY_RAND_BYTES"},
+{ERR_PACK(0,RAND_F_FIPS_RAND_BYTES,0),  "FIPS_RAND_BYTES"},
+{ERR_PACK(0,RAND_F_RAND_GET_RAND_METHOD,0),     "RAND_get_rand_method"},
+{ERR_PACK(0,RAND_F_SSLEAY_RAND_BYTES,0),        "SSLEAY_RAND_BYTES"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA RAND_str_reasons[]=
         {
-{ERR_REASON(RAND_R_NON_FIPS_METHOD)      ,"non fips method"},
-{ERR_REASON(RAND_R_PRNG_ASKING_FOR_TOO_MUCH),"prng asking for too much"},
-{ERR_REASON(RAND_R_PRNG_NOT_REKEYED)     ,"prng not rekeyed"},
-{ERR_REASON(RAND_R_PRNG_NOT_RESEEDED)    ,"prng not reseeded"},
-{ERR_REASON(RAND_R_PRNG_NOT_SEEDED)      ,"PRNG not seeded"},
-{ERR_REASON(RAND_R_PRNG_STUCK)           ,"prng stuck"},
+{RAND_R_NON_FIPS_METHOD                  ,"non fips method"},
+{RAND_R_PRNG_ASKING_FOR_TOO_MUCH         ,"prng asking for too much"},
+{RAND_R_PRNG_NOT_REKEYED                 ,"prng not rekeyed"},
+{RAND_R_PRNG_NOT_RESEEDED                ,"prng not reseeded"},
+{RAND_R_PRNG_NOT_SEEDED                  ,"PRNG not seeded"},
+{RAND_R_PRNG_STUCK                       ,"prng stuck"},
 {0,NULL}
         };
 
@@ -97,8 +93,8 @@ void ERR_load_RAND_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,RAND_str_functs);
-                ERR_load_strings(0,RAND_str_reasons);
+                ERR_load_strings(ERR_LIB_RAND,RAND_str_functs);
+                ERR_load_strings(ERR_LIB_RAND,RAND_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/crypto/rand/rand_lib.c b/src/lib/libssl/src/crypto/rand/rand_lib.c
index a21bde79de..88f1b56d91 100644
--- a/src/lib/libssl/src/crypto/rand/rand_lib.c
+++ b/src/lib/libssl/src/crypto/rand/rand_lib.c
@@ -87,6 +87,16 @@ int RAND_set_rand_method(const RAND_METHOD *meth)
 
 const RAND_METHOD *RAND_get_rand_method(void)
         {
+#ifdef OPENSSL_FIPS
+        if(FIPS_mode()
+                && default_RAND_meth != FIPS_rand_check())
+            {
+            RANDerr(RAND_F_RAND_GET_RAND_METHOD,RAND_R_NON_FIPS_METHOD);
+            return 0;
+            }
+#endif
+
+
         if (!default_RAND_meth)
                 {
 #ifndef OPENSSL_NO_ENGINE
@@ -104,22 +114,8 @@ const RAND_METHOD *RAND_get_rand_method(void)
                         funct_ref = e;
                 else
 #endif
-#ifdef OPENSSL_FIPS
-                        if(FIPS_mode())
-                                default_RAND_meth=FIPS_rand_method();
-                        else
-#endif
-                                default_RAND_meth = RAND_SSLeay();
+                        default_RAND_meth = RAND_SSLeay();
                 }
-
-#ifdef OPENSSL_FIPS
-        if(FIPS_mode()
-                && default_RAND_meth != FIPS_rand_check())
-            {
-            RANDerr(RAND_F_RAND_GET_RAND_METHOD,RAND_R_NON_FIPS_METHOD);
-            return 0;
-            }
-#endif
         return default_RAND_meth;
         }
 
diff --git a/src/lib/libssl/src/crypto/rand/randfile.c b/src/lib/libssl/src/crypto/rand/randfile.c
index 7183fa32e4..9bd89ba495 100644
--- a/src/lib/libssl/src/crypto/rand/randfile.c
+++ b/src/lib/libssl/src/crypto/rand/randfile.c
@@ -57,7 +57,7 @@
  */
 
 /* We need to define this to get macros like S_IFBLK and S_IFCHR */
-#define _XOPEN_SOURCE 500
+#define _XOPEN_SOURCE 1
 
 #include <errno.h>
 #include <stdio.h>
@@ -233,7 +233,7 @@ const char *RAND_file_name(char *buf, size_t size)
         struct stat sb;
 #endif
 
-        if (OPENSSL_issetugid() == 0)
+        if (issetugid() == 0)
                 s=getenv("RANDFILE");
         if (s != NULL && *s && strlen(s) + 1 < size)
                 {
@@ -242,7 +242,7 @@ const char *RAND_file_name(char *buf, size_t size)
                 }
         else
                 {
-                if (OPENSSL_issetugid() == 0)
+                if (issetugid() == 0)
                         s=getenv("HOME");
 #ifdef DEFAULT_HOME
                 if (s == NULL)
diff --git a/src/lib/libssl/src/crypto/rc2/Makefile.ssl b/src/lib/libssl/src/crypto/rc2/Makefile.ssl
new file mode 100644
index 0000000000..98d5960d5d
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc2/Makefile.ssl
@@ -0,0 +1,91 @@
+#
+# SSLeay/crypto/rc2/Makefile
+#
+
+DIR=    rc2
+TOP=    ../..
+CC=     cc
+INCLUDES=
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=rc2test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+LIBOBJ=rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rc2.h
+HEADER= rc2_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rc2_cbc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
+rc2_cbc.o: rc2_cbc.c rc2_locl.h
+rc2_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rc2_ecb.o: ../../include/openssl/rc2.h rc2_ecb.c rc2_locl.h
+rc2_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
+rc2_skey.o: rc2_locl.h rc2_skey.c
+rc2cfb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
+rc2cfb64.o: rc2_locl.h rc2cfb64.c
+rc2ofb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
+rc2ofb64.o: rc2_locl.h rc2ofb64.c
diff --git a/src/lib/libssl/src/crypto/rc2/rc2_skey.c b/src/lib/libssl/src/crypto/rc2/rc2_skey.c
index 9652865188..22f372f85c 100644
--- a/src/lib/libssl/src/crypto/rc2/rc2_skey.c
+++ b/src/lib/libssl/src/crypto/rc2/rc2_skey.c
@@ -58,7 +58,6 @@
 
 #include <openssl/rc2.h>
 #include <openssl/crypto.h>
-#include <openssl/fips.h>
 #include "rc2_locl.h"
 
 static unsigned char key_table[256]={
diff --git a/src/lib/libssl/src/crypto/rc2/rc2speed.c b/src/lib/libssl/src/crypto/rc2/rc2speed.c
index 4d0e1242ea..47d34b444e 100644
--- a/src/lib/libssl/src/crypto/rc2/rc2speed.c
+++ b/src/lib/libssl/src/crypto/rc2/rc2speed.c
@@ -102,10 +102,10 @@ OPENSSL_DECLARE_EXIT
 #ifndef HZ
 #ifndef CLK_TCK
 #define HZ      100.0
-#else   /* CLK_TCK */
+#endif
+#else /* CLK_TCK */
 #define HZ ((double)CLK_TCK)
-#endif  /* CLK_TCK */
-#endif  /* HZ */
+#endif
 
 #define BUFSIZE ((long)1024)
 long run=0;
diff --git a/src/lib/libssl/src/crypto/rc4/Makefile.ssl b/src/lib/libssl/src/crypto/rc4/Makefile.ssl
new file mode 100644
index 0000000000..3e602662be
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc4/Makefile.ssl
@@ -0,0 +1,110 @@
+#
+# SSLeay/crypto/rc4/Makefile
+#
+
+DIR=    rc4
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+RC4_ENC=rc4_enc.o
+# or use
+#RC4_ENC=asm/rx86-elf.o
+#RC4_ENC=asm/rx86-out.o
+#RC4_ENC=asm/rx86-sol.o
+#RC4_ENC=asm/rx86bdsi.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+
+GENERAL=Makefile
+TEST=rc4test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=rc4_skey.c rc4_enc.c
+LIBOBJ=rc4_skey.o $(RC4_ENC)
+
+SRC= $(LIBSRC)
+
+EXHEADER= rc4.h
+HEADER= $(EXHEADER) rc4_locl.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+# elf
+asm/rx86-elf.s: asm/rc4-586.pl ../perlasm/x86asm.pl
+        (cd asm; $(PERL) rc4-586.pl elf $(CFLAGS) > rx86-elf.s)
+
+# a.out
+asm/rx86-out.o: asm/rx86unix.cpp
+        $(CPP) -DOUT asm/rx86unix.cpp | as -o asm/rx86-out.o
+
+# bsdi
+asm/rx86bsdi.o: asm/rx86unix.cpp
+        $(CPP) -DBSDI asm/rx86unix.cpp | sed 's/ :/:/' | as -o asm/rx86bsdi.o
+
+asm/rx86unix.cpp: asm/rc4-586.pl ../perlasm/x86asm.pl
+        (cd asm; $(PERL) rc4-586.pl cpp >rx86unix.cpp)
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f asm/rx86unix.cpp asm/*-elf.* *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rc4_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc4.h
+rc4_enc.o: rc4_enc.c rc4_locl.h
+rc4_skey.o: ../../include/openssl/opensslconf.h
+rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc4.h
+rc4_skey.o: rc4_locl.h rc4_skey.c
diff --git a/src/lib/libssl/src/crypto/rc4/asm/rc4-amd64.pl b/src/lib/libssl/src/crypto/rc4/asm/rc4-amd64.pl
new file mode 100755
index 0000000000..9e0da8af99
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc4/asm/rc4-amd64.pl
@@ -0,0 +1,227 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. Rights for redistribution and usage in source and binary
+# forms are granted according to the OpenSSL license.
+# ====================================================================
+#
+# 2.22x RC4 tune-up:-) It should be noted though that my hand [as in
+# "hand-coded assembler"] doesn't stand for the whole improvement
+# coefficient. It turned out that eliminating RC4_CHAR from config
+# line results in ~40% improvement (yes, even for C implementation).
+# Presumably it has everything to do with AMD cache architecture and
+# RAW or whatever penalties. Once again! The module *requires* config
+# line *without* RC4_CHAR! As for coding "secret," I bet on partial
+# register arithmetics. For example instead of 'inc %r8; and $255,%r8'
+# I simply 'inc %r8b'. Even though optimization manual discourages
+# to operate on partial registers, it turned out to be the best bet.
+# At least for AMD... How IA32E would perform remains to be seen...
+
+# As was shown by Marc Bevand reordering of couple of load operations
+# results in even higher performance gain of 3.3x:-) At least on
+# Opteron... For reference, 1x in this case is RC4_CHAR C-code
+# compiled with gcc 3.3.2, which performs at ~54MBps per 1GHz clock.
+# Latter means that if you want to *estimate* what to expect from
+# *your* CPU, then multiply 54 by 3.3 and clock frequency in GHz.
+
+# Intel P4 EM64T core was found to run the AMD64 code really slow...
+# The only way to achieve comparable performance on P4 is to keep
+# RC4_CHAR. Kind of ironic, huh? As it's apparently impossible to
+# compose blended code, which would perform even within 30% marginal
+# on either AMD and Intel platforms, I implement both cases. See
+# rc4_skey.c for further details... This applies to 0.9.8 and later.
+# In 0.9.7 context RC4_CHAR codepath is never engaged and ~70 bytes
+# of code remain redundant.
+
+$output=shift;
+
+$win64a=1 if ($output =~ /win64a.[s|asm]/);
+
+open STDOUT,">$output" || die "can't open $output: $!";
+
+if (defined($win64a)) {
+    $dat="%rcx";        # arg1
+    $len="%rdx";        # arg2
+    $inp="%rsi";        # r8, arg3 moves here
+    $out="%rdi";        # r9, arg4 moves here
+} else {
+    $dat="%rdi";        # arg1
+    $len="%rsi";        # arg2
+    $inp="%rdx";        # arg3
+    $out="%rcx";        # arg4
+}
+
+$XX="%r10";
+$TX="%r8";
+$YY="%r11";
+$TY="%r9";
+
+sub PTR() {
+    my $ret=shift;
+    if (defined($win64a)) {
+        $ret =~ s/\[([\S]+)\+([\S]+)\]/[$2+$1]/g;   # [%rN+%rM*4]->[%rM*4+%rN]
+        $ret =~ s/:([^\[]+)\[([^\]]+)\]/:[$2+$1]/g; # :off[ea]->:[ea+off]
+    } else {
+        $ret =~ s/[\+\*]/,/g;           # [%rN+%rM*4]->[%rN,%rM,4]
+        $ret =~ s/\[([^\]]+)\]/($1)/g;  # [%rN]->(%rN)
+    }
+    $ret;
+}
+
+$code=<<___ if (!defined($win64a));
+.text
+
+.globl  RC4
+.type   RC4,\@function
+.align  16
+RC4:    or      $len,$len
+        jne     .Lentry
+        repret
+.Lentry:
+___
+$code=<<___ if (defined($win64a));
+_TEXT   SEGMENT
+PUBLIC  RC4
+ALIGN   16
+RC4     PROC
+        or      $len,$len
+        jne     .Lentry
+        repret
+.Lentry:
+        push    %rdi
+        push    %rsi
+        sub     \$40,%rsp
+        mov     %r8,$inp
+        mov     %r9,$out
+___
+$code.=<<___;
+        add     \$8,$dat
+        movl    `&PTR("DWORD:-8[$dat]")`,$XX#d
+        movl    `&PTR("DWORD:-4[$dat]")`,$YY#d
+        cmpl    \$-1,`&PTR("DWORD:256[$dat]")`
+        je      .LRC4_CHAR
+        test    \$-8,$len
+        jz      .Lloop1
+.align  16
+.Lloop8:
+        inc     $XX#b
+        movl    `&PTR("DWORD:[$dat+$XX*4]")`,$TX#d
+        add     $TX#b,$YY#b
+        movl    `&PTR("DWORD:[$dat+$YY*4]")`,$TY#d
+        movl    $TX#d,`&PTR("DWORD:[$dat+$YY*4]")`
+        movl    $TY#d,`&PTR("DWORD:[$dat+$XX*4]")`
+        add     $TX#b,$TY#b
+        inc     $XX#b
+        movl    `&PTR("DWORD:[$dat+$XX*4]")`,$TX#d
+        movb    `&PTR("BYTE:[$dat+$TY*4]")`,%al
+___
+for ($i=1;$i<=6;$i++) {
+$code.=<<___;
+        add     $TX#b,$YY#b
+        ror     \$8,%rax
+        movl    `&PTR("DWORD:[$dat+$YY*4]")`,$TY#d
+        movl    $TX#d,`&PTR("DWORD:[$dat+$YY*4]")`
+        movl    $TY#d,`&PTR("DWORD:[$dat+$XX*4]")`
+        add     $TX#b,$TY#b
+        inc     $XX#b
+        movl    `&PTR("DWORD:[$dat+$XX*4]")`,$TX#d
+        movb    `&PTR("BYTE:[$dat+$TY*4]")`,%al
+___
+}
+$code.=<<___;
+        add     $TX#b,$YY#b
+        ror     \$8,%rax
+        movl    `&PTR("DWORD:[$dat+$YY*4]")`,$TY#d
+        movl    $TX#d,`&PTR("DWORD:[$dat+$YY*4]")`
+        movl    $TY#d,`&PTR("DWORD:[$dat+$XX*4]")`
+        sub     \$8,$len
+        add     $TY#b,$TX#b
+        movb    `&PTR("BYTE:[$dat+$TX*4]")`,%al
+        ror     \$8,%rax
+        add     \$8,$inp
+        add     \$8,$out
+
+        xor     `&PTR("QWORD:-8[$inp]")`,%rax
+        mov     %rax,`&PTR("QWORD:-8[$out]")`
+
+        test    \$-8,$len
+        jnz     .Lloop8
+        cmp     \$0,$len
+        jne     .Lloop1
+.Lexit:
+        movl    $XX#d,`&PTR("DWORD:-8[$dat]")`
+        movl    $YY#d,`&PTR("DWORD:-4[$dat]")`
+___
+$code.=<<___ if (defined($win64a));
+        add     \$40,%rsp
+        pop     %rsi
+        pop     %rdi
+___
+$code.=<<___;
+        repret
+.align  16
+.Lloop1:
+        movzb   `&PTR("BYTE:[$inp]")`,%eax
+        inc     $XX#b
+        movl    `&PTR("DWORD:[$dat+$XX*4]")`,$TX#d
+        add     $TX#b,$YY#b
+        movl    `&PTR("DWORD:[$dat+$YY*4]")`,$TY#d
+        movl    $TX#d,`&PTR("DWORD:[$dat+$YY*4]")`
+        movl    $TY#d,`&PTR("DWORD:[$dat+$XX*4]")`
+        add     $TY#b,$TX#b
+        movl    `&PTR("DWORD:[$dat+$TX*4]")`,$TY#d
+        xor     $TY,%rax
+        inc     $inp
+        movb    %al,`&PTR("BYTE:[$out]")`
+        inc     $out
+        dec     $len
+        jnz     .Lloop1
+        jmp     .Lexit
+
+.align  16
+.LRC4_CHAR:
+        inc     $XX#b
+        movzb   `&PTR("BYTE:[$dat+$XX]")`,$TX#d
+        add     $TX#b,$YY#b
+        movzb   `&PTR("BYTE:[$dat+$YY]")`,$TY#d
+        movb    $TX#b,`&PTR("BYTE:[$dat+$YY]")`
+        movb    $TY#b,`&PTR("BYTE:[$dat+$XX]")`
+        add     $TX#b,$TY#b
+        movzb   `&PTR("BYTE:[$dat+$TY]")`,$TY#d
+        xorb    `&PTR("BYTE:[$inp]")`,$TY#b
+        movb    $TY#b,`&PTR("BYTE:[$out]")`
+        inc     $inp
+        inc     $out
+        dec     $len
+        jnz     .LRC4_CHAR
+        jmp     .Lexit
+___
+$code.=<<___ if (defined($win64a));
+RC4     ENDP
+_TEXT   ENDS
+END
+___
+$code.=<<___ if (!defined($win64a));
+.size   RC4,.-RC4
+___
+
+$code =~ s/#([bwd])/$1/gm;
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+
+if (defined($win64a)) {
+    $code =~ s/\.align/ALIGN/gm;
+    $code =~ s/[\$%]//gm;
+    $code =~ s/\.L/\$L/gm;
+    $code =~ s/([\w]+)([\s]+)([\S]+),([\S]+)/$1$2$4,$3/gm;
+    $code =~ s/([QD]*WORD|BYTE):/$1 PTR/gm;
+    $code =~ s/mov[bwlq]/mov/gm;
+    $code =~ s/movzb/movzx/gm;
+    $code =~ s/repret/DB\t0F3h,0C3h/gm;
+    $code =~ s/cmpl/cmp/gm;
+    $code =~ s/xorb/xor/gm;
+} else {
+    $code =~ s/([QD]*WORD|BYTE)://gm;
+    $code =~ s/repret/.byte\t0xF3,0xC3/gm;
+}
+print $code;
diff --git a/src/lib/libssl/src/crypto/rc4/asm/rc4-x86_64.pl b/src/lib/libssl/src/crypto/rc4/asm/rc4-x86_64.pl
new file mode 100755
index 0000000000..b628daca70
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc4/asm/rc4-x86_64.pl
@@ -0,0 +1,150 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. Rights for redistribution and usage in source and binary
+# forms are granted according to the OpenSSL license.
+# ====================================================================
+#
+# Unlike 0.9.7f this code expects RC4_CHAR back in config line! See
+# commentary section in corresponding script in development branch
+# for background information about this option carousel. For those
+# who don't have energy to figure out these gory details, here is
+# basis in form of performance matrix relative to the original
+# 0.9.7e C code-base:
+#
+#               0.9.7e  0.9.7f  this
+# AMD64         1x      3.3x    2.4x
+# EM64T         1x      0.8x    1.5x
+#
+# In other words idea is to trade -25% AMD64 performance to compensate
+# for deterioration and gain +90% on EM64T core. Development branch
+# maintains best performance for either target, i.e. 3.3x for AMD64
+# and 1.5x for EM64T.
+
+$output=shift;
+
+open STDOUT,">$output" || die "can't open $output: $!";
+
+$dat="%rdi";        # arg1
+$len="%rsi";        # arg2
+$inp="%rdx";        # arg3
+$out="%rcx";        # arg4
+
+@XX=("%r8","%r10");
+@TX=("%r9","%r11");
+$YY="%r12";
+$TY="%r13";
+
+$code=<<___;;
+.text
+
+.globl  RC4
+.type   RC4,\@function
+.align  16
+RC4:    or      $len,$len
+        jne     .Lentry
+        repret
+.Lentry:
+        push    %r12
+        push    %r13
+
+        add     \$2,$dat
+        movzb   -2($dat),$XX[0]#d
+        movzb   -1($dat),$YY#d
+
+        add     \$1,$XX[0]#b
+        movzb   ($dat,$XX[0]),$TX[0]#d
+        test    \$-8,$len
+        jz      .Lcloop1
+        push    %rbx
+.align  16      # incidentally aligned already
+.Lcloop8:
+        mov     ($inp),%eax
+        mov     4($inp),%ebx
+___
+# unroll 2x4-wise, because 64-bit rotates kill Intel P4...
+for ($i=0;$i<4;$i++) {
+$code.=<<___;
+        add     $TX[0]#b,$YY#b
+        lea     1($XX[0]),$XX[1]
+        movzb   ($dat,$YY),$TY#d
+        movzb   $XX[1]#b,$XX[1]#d
+        movzb   ($dat,$XX[1]),$TX[1]#d
+        movb    $TX[0]#b,($dat,$YY)
+        cmp     $XX[1],$YY
+        movb    $TY#b,($dat,$XX[0])
+        jne     .Lcmov$i                        # Intel cmov is sloooow...
+        mov     $TX[0],$TX[1]
+.Lcmov$i:
+        add     $TX[0]#b,$TY#b
+        xor     ($dat,$TY),%al
+        ror     \$8,%eax
+___
+push(@TX,shift(@TX)); push(@XX,shift(@XX));     # "rotate" registers
+}
+for ($i=4;$i<8;$i++) {
+$code.=<<___;
+        add     $TX[0]#b,$YY#b
+        lea     1($XX[0]),$XX[1]
+        movzb   ($dat,$YY),$TY#d
+        movzb   $XX[1]#b,$XX[1]#d
+        movzb   ($dat,$XX[1]),$TX[1]#d
+        movb    $TX[0]#b,($dat,$YY)
+        cmp     $XX[1],$YY
+        movb    $TY#b,($dat,$XX[0])
+        jne     .Lcmov$i                        # Intel cmov is sloooow...
+        mov     $TX[0],$TX[1]
+.Lcmov$i:
+        add     $TX[0]#b,$TY#b
+        xor     ($dat,$TY),%bl
+        ror     \$8,%ebx
+___
+push(@TX,shift(@TX)); push(@XX,shift(@XX));     # "rotate" registers
+}
+$code.=<<___;
+        lea     -8($len),$len
+        mov     %eax,($out)
+        lea     8($inp),$inp
+        mov     %ebx,4($out)
+        lea     8($out),$out
+
+        test    \$-8,$len
+        jnz     .Lcloop8
+        pop     %rbx
+        cmp     \$0,$len
+        jne     .Lcloop1
+.Lexit:
+        sub     \$1,$XX[0]#b
+        movb    $XX[0]#b,-2($dat)
+        movb    $YY#b,-1($dat)
+
+        pop     %r13
+        pop     %r12
+        repret
+
+.align  16
+.Lcloop1:
+        add     $TX[0]#b,$YY#b
+        movzb   ($dat,$YY),$TY#d
+        movb    $TX[0]#b,($dat,$YY)
+        movb    $TY#b,($dat,$XX[0])
+        add     $TX[0]#b,$TY#b
+        add     \$1,$XX[0]#b
+        movzb   ($dat,$TY),$TY#d
+        movzb   ($dat,$XX[0]),$TX[0]#d
+        xorb    ($inp),$TY#b
+        lea     1($inp),$inp
+        movb    $TY#b,($out)
+        lea     1($out),$out
+        sub     \$1,$len
+        jnz     .Lcloop1
+        jmp     .Lexit
+.size   RC4,.-RC4
+___
+
+$code =~ s/#([bwd])/$1/gm;
+
+$code =~ s/repret/.byte\t0xF3,0xC3/gm;
+
+print $code;
diff --git a/src/lib/libssl/src/crypto/rc4/rc4.h b/src/lib/libssl/src/crypto/rc4/rc4.h
index ae0cea75b8..dd90d9fde0 100644
--- a/src/lib/libssl/src/crypto/rc4/rc4.h
+++ b/src/lib/libssl/src/crypto/rc4/rc4.h
@@ -73,6 +73,10 @@ typedef struct rc4_key_st
         {
         RC4_INT x,y;
         RC4_INT data[256];
+#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
+        /* see crypto/rc4/asm/rc4-ia64.S for further details... */
+        RC4_INT pad[512-256-2];
+#endif
         } RC4_KEY;
 
  
diff --git a/src/lib/libssl/src/crypto/rc4/rc4_enc.c b/src/lib/libssl/src/crypto/rc4/rc4_enc.c
index d5f18a3a70..81a97ea3b7 100644
--- a/src/lib/libssl/src/crypto/rc4/rc4_enc.c
+++ b/src/lib/libssl/src/crypto/rc4/rc4_enc.c
@@ -77,6 +77,10 @@ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
         x=key->x;     
         y=key->y;     
         d=key->data; 
+#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
+        /* see crypto/rc4/asm/rc4-ia64.S for further details... */
+        d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1));
+#endif
 
 #if defined(RC4_CHUNK)
         /*
diff --git a/src/lib/libssl/src/crypto/rc4/rc4_skey.c b/src/lib/libssl/src/crypto/rc4/rc4_skey.c
index 60510624fd..07234f061a 100644
--- a/src/lib/libssl/src/crypto/rc4/rc4_skey.c
+++ b/src/lib/libssl/src/crypto/rc4/rc4_skey.c
@@ -58,7 +58,6 @@
 
 #include <openssl/rc4.h>
 #include <openssl/crypto.h>
-#include <openssl/fips.h>
 #include "rc4_locl.h"
 #include <openssl/opensslv.h>
 
@@ -95,6 +94,10 @@ FIPS_NON_FIPS_VCIPHER_Init(RC4)
         unsigned int i;
         
         d= &(key->data[0]);
+#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
+        /* see crypto/rc4/asm/rc4-ia64.S for further details... */
+        d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1));
+#endif
 
         for (i=0; i<256; i++)
                 d[i]=i;
diff --git a/src/lib/libssl/src/crypto/rc5/Makefile.ssl b/src/lib/libssl/src/crypto/rc5/Makefile.ssl
new file mode 100644
index 0000000000..3f9632f8f7
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc5/Makefile.ssl
@@ -0,0 +1,108 @@
+#
+# SSLeay/crypto/rc5/Makefile
+#
+
+DIR=    rc5
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+RC5_ENC=                rc5_enc.o
+# or use
+#DES_ENC=       r586-elf.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+
+GENERAL=Makefile
+TEST=rc5test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=rc5_skey.c rc5_ecb.c rc5_enc.c rc5cfb64.c rc5ofb64.c 
+LIBOBJ=rc5_skey.o rc5_ecb.o $(RC5_ENC) rc5cfb64.o rc5ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rc5.h
+HEADER= rc5_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+# elf
+asm/r586-elf.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+        (cd asm; $(PERL) rc5-586.pl elf $(CFLAGS) > r586-elf.s)
+
+# a.out
+asm/r586-out.o: asm/r586unix.cpp
+        $(CPP) -DOUT asm/r586unix.cpp | as -o asm/r586-out.o
+
+# bsdi
+asm/r586bsdi.o: asm/r586unix.cpp
+        $(CPP) -DBSDI asm/r586unix.cpp | sed 's/ :/:/' | as -o asm/r586bsdi.o
+
+asm/r586unix.cpp: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+        (cd asm; $(PERL) rc5-586.pl cpp >r586unix.cpp)
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f asm/r586unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rc5_ecb.o: ../../include/openssl/opensslv.h ../../include/openssl/rc5.h
+rc5_ecb.o: rc5_ecb.c rc5_locl.h
+rc5_enc.o: ../../include/openssl/rc5.h rc5_enc.c rc5_locl.h
+rc5_skey.o: ../../include/openssl/rc5.h rc5_locl.h rc5_skey.c
+rc5cfb64.o: ../../include/openssl/rc5.h rc5_locl.h rc5cfb64.c
+rc5ofb64.o: ../../include/openssl/rc5.h rc5_locl.h rc5ofb64.c
diff --git a/src/lib/libssl/src/crypto/ripemd/Makefile.ssl b/src/lib/libssl/src/crypto/ripemd/Makefile.ssl
new file mode 100644
index 0000000000..f22ac790ae
--- /dev/null
+++ b/src/lib/libssl/src/crypto/ripemd/Makefile.ssl
@@ -0,0 +1,108 @@
+#
+# SSLeay/crypto/ripemd/Makefile
+#
+
+DIR=    ripemd
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+RIP_ASM_OBJ=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+
+GENERAL=Makefile
+TEST=rmdtest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=rmd_dgst.c rmd_one.c
+LIBOBJ=rmd_dgst.o rmd_one.o $(RMD160_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= ripemd.h
+HEADER= rmd_locl.h rmdconst.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+# elf
+asm/rm86-elf.s: asm/rmd-586.pl ../perlasm/x86asm.pl
+        (cd asm; $(PERL) rmd-586.pl elf $(CFLAGS) > rm86-elf.s)
+
+# a.out
+asm/rm86-out.o: asm/rm86unix.cpp
+        $(CPP) -DOUT asm/rm86unix.cpp | as -o asm/rm86-out.o
+
+# bsdi
+asm/rm86bsdi.o: asm/rm86unix.cpp
+        $(CPP) -DBSDI asm/rm86unix.cpp | sed 's/ :/:/' | as -o asm/rm86bsdi.o
+
+asm/rm86unix.cpp: asm/rmd-586.pl ../perlasm/x86asm.pl
+        (cd asm; $(PERL) rmd-586.pl cpp >rm86unix.cpp)
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f asm/rm86unix.cpp asm/*-elf.* *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rmd_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+rmd_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ripemd.h
+rmd_dgst.o: ../md32_common.h rmd_dgst.c rmd_locl.h rmdconst.h
+rmd_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rmd_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rmd_one.o: ../../include/openssl/ripemd.h ../../include/openssl/safestack.h
+rmd_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rmd_one.o: rmd_one.c
diff --git a/src/lib/libssl/src/crypto/ripemd/README b/src/lib/libssl/src/crypto/ripemd/README
index 7097707264..f1ffc8b134 100644
--- a/src/lib/libssl/src/crypto/ripemd/README
+++ b/src/lib/libssl/src/crypto/ripemd/README
@@ -4,7 +4,7 @@ http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
 This is my implementation of RIPEMD-160.  The pentium assember is a little
 off the pace since I only get 1050 cycles, while the best is 1013.
 I have a few ideas for how to get another 20 or so cycles, but at
-this point I will not bother right now.  I belive the trick will be
+this point I will not bother right now.  I believe the trick will be
 to remove my 'copy X array onto stack' until inside the RIP1() finctions the
 first time round.  To do this I need another register and will only have one
 temporary one.  A bit tricky....  I can also cleanup the saving of the 5 words
diff --git a/src/lib/libssl/src/crypto/ripemd/rmd_dgst.c b/src/lib/libssl/src/crypto/ripemd/rmd_dgst.c
index 5dff6bafa1..58ff010d11 100644
--- a/src/lib/libssl/src/crypto/ripemd/rmd_dgst.c
+++ b/src/lib/libssl/src/crypto/ripemd/rmd_dgst.c
@@ -91,7 +91,7 @@ FIPS_NON_FIPS_MD_Init(RIPEMD160)
 void ripemd160_block_host_order (RIPEMD160_CTX *ctx, const void *p, int num)
         {
         const RIPEMD160_LONG *XX=p;
-        register unsigned MD32_REG_T A,B,C,D,E;
+        register volatile unsigned MD32_REG_T A,B,C,D,E;
         register unsigned MD32_REG_T a,b,c,d,e;
 
         for (;num--;XX+=HASH_LBLOCK)
@@ -291,7 +291,7 @@ void ripemd160_block_host_order (RIPEMD160_CTX *ctx, const void *p, int num)
 void ripemd160_block_data_order (RIPEMD160_CTX *ctx, const void *p, int num)
         {
         const unsigned char *data=p;
-        register unsigned MD32_REG_T A,B,C,D,E;
+        register volatile unsigned MD32_REG_T A,B,C,D,E;
         unsigned MD32_REG_T a,b,c,d,e,l;
 #ifndef MD32_XARRAY
         /* See comment in crypto/sha/sha_locl.h for details. */
diff --git a/src/lib/libssl/src/crypto/ripemd/rmd_one.c b/src/lib/libssl/src/crypto/ripemd/rmd_one.c
index b88446b267..f8b580c33a 100644
--- a/src/lib/libssl/src/crypto/ripemd/rmd_one.c
+++ b/src/lib/libssl/src/crypto/ripemd/rmd_one.c
@@ -68,8 +68,7 @@ unsigned char *RIPEMD160(const unsigned char *d, unsigned long n,
         static unsigned char m[RIPEMD160_DIGEST_LENGTH];
 
         if (md == NULL) md=m;
-        if (!RIPEMD160_Init(&c))
-                return NULL;
+        RIPEMD160_Init(&c);
         RIPEMD160_Update(&c,d,n);
         RIPEMD160_Final(md,&c);
         OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */
diff --git a/src/lib/libssl/src/crypto/rsa/Makefile.ssl b/src/lib/libssl/src/crypto/rsa/Makefile.ssl
new file mode 100644
index 0000000000..8089344a04
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rsa/Makefile.ssl
@@ -0,0 +1,241 @@
+#
+# SSLeay/crypto/rsa/Makefile
+#
+
+DIR=    rsa
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=rsa_test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
+        rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \
+        rsa_asn1.c
+LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
+        rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \
+        rsa_asn1.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rsa.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+rsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+rsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+rsa_asn1.o: ../../include/openssl/opensslconf.h
+rsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_asn1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_asn1.o: ../cryptlib.h rsa_asn1.c
+rsa_chk.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+rsa_chk.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+rsa_chk.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_chk.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_chk.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_chk.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_chk.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_chk.o: rsa_chk.c
+rsa_eay.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_eay.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_eay.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_eay.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_eay.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_eay.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_eay.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_eay.c
+rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+rsa_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+rsa_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_err.o: rsa_err.c
+rsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_gen.o: ../cryptlib.h rsa_gen.c
+rsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+rsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
+rsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+rsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+rsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_lib.o: ../../include/openssl/ui.h ../cryptlib.h rsa_lib.c
+rsa_none.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_none.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_none.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_none.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_none.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_none.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_none.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_none.c
+rsa_null.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_null.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_null.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_null.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_null.c
+rsa_oaep.o: ../../e_os.h ../../include/openssl/aes.h
+rsa_oaep.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+rsa_oaep.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+rsa_oaep.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+rsa_oaep.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+rsa_oaep.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+rsa_oaep.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rsa_oaep.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+rsa_oaep.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+rsa_oaep.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+rsa_oaep.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_oaep.o: ../../include/openssl/opensslconf.h
+rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_oaep.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+rsa_oaep.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+rsa_oaep.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+rsa_oaep.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_oaep.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_oaep.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+rsa_oaep.o: ../cryptlib.h rsa_oaep.c
+rsa_pk1.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_pk1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_pk1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_pk1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_pk1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_pk1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_pk1.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pk1.c
+rsa_saos.o: ../../e_os.h ../../include/openssl/aes.h
+rsa_saos.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+rsa_saos.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+rsa_saos.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+rsa_saos.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+rsa_saos.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+rsa_saos.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rsa_saos.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+rsa_saos.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+rsa_saos.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+rsa_saos.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_saos.o: ../../include/openssl/opensslconf.h
+rsa_saos.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_saos.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+rsa_saos.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+rsa_saos.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+rsa_saos.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_saos.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_saos.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+rsa_saos.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+rsa_saos.o: ../cryptlib.h rsa_saos.c
+rsa_sign.o: ../../e_os.h ../../include/openssl/aes.h
+rsa_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+rsa_sign.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+rsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+rsa_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+rsa_sign.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+rsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+rsa_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rsa_sign.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+rsa_sign.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+rsa_sign.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+rsa_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_sign.o: ../../include/openssl/opensslconf.h
+rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+rsa_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+rsa_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+rsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+rsa_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+rsa_sign.o: ../cryptlib.h rsa_sign.c
+rsa_ssl.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_ssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_ssl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_ssl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_ssl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_ssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_ssl.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_ssl.c
diff --git a/src/lib/libssl/src/crypto/rsa/rsa.h b/src/lib/libssl/src/crypto/rsa/rsa.h
index 0b639cd37f..fc3bb5f86d 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa.h
+++ b/src/lib/libssl/src/crypto/rsa/rsa.h
@@ -157,41 +157,33 @@ struct rsa_st
 #define RSA_3   0x3L
 #define RSA_F4  0x10001L
 
-#define RSA_METHOD_FLAG_NO_CHECK        0x0001 /* don't check pub/private match */
+#define RSA_METHOD_FLAG_NO_CHECK        0x01 /* don't check pub/private match */
 
-#define RSA_FLAG_CACHE_PUBLIC           0x0002
-#define RSA_FLAG_CACHE_PRIVATE          0x0004
-#define RSA_FLAG_BLINDING               0x0008
-#define RSA_FLAG_THREAD_SAFE            0x0010
+#define RSA_FLAG_CACHE_PUBLIC           0x02
+#define RSA_FLAG_CACHE_PRIVATE          0x04
+#define RSA_FLAG_BLINDING               0x08
+#define RSA_FLAG_THREAD_SAFE            0x10
 /* This flag means the private key operations will be handled by rsa_mod_exp
  * and that they do not depend on the private key components being present:
  * for example a key stored in external hardware. Without this flag bn_mod_exp
  * gets called when private key components are absent.
  */
-#define RSA_FLAG_EXT_PKEY               0x0020
+#define RSA_FLAG_EXT_PKEY               0x20
 
 /* This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify functions.
  */
-#define RSA_FLAG_SIGN_VER               0x0040
-
-#define RSA_FLAG_NO_BLINDING            0x0080 /* new with 0.9.6j and 0.9.7b; the built-in
-                                                * RSA implementation now uses blinding by
-                                                * default (ignoring RSA_FLAG_BLINDING),
-                                                * but other engines might not need it
-                                                */
-#define RSA_FLAG_NO_EXP_CONSTTIME       0x0100 /* new with 0.9.7h; the built-in RSA
-                                                * implementation now uses constant time
-                                                * modular exponentiation for secret exponents
-                                                * by default. This flag causes the
-                                                * faster variable sliding window method to
-                                                * be used for all exponents.
-                                                */
+#define RSA_FLAG_SIGN_VER               0x40
+
+#define RSA_FLAG_NO_BLINDING            0x80 /* new with 0.9.6j and 0.9.7b; the built-in
+                                              * RSA implementation now uses blinding by
+                                              * default (ignoring RSA_FLAG_BLINDING),
+                                              * but other engines might not need it
+                                              */
 
 #define RSA_PKCS1_PADDING       1
 #define RSA_SSLV23_PADDING      2
 #define RSA_NO_PADDING          3
 #define RSA_PKCS1_OAEP_PADDING  4
-#define RSA_X931_PADDING        5
 
 #define RSA_PKCS1_PADDING_SIZE  11
 
@@ -204,15 +196,6 @@ int	RSA_size(const RSA *);
 RSA *   RSA_generate_key(int bits, unsigned long e,void
                 (*callback)(int,int,void *),void *cb_arg);
 int     RSA_check_key(const RSA *);
-#ifdef OPENSSL_FIPS
-int RSA_X931_derive(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1, BIGNUM *q2,
-                        void (*cb)(int, int, void *), void *cb_arg,
-                        const BIGNUM *Xp1, const BIGNUM *Xp2, const BIGNUM *Xp,
-                        const BIGNUM *Xq1, const BIGNUM *Xq2, const BIGNUM *Xq,
-                        const BIGNUM *e);
-RSA *RSA_X931_generate_key(int bits, const BIGNUM *e,
-             void (*cb)(int,int,void *), void *cb_arg);
-#endif
         /* next 4 return -1 on error */
 int     RSA_public_encrypt(int flen, const unsigned char *from,
                 unsigned char *to, RSA *rsa,int padding);
@@ -285,8 +268,6 @@ int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen,
         const unsigned char *f,int fl);
 int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen,
         const unsigned char *f,int fl,int rsa_len);
-int PKCS1_MGF1(unsigned char *mask, long len,
-        const unsigned char *seed, long seedlen, const EVP_MD *dgst);
 int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen,
         const unsigned char *f,int fl,
         const unsigned char *p,int pl);
@@ -301,17 +282,6 @@ int RSA_padding_add_none(unsigned char *to,int tlen,
         const unsigned char *f,int fl);
 int RSA_padding_check_none(unsigned char *to,int tlen,
         const unsigned char *f,int fl,int rsa_len);
-int RSA_padding_add_X931(unsigned char *to,int tlen,
-        const unsigned char *f,int fl);
-int RSA_padding_check_X931(unsigned char *to,int tlen,
-        const unsigned char *f,int fl,int rsa_len);
-int RSA_X931_hash_id(int nid);
-
-int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
-                        const EVP_MD *Hash, const unsigned char *EM, int sLen);
-int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
-                        const unsigned char *mHash,
-                        const EVP_MD *Hash, int sLen);
 
 int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
@@ -341,24 +311,20 @@ void ERR_load_RSA_strings(void);
 #define RSA_F_RSA_NULL                                   124
 #define RSA_F_RSA_PADDING_ADD_NONE                       107
 #define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP                 121
-#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS                  125
 #define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1               108
 #define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2               109
 #define RSA_F_RSA_PADDING_ADD_SSLV23                     110
-#define RSA_F_RSA_PADDING_ADD_X931                       127
 #define RSA_F_RSA_PADDING_CHECK_NONE                     111
 #define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP               122
 #define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1             112
 #define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2             113
 #define RSA_F_RSA_PADDING_CHECK_SSLV23                   114
-#define RSA_F_RSA_PADDING_CHECK_X931                     128
 #define RSA_F_RSA_PRINT                                  115
 #define RSA_F_RSA_PRINT_FP                               116
 #define RSA_F_RSA_SIGN                                   117
 #define RSA_F_RSA_SIGN_ASN1_OCTET_STRING                 118
 #define RSA_F_RSA_VERIFY                                 119
 #define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING               120
-#define RSA_F_RSA_VERIFY_PKCS1_PSS                       126
 
 /* Reason codes. */
 #define RSA_R_ALGORITHM_MISMATCH                         100
@@ -378,14 +344,9 @@ void ERR_load_RSA_strings(void);
 #define RSA_R_DMP1_NOT_CONGRUENT_TO_D                    124
 #define RSA_R_DMQ1_NOT_CONGRUENT_TO_D                    125
 #define RSA_R_D_E_NOT_CONGRUENT_TO_1                     123
-#define RSA_R_FIRST_OCTET_INVALID                        133
-#define RSA_R_INVALID_HEADER                             137
 #define RSA_R_INVALID_MESSAGE_LENGTH                     131
-#define RSA_R_INVALID_PADDING                            138
-#define RSA_R_INVALID_TRAILER                            139
 #define RSA_R_IQMP_NOT_INVERSE_OF_Q                      126
 #define RSA_R_KEY_SIZE_TOO_SMALL                         120
-#define RSA_R_LAST_OCTET_INVALID                         134
 #define RSA_R_NULL_BEFORE_BLOCK_MISSING                  113
 #define RSA_R_N_DOES_NOT_EQUAL_P_Q                       127
 #define RSA_R_OAEP_DECODING_ERROR                        121
@@ -393,8 +354,6 @@ void ERR_load_RSA_strings(void);
 #define RSA_R_P_NOT_PRIME                                128
 #define RSA_R_Q_NOT_PRIME                                129
 #define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED               130
-#define RSA_R_SLEN_CHECK_FAILED                          136
-#define RSA_R_SLEN_RECOVERY_FAILED                       135
 #define RSA_R_SSLV3_ROLLBACK_ATTACK                      115
 #define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
 #define RSA_R_UNKNOWN_ALGORITHM_TYPE                     117
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_eay.c b/src/lib/libssl/src/crypto/rsa/rsa_eay.c
index be4ac96ce3..d4caab3f95 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa_eay.c
+++ b/src/lib/libssl/src/crypto/rsa/rsa_eay.c
@@ -55,59 +55,6 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
 
 #include <stdio.h>
 #include "cryptlib.h"
@@ -198,13 +145,30 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
                 goto err;
                 }
 
-        if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
+        if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
                 {
-                if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n,
-                                        CRYPTO_LOCK_RSA, rsa->n, ctx))
+                BN_MONT_CTX* bn_mont_ctx;
+                if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
+                        goto err;
+                if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx))
+                        {
+                        BN_MONT_CTX_free(bn_mont_ctx);
                         goto err;
+                        }
+                if (rsa->_method_mod_n == NULL) /* other thread may have finished first */
+                        {
+                        CRYPTO_w_lock(CRYPTO_LOCK_RSA);
+                        if (rsa->_method_mod_n == NULL)
+                                {
+                                rsa->_method_mod_n = bn_mont_ctx;
+                                bn_mont_ctx = NULL;
+                                }
+                        CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
+                        }
+                if (bn_mont_ctx)
+                        BN_MONT_CTX_free(bn_mont_ctx);
                 }
-
+                
         if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
                 rsa->_method_mod_n)) goto err;
 
@@ -285,7 +249,7 @@ err:
 static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
              unsigned char *to, RSA *rsa, int padding)
         {
-        BIGNUM f,ret, *res;
+        BIGNUM f,ret;
         int i,j,k,num=0,r= -1;
         unsigned char *buf=NULL;
         BN_CTX *ctx=NULL;
@@ -367,43 +331,19 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
                 (rsa->dmp1 != NULL) &&
                 (rsa->dmq1 != NULL) &&
                 (rsa->iqmp != NULL)) )
-                { 
-                if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err;
-                }
+                { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; }
         else
                 {
-                BIGNUM local_d;
-                BIGNUM *d = NULL;
-                
-                if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME))
-                        {
-                        BN_init(&local_d);
-                        d = &local_d;
-                        BN_with_flags(d, rsa->d, BN_FLG_EXP_CONSTTIME);
-                        }
-                else
-                        d = rsa->d;
-                if (!rsa->meth->bn_mod_exp(&ret,&f,d,rsa->n,ctx,NULL)) goto err;
+                if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err;
                 }
 
         if (blinding)
                 if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err;
 
-        if (padding == RSA_X931_PADDING)
-                {
-                BN_sub(&f, rsa->n, &ret);
-                if (BN_cmp(&ret, &f))
-                        res = &f;
-                else
-                        res = &ret;
-                }
-        else
-                res = &ret;
-
         /* put in leading 0 bytes if the number is less than the
          * length of the modulus */
-        j=BN_num_bytes(res);
-        i=BN_bn2bin(res,&(to[num-j]));
+        j=BN_num_bytes(&ret);
+        i=BN_bn2bin(&ret,&(to[num-j]));
         for (k=0; k<(num-i); k++)
                 to[k]=0;
 
@@ -504,22 +444,10 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
                 (rsa->dmp1 != NULL) &&
                 (rsa->dmq1 != NULL) &&
                 (rsa->iqmp != NULL)) )
-                {
-                if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err;
-                }
+                { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; }
         else
                 {
-                BIGNUM local_d;
-                BIGNUM *d = NULL;
-                
-                if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME))
-                        {
-                        d = &local_d;
-                        BN_with_flags(d, rsa->d, BN_FLG_EXP_CONSTTIME);
-                        }
-                else
-                        d = rsa->d;
-                if (!rsa->meth->bn_mod_exp(&ret,&f,d,rsa->n,ctx,NULL))
+                if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL))
                         goto err;
                 }
 
@@ -606,20 +534,33 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
                 }
 
         /* do the decrypt */
-
-        if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
+        if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
                 {
-                if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n,
-                                        CRYPTO_LOCK_RSA, rsa->n, ctx))
+                BN_MONT_CTX* bn_mont_ctx;
+                if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
+                        goto err;
+                if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx))
+                        {
+                        BN_MONT_CTX_free(bn_mont_ctx);
                         goto err;
+                        }
+                if (rsa->_method_mod_n == NULL) /* other thread may have finished first */
+                        {
+                        CRYPTO_w_lock(CRYPTO_LOCK_RSA);
+                        if (rsa->_method_mod_n == NULL)
+                                {
+                                rsa->_method_mod_n = bn_mont_ctx;
+                                bn_mont_ctx = NULL;
+                                }
+                        CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
+                        }
+                if (bn_mont_ctx)
+                        BN_MONT_CTX_free(bn_mont_ctx);
                 }
-
+                
         if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
                 rsa->_method_mod_n)) goto err;
 
-        if ((padding == RSA_X931_PADDING) && ((ret.d[0] & 0xf) != 12))
-                BN_sub(&ret, rsa->n, &ret);
-
         p=buf;
         i=BN_bn2bin(&ret,p);
 
@@ -653,8 +594,6 @@ err:
 static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
         {
         BIGNUM r1,m1,vrfy;
-        BIGNUM local_dmp1, local_dmq1;
-        BIGNUM *dmp1, *dmq1;
         int ret=0;
         BN_CTX *ctx;
 
@@ -665,34 +604,61 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
 
         if (rsa->flags & RSA_FLAG_CACHE_PRIVATE)
                 {
-                if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_p,
-                                        CRYPTO_LOCK_RSA, rsa->p, ctx))
-                        goto err;
-                if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_q,
-                                        CRYPTO_LOCK_RSA, rsa->q, ctx))
-                        goto err;
-                }
+                if (rsa->_method_mod_p == NULL)
+                        {
+                        BN_MONT_CTX* bn_mont_ctx;
+                        if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
+                                goto err;
+                        if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->p,ctx))
+                                {
+                                BN_MONT_CTX_free(bn_mont_ctx);
+                                goto err;
+                                }
+                        if (rsa->_method_mod_p == NULL) /* other thread may have finished first */
+                                {
+                                CRYPTO_w_lock(CRYPTO_LOCK_RSA);
+                                if (rsa->_method_mod_p == NULL)
+                                        {
+                                        rsa->_method_mod_p = bn_mont_ctx;
+                                        bn_mont_ctx = NULL;
+                                        }
+                                CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
+                                }
+                        if (bn_mont_ctx)
+                                BN_MONT_CTX_free(bn_mont_ctx);
+                        }
 
-        if (!BN_mod(&r1,I,rsa->q,ctx)) goto err;
-        if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME))
-                {
-                dmq1 = &local_dmq1;
-                BN_with_flags(dmq1, rsa->dmq1, BN_FLG_EXP_CONSTTIME);
+                if (rsa->_method_mod_q == NULL)
+                        {
+                        BN_MONT_CTX* bn_mont_ctx;
+                        if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
+                                goto err;
+                        if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->q,ctx))
+                                {
+                                BN_MONT_CTX_free(bn_mont_ctx);
+                                goto err;
+                                }
+                        if (rsa->_method_mod_q == NULL) /* other thread may have finished first */
+                                {
+                                CRYPTO_w_lock(CRYPTO_LOCK_RSA);
+                                if (rsa->_method_mod_q == NULL)
+                                        {
+                                        rsa->_method_mod_q = bn_mont_ctx;
+                                        bn_mont_ctx = NULL;
+                                        }
+                                CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
+                                }
+                        if (bn_mont_ctx)
+                                BN_MONT_CTX_free(bn_mont_ctx);
+                        }
                 }
-        else
-                dmq1 = rsa->dmq1;
-        if (!rsa->meth->bn_mod_exp(&m1,&r1,dmq1,rsa->q,ctx,
+                
+        if (!BN_mod(&r1,I,rsa->q,ctx)) goto err;
+        if (!rsa->meth->bn_mod_exp(&m1,&r1,rsa->dmq1,rsa->q,ctx,
                 rsa->_method_mod_q)) goto err;
 
         if (!BN_mod(&r1,I,rsa->p,ctx)) goto err;
-        if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME))
-                {
-                dmp1 = &local_dmp1;
-                BN_with_flags(dmp1, rsa->dmp1, BN_FLG_EXP_CONSTTIME);
-                }
-        else
-                dmp1 = rsa->dmp1;
-        if (!rsa->meth->bn_mod_exp(r0,&r1,dmp1,rsa->p,ctx,
+        if (!rsa->meth->bn_mod_exp(r0,&r1,rsa->dmp1,rsa->p,ctx,
                 rsa->_method_mod_p)) goto err;
 
         if (!BN_sub(r0,r0,&m1)) goto err;
@@ -727,23 +693,10 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
                 if (vrfy.neg)
                         if (!BN_add(&vrfy, &vrfy, rsa->n)) goto err;
                 if (!BN_is_zero(&vrfy))
-                        {
                         /* 'I' and 'vrfy' aren't congruent mod n. Don't leak
                          * miscalculated CRT output, just do a raw (slower)
                          * mod_exp and return that instead. */
-
-                        BIGNUM local_d;
-                        BIGNUM *d = NULL;
-                
-                        if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME))
-                                {
-                                d = &local_d;
-                                BN_with_flags(d, rsa->d, BN_FLG_EXP_CONSTTIME);
-                                }
-                        else
-                                d = rsa->d;
-                        if (!rsa->meth->bn_mod_exp(r0,I,d,rsa->n,ctx,NULL)) goto err;
-                        }
+                        if (!rsa->meth->bn_mod_exp(r0,I,rsa->d,rsa->n,ctx,NULL)) goto err;
                 }
         ret=1;
 err:
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_err.c b/src/lib/libssl/src/crypto/rsa/rsa_err.c
index 2ec4b30ff7..a7766c3b76 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa_err.c
+++ b/src/lib/libssl/src/crypto/rsa/rsa_err.c
@@ -1,6 +1,6 @@
 /* crypto/rsa/rsa_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,85 +64,70 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_RSA,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_RSA,0,reason)
-
 static ERR_STRING_DATA RSA_str_functs[]=
         {
-{ERR_FUNC(RSA_F_MEMORY_LOCK),   "MEMORY_LOCK"},
-{ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"},
-{ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_DECRYPT),       "RSA_EAY_PRIVATE_DECRYPT"},
-{ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_ENCRYPT),       "RSA_EAY_PRIVATE_ENCRYPT"},
-{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT),        "RSA_EAY_PUBLIC_DECRYPT"},
-{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT),        "RSA_EAY_PUBLIC_ENCRYPT"},
-{ERR_FUNC(RSA_F_RSA_GENERATE_KEY),      "RSA_generate_key"},
-{ERR_FUNC(RSA_F_RSA_NEW_METHOD),        "RSA_new_method"},
-{ERR_FUNC(RSA_F_RSA_NULL),      "RSA_NULL"},
-{ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE),  "RSA_padding_add_none"},
-{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP),    "RSA_padding_add_PKCS1_OAEP"},
-{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS),     "RSA_padding_add_PKCS1_PSS"},
-{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1),  "RSA_padding_add_PKCS1_type_1"},
-{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2),  "RSA_padding_add_PKCS1_type_2"},
-{ERR_FUNC(RSA_F_RSA_PADDING_ADD_SSLV23),        "RSA_padding_add_SSLv23"},
-{ERR_FUNC(RSA_F_RSA_PADDING_ADD_X931),  "RSA_padding_add_X931"},
-{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_NONE),        "RSA_padding_check_none"},
-{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP),  "RSA_padding_check_PKCS1_OAEP"},
-{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1),        "RSA_padding_check_PKCS1_type_1"},
-{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2),        "RSA_padding_check_PKCS1_type_2"},
-{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_SSLV23),      "RSA_padding_check_SSLv23"},
-{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931),        "RSA_padding_check_X931"},
-{ERR_FUNC(RSA_F_RSA_PRINT),     "RSA_print"},
-{ERR_FUNC(RSA_F_RSA_PRINT_FP),  "RSA_print_fp"},
-{ERR_FUNC(RSA_F_RSA_SIGN),      "RSA_sign"},
-{ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING),    "RSA_sign_ASN1_OCTET_STRING"},
-{ERR_FUNC(RSA_F_RSA_VERIFY),    "RSA_verify"},
-{ERR_FUNC(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING),  "RSA_verify_ASN1_OCTET_STRING"},
-{ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS),  "RSA_verify_PKCS1_PSS"},
+{ERR_PACK(0,RSA_F_MEMORY_LOCK,0),       "MEMORY_LOCK"},
+{ERR_PACK(0,RSA_F_RSA_CHECK_KEY,0),     "RSA_check_key"},
+{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_DECRYPT,0),   "RSA_EAY_PRIVATE_DECRYPT"},
+{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_ENCRYPT,0),   "RSA_EAY_PRIVATE_ENCRYPT"},
+{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_DECRYPT,0),    "RSA_EAY_PUBLIC_DECRYPT"},
+{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_ENCRYPT,0),    "RSA_EAY_PUBLIC_ENCRYPT"},
+{ERR_PACK(0,RSA_F_RSA_GENERATE_KEY,0),  "RSA_generate_key"},
+{ERR_PACK(0,RSA_F_RSA_NEW_METHOD,0),    "RSA_new_method"},
+{ERR_PACK(0,RSA_F_RSA_NULL,0),  "RSA_NULL"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_NONE,0),      "RSA_padding_add_none"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_OAEP,0),        "RSA_padding_add_PKCS1_OAEP"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,0),      "RSA_padding_add_PKCS1_type_1"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,0),      "RSA_padding_add_PKCS1_type_2"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_SSLV23,0),    "RSA_padding_add_SSLv23"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_NONE,0),    "RSA_padding_check_none"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP,0),      "RSA_padding_check_PKCS1_OAEP"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,0),    "RSA_padding_check_PKCS1_type_1"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,0),    "RSA_padding_check_PKCS1_type_2"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_SSLV23,0),  "RSA_padding_check_SSLv23"},
+{ERR_PACK(0,RSA_F_RSA_PRINT,0), "RSA_print"},
+{ERR_PACK(0,RSA_F_RSA_PRINT_FP,0),      "RSA_print_fp"},
+{ERR_PACK(0,RSA_F_RSA_SIGN,0),  "RSA_sign"},
+{ERR_PACK(0,RSA_F_RSA_SIGN_ASN1_OCTET_STRING,0),        "RSA_sign_ASN1_OCTET_STRING"},
+{ERR_PACK(0,RSA_F_RSA_VERIFY,0),        "RSA_verify"},
+{ERR_PACK(0,RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,0),      "RSA_verify_ASN1_OCTET_STRING"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA RSA_str_reasons[]=
         {
-{ERR_REASON(RSA_R_ALGORITHM_MISMATCH)    ,"algorithm mismatch"},
-{ERR_REASON(RSA_R_BAD_E_VALUE)           ,"bad e value"},
-{ERR_REASON(RSA_R_BAD_FIXED_HEADER_DECRYPT),"bad fixed header decrypt"},
-{ERR_REASON(RSA_R_BAD_PAD_BYTE_COUNT)    ,"bad pad byte count"},
-{ERR_REASON(RSA_R_BAD_SIGNATURE)         ,"bad signature"},
-{ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_01)  ,"block type is not 01"},
-{ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_02)  ,"block type is not 02"},
-{ERR_REASON(RSA_R_DATA_GREATER_THAN_MOD_LEN),"data greater than mod len"},
-{ERR_REASON(RSA_R_DATA_TOO_LARGE)        ,"data too large"},
-{ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"},
-{ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_MODULUS),"data too large for modulus"},
-{ERR_REASON(RSA_R_DATA_TOO_SMALL)        ,"data too small"},
-{ERR_REASON(RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE),"data too small for key size"},
-{ERR_REASON(RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY),"digest too big for rsa key"},
-{ERR_REASON(RSA_R_DMP1_NOT_CONGRUENT_TO_D),"dmp1 not congruent to d"},
-{ERR_REASON(RSA_R_DMQ1_NOT_CONGRUENT_TO_D),"dmq1 not congruent to d"},
-{ERR_REASON(RSA_R_D_E_NOT_CONGRUENT_TO_1),"d e not congruent to 1"},
-{ERR_REASON(RSA_R_FIRST_OCTET_INVALID)   ,"first octet invalid"},
-{ERR_REASON(RSA_R_INVALID_HEADER)        ,"invalid header"},
-{ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH),"invalid message length"},
-{ERR_REASON(RSA_R_INVALID_PADDING)       ,"invalid padding"},
-{ERR_REASON(RSA_R_INVALID_TRAILER)       ,"invalid trailer"},
-{ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q) ,"iqmp not inverse of q"},
-{ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL)    ,"key size too small"},
-{ERR_REASON(RSA_R_LAST_OCTET_INVALID)    ,"last octet invalid"},
-{ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"},
-{ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q)  ,"n does not equal p q"},
-{ERR_REASON(RSA_R_OAEP_DECODING_ERROR)   ,"oaep decoding error"},
-{ERR_REASON(RSA_R_SLEN_RECOVERY_FAILED)  ,"salt length recovery failed"},
-{ERR_REASON(RSA_R_PADDING_CHECK_FAILED)  ,"padding check failed"},
-{ERR_REASON(RSA_R_P_NOT_PRIME)           ,"p not prime"},
-{ERR_REASON(RSA_R_Q_NOT_PRIME)           ,"q not prime"},
-{ERR_REASON(RSA_R_RSA_OPERATIONS_NOT_SUPPORTED),"rsa operations not supported"},
-{ERR_REASON(RSA_R_SSLV3_ROLLBACK_ATTACK) ,"sslv3 rollback attack"},
-{ERR_REASON(RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),"the asn1 object identifier is not known for this md"},
-{ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE),"unknown algorithm type"},
-{ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE)  ,"unknown padding type"},
-{ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"},
-{ERR_REASON(RSA_R_SLEN_CHECK_FAILED)     ,"salt length check failed"},
+{RSA_R_ALGORITHM_MISMATCH                ,"algorithm mismatch"},
+{RSA_R_BAD_E_VALUE                       ,"bad e value"},
+{RSA_R_BAD_FIXED_HEADER_DECRYPT          ,"bad fixed header decrypt"},
+{RSA_R_BAD_PAD_BYTE_COUNT                ,"bad pad byte count"},
+{RSA_R_BAD_SIGNATURE                     ,"bad signature"},
+{RSA_R_BLOCK_TYPE_IS_NOT_01              ,"block type is not 01"},
+{RSA_R_BLOCK_TYPE_IS_NOT_02              ,"block type is not 02"},
+{RSA_R_DATA_GREATER_THAN_MOD_LEN         ,"data greater than mod len"},
+{RSA_R_DATA_TOO_LARGE                    ,"data too large"},
+{RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE       ,"data too large for key size"},
+{RSA_R_DATA_TOO_LARGE_FOR_MODULUS        ,"data too large for modulus"},
+{RSA_R_DATA_TOO_SMALL                    ,"data too small"},
+{RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE       ,"data too small for key size"},
+{RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY        ,"digest too big for rsa key"},
+{RSA_R_DMP1_NOT_CONGRUENT_TO_D           ,"dmp1 not congruent to d"},
+{RSA_R_DMQ1_NOT_CONGRUENT_TO_D           ,"dmq1 not congruent to d"},
+{RSA_R_D_E_NOT_CONGRUENT_TO_1            ,"d e not congruent to 1"},
+{RSA_R_INVALID_MESSAGE_LENGTH            ,"invalid message length"},
+{RSA_R_IQMP_NOT_INVERSE_OF_Q             ,"iqmp not inverse of q"},
+{RSA_R_KEY_SIZE_TOO_SMALL                ,"key size too small"},
+{RSA_R_NULL_BEFORE_BLOCK_MISSING         ,"null before block missing"},
+{RSA_R_N_DOES_NOT_EQUAL_P_Q              ,"n does not equal p q"},
+{RSA_R_OAEP_DECODING_ERROR               ,"oaep decoding error"},
+{RSA_R_PADDING_CHECK_FAILED              ,"padding check failed"},
+{RSA_R_P_NOT_PRIME                       ,"p not prime"},
+{RSA_R_Q_NOT_PRIME                       ,"q not prime"},
+{RSA_R_RSA_OPERATIONS_NOT_SUPPORTED      ,"rsa operations not supported"},
+{RSA_R_SSLV3_ROLLBACK_ATTACK             ,"sslv3 rollback attack"},
+{RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
+{RSA_R_UNKNOWN_ALGORITHM_TYPE            ,"unknown algorithm type"},
+{RSA_R_UNKNOWN_PADDING_TYPE              ,"unknown padding type"},
+{RSA_R_WRONG_SIGNATURE_LENGTH            ,"wrong signature length"},
 {0,NULL}
         };
 
@@ -156,8 +141,8 @@ void ERR_load_RSA_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,RSA_str_functs);
-                ERR_load_strings(0,RSA_str_reasons);
+                ERR_load_strings(ERR_LIB_RSA,RSA_str_functs);
+                ERR_load_strings(ERR_LIB_RSA,RSA_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_gen.c b/src/lib/libssl/src/crypto/rsa/rsa_gen.c
index dd1422cc98..adb5e34da5 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa_gen.c
+++ b/src/lib/libssl/src/crypto/rsa/rsa_gen.c
@@ -184,8 +184,7 @@ err:
                 RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN);
                 ok=0;
                 }
-        if (ctx != NULL)
-                BN_CTX_end(ctx);
+        BN_CTX_end(ctx);
         BN_CTX_free(ctx);
         BN_CTX_free(ctx2);
         
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_oaep.c b/src/lib/libssl/src/crypto/rsa/rsa_oaep.c
index d43ecaca63..e3f7c608ec 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa_oaep.c
+++ b/src/lib/libssl/src/crypto/rsa/rsa_oaep.c
@@ -28,6 +28,9 @@
 #include <openssl/rand.h>
 #include <openssl/sha.h>
 
+int MGF1(unsigned char *mask, long len,
+        const unsigned char *seed, long seedlen);
+
 int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
         const unsigned char *from, int flen,
         const unsigned char *param, int plen)
@@ -73,13 +76,11 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
            20);
 #endif
 
-        PKCS1_MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH,
-                                                                EVP_sha1());
+        MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH);
         for (i = 0; i < emlen - SHA_DIGEST_LENGTH; i++)
                 db[i] ^= dbmask[i];
 
-        PKCS1_MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH,
-                                                                EVP_sha1());
+        MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH);
         for (i = 0; i < SHA_DIGEST_LENGTH; i++)
                 seed[i] ^= seedmask[i];
 
@@ -125,11 +126,11 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
                 return -1;
                 }
 
-        PKCS1_MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen, EVP_sha1());
+        MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen);
         for (i = lzero; i < SHA_DIGEST_LENGTH; i++)
                 seed[i] ^= from[i - lzero];
   
-        PKCS1_MGF1(db, dblen, seed, SHA_DIGEST_LENGTH, EVP_sha1());
+        MGF1(db, dblen, seed, SHA_DIGEST_LENGTH);
         for (i = 0; i < dblen; i++)
                 db[i] ^= maskeddb[i];
 
@@ -169,30 +170,28 @@ decoding_err:
         return -1;
         }
 
-int PKCS1_MGF1(unsigned char *mask, long len,
-        const unsigned char *seed, long seedlen, const EVP_MD *dgst)
+int MGF1(unsigned char *mask, long len,
+        const unsigned char *seed, long seedlen)
         {
         long i, outlen = 0;
         unsigned char cnt[4];
         EVP_MD_CTX c;
-        unsigned char md[EVP_MAX_MD_SIZE];
-        int mdlen;
+        unsigned char md[SHA_DIGEST_LENGTH];
 
         EVP_MD_CTX_init(&c);
-        mdlen = EVP_MD_size(dgst);
         for (i = 0; outlen < len; i++)
                 {
                 cnt[0] = (unsigned char)((i >> 24) & 255);
                 cnt[1] = (unsigned char)((i >> 16) & 255);
                 cnt[2] = (unsigned char)((i >> 8)) & 255;
                 cnt[3] = (unsigned char)(i & 255);
-                EVP_DigestInit_ex(&c,dgst, NULL);
+                EVP_DigestInit_ex(&c,EVP_sha1(), NULL);
                 EVP_DigestUpdate(&c, seed, seedlen);
                 EVP_DigestUpdate(&c, cnt, 4);
-                if (outlen + mdlen <= len)
+                if (outlen + SHA_DIGEST_LENGTH <= len)
                         {
                         EVP_DigestFinal_ex(&c, mask + outlen, NULL);
-                        outlen += mdlen;
+                        outlen += SHA_DIGEST_LENGTH;
                         }
                 else
                         {
@@ -204,9 +203,4 @@ int PKCS1_MGF1(unsigned char *mask, long len,
         EVP_MD_CTX_cleanup(&c);
         return 0;
         }
-
-int MGF1(unsigned char *mask, long len, const unsigned char *seed, long seedlen)
-        {
-        return PKCS1_MGF1(mask, len, seed, seedlen, EVP_sha1());
-        }
 #endif
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_pss.c b/src/lib/libssl/src/crypto/rsa/rsa_pss.c
new file mode 100644
index 0000000000..2815628f5f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rsa/rsa_pss.c
@@ -0,0 +1,261 @@
+/* rsa_pss.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+#include <openssl/sha.h>
+
+const static unsigned char zeroes[] = {0,0,0,0,0,0,0,0};
+
+int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
+                        const EVP_MD *Hash, const unsigned char *EM, int sLen)
+        {
+        int i;
+        int ret = 0;
+        int hLen, maskedDBLen, MSBits, emLen;
+        const unsigned char *H;
+        unsigned char *DB = NULL;
+        EVP_MD_CTX ctx;
+        unsigned char H_[EVP_MAX_MD_SIZE];
+
+        hLen = EVP_MD_size(Hash);
+        /*
+         * Negative sLen has special meanings:
+         *      -1      sLen == hLen
+         *      -2      salt length is autorecovered from signature
+         *      -N      reserved
+         */
+        if      (sLen == -1)    sLen = hLen;
+        else if (sLen == -2)    sLen = -2;
+        else if (sLen < -2)
+                {
+                RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED);
+                goto err;
+                }
+
+        MSBits = (BN_num_bits(rsa->n) - 1) & 0x7;
+        emLen = RSA_size(rsa);
+        if (EM[0] & (0xFF << MSBits))
+                {
+                RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_FIRST_OCTET_INVALID);
+                goto err;
+                }
+        if (MSBits == 0)
+                {
+                EM++;
+                emLen--;
+                }
+        if (emLen < (hLen + sLen + 2)) /* sLen can be small negative */
+                {
+                RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_DATA_TOO_LARGE);
+                goto err;
+                }
+        if (EM[emLen - 1] != 0xbc)
+                {
+                RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_LAST_OCTET_INVALID);
+                goto err;
+                }
+        maskedDBLen = emLen - hLen - 1;
+        H = EM + maskedDBLen;
+        DB = OPENSSL_malloc(maskedDBLen);
+        if (!DB)
+                {
+                RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, ERR_R_MALLOC_FAILURE);
+                goto err;
+                }
+        PKCS1_MGF1(DB, maskedDBLen, H, hLen, Hash);
+        for (i = 0; i < maskedDBLen; i++)
+                DB[i] ^= EM[i];
+        if (MSBits)
+                DB[0] &= 0xFF >> (8 - MSBits);
+        for (i = 0; DB[i] == 0 && i < (maskedDBLen-1); i++) ;
+        if (DB[i++] != 0x1)
+                {
+                RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_RECOVERY_FAILED);
+                goto err;
+                }
+        if (sLen >= 0 && (maskedDBLen - i) != sLen)
+                {
+                RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED);
+                goto err;
+                }
+        EVP_MD_CTX_init(&ctx);
+        EVP_DigestInit_ex(&ctx, Hash, NULL);
+        EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes);
+        EVP_DigestUpdate(&ctx, mHash, hLen);
+        if (maskedDBLen - i)
+                EVP_DigestUpdate(&ctx, DB + i, maskedDBLen - i);
+        EVP_DigestFinal(&ctx, H_, NULL);
+        EVP_MD_CTX_cleanup(&ctx);
+        if (memcmp(H_, H, hLen))
+                {
+                RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_BAD_SIGNATURE);
+                ret = 0;
+                }
+        else 
+                ret = 1;
+
+        err:
+        if (DB)
+                OPENSSL_free(DB);
+
+        return ret;
+
+        }
+
+int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
+                        const unsigned char *mHash,
+                        const EVP_MD *Hash, int sLen)
+        {
+        int i;
+        int ret = 0;
+        int hLen, maskedDBLen, MSBits, emLen;
+        unsigned char *H, *salt = NULL, *p;
+        EVP_MD_CTX ctx;
+
+        hLen = EVP_MD_size(Hash);
+        /*
+         * Negative sLen has special meanings:
+         *      -1      sLen == hLen
+         *      -2      salt length is maximized
+         *      -N      reserved
+         */
+        if      (sLen == -1)    sLen = hLen;
+        else if (sLen == -2)    sLen = -2;
+        else if (sLen < -2)
+                {
+                RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED);
+                goto err;
+                }
+
+        MSBits = (BN_num_bits(rsa->n) - 1) & 0x7;
+        emLen = RSA_size(rsa);
+        if (MSBits == 0)
+                {
+                *EM++ = 0;
+                emLen--;
+                }
+        if (sLen == -2)
+                {
+                sLen = emLen - hLen - 2;
+                }
+        else if (emLen < (hLen + sLen + 2))
+                {
+                RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS,
+                   RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+                goto err;
+                }
+        if (sLen > 0)
+                {
+                salt = OPENSSL_malloc(sLen);
+                if (!salt)
+                        {
+                        RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS,
+                                ERR_R_MALLOC_FAILURE);
+                        goto err;
+                        }
+                if (!RAND_bytes(salt, sLen))
+                        goto err;
+                }
+        maskedDBLen = emLen - hLen - 1;
+        H = EM + maskedDBLen;
+        EVP_MD_CTX_init(&ctx);
+        EVP_DigestInit_ex(&ctx, Hash, NULL);
+        EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes);
+        EVP_DigestUpdate(&ctx, mHash, hLen);
+        if (sLen)
+                EVP_DigestUpdate(&ctx, salt, sLen);
+        EVP_DigestFinal(&ctx, H, NULL);
+        EVP_MD_CTX_cleanup(&ctx);
+
+        /* Generate dbMask in place then perform XOR on it */
+        PKCS1_MGF1(EM, maskedDBLen, H, hLen, Hash);
+
+        p = EM;
+
+        /* Initial PS XORs with all zeroes which is a NOP so just update
+         * pointer. Note from a test above this value is guaranteed to
+         * be non-negative.
+         */
+        p += emLen - sLen - hLen - 2;
+        *p++ ^= 0x1;
+        if (sLen > 0)
+                {
+                for (i = 0; i < sLen; i++)
+                        *p++ ^= salt[i];
+                }
+        if (MSBits)
+                EM[0] &= 0xFF >> (8 - MSBits);
+
+        /* H is already in place so just set final 0xbc */
+
+        EM[emLen - 1] = 0xbc;
+
+        ret = 1;
+
+        err:
+        if (salt)
+                OPENSSL_free(salt);
+
+        return ret;
+
+        }
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_test.c b/src/lib/libssl/src/crypto/rsa/rsa_test.c
index 218bb2a39b..924e9ad1f6 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa_test.c
+++ b/src/lib/libssl/src/crypto/rsa/rsa_test.c
@@ -227,10 +227,10 @@ int main(int argc, char *argv[])
 
     plen = sizeof(ptext_ex) - 1;
 
-    for (v = 0; v < 6; v++)
+    for (v = 0; v < 3; v++)
         {
         key = RSA_new();
-        switch (v%3) {
+        switch (v) {
     case 0:
         clen = key1(key, ctext_ex);
         break;
@@ -241,7 +241,6 @@ int main(int argc, char *argv[])
         clen = key3(key, ctext_ex);
         break;
         }
-        if (v/3 > 1) key->flags |= RSA_FLAG_NO_EXP_CONSTTIME;
 
         num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
                                  RSA_PKCS1_PADDING);
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_x931.c b/src/lib/libssl/src/crypto/rsa/rsa_x931.c
new file mode 100644
index 0000000000..df3c45f802
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rsa/rsa_x931.c
@@ -0,0 +1,177 @@
+/* rsa_x931.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+
+int RSA_padding_add_X931(unsigned char *to, int tlen,
+             const unsigned char *from, int flen)
+        {
+        int j;
+        unsigned char *p;
+
+        /* Absolute minimum amount of padding is 1 header nibble, 1 padding
+         * nibble and 2 trailer bytes: but 1 hash if is already in 'from'.
+         */
+
+        j = tlen - flen - 2;
+
+        if (j < 0)
+                {
+                RSAerr(RSA_F_RSA_PADDING_ADD_X931,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+                return -1;
+                }
+        
+        p=(unsigned char *)to;
+
+        /* If no padding start and end nibbles are in one byte */
+        if (j == 0)
+                *p++ = 0x6A;
+        else
+                {
+                *p++ = 0x6B;
+                if (j > 1)
+                        {
+                        memset(p, 0xBB, j - 1);
+                        p += j - 1;
+                        }
+                *p++ = 0xBA;
+                }
+        memcpy(p,from,(unsigned int)flen);
+        p += flen;
+        *p = 0xCC;
+        return(1);
+        }
+
+int RSA_padding_check_X931(unsigned char *to, int tlen,
+             const unsigned char *from, int flen, int num)
+        {
+        int i,j;
+        const unsigned char *p;
+
+        p=from;
+        if ((num != flen) || ((*p != 0x6A) && (*p != 0x6B)))
+                {
+                RSAerr(RSA_F_RSA_PADDING_CHECK_X931,RSA_R_INVALID_HEADER);
+                return -1;
+                }
+
+        if (*p++ == 0x6B)
+                {
+                j=flen-3;
+                for (i = 0; i < j; i++)
+                        {
+                        unsigned char c = *p++;
+                        if (c == 0xBA)
+                                break;
+                        if (c != 0xBB)
+                                {
+                                RSAerr(RSA_F_RSA_PADDING_CHECK_X931,
+                                        RSA_R_INVALID_PADDING);
+                                return -1;
+                                }
+                        }
+
+                j -= i;
+
+                if (i == 0)
+                        {
+                        RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_PADDING);
+                        return -1;
+                        }
+
+                }
+        else j = flen - 2;
+
+        if (p[j] != 0xCC)
+                {
+                RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_TRAILER);
+                return -1;
+                }
+
+        memcpy(to,p,(unsigned int)j);
+
+        return(j);
+        }
+
+/* Translate between X931 hash ids and NIDs */
+
+int RSA_X931_hash_id(int nid)
+        {
+        switch (nid)
+                {
+                case NID_sha1:
+                return 0x33;
+
+                case NID_sha256:
+                return 0x34;
+
+                case NID_sha384:
+                return 0x36;
+
+                case NID_sha512:
+                return 0x35;
+
+                }
+        return -1;
+        }
+
diff --git a/src/lib/libssl/src/crypto/sha/Makefile.ssl b/src/lib/libssl/src/crypto/sha/Makefile.ssl
new file mode 100644
index 0000000000..4ba201c787
--- /dev/null
+++ b/src/lib/libssl/src/crypto/sha/Makefile.ssl
@@ -0,0 +1,116 @@
+#
+# SSLeay/crypto/sha/Makefile
+#
+
+DIR=    sha
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+SHA1_ASM_OBJ=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+
+GENERAL=Makefile
+TEST=shatest.c sha1test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
+LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o $(SHA1_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= sha.h
+HEADER= sha_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+# elf
+asm/sx86-elf.s: asm/sha1-586.pl ../perlasm/x86asm.pl
+        (cd asm; $(PERL) sha1-586.pl elf $(CFLAGS) $(PROCESSOR) > sx86-elf.s)
+
+# a.out
+asm/sx86-out.o: asm/sx86unix.cpp
+        $(CPP) -DOUT asm/sx86unix.cpp | as -o asm/sx86-out.o
+
+# bsdi
+asm/sx86bsdi.o: asm/sx86unix.cpp
+        $(CPP) -DBSDI asm/sx86unix.cpp | sed 's/ :/:/' | as -o asm/sx86bsdi.o
+
+asm/sx86unix.cpp: asm/sha1-586.pl ../perlasm/x86asm.pl
+        (cd asm; $(PERL) sha1-586.pl cpp $(PROCESSOR) >sx86unix.cpp)
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f asm/sx86unix.cpp asm/*-elf.* *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+sha1_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+sha1_one.o: ../../include/openssl/opensslconf.h
+sha1_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+sha1_one.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+sha1_one.o: ../../include/openssl/symhacks.h sha1_one.c
+sha1dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h
+sha1dgst.o: ../md32_common.h sha1dgst.c sha_locl.h
+sha_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h
+sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h
+sha_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+sha_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+sha_one.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+sha_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+sha_one.o: sha_one.c
diff --git a/src/lib/libssl/src/crypto/sha/sha1_one.c b/src/lib/libssl/src/crypto/sha/sha1_one.c
index f4694b701b..20e660c71d 100644
--- a/src/lib/libssl/src/crypto/sha/sha1_one.c
+++ b/src/lib/libssl/src/crypto/sha/sha1_one.c
@@ -61,15 +61,14 @@
 #include <openssl/sha.h>
 #include <openssl/crypto.h>
 
-#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_FIPS)
+#ifndef OPENSSL_NO_SHA1
 unsigned char *SHA1(const unsigned char *d, unsigned long n, unsigned char *md)
         {
         SHA_CTX c;
         static unsigned char m[SHA_DIGEST_LENGTH];
 
         if (md == NULL) md=m;
-        if (!SHA1_Init(&c))
-                return NULL;
+        SHA1_Init(&c);
         SHA1_Update(&c,d,n);
         SHA1_Final(md,&c);
         OPENSSL_cleanse(&c,sizeof(c));
diff --git a/src/lib/libssl/src/crypto/sha/sha_one.c b/src/lib/libssl/src/crypto/sha/sha_one.c
index d4f4d344df..e61c63f3e9 100644
--- a/src/lib/libssl/src/crypto/sha/sha_one.c
+++ b/src/lib/libssl/src/crypto/sha/sha_one.c
@@ -68,8 +68,7 @@ unsigned char *SHA(const unsigned char *d, unsigned long n, unsigned char *md)
         static unsigned char m[SHA_DIGEST_LENGTH];
 
         if (md == NULL) md=m;
-        if (!SHA_Init(&c))
-                return NULL;
+        SHA_Init(&c);
         SHA_Update(&c,d,n);
         SHA_Final(md,&c);
         OPENSSL_cleanse(&c,sizeof(c));
diff --git a/src/lib/libssl/src/crypto/stack/Makefile.ssl b/src/lib/libssl/src/crypto/stack/Makefile.ssl
new file mode 100644
index 0000000000..7120fb804a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/stack/Makefile.ssl
@@ -0,0 +1,88 @@
+#
+# SSLeay/crypto/stack/Makefile
+#
+
+DIR=    stack
+TOP=    ../..
+CC=     cc
+INCLUDES=
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=stack.c
+LIBOBJ=stack.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= stack.h safestack.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+stack.o: ../../e_os.h ../../include/openssl/bio.h
+stack.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+stack.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+stack.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+stack.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+stack.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+stack.o: ../cryptlib.h stack.c
diff --git a/src/lib/libssl/src/crypto/stack/safestack.h b/src/lib/libssl/src/crypto/stack/safestack.h
index 6010b7f122..bd1121c279 100644
--- a/src/lib/libssl/src/crypto/stack/safestack.h
+++ b/src/lib/libssl/src/crypto/stack/safestack.h
@@ -55,9 +55,6 @@
 #ifndef HEADER_SAFESTACK_H
 #define HEADER_SAFESTACK_H
 
-typedef void (*openssl_fptr)(void);
-#define openssl_fcast(f) ((openssl_fptr)f)
-
 #include <openssl/stack.h>
 
 #ifdef DEBUG_SAFESTACK
@@ -76,74 +73,74 @@ STACK_OF(type) \
 /* SKM_sk_... stack macros are internal to safestack.h:
  * never use them directly, use sk_<type>_... instead */
 #define SKM_sk_new(type, cmp) \
-        ((STACK_OF(type) * (*)(int (*)(const type * const *, const type * const *)))openssl_fcast(sk_new))(cmp)
+        ((STACK_OF(type) * (*)(int (*)(const type * const *, const type * const *)))sk_new)(cmp)
 #define SKM_sk_new_null(type) \
-        ((STACK_OF(type) * (*)(void))openssl_fcast(sk_new_null))()
+        ((STACK_OF(type) * (*)(void))sk_new_null)()
 #define SKM_sk_free(type, st) \
-        ((void (*)(STACK_OF(type) *))openssl_fcast(sk_free))(st)
+        ((void (*)(STACK_OF(type) *))sk_free)(st)
 #define SKM_sk_num(type, st) \
-        ((int (*)(const STACK_OF(type) *))openssl_fcast(sk_num))(st)
+        ((int (*)(const STACK_OF(type) *))sk_num)(st)
 #define SKM_sk_value(type, st,i) \
-        ((type * (*)(const STACK_OF(type) *, int))openssl_fcast(sk_value))(st, i)
+        ((type * (*)(const STACK_OF(type) *, int))sk_value)(st, i)
 #define SKM_sk_set(type, st,i,val) \
-        ((type * (*)(STACK_OF(type) *, int, type *))openssl_fcast(sk_set))(st, i, val)
+        ((type * (*)(STACK_OF(type) *, int, type *))sk_set)(st, i, val)
 #define SKM_sk_zero(type, st) \
-        ((void (*)(STACK_OF(type) *))openssl_fcast(sk_zero))(st)
+        ((void (*)(STACK_OF(type) *))sk_zero)(st)
 #define SKM_sk_push(type, st,val) \
-        ((int (*)(STACK_OF(type) *, type *))openssl_fcast(sk_push))(st, val)
+        ((int (*)(STACK_OF(type) *, type *))sk_push)(st, val)
 #define SKM_sk_unshift(type, st,val) \
-        ((int (*)(STACK_OF(type) *, type *))openssl_fcast(sk_unshift))(st, val)
+        ((int (*)(STACK_OF(type) *, type *))sk_unshift)(st, val)
 #define SKM_sk_find(type, st,val) \
-        ((int (*)(STACK_OF(type) *, type *))openssl_fcast(sk_find))(st, val)
+        ((int (*)(STACK_OF(type) *, type *))sk_find)(st, val)
 #define SKM_sk_delete(type, st,i) \
-        ((type * (*)(STACK_OF(type) *, int))openssl_fcast(sk_delete))(st, i)
+        ((type * (*)(STACK_OF(type) *, int))sk_delete)(st, i)
 #define SKM_sk_delete_ptr(type, st,ptr) \
-        ((type * (*)(STACK_OF(type) *, type *))openssl_fcast(sk_delete_ptr))(st, ptr)
+        ((type * (*)(STACK_OF(type) *, type *))sk_delete_ptr)(st, ptr)
 #define SKM_sk_insert(type, st,val,i) \
-        ((int (*)(STACK_OF(type) *, type *, int))openssl_fcast(sk_insert))(st, val, i)
+        ((int (*)(STACK_OF(type) *, type *, int))sk_insert)(st, val, i)
 #define SKM_sk_set_cmp_func(type, st,cmp) \
         ((int (*(*)(STACK_OF(type) *, int (*)(const type * const *, const type * const *))) \
-          (const type * const *, const type * const *))openssl_fcast(sk_set_cmp_func))\
+          (const type * const *, const type * const *))sk_set_cmp_func)\
         (st, cmp)
 #define SKM_sk_dup(type, st) \
-        ((STACK_OF(type) *(*)(STACK_OF(type) *))openssl_fcast(sk_dup))(st)
+        ((STACK_OF(type) *(*)(STACK_OF(type) *))sk_dup)(st)
 #define SKM_sk_pop_free(type, st,free_func) \
-        ((void (*)(STACK_OF(type) *, void (*)(type *)))openssl_fcast(sk_pop_free))\
+        ((void (*)(STACK_OF(type) *, void (*)(type *)))sk_pop_free)\
         (st, free_func)
 #define SKM_sk_shift(type, st) \
-        ((type * (*)(STACK_OF(type) *))openssl_fcast(sk_shift))(st)
+        ((type * (*)(STACK_OF(type) *))sk_shift)(st)
 #define SKM_sk_pop(type, st) \
-        ((type * (*)(STACK_OF(type) *))openssl_fcast(sk_pop))(st)
+        ((type * (*)(STACK_OF(type) *))sk_pop)(st)
 #define SKM_sk_sort(type, st) \
-        ((void (*)(STACK_OF(type) *))openssl_fcast(sk_sort))(st)
+        ((void (*)(STACK_OF(type) *))sk_sort)(st)
 #define SKM_sk_is_sorted(type, st) \
-        ((int (*)(const STACK_OF(type) *))openssl_fcast(sk_is_sorted))(st)
+        ((int (*)(const STACK_OF(type) *))sk_is_sorted)(st)
 
 #define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
         ((STACK_OF(type) * (*) (STACK_OF(type) **,unsigned char **, long , \
                                        type *(*)(type **, unsigned char **,long), \
-                                       void (*)(type *), int ,int )) openssl_fcast(d2i_ASN1_SET)) \
+                                       void (*)(type *), int ,int )) d2i_ASN1_SET) \
                                                 (st,pp,length, d2i_func, free_func, ex_tag,ex_class)
 #define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \
         ((int (*)(STACK_OF(type) *,unsigned char **, \
-                           int (*)(type *,unsigned char **), int , int , int)) openssl_fcast(i2d_ASN1_SET)) \
+                           int (*)(type *,unsigned char **), int , int , int)) i2d_ASN1_SET) \
                                                 (st,pp,i2d_func,ex_tag,ex_class,is_set)
 
 #define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \
         ((unsigned char *(*)(STACK_OF(type) *, \
-                                    int (*)(type *,unsigned char **), unsigned char **,int *)) openssl_fcast(ASN1_seq_pack)) \
+                                    int (*)(type *,unsigned char **), unsigned char **,int *)) ASN1_seq_pack) \
                                 (st, i2d_func, buf, len)
 #define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \
         ((STACK_OF(type) * (*)(unsigned char *,int, \
                                        type *(*)(type **,unsigned char **, long), \
-                                       void (*)(type *)))openssl_fcast(ASN1_seq_unpack)) \
+                                       void (*)(type *)))ASN1_seq_unpack) \
                                         (buf,len,d2i_func, free_func)
 
 #define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \
         ((STACK_OF(type) * (*)(X509_ALGOR *, \
                                 type *(*)(type **, unsigned char **, long), void (*)(type *), \
                                 const char *, int, \
-                                ASN1_STRING *, int))openssl_fcast(PKCS12_decrypt_d2i)) \
+                                ASN1_STRING *, int))PKCS12_decrypt_d2i) \
                                 (algor,d2i_func,free_func,pass,passlen,oct,seq)
 
 #else
diff --git a/src/lib/libssl/src/crypto/txt_db/Makefile.ssl b/src/lib/libssl/src/crypto/txt_db/Makefile.ssl
new file mode 100644
index 0000000000..6221dfae4d
--- /dev/null
+++ b/src/lib/libssl/src/crypto/txt_db/Makefile.ssl
@@ -0,0 +1,88 @@
+#
+# SSLeay/crypto/txt_db/Makefile
+#
+
+DIR=    txt_db
+TOP=    ../..
+CC=     cc
+INCLUDES=
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=txt_db.c
+LIBOBJ=txt_db.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= txt_db.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+txt_db.o: ../../e_os.h ../../include/openssl/bio.h
+txt_db.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+txt_db.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+txt_db.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+txt_db.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+txt_db.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+txt_db.o: ../../include/openssl/txt_db.h ../cryptlib.h txt_db.c
diff --git a/src/lib/libssl/src/crypto/ui/Makefile.ssl b/src/lib/libssl/src/crypto/ui/Makefile.ssl
new file mode 100644
index 0000000000..ba46951d1c
--- /dev/null
+++ b/src/lib/libssl/src/crypto/ui/Makefile.ssl
@@ -0,0 +1,117 @@
+#
+# OpenSSL/crypto/ui/Makefile
+#
+
+DIR=    ui
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+#TEST= uitest.c
+TEST=
+APPS=
+
+COMPATSRC= ui_compat.c
+COMPATOBJ= ui_compat.o
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= ui_err.c ui_lib.c ui_openssl.c ui_util.c $(COMPATSRC)
+LIBOBJ= ui_err.o ui_lib.o ui_openssl.o ui_util.o $(COMPATOBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= ui.h ui_compat.h
+HEADER= $(EXHEADER) ui_locl.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ui_compat.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ui_compat.o: ../../include/openssl/opensslconf.h
+ui_compat.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ui_compat.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ui_compat.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ui_compat.o: ui_compat.c
+ui_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+ui_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ui_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ui_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ui_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ui_err.o: ../../include/openssl/ui.h ui_err.c
+ui_lib.o: ../../e_os.h ../../include/openssl/bio.h
+ui_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+ui_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ui_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ui_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ui_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ui_lib.o: ../../include/openssl/ui.h ../cryptlib.h ui_lib.c ui_locl.h
+ui_openssl.o: ../../e_os.h ../../include/openssl/bio.h
+ui_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+ui_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ui_openssl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ui_openssl.o: ../../include/openssl/opensslv.h
+ui_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ui_openssl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ui_openssl.o: ../cryptlib.h ui_locl.h ui_openssl.c
+ui_util.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ui_util.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ui_util.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ui_util.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ui_util.o: ui_util.c
diff --git a/src/lib/libssl/src/crypto/ui/ui_err.c b/src/lib/libssl/src/crypto/ui/ui_err.c
index d983cdd66f..39a62ae737 100644
--- a/src/lib/libssl/src/crypto/ui/ui_err.c
+++ b/src/lib/libssl/src/crypto/ui/ui_err.c
@@ -1,6 +1,6 @@
 /* crypto/ui/ui_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,36 +64,32 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_UI,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_UI,0,reason)
-
 static ERR_STRING_DATA UI_str_functs[]=
         {
-{ERR_FUNC(UI_F_GENERAL_ALLOCATE_BOOLEAN),       "GENERAL_ALLOCATE_BOOLEAN"},
-{ERR_FUNC(UI_F_GENERAL_ALLOCATE_PROMPT),        "GENERAL_ALLOCATE_PROMPT"},
-{ERR_FUNC(UI_F_GENERAL_ALLOCATE_STRING),        "GENERAL_ALLOCATE_STRING"},
-{ERR_FUNC(UI_F_UI_CTRL),        "UI_ctrl"},
-{ERR_FUNC(UI_F_UI_DUP_ERROR_STRING),    "UI_dup_error_string"},
-{ERR_FUNC(UI_F_UI_DUP_INFO_STRING),     "UI_dup_info_string"},
-{ERR_FUNC(UI_F_UI_DUP_INPUT_BOOLEAN),   "UI_dup_input_boolean"},
-{ERR_FUNC(UI_F_UI_DUP_INPUT_STRING),    "UI_dup_input_string"},
-{ERR_FUNC(UI_F_UI_DUP_VERIFY_STRING),   "UI_dup_verify_string"},
-{ERR_FUNC(UI_F_UI_GET0_RESULT), "UI_get0_result"},
-{ERR_FUNC(UI_F_UI_NEW_METHOD),  "UI_new_method"},
-{ERR_FUNC(UI_F_UI_SET_RESULT),  "UI_set_result"},
+{ERR_PACK(0,UI_F_GENERAL_ALLOCATE_BOOLEAN,0),   "GENERAL_ALLOCATE_BOOLEAN"},
+{ERR_PACK(0,UI_F_GENERAL_ALLOCATE_PROMPT,0),    "GENERAL_ALLOCATE_PROMPT"},
+{ERR_PACK(0,UI_F_GENERAL_ALLOCATE_STRING,0),    "GENERAL_ALLOCATE_STRING"},
+{ERR_PACK(0,UI_F_UI_CTRL,0),    "UI_ctrl"},
+{ERR_PACK(0,UI_F_UI_DUP_ERROR_STRING,0),        "UI_dup_error_string"},
+{ERR_PACK(0,UI_F_UI_DUP_INFO_STRING,0), "UI_dup_info_string"},
+{ERR_PACK(0,UI_F_UI_DUP_INPUT_BOOLEAN,0),       "UI_dup_input_boolean"},
+{ERR_PACK(0,UI_F_UI_DUP_INPUT_STRING,0),        "UI_dup_input_string"},
+{ERR_PACK(0,UI_F_UI_DUP_VERIFY_STRING,0),       "UI_dup_verify_string"},
+{ERR_PACK(0,UI_F_UI_GET0_RESULT,0),     "UI_get0_result"},
+{ERR_PACK(0,UI_F_UI_NEW_METHOD,0),      "UI_new_method"},
+{ERR_PACK(0,UI_F_UI_SET_RESULT,0),      "UI_set_result"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA UI_str_reasons[]=
         {
-{ERR_REASON(UI_R_COMMON_OK_AND_CANCEL_CHARACTERS),"common ok and cancel characters"},
-{ERR_REASON(UI_R_INDEX_TOO_LARGE)        ,"index too large"},
-{ERR_REASON(UI_R_INDEX_TOO_SMALL)        ,"index too small"},
-{ERR_REASON(UI_R_NO_RESULT_BUFFER)       ,"no result buffer"},
-{ERR_REASON(UI_R_RESULT_TOO_LARGE)       ,"result too large"},
-{ERR_REASON(UI_R_RESULT_TOO_SMALL)       ,"result too small"},
-{ERR_REASON(UI_R_UNKNOWN_CONTROL_COMMAND),"unknown control command"},
+{UI_R_COMMON_OK_AND_CANCEL_CHARACTERS    ,"common ok and cancel characters"},
+{UI_R_INDEX_TOO_LARGE                    ,"index too large"},
+{UI_R_INDEX_TOO_SMALL                    ,"index too small"},
+{UI_R_NO_RESULT_BUFFER                   ,"no result buffer"},
+{UI_R_RESULT_TOO_LARGE                   ,"result too large"},
+{UI_R_RESULT_TOO_SMALL                   ,"result too small"},
+{UI_R_UNKNOWN_CONTROL_COMMAND            ,"unknown control command"},
 {0,NULL}
         };
 
@@ -107,8 +103,8 @@ void ERR_load_UI_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,UI_str_functs);
-                ERR_load_strings(0,UI_str_reasons);
+                ERR_load_strings(ERR_LIB_UI,UI_str_functs);
+                ERR_load_strings(ERR_LIB_UI,UI_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/crypto/x509/Makefile.ssl b/src/lib/libssl/src/crypto/x509/Makefile.ssl
new file mode 100644
index 0000000000..3a3452536c
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/Makefile.ssl
@@ -0,0 +1,594 @@
+#
+# SSLeay/crypto/x509/Makefile
+#
+
+DIR=    x509
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \
+        x509_obj.c x509_req.c x509spki.c x509_vfy.c \
+        x509_set.c x509cset.c x509rset.c x509_err.c \
+        x509name.c x509_v3.c x509_ext.c x509_att.c \
+        x509type.c x509_lu.c x_all.c x509_txt.c \
+        x509_trs.c by_file.c by_dir.c 
+LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \
+        x509_obj.o x509_req.o x509spki.o x509_vfy.o \
+        x509_set.o x509cset.o x509rset.o x509_err.o \
+        x509name.o x509_v3.o x509_ext.o x509_att.o \
+        x509type.o x509_lu.o x_all.o x509_txt.o \
+        x509_trs.o by_file.o by_dir.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= x509.h x509_vfy.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+by_dir.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+by_dir.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+by_dir.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+by_dir.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+by_dir.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+by_dir.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+by_dir.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+by_dir.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+by_dir.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+by_dir.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+by_dir.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+by_dir.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+by_dir.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+by_dir.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+by_dir.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+by_dir.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+by_dir.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+by_dir.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+by_dir.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+by_dir.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+by_dir.o: ../cryptlib.h by_dir.c
+by_file.o: ../../e_os.h ../../include/openssl/aes.h
+by_file.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+by_file.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+by_file.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+by_file.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+by_file.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+by_file.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+by_file.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+by_file.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+by_file.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+by_file.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+by_file.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+by_file.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+by_file.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+by_file.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+by_file.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+by_file.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+by_file.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+by_file.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+by_file.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+by_file.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+by_file.o: ../../include/openssl/x509_vfy.h ../cryptlib.h by_file.c
+x509_att.o: ../../e_os.h ../../include/openssl/aes.h
+x509_att.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509_att.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x509_att.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x509_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_att.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+x509_att.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+x509_att.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_att.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+x509_att.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+x509_att.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+x509_att.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+x509_att.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_att.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_att.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x509_att.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x509_att.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x509_att.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509_att.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509_att.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x509_att.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509_att.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_att.c
+x509_cmp.o: ../../e_os.h ../../include/openssl/aes.h
+x509_cmp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509_cmp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x509_cmp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x509_cmp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_cmp.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+x509_cmp.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+x509_cmp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_cmp.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+x509_cmp.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+x509_cmp.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+x509_cmp.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+x509_cmp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_cmp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_cmp.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x509_cmp.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x509_cmp.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x509_cmp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509_cmp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509_cmp.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x509_cmp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509_cmp.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_cmp.c
+x509_d2.o: ../../e_os.h ../../include/openssl/aes.h
+x509_d2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509_d2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x509_d2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x509_d2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x509_d2.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+x509_d2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x509_d2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_d2.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x509_d2.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x509_d2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x509_d2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_d2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x509_d2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x509_d2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+x509_d2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+x509_d2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+x509_d2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_d2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+x509_d2.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+x509_d2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_d2.c
+x509_def.o: ../../e_os.h ../../include/openssl/aes.h
+x509_def.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509_def.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x509_def.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x509_def.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x509_def.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+x509_def.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x509_def.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_def.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x509_def.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x509_def.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x509_def.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_def.o: ../../include/openssl/opensslconf.h
+x509_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_def.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x509_def.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x509_def.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x509_def.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509_def.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509_def.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x509_def.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509_def.o: ../cryptlib.h x509_def.c
+x509_err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+x509_err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+x509_err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+x509_err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+x509_err.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+x509_err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+x509_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+x509_err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+x509_err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+x509_err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+x509_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x509_err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x509_err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x509_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509_err.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x509_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509_err.o: x509_err.c
+x509_ext.o: ../../e_os.h ../../include/openssl/aes.h
+x509_ext.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509_ext.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x509_ext.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x509_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_ext.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+x509_ext.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+x509_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_ext.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+x509_ext.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+x509_ext.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+x509_ext.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+x509_ext.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x509_ext.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x509_ext.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x509_ext.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509_ext.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509_ext.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x509_ext.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509_ext.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_ext.c
+x509_lu.o: ../../e_os.h ../../include/openssl/aes.h
+x509_lu.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509_lu.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x509_lu.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x509_lu.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_lu.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+x509_lu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+x509_lu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_lu.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+x509_lu.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+x509_lu.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+x509_lu.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+x509_lu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_lu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_lu.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x509_lu.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x509_lu.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x509_lu.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509_lu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509_lu.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x509_lu.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509_lu.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_lu.c
+x509_obj.o: ../../e_os.h ../../include/openssl/aes.h
+x509_obj.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509_obj.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x509_obj.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x509_obj.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x509_obj.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+x509_obj.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x509_obj.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_obj.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x509_obj.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x509_obj.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x509_obj.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_obj.o: ../../include/openssl/opensslconf.h
+x509_obj.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_obj.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x509_obj.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x509_obj.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x509_obj.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509_obj.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509_obj.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x509_obj.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509_obj.o: ../cryptlib.h x509_obj.c
+x509_r2x.o: ../../e_os.h ../../include/openssl/aes.h
+x509_r2x.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509_r2x.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x509_r2x.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x509_r2x.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x509_r2x.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+x509_r2x.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x509_r2x.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_r2x.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x509_r2x.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x509_r2x.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x509_r2x.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_r2x.o: ../../include/openssl/opensslconf.h
+x509_r2x.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_r2x.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x509_r2x.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x509_r2x.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x509_r2x.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509_r2x.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509_r2x.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x509_r2x.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509_r2x.o: ../cryptlib.h x509_r2x.c
+x509_req.o: ../../e_os.h ../../include/openssl/aes.h
+x509_req.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509_req.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x509_req.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x509_req.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x509_req.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+x509_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x509_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_req.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x509_req.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x509_req.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x509_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_req.o: ../../include/openssl/opensslconf.h
+x509_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_req.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+x509_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x509_req.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x509_req.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x509_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509_req.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x509_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509_req.o: ../cryptlib.h x509_req.c
+x509_set.o: ../../e_os.h ../../include/openssl/aes.h
+x509_set.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509_set.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x509_set.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x509_set.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x509_set.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+x509_set.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x509_set.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_set.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x509_set.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x509_set.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x509_set.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_set.o: ../../include/openssl/opensslconf.h
+x509_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_set.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x509_set.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x509_set.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x509_set.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509_set.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509_set.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x509_set.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509_set.o: ../cryptlib.h x509_set.c
+x509_trs.o: ../../e_os.h ../../include/openssl/aes.h
+x509_trs.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509_trs.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x509_trs.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x509_trs.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_trs.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+x509_trs.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+x509_trs.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_trs.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+x509_trs.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+x509_trs.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+x509_trs.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+x509_trs.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_trs.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_trs.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x509_trs.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x509_trs.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x509_trs.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509_trs.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509_trs.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x509_trs.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509_trs.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_trs.c
+x509_txt.o: ../../e_os.h ../../include/openssl/aes.h
+x509_txt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509_txt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x509_txt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x509_txt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x509_txt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+x509_txt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x509_txt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_txt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x509_txt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x509_txt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x509_txt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_txt.o: ../../include/openssl/opensslconf.h
+x509_txt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_txt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x509_txt.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x509_txt.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x509_txt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509_txt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509_txt.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x509_txt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509_txt.o: ../cryptlib.h x509_txt.c
+x509_v3.o: ../../e_os.h ../../include/openssl/aes.h
+x509_v3.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509_v3.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x509_v3.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x509_v3.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_v3.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+x509_v3.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+x509_v3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_v3.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+x509_v3.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+x509_v3.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+x509_v3.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+x509_v3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_v3.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_v3.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x509_v3.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x509_v3.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x509_v3.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509_v3.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509_v3.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x509_v3.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509_v3.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_v3.c
+x509_vfy.o: ../../e_os.h ../../include/openssl/aes.h
+x509_vfy.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509_vfy.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x509_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x509_vfy.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_vfy.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+x509_vfy.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+x509_vfy.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_vfy.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+x509_vfy.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+x509_vfy.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+x509_vfy.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+x509_vfy.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x509_vfy.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x509_vfy.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x509_vfy.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509_vfy.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509_vfy.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x509_vfy.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509_vfy.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_vfy.c
+x509cset.o: ../../e_os.h ../../include/openssl/aes.h
+x509cset.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509cset.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x509cset.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x509cset.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x509cset.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+x509cset.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x509cset.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509cset.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x509cset.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x509cset.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x509cset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509cset.o: ../../include/openssl/opensslconf.h
+x509cset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509cset.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x509cset.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x509cset.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x509cset.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509cset.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509cset.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x509cset.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509cset.o: ../cryptlib.h x509cset.c
+x509name.o: ../../e_os.h ../../include/openssl/aes.h
+x509name.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509name.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x509name.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x509name.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x509name.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+x509name.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x509name.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509name.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x509name.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x509name.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x509name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509name.o: ../../include/openssl/opensslconf.h
+x509name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509name.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x509name.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x509name.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x509name.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509name.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509name.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x509name.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509name.o: ../cryptlib.h x509name.c
+x509rset.o: ../../e_os.h ../../include/openssl/aes.h
+x509rset.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509rset.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x509rset.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x509rset.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x509rset.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+x509rset.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x509rset.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509rset.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x509rset.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x509rset.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x509rset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509rset.o: ../../include/openssl/opensslconf.h
+x509rset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509rset.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x509rset.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x509rset.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x509rset.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509rset.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509rset.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x509rset.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509rset.o: ../cryptlib.h x509rset.c
+x509spki.o: ../../e_os.h ../../include/openssl/aes.h
+x509spki.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509spki.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x509spki.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x509spki.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x509spki.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+x509spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x509spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509spki.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x509spki.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x509spki.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x509spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509spki.o: ../../include/openssl/opensslconf.h
+x509spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x509spki.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x509spki.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x509spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509spki.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x509spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509spki.o: ../cryptlib.h x509spki.c
+x509type.o: ../../e_os.h ../../include/openssl/aes.h
+x509type.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509type.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x509type.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x509type.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x509type.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+x509type.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x509type.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509type.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x509type.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x509type.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x509type.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509type.o: ../../include/openssl/opensslconf.h
+x509type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509type.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x509type.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x509type.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x509type.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509type.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509type.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x509type.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509type.o: ../cryptlib.h x509type.c
+x_all.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+x_all.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+x_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+x_all.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+x_all.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+x_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+x_all.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_all.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+x_all.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+x_all.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+x_all.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+x_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_all.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+x_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_all.o: ../cryptlib.h x_all.c
diff --git a/src/lib/libssl/src/crypto/x509/by_dir.c b/src/lib/libssl/src/crypto/x509/by_dir.c
index ea689aed1a..6207340472 100644
--- a/src/lib/libssl/src/crypto/x509/by_dir.c
+++ b/src/lib/libssl/src/crypto/x509/by_dir.c
@@ -114,7 +114,7 @@ static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
         {
         int ret=0;
         BY_DIR *ld;
-        char *dir = NULL;
+        char *dir;
 
         ld=(BY_DIR *)ctx->method_data;
 
@@ -123,16 +123,17 @@ static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
         case X509_L_ADD_DIR:
                 if (argl == X509_FILETYPE_DEFAULT)
                         {
-                        dir=(char *)Getenv(X509_get_default_cert_dir_env());
-                        if (dir)
-                                ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM);
-                        else
-                                ret=add_cert_dir(ld,X509_get_default_cert_dir(),
-                                        X509_FILETYPE_PEM);
+                        ret=add_cert_dir(ld,X509_get_default_cert_dir(),
+                                X509_FILETYPE_PEM);
                         if (!ret)
                                 {
                                 X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR);
                                 }
+                        else
+                                {
+                                dir=(char *)Getenv(X509_get_default_cert_dir_env());
+                                ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM);
+                                }
                         }
                 else
                         ret=add_cert_dir(ld,argp,(int)argl);
diff --git a/src/lib/libssl/src/crypto/x509/x509_err.c b/src/lib/libssl/src/crypto/x509/x509_err.c
index d44d046027..5bbf4acf76 100644
--- a/src/lib/libssl/src/crypto/x509/x509_err.c
+++ b/src/lib/libssl/src/crypto/x509/x509_err.c
@@ -1,6 +1,6 @@
 /* crypto/x509/x509_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,81 +64,77 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509,0,reason)
-
 static ERR_STRING_DATA X509_str_functs[]=
         {
-{ERR_FUNC(X509_F_ADD_CERT_DIR), "ADD_CERT_DIR"},
-{ERR_FUNC(X509_F_BY_FILE_CTRL), "BY_FILE_CTRL"},
-{ERR_FUNC(X509_F_DIR_CTRL),     "DIR_CTRL"},
-{ERR_FUNC(X509_F_GET_CERT_BY_SUBJECT),  "GET_CERT_BY_SUBJECT"},
-{ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_DECODE),     "NETSCAPE_SPKI_b64_decode"},
-{ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_ENCODE),     "NETSCAPE_SPKI_b64_encode"},
-{ERR_FUNC(X509_F_X509V3_ADD_EXT),       "X509v3_add_ext"},
-{ERR_FUNC(X509_F_X509_ADD_ATTR),        "X509_ADD_ATTR"},
-{ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_NID), "X509_ATTRIBUTE_create_by_NID"},
-{ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ), "X509_ATTRIBUTE_create_by_OBJ"},
-{ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT), "X509_ATTRIBUTE_create_by_txt"},
-{ERR_FUNC(X509_F_X509_ATTRIBUTE_GET0_DATA),     "X509_ATTRIBUTE_get0_data"},
-{ERR_FUNC(X509_F_X509_ATTRIBUTE_SET1_DATA),     "X509_ATTRIBUTE_set1_data"},
-{ERR_FUNC(X509_F_X509_CHECK_PRIVATE_KEY),       "X509_check_private_key"},
-{ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_NID), "X509_EXTENSION_create_by_NID"},
-{ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_OBJ), "X509_EXTENSION_create_by_OBJ"},
-{ERR_FUNC(X509_F_X509_GET_PUBKEY_PARAMETERS),   "X509_get_pubkey_parameters"},
-{ERR_FUNC(X509_F_X509_LOAD_CERT_CRL_FILE),      "X509_load_cert_crl_file"},
-{ERR_FUNC(X509_F_X509_LOAD_CERT_FILE),  "X509_load_cert_file"},
-{ERR_FUNC(X509_F_X509_LOAD_CRL_FILE),   "X509_load_crl_file"},
-{ERR_FUNC(X509_F_X509_NAME_ADD_ENTRY),  "X509_NAME_add_entry"},
-{ERR_FUNC(X509_F_X509_NAME_ENTRY_CREATE_BY_NID),        "X509_NAME_ENTRY_create_by_NID"},
-{ERR_FUNC(X509_F_X509_NAME_ENTRY_CREATE_BY_TXT),        "X509_NAME_ENTRY_create_by_txt"},
-{ERR_FUNC(X509_F_X509_NAME_ENTRY_SET_OBJECT),   "X509_NAME_ENTRY_set_object"},
-{ERR_FUNC(X509_F_X509_NAME_ONELINE),    "X509_NAME_oneline"},
-{ERR_FUNC(X509_F_X509_NAME_PRINT),      "X509_NAME_print"},
-{ERR_FUNC(X509_F_X509_PRINT_FP),        "X509_print_fp"},
-{ERR_FUNC(X509_F_X509_PUBKEY_GET),      "X509_PUBKEY_get"},
-{ERR_FUNC(X509_F_X509_PUBKEY_SET),      "X509_PUBKEY_set"},
-{ERR_FUNC(X509_F_X509_REQ_PRINT),       "X509_REQ_print"},
-{ERR_FUNC(X509_F_X509_REQ_PRINT_FP),    "X509_REQ_print_fp"},
-{ERR_FUNC(X509_F_X509_REQ_TO_X509),     "X509_REQ_to_X509"},
-{ERR_FUNC(X509_F_X509_STORE_ADD_CERT),  "X509_STORE_add_cert"},
-{ERR_FUNC(X509_F_X509_STORE_ADD_CRL),   "X509_STORE_add_crl"},
-{ERR_FUNC(X509_F_X509_STORE_CTX_INIT),  "X509_STORE_CTX_init"},
-{ERR_FUNC(X509_F_X509_STORE_CTX_NEW),   "X509_STORE_CTX_new"},
-{ERR_FUNC(X509_F_X509_STORE_CTX_PURPOSE_INHERIT),       "X509_STORE_CTX_purpose_inherit"},
-{ERR_FUNC(X509_F_X509_TO_X509_REQ),     "X509_to_X509_REQ"},
-{ERR_FUNC(X509_F_X509_TRUST_ADD),       "X509_TRUST_add"},
-{ERR_FUNC(X509_F_X509_TRUST_SET),       "X509_TRUST_set"},
-{ERR_FUNC(X509_F_X509_VERIFY_CERT),     "X509_verify_cert"},
+{ERR_PACK(0,X509_F_ADD_CERT_DIR,0),     "ADD_CERT_DIR"},
+{ERR_PACK(0,X509_F_BY_FILE_CTRL,0),     "BY_FILE_CTRL"},
+{ERR_PACK(0,X509_F_DIR_CTRL,0), "DIR_CTRL"},
+{ERR_PACK(0,X509_F_GET_CERT_BY_SUBJECT,0),      "GET_CERT_BY_SUBJECT"},
+{ERR_PACK(0,X509_F_NETSCAPE_SPKI_B64_DECODE,0), "NETSCAPE_SPKI_b64_decode"},
+{ERR_PACK(0,X509_F_NETSCAPE_SPKI_B64_ENCODE,0), "NETSCAPE_SPKI_b64_encode"},
+{ERR_PACK(0,X509_F_X509V3_ADD_EXT,0),   "X509v3_add_ext"},
+{ERR_PACK(0,X509_F_X509_ADD_ATTR,0),    "X509_ADD_ATTR"},
+{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_NID,0),     "X509_ATTRIBUTE_create_by_NID"},
+{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,0),     "X509_ATTRIBUTE_create_by_OBJ"},
+{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_TXT,0),     "X509_ATTRIBUTE_create_by_txt"},
+{ERR_PACK(0,X509_F_X509_ATTRIBUTE_GET0_DATA,0), "X509_ATTRIBUTE_get0_data"},
+{ERR_PACK(0,X509_F_X509_ATTRIBUTE_SET1_DATA,0), "X509_ATTRIBUTE_set1_data"},
+{ERR_PACK(0,X509_F_X509_CHECK_PRIVATE_KEY,0),   "X509_check_private_key"},
+{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_NID,0),     "X509_EXTENSION_create_by_NID"},
+{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_OBJ,0),     "X509_EXTENSION_create_by_OBJ"},
+{ERR_PACK(0,X509_F_X509_GET_PUBKEY_PARAMETERS,0),       "X509_get_pubkey_parameters"},
+{ERR_PACK(0,X509_F_X509_LOAD_CERT_CRL_FILE,0),  "X509_load_cert_crl_file"},
+{ERR_PACK(0,X509_F_X509_LOAD_CERT_FILE,0),      "X509_load_cert_file"},
+{ERR_PACK(0,X509_F_X509_LOAD_CRL_FILE,0),       "X509_load_crl_file"},
+{ERR_PACK(0,X509_F_X509_NAME_ADD_ENTRY,0),      "X509_NAME_add_entry"},
+{ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_NID,0),    "X509_NAME_ENTRY_create_by_NID"},
+{ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_TXT,0),    "X509_NAME_ENTRY_create_by_txt"},
+{ERR_PACK(0,X509_F_X509_NAME_ENTRY_SET_OBJECT,0),       "X509_NAME_ENTRY_set_object"},
+{ERR_PACK(0,X509_F_X509_NAME_ONELINE,0),        "X509_NAME_oneline"},
+{ERR_PACK(0,X509_F_X509_NAME_PRINT,0),  "X509_NAME_print"},
+{ERR_PACK(0,X509_F_X509_PRINT_FP,0),    "X509_print_fp"},
+{ERR_PACK(0,X509_F_X509_PUBKEY_GET,0),  "X509_PUBKEY_get"},
+{ERR_PACK(0,X509_F_X509_PUBKEY_SET,0),  "X509_PUBKEY_set"},
+{ERR_PACK(0,X509_F_X509_REQ_PRINT,0),   "X509_REQ_print"},
+{ERR_PACK(0,X509_F_X509_REQ_PRINT_FP,0),        "X509_REQ_print_fp"},
+{ERR_PACK(0,X509_F_X509_REQ_TO_X509,0), "X509_REQ_to_X509"},
+{ERR_PACK(0,X509_F_X509_STORE_ADD_CERT,0),      "X509_STORE_add_cert"},
+{ERR_PACK(0,X509_F_X509_STORE_ADD_CRL,0),       "X509_STORE_add_crl"},
+{ERR_PACK(0,X509_F_X509_STORE_CTX_INIT,0),      "X509_STORE_CTX_init"},
+{ERR_PACK(0,X509_F_X509_STORE_CTX_NEW,0),       "X509_STORE_CTX_new"},
+{ERR_PACK(0,X509_F_X509_STORE_CTX_PURPOSE_INHERIT,0),   "X509_STORE_CTX_purpose_inherit"},
+{ERR_PACK(0,X509_F_X509_TO_X509_REQ,0), "X509_to_X509_REQ"},
+{ERR_PACK(0,X509_F_X509_TRUST_ADD,0),   "X509_TRUST_add"},
+{ERR_PACK(0,X509_F_X509_TRUST_SET,0),   "X509_TRUST_set"},
+{ERR_PACK(0,X509_F_X509_VERIFY_CERT,0), "X509_verify_cert"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA X509_str_reasons[]=
         {
-{ERR_REASON(X509_R_BAD_X509_FILETYPE)    ,"bad x509 filetype"},
-{ERR_REASON(X509_R_BASE64_DECODE_ERROR)  ,"base64 decode error"},
-{ERR_REASON(X509_R_CANT_CHECK_DH_KEY)    ,"cant check dh key"},
-{ERR_REASON(X509_R_CERT_ALREADY_IN_HASH_TABLE),"cert already in hash table"},
-{ERR_REASON(X509_R_ERR_ASN1_LIB)         ,"err asn1 lib"},
-{ERR_REASON(X509_R_INVALID_DIRECTORY)    ,"invalid directory"},
-{ERR_REASON(X509_R_INVALID_FIELD_NAME)   ,"invalid field name"},
-{ERR_REASON(X509_R_INVALID_TRUST)        ,"invalid trust"},
-{ERR_REASON(X509_R_KEY_TYPE_MISMATCH)    ,"key type mismatch"},
-{ERR_REASON(X509_R_KEY_VALUES_MISMATCH)  ,"key values mismatch"},
-{ERR_REASON(X509_R_LOADING_CERT_DIR)     ,"loading cert dir"},
-{ERR_REASON(X509_R_LOADING_DEFAULTS)     ,"loading defaults"},
-{ERR_REASON(X509_R_NO_CERT_SET_FOR_US_TO_VERIFY),"no cert set for us to verify"},
-{ERR_REASON(X509_R_SHOULD_RETRY)         ,"should retry"},
-{ERR_REASON(X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN),"unable to find parameters in chain"},
-{ERR_REASON(X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY),"unable to get certs public key"},
-{ERR_REASON(X509_R_UNKNOWN_KEY_TYPE)     ,"unknown key type"},
-{ERR_REASON(X509_R_UNKNOWN_NID)          ,"unknown nid"},
-{ERR_REASON(X509_R_UNKNOWN_PURPOSE_ID)   ,"unknown purpose id"},
-{ERR_REASON(X509_R_UNKNOWN_TRUST_ID)     ,"unknown trust id"},
-{ERR_REASON(X509_R_UNSUPPORTED_ALGORITHM),"unsupported algorithm"},
-{ERR_REASON(X509_R_WRONG_LOOKUP_TYPE)    ,"wrong lookup type"},
-{ERR_REASON(X509_R_WRONG_TYPE)           ,"wrong type"},
+{X509_R_BAD_X509_FILETYPE                ,"bad x509 filetype"},
+{X509_R_BASE64_DECODE_ERROR              ,"base64 decode error"},
+{X509_R_CANT_CHECK_DH_KEY                ,"cant check dh key"},
+{X509_R_CERT_ALREADY_IN_HASH_TABLE       ,"cert already in hash table"},
+{X509_R_ERR_ASN1_LIB                     ,"err asn1 lib"},
+{X509_R_INVALID_DIRECTORY                ,"invalid directory"},
+{X509_R_INVALID_FIELD_NAME               ,"invalid field name"},
+{X509_R_INVALID_TRUST                    ,"invalid trust"},
+{X509_R_KEY_TYPE_MISMATCH                ,"key type mismatch"},
+{X509_R_KEY_VALUES_MISMATCH              ,"key values mismatch"},
+{X509_R_LOADING_CERT_DIR                 ,"loading cert dir"},
+{X509_R_LOADING_DEFAULTS                 ,"loading defaults"},
+{X509_R_NO_CERT_SET_FOR_US_TO_VERIFY     ,"no cert set for us to verify"},
+{X509_R_SHOULD_RETRY                     ,"should retry"},
+{X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN,"unable to find parameters in chain"},
+{X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY   ,"unable to get certs public key"},
+{X509_R_UNKNOWN_KEY_TYPE                 ,"unknown key type"},
+{X509_R_UNKNOWN_NID                      ,"unknown nid"},
+{X509_R_UNKNOWN_PURPOSE_ID               ,"unknown purpose id"},
+{X509_R_UNKNOWN_TRUST_ID                 ,"unknown trust id"},
+{X509_R_UNSUPPORTED_ALGORITHM            ,"unsupported algorithm"},
+{X509_R_WRONG_LOOKUP_TYPE                ,"wrong lookup type"},
+{X509_R_WRONG_TYPE                       ,"wrong type"},
 {0,NULL}
         };
 
@@ -152,8 +148,8 @@ void ERR_load_X509_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,X509_str_functs);
-                ERR_load_strings(0,X509_str_reasons);
+                ERR_load_strings(ERR_LIB_X509,X509_str_functs);
+                ERR_load_strings(ERR_LIB_X509,X509_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/crypto/x509/x509_vfy.c b/src/lib/libssl/src/crypto/x509/x509_vfy.c
index 383e082aba..e43c861ee7 100644
--- a/src/lib/libssl/src/crypto/x509/x509_vfy.c
+++ b/src/lib/libssl/src/crypto/x509/x509_vfy.c
@@ -944,7 +944,7 @@ int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time)
                 offset=0;
         else
                 {
-                if ((*str != '+') && (*str != '-'))
+                if ((*str != '+') && (str[5] != '-'))
                         return 0;
                 offset=((str[1]-'0')*10+(str[2]-'0'))*60;
                 offset+=(str[3]-'0')*10+(str[4]-'0');
diff --git a/src/lib/libssl/src/crypto/x509v3/Makefile.ssl b/src/lib/libssl/src/crypto/x509v3/Makefile.ssl
new file mode 100644
index 0000000000..66df90c346
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509v3/Makefile.ssl
@@ -0,0 +1,603 @@
+#
+# SSLeay/crypto/x509v3/Makefile
+#
+
+DIR=    x509v3
+TOP=    ../..
+CC=     cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c v3_lib.c \
+v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c v3_pku.c \
+v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c v3_crld.c v3_purp.c v3_info.c \
+v3_ocsp.c v3_akeya.c
+LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \
+v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \
+v3_int.o v3_enum.o v3_sxnet.o v3_cpols.o v3_crld.o v3_purp.o v3_info.o \
+v3_ocsp.o v3_akeya.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= x509v3.h
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+v3_akey.o: ../../e_os.h ../../include/openssl/aes.h
+v3_akey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+v3_akey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+v3_akey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_akey.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+v3_akey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+v3_akey.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+v3_akey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+v3_akey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_akey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+v3_akey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+v3_akey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+v3_akey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_akey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_akey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_akey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+v3_akey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+v3_akey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+v3_akey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_akey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+v3_akey.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+v3_akey.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_akey.o: ../cryptlib.h v3_akey.c
+v3_akeya.o: ../../e_os.h ../../include/openssl/aes.h
+v3_akeya.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+v3_akeya.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+v3_akeya.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_akeya.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+v3_akeya.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+v3_akeya.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+v3_akeya.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+v3_akeya.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_akeya.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+v3_akeya.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+v3_akeya.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+v3_akeya.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_akeya.o: ../../include/openssl/opensslconf.h
+v3_akeya.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_akeya.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+v3_akeya.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+v3_akeya.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+v3_akeya.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_akeya.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_akeya.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+v3_akeya.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_akeya.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_akeya.c
+v3_alt.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+v3_alt.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+v3_alt.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_alt.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+v3_alt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+v3_alt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+v3_alt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+v3_alt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_alt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+v3_alt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+v3_alt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+v3_alt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_alt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_alt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_alt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+v3_alt.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+v3_alt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+v3_alt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_alt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+v3_alt.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+v3_alt.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_alt.o: ../cryptlib.h v3_alt.c
+v3_bcons.o: ../../e_os.h ../../include/openssl/aes.h
+v3_bcons.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+v3_bcons.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+v3_bcons.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_bcons.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+v3_bcons.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+v3_bcons.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+v3_bcons.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+v3_bcons.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_bcons.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+v3_bcons.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+v3_bcons.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+v3_bcons.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_bcons.o: ../../include/openssl/opensslconf.h
+v3_bcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_bcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+v3_bcons.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+v3_bcons.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+v3_bcons.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_bcons.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_bcons.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+v3_bcons.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_bcons.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_bcons.c
+v3_bitst.o: ../../e_os.h ../../include/openssl/aes.h
+v3_bitst.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_bitst.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+v3_bitst.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+v3_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_bitst.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+v3_bitst.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+v3_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_bitst.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+v3_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+v3_bitst.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+v3_bitst.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+v3_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+v3_bitst.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+v3_bitst.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+v3_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_bitst.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+v3_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_bitst.c
+v3_conf.o: ../../e_os.h ../../include/openssl/aes.h
+v3_conf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_conf.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+v3_conf.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+v3_conf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_conf.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+v3_conf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+v3_conf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_conf.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+v3_conf.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+v3_conf.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+v3_conf.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+v3_conf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_conf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_conf.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+v3_conf.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+v3_conf.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+v3_conf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_conf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_conf.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+v3_conf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_conf.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_conf.c
+v3_cpols.o: ../../e_os.h ../../include/openssl/aes.h
+v3_cpols.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+v3_cpols.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+v3_cpols.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_cpols.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+v3_cpols.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+v3_cpols.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+v3_cpols.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+v3_cpols.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_cpols.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+v3_cpols.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+v3_cpols.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+v3_cpols.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_cpols.o: ../../include/openssl/opensslconf.h
+v3_cpols.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_cpols.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+v3_cpols.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+v3_cpols.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+v3_cpols.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_cpols.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_cpols.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+v3_cpols.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_cpols.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_cpols.c
+v3_crld.o: ../../e_os.h ../../include/openssl/aes.h
+v3_crld.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+v3_crld.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+v3_crld.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_crld.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+v3_crld.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+v3_crld.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+v3_crld.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+v3_crld.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_crld.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+v3_crld.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+v3_crld.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+v3_crld.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_crld.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_crld.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_crld.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+v3_crld.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+v3_crld.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+v3_crld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_crld.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+v3_crld.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+v3_crld.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_crld.o: ../cryptlib.h v3_crld.c
+v3_enum.o: ../../e_os.h ../../include/openssl/aes.h
+v3_enum.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_enum.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+v3_enum.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+v3_enum.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_enum.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+v3_enum.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+v3_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_enum.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+v3_enum.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+v3_enum.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+v3_enum.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+v3_enum.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_enum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_enum.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+v3_enum.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+v3_enum.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+v3_enum.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_enum.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+v3_enum.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_enum.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_enum.c
+v3_extku.o: ../../e_os.h ../../include/openssl/aes.h
+v3_extku.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+v3_extku.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+v3_extku.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_extku.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+v3_extku.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+v3_extku.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+v3_extku.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+v3_extku.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_extku.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+v3_extku.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+v3_extku.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+v3_extku.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_extku.o: ../../include/openssl/opensslconf.h
+v3_extku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_extku.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+v3_extku.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+v3_extku.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+v3_extku.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_extku.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_extku.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+v3_extku.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_extku.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_extku.c
+v3_genn.o: ../../e_os.h ../../include/openssl/aes.h
+v3_genn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+v3_genn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+v3_genn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_genn.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+v3_genn.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+v3_genn.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+v3_genn.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+v3_genn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_genn.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+v3_genn.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+v3_genn.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+v3_genn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_genn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_genn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_genn.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+v3_genn.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+v3_genn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+v3_genn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_genn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+v3_genn.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+v3_genn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_genn.o: ../cryptlib.h v3_genn.c
+v3_ia5.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+v3_ia5.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+v3_ia5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_ia5.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+v3_ia5.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+v3_ia5.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+v3_ia5.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+v3_ia5.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_ia5.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+v3_ia5.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+v3_ia5.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+v3_ia5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_ia5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_ia5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_ia5.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+v3_ia5.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+v3_ia5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+v3_ia5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_ia5.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+v3_ia5.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+v3_ia5.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_ia5.o: ../cryptlib.h v3_ia5.c
+v3_info.o: ../../e_os.h ../../include/openssl/aes.h
+v3_info.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+v3_info.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+v3_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_info.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+v3_info.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+v3_info.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+v3_info.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+v3_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_info.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+v3_info.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+v3_info.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+v3_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_info.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_info.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_info.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+v3_info.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+v3_info.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+v3_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_info.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+v3_info.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+v3_info.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_info.o: ../cryptlib.h v3_info.c
+v3_int.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+v3_int.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+v3_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_int.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+v3_int.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+v3_int.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+v3_int.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+v3_int.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_int.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+v3_int.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+v3_int.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+v3_int.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_int.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+v3_int.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+v3_int.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+v3_int.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_int.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+v3_int.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+v3_int.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_int.o: ../cryptlib.h v3_int.c
+v3_lib.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+v3_lib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+v3_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_lib.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+v3_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+v3_lib.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+v3_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+v3_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+v3_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+v3_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+v3_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+v3_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+v3_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+v3_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+v3_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+v3_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_lib.o: ../cryptlib.h ext_dat.h v3_lib.c
+v3_ocsp.o: ../../e_os.h ../../include/openssl/aes.h
+v3_ocsp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_ocsp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+v3_ocsp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+v3_ocsp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_ocsp.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+v3_ocsp.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+v3_ocsp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_ocsp.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+v3_ocsp.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+v3_ocsp.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+v3_ocsp.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+v3_ocsp.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+v3_ocsp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_ocsp.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_ocsp.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+v3_ocsp.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+v3_ocsp.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+v3_ocsp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_ocsp.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+v3_ocsp.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+v3_ocsp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_ocsp.o: ../cryptlib.h v3_ocsp.c
+v3_pku.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+v3_pku.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_pku.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+v3_pku.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+v3_pku.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_pku.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+v3_pku.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+v3_pku.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_pku.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+v3_pku.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+v3_pku.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+v3_pku.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+v3_pku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_pku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_pku.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+v3_pku.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+v3_pku.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+v3_pku.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_pku.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_pku.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+v3_pku.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_pku.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_pku.c
+v3_prn.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+v3_prn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+v3_prn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_prn.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+v3_prn.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+v3_prn.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+v3_prn.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+v3_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_prn.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+v3_prn.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+v3_prn.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+v3_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_prn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_prn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_prn.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+v3_prn.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+v3_prn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+v3_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+v3_prn.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+v3_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_prn.o: ../cryptlib.h v3_prn.c
+v3_purp.o: ../../e_os.h ../../include/openssl/aes.h
+v3_purp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_purp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+v3_purp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+v3_purp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_purp.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+v3_purp.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+v3_purp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_purp.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+v3_purp.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+v3_purp.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+v3_purp.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+v3_purp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_purp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_purp.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+v3_purp.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+v3_purp.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+v3_purp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_purp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_purp.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+v3_purp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_purp.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_purp.c
+v3_skey.o: ../../e_os.h ../../include/openssl/aes.h
+v3_skey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+v3_skey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+v3_skey.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_skey.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+v3_skey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+v3_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_skey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+v3_skey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+v3_skey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+v3_skey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+v3_skey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_skey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+v3_skey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+v3_skey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+v3_skey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_skey.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+v3_skey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_skey.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_skey.c
+v3_sxnet.o: ../../e_os.h ../../include/openssl/aes.h
+v3_sxnet.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+v3_sxnet.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+v3_sxnet.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_sxnet.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+v3_sxnet.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+v3_sxnet.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+v3_sxnet.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+v3_sxnet.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_sxnet.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+v3_sxnet.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+v3_sxnet.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+v3_sxnet.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_sxnet.o: ../../include/openssl/opensslconf.h
+v3_sxnet.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_sxnet.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+v3_sxnet.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+v3_sxnet.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+v3_sxnet.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_sxnet.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_sxnet.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+v3_sxnet.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_sxnet.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_sxnet.c
+v3_utl.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
+v3_utl.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+v3_utl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_utl.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+v3_utl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+v3_utl.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+v3_utl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+v3_utl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_utl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+v3_utl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+v3_utl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+v3_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_utl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+v3_utl.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+v3_utl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+v3_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+v3_utl.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+v3_utl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_utl.o: ../cryptlib.h v3_utl.c
+v3err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+v3err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+v3err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3err.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+v3err.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+v3err.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+v3err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+v3err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3err.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+v3err.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+v3err.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+v3err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+v3err.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+v3err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+v3err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3err.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+v3err.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+v3err.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3err.o: v3err.c
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_cpols.c b/src/lib/libssl/src/crypto/x509v3/v3_cpols.c
index 867525f336..0d554f3a2c 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_cpols.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_cpols.c
@@ -137,15 +137,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
         CONF_VALUE *cnf;
         int i, ia5org;
         pols = sk_POLICYINFO_new_null();
-        if (pols == NULL) {
-                X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE);
-                return NULL;
-        }
         vals =  X509V3_parse_list(value);
-        if (vals == NULL) {
-                X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_X509V3_LIB);
-                goto err;
-        }
         ia5org = 0;
         for(i = 0; i < sk_CONF_VALUE_num(vals); i++) {
                 cnf = sk_CONF_VALUE_value(vals, i);
@@ -184,7 +176,6 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
         sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
         return pols;
         err:
-        sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
         sk_POLICYINFO_pop_free(pols, POLICYINFO_free);
         return NULL;
 }
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_utl.c b/src/lib/libssl/src/crypto/x509v3/v3_utl.c
index 34ac2998de..466c91d0e8 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_utl.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_utl.c
@@ -78,7 +78,7 @@ int X509V3_add_value(const char *name, const char *value,
         CONF_VALUE *vtmp = NULL;
         char *tname = NULL, *tvalue = NULL;
         if(name && !(tname = BUF_strdup(name))) goto err;
-        if(value && !(tvalue = BUF_strdup(value))) goto err;;
+        if(value && !(tvalue = BUF_strdup(value))) goto err;
         if(!(vtmp = (CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) goto err;
         if(!*extlist && !(*extlist = sk_CONF_VALUE_new_null())) goto err;
         vtmp->section = NULL;
diff --git a/src/lib/libssl/src/crypto/x509v3/v3err.c b/src/lib/libssl/src/crypto/x509v3/v3err.c
index e1edaf5248..2df0c3ef01 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3err.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3err.c
@@ -64,118 +64,114 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509V3,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509V3,0,reason)
-
 static ERR_STRING_DATA X509V3_str_functs[]=
         {
-{ERR_FUNC(X509V3_F_COPY_EMAIL), "COPY_EMAIL"},
-{ERR_FUNC(X509V3_F_COPY_ISSUER),        "COPY_ISSUER"},
-{ERR_FUNC(X509V3_F_DO_EXT_CONF),        "DO_EXT_CONF"},
-{ERR_FUNC(X509V3_F_DO_EXT_I2D), "DO_EXT_I2D"},
-{ERR_FUNC(X509V3_F_HEX_TO_STRING),      "hex_to_string"},
-{ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED),        "i2s_ASN1_ENUMERATED"},
-{ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING), "I2S_ASN1_IA5STRING"},
-{ERR_FUNC(X509V3_F_I2S_ASN1_INTEGER),   "i2s_ASN1_INTEGER"},
-{ERR_FUNC(X509V3_F_I2V_AUTHORITY_INFO_ACCESS),  "I2V_AUTHORITY_INFO_ACCESS"},
-{ERR_FUNC(X509V3_F_NOTICE_SECTION),     "NOTICE_SECTION"},
-{ERR_FUNC(X509V3_F_NREF_NOS),   "NREF_NOS"},
-{ERR_FUNC(X509V3_F_POLICY_SECTION),     "POLICY_SECTION"},
-{ERR_FUNC(X509V3_F_R2I_CERTPOL),        "R2I_CERTPOL"},
-{ERR_FUNC(X509V3_F_R2I_PCI),    "R2I_PCI"},
-{ERR_FUNC(X509V3_F_S2I_ASN1_IA5STRING), "S2I_ASN1_IA5STRING"},
-{ERR_FUNC(X509V3_F_S2I_ASN1_INTEGER),   "s2i_ASN1_INTEGER"},
-{ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING),      "s2i_ASN1_OCTET_STRING"},
-{ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID),   "S2I_ASN1_SKEY_ID"},
-{ERR_FUNC(X509V3_F_S2I_S2I_SKEY_ID),    "S2I_S2I_SKEY_ID"},
-{ERR_FUNC(X509V3_F_STRING_TO_HEX),      "string_to_hex"},
-{ERR_FUNC(X509V3_F_SXNET_ADD_ASC),      "SXNET_ADD_ASC"},
-{ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER),       "SXNET_add_id_INTEGER"},
-{ERR_FUNC(X509V3_F_SXNET_ADD_ID_ULONG), "SXNET_add_id_ulong"},
-{ERR_FUNC(X509V3_F_SXNET_GET_ID_ASC),   "SXNET_get_id_asc"},
-{ERR_FUNC(X509V3_F_SXNET_GET_ID_ULONG), "SXNET_get_id_ulong"},
-{ERR_FUNC(X509V3_F_V2I_ACCESS_DESCRIPTION),     "V2I_ACCESS_DESCRIPTION"},
-{ERR_FUNC(X509V3_F_V2I_ASN1_BIT_STRING),        "V2I_ASN1_BIT_STRING"},
-{ERR_FUNC(X509V3_F_V2I_AUTHORITY_KEYID),        "V2I_AUTHORITY_KEYID"},
-{ERR_FUNC(X509V3_F_V2I_BASIC_CONSTRAINTS),      "V2I_BASIC_CONSTRAINTS"},
-{ERR_FUNC(X509V3_F_V2I_CRLD),   "V2I_CRLD"},
-{ERR_FUNC(X509V3_F_V2I_EXT_KU), "V2I_EXT_KU"},
-{ERR_FUNC(X509V3_F_V2I_GENERAL_NAME),   "v2i_GENERAL_NAME"},
-{ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES),  "v2i_GENERAL_NAMES"},
-{ERR_FUNC(X509V3_F_V3_GENERIC_EXTENSION),       "V3_GENERIC_EXTENSION"},
-{ERR_FUNC(X509V3_F_X509V3_ADD_I2D),     "X509V3_ADD_I2D"},
-{ERR_FUNC(X509V3_F_X509V3_ADD_VALUE),   "X509V3_add_value"},
-{ERR_FUNC(X509V3_F_X509V3_EXT_ADD),     "X509V3_EXT_add"},
-{ERR_FUNC(X509V3_F_X509V3_EXT_ADD_ALIAS),       "X509V3_EXT_add_alias"},
-{ERR_FUNC(X509V3_F_X509V3_EXT_CONF),    "X509V3_EXT_conf"},
-{ERR_FUNC(X509V3_F_X509V3_EXT_I2D),     "X509V3_EXT_i2d"},
-{ERR_FUNC(X509V3_F_X509V3_GET_VALUE_BOOL),      "X509V3_get_value_bool"},
-{ERR_FUNC(X509V3_F_X509V3_PARSE_LIST),  "X509V3_parse_list"},
-{ERR_FUNC(X509V3_F_X509_PURPOSE_ADD),   "X509_PURPOSE_add"},
-{ERR_FUNC(X509V3_F_X509_PURPOSE_SET),   "X509_PURPOSE_set"},
+{ERR_PACK(0,X509V3_F_COPY_EMAIL,0),     "COPY_EMAIL"},
+{ERR_PACK(0,X509V3_F_COPY_ISSUER,0),    "COPY_ISSUER"},
+{ERR_PACK(0,X509V3_F_DO_EXT_CONF,0),    "DO_EXT_CONF"},
+{ERR_PACK(0,X509V3_F_DO_EXT_I2D,0),     "DO_EXT_I2D"},
+{ERR_PACK(0,X509V3_F_HEX_TO_STRING,0),  "hex_to_string"},
+{ERR_PACK(0,X509V3_F_I2S_ASN1_ENUMERATED,0),    "i2s_ASN1_ENUMERATED"},
+{ERR_PACK(0,X509V3_F_I2S_ASN1_IA5STRING,0),     "I2S_ASN1_IA5STRING"},
+{ERR_PACK(0,X509V3_F_I2S_ASN1_INTEGER,0),       "i2s_ASN1_INTEGER"},
+{ERR_PACK(0,X509V3_F_I2V_AUTHORITY_INFO_ACCESS,0),      "I2V_AUTHORITY_INFO_ACCESS"},
+{ERR_PACK(0,X509V3_F_NOTICE_SECTION,0), "NOTICE_SECTION"},
+{ERR_PACK(0,X509V3_F_NREF_NOS,0),       "NREF_NOS"},
+{ERR_PACK(0,X509V3_F_POLICY_SECTION,0), "POLICY_SECTION"},
+{ERR_PACK(0,X509V3_F_R2I_CERTPOL,0),    "R2I_CERTPOL"},
+{ERR_PACK(0,X509V3_F_R2I_PCI,0),        "R2I_PCI"},
+{ERR_PACK(0,X509V3_F_S2I_ASN1_IA5STRING,0),     "S2I_ASN1_IA5STRING"},
+{ERR_PACK(0,X509V3_F_S2I_ASN1_INTEGER,0),       "s2i_ASN1_INTEGER"},
+{ERR_PACK(0,X509V3_F_S2I_ASN1_OCTET_STRING,0),  "s2i_ASN1_OCTET_STRING"},
+{ERR_PACK(0,X509V3_F_S2I_ASN1_SKEY_ID,0),       "S2I_ASN1_SKEY_ID"},
+{ERR_PACK(0,X509V3_F_S2I_S2I_SKEY_ID,0),        "S2I_S2I_SKEY_ID"},
+{ERR_PACK(0,X509V3_F_STRING_TO_HEX,0),  "string_to_hex"},
+{ERR_PACK(0,X509V3_F_SXNET_ADD_ASC,0),  "SXNET_ADD_ASC"},
+{ERR_PACK(0,X509V3_F_SXNET_ADD_ID_INTEGER,0),   "SXNET_add_id_INTEGER"},
+{ERR_PACK(0,X509V3_F_SXNET_ADD_ID_ULONG,0),     "SXNET_add_id_ulong"},
+{ERR_PACK(0,X509V3_F_SXNET_GET_ID_ASC,0),       "SXNET_get_id_asc"},
+{ERR_PACK(0,X509V3_F_SXNET_GET_ID_ULONG,0),     "SXNET_get_id_ulong"},
+{ERR_PACK(0,X509V3_F_V2I_ACCESS_DESCRIPTION,0), "V2I_ACCESS_DESCRIPTION"},
+{ERR_PACK(0,X509V3_F_V2I_ASN1_BIT_STRING,0),    "V2I_ASN1_BIT_STRING"},
+{ERR_PACK(0,X509V3_F_V2I_AUTHORITY_KEYID,0),    "V2I_AUTHORITY_KEYID"},
+{ERR_PACK(0,X509V3_F_V2I_BASIC_CONSTRAINTS,0),  "V2I_BASIC_CONSTRAINTS"},
+{ERR_PACK(0,X509V3_F_V2I_CRLD,0),       "V2I_CRLD"},
+{ERR_PACK(0,X509V3_F_V2I_EXT_KU,0),     "V2I_EXT_KU"},
+{ERR_PACK(0,X509V3_F_V2I_GENERAL_NAME,0),       "v2i_GENERAL_NAME"},
+{ERR_PACK(0,X509V3_F_V2I_GENERAL_NAMES,0),      "v2i_GENERAL_NAMES"},
+{ERR_PACK(0,X509V3_F_V3_GENERIC_EXTENSION,0),   "V3_GENERIC_EXTENSION"},
+{ERR_PACK(0,X509V3_F_X509V3_ADD_I2D,0), "X509V3_ADD_I2D"},
+{ERR_PACK(0,X509V3_F_X509V3_ADD_VALUE,0),       "X509V3_add_value"},
+{ERR_PACK(0,X509V3_F_X509V3_EXT_ADD,0), "X509V3_EXT_add"},
+{ERR_PACK(0,X509V3_F_X509V3_EXT_ADD_ALIAS,0),   "X509V3_EXT_add_alias"},
+{ERR_PACK(0,X509V3_F_X509V3_EXT_CONF,0),        "X509V3_EXT_conf"},
+{ERR_PACK(0,X509V3_F_X509V3_EXT_I2D,0), "X509V3_EXT_i2d"},
+{ERR_PACK(0,X509V3_F_X509V3_GET_VALUE_BOOL,0),  "X509V3_get_value_bool"},
+{ERR_PACK(0,X509V3_F_X509V3_PARSE_LIST,0),      "X509V3_parse_list"},
+{ERR_PACK(0,X509V3_F_X509_PURPOSE_ADD,0),       "X509_PURPOSE_add"},
+{ERR_PACK(0,X509V3_F_X509_PURPOSE_SET,0),       "X509_PURPOSE_set"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA X509V3_str_reasons[]=
         {
-{ERR_REASON(X509V3_R_BAD_IP_ADDRESS)     ,"bad ip address"},
-{ERR_REASON(X509V3_R_BAD_OBJECT)         ,"bad object"},
-{ERR_REASON(X509V3_R_BN_DEC2BN_ERROR)    ,"bn dec2bn error"},
-{ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR),"bn to asn1 integer error"},
-{ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID)  ,"duplicate zone id"},
-{ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE),"error converting zone"},
-{ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION),"error creating extension"},
-{ERR_REASON(X509V3_R_ERROR_IN_EXTENSION) ,"error in extension"},
-{ERR_REASON(X509V3_R_EXPECTED_A_SECTION_NAME),"expected a section name"},
-{ERR_REASON(X509V3_R_EXTENSION_EXISTS)   ,"extension exists"},
-{ERR_REASON(X509V3_R_EXTENSION_NAME_ERROR),"extension name error"},
-{ERR_REASON(X509V3_R_EXTENSION_NOT_FOUND),"extension not found"},
-{ERR_REASON(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED),"extension setting not supported"},
-{ERR_REASON(X509V3_R_EXTENSION_VALUE_ERROR),"extension value error"},
-{ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT)  ,"illegal hex digit"},
-{ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG),"incorrect policy syntax tag"},
-{ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING),"invalid boolean string"},
-{ERR_REASON(X509V3_R_INVALID_EXTENSION_STRING),"invalid extension string"},
-{ERR_REASON(X509V3_R_INVALID_NAME)       ,"invalid name"},
-{ERR_REASON(X509V3_R_INVALID_NULL_ARGUMENT),"invalid null argument"},
-{ERR_REASON(X509V3_R_INVALID_NULL_NAME)  ,"invalid null name"},
-{ERR_REASON(X509V3_R_INVALID_NULL_VALUE) ,"invalid null value"},
-{ERR_REASON(X509V3_R_INVALID_NUMBER)     ,"invalid number"},
-{ERR_REASON(X509V3_R_INVALID_NUMBERS)    ,"invalid numbers"},
-{ERR_REASON(X509V3_R_INVALID_OBJECT_IDENTIFIER),"invalid object identifier"},
-{ERR_REASON(X509V3_R_INVALID_OPTION)     ,"invalid option"},
-{ERR_REASON(X509V3_R_INVALID_POLICY_IDENTIFIER),"invalid policy identifier"},
-{ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_IDENTIFIER),"invalid proxy policy identifier"},
-{ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_SETTING),"invalid proxy policy setting"},
-{ERR_REASON(X509V3_R_INVALID_PURPOSE)    ,"invalid purpose"},
-{ERR_REASON(X509V3_R_INVALID_SECTION)    ,"invalid section"},
-{ERR_REASON(X509V3_R_INVALID_SYNTAX)     ,"invalid syntax"},
-{ERR_REASON(X509V3_R_ISSUER_DECODE_ERROR),"issuer decode error"},
-{ERR_REASON(X509V3_R_MISSING_VALUE)      ,"missing value"},
-{ERR_REASON(X509V3_R_NEED_ORGANIZATION_AND_NUMBERS),"need organization and numbers"},
-{ERR_REASON(X509V3_R_NO_CONFIG_DATABASE) ,"no config database"},
-{ERR_REASON(X509V3_R_NO_ISSUER_CERTIFICATE),"no issuer certificate"},
-{ERR_REASON(X509V3_R_NO_ISSUER_DETAILS)  ,"no issuer details"},
-{ERR_REASON(X509V3_R_NO_POLICY_IDENTIFIER),"no policy identifier"},
-{ERR_REASON(X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED),"no proxy cert policy language defined"},
-{ERR_REASON(X509V3_R_NO_PUBLIC_KEY)      ,"no public key"},
-{ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS) ,"no subject details"},
-{ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS),"odd number of digits"},
-{ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED),"policy language alreadty defined"},
-{ERR_REASON(X509V3_R_POLICY_PATH_LENGTH) ,"policy path length"},
-{ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED),"policy path length alreadty defined"},
-{ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT)  ,"policy syntax not"},
-{ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED),"policy syntax not currently supported"},
-{ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY),"policy when proxy language requires no policy"},
-{ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS),"unable to get issuer details"},
-{ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID),"unable to get issuer keyid"},
-{ERR_REASON(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT),"unknown bit string argument"},
-{ERR_REASON(X509V3_R_UNKNOWN_EXTENSION)  ,"unknown extension"},
-{ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME),"unknown extension name"},
-{ERR_REASON(X509V3_R_UNKNOWN_OPTION)     ,"unknown option"},
-{ERR_REASON(X509V3_R_UNSUPPORTED_OPTION) ,"unsupported option"},
-{ERR_REASON(X509V3_R_USER_TOO_LONG)      ,"user too long"},
+{X509V3_R_BAD_IP_ADDRESS                 ,"bad ip address"},
+{X509V3_R_BAD_OBJECT                     ,"bad object"},
+{X509V3_R_BN_DEC2BN_ERROR                ,"bn dec2bn error"},
+{X509V3_R_BN_TO_ASN1_INTEGER_ERROR       ,"bn to asn1 integer error"},
+{X509V3_R_DUPLICATE_ZONE_ID              ,"duplicate zone id"},
+{X509V3_R_ERROR_CONVERTING_ZONE          ,"error converting zone"},
+{X509V3_R_ERROR_CREATING_EXTENSION       ,"error creating extension"},
+{X509V3_R_ERROR_IN_EXTENSION             ,"error in extension"},
+{X509V3_R_EXPECTED_A_SECTION_NAME        ,"expected a section name"},
+{X509V3_R_EXTENSION_EXISTS               ,"extension exists"},
+{X509V3_R_EXTENSION_NAME_ERROR           ,"extension name error"},
+{X509V3_R_EXTENSION_NOT_FOUND            ,"extension not found"},
+{X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED,"extension setting not supported"},
+{X509V3_R_EXTENSION_VALUE_ERROR          ,"extension value error"},
+{X509V3_R_ILLEGAL_HEX_DIGIT              ,"illegal hex digit"},
+{X509V3_R_INCORRECT_POLICY_SYNTAX_TAG    ,"incorrect policy syntax tag"},
+{X509V3_R_INVALID_BOOLEAN_STRING         ,"invalid boolean string"},
+{X509V3_R_INVALID_EXTENSION_STRING       ,"invalid extension string"},
+{X509V3_R_INVALID_NAME                   ,"invalid name"},
+{X509V3_R_INVALID_NULL_ARGUMENT          ,"invalid null argument"},
+{X509V3_R_INVALID_NULL_NAME              ,"invalid null name"},
+{X509V3_R_INVALID_NULL_VALUE             ,"invalid null value"},
+{X509V3_R_INVALID_NUMBER                 ,"invalid number"},
+{X509V3_R_INVALID_NUMBERS                ,"invalid numbers"},
+{X509V3_R_INVALID_OBJECT_IDENTIFIER      ,"invalid object identifier"},
+{X509V3_R_INVALID_OPTION                 ,"invalid option"},
+{X509V3_R_INVALID_POLICY_IDENTIFIER      ,"invalid policy identifier"},
+{X509V3_R_INVALID_PROXY_POLICY_IDENTIFIER,"invalid proxy policy identifier"},
+{X509V3_R_INVALID_PROXY_POLICY_SETTING   ,"invalid proxy policy setting"},
+{X509V3_R_INVALID_PURPOSE                ,"invalid purpose"},
+{X509V3_R_INVALID_SECTION                ,"invalid section"},
+{X509V3_R_INVALID_SYNTAX                 ,"invalid syntax"},
+{X509V3_R_ISSUER_DECODE_ERROR            ,"issuer decode error"},
+{X509V3_R_MISSING_VALUE                  ,"missing value"},
+{X509V3_R_NEED_ORGANIZATION_AND_NUMBERS  ,"need organization and numbers"},
+{X509V3_R_NO_CONFIG_DATABASE             ,"no config database"},
+{X509V3_R_NO_ISSUER_CERTIFICATE          ,"no issuer certificate"},
+{X509V3_R_NO_ISSUER_DETAILS              ,"no issuer details"},
+{X509V3_R_NO_POLICY_IDENTIFIER           ,"no policy identifier"},
+{X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED,"no proxy cert policy language defined"},
+{X509V3_R_NO_PUBLIC_KEY                  ,"no public key"},
+{X509V3_R_NO_SUBJECT_DETAILS             ,"no subject details"},
+{X509V3_R_ODD_NUMBER_OF_DIGITS           ,"odd number of digits"},
+{X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED,"policy language alreadty defined"},
+{X509V3_R_POLICY_PATH_LENGTH             ,"policy path length"},
+{X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED,"policy path length alreadty defined"},
+{X509V3_R_POLICY_SYNTAX_NOT              ,"policy syntax not"},
+{X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED,"policy syntax not currently supported"},
+{X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY,"policy when proxy language requires no policy"},
+{X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS   ,"unable to get issuer details"},
+{X509V3_R_UNABLE_TO_GET_ISSUER_KEYID     ,"unable to get issuer keyid"},
+{X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT    ,"unknown bit string argument"},
+{X509V3_R_UNKNOWN_EXTENSION              ,"unknown extension"},
+{X509V3_R_UNKNOWN_EXTENSION_NAME         ,"unknown extension name"},
+{X509V3_R_UNKNOWN_OPTION                 ,"unknown option"},
+{X509V3_R_UNSUPPORTED_OPTION             ,"unsupported option"},
+{X509V3_R_USER_TOO_LONG                  ,"user too long"},
 {0,NULL}
         };
 
@@ -189,8 +185,8 @@ void ERR_load_X509V3_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,X509V3_str_functs);
-                ERR_load_strings(0,X509V3_str_reasons);
+                ERR_load_strings(ERR_LIB_X509V3,X509V3_str_functs);
+                ERR_load_strings(ERR_LIB_X509V3,X509V3_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/demos/easy_tls/Makefile b/src/lib/libssl/src/demos/easy_tls/Makefile
index 31a54eaf27..bec7e7265e 100644
--- a/src/lib/libssl/src/demos/easy_tls/Makefile
+++ b/src/lib/libssl/src/demos/easy_tls/Makefile
@@ -1,5 +1,5 @@
 # Makefile for easy-tls example application (rudimentary client and server)
-# $Id: Makefile,v 1.1.1.1 2002/09/05 12:51:06 markus Exp $
+# $Id: Makefile,v 1.3 2002/09/10 16:31:56 markus Exp $
 
 SOLARIS_CFLAGS=-Wall -pedantic -g -O2
 SOLARIS_LIBS=-lxnet
diff --git a/src/lib/libssl/src/demos/easy_tls/cacerts.pem b/src/lib/libssl/src/demos/easy_tls/cacerts.pem
index 18ab66b57c..b6db7cf2bb 100644
--- a/src/lib/libssl/src/demos/easy_tls/cacerts.pem
+++ b/src/lib/libssl/src/demos/easy_tls/cacerts.pem
@@ -1,4 +1,4 @@
-$Id: cacerts.pem,v 1.1.1.1 2002/09/05 12:51:05 markus Exp $
+$Id: cacerts.pem,v 1.3 2002/09/10 16:31:56 markus Exp $
 
 issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
 subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
diff --git a/src/lib/libssl/src/demos/easy_tls/cert.pem b/src/lib/libssl/src/demos/easy_tls/cert.pem
index c984d023b7..3fcf302e2b 100644
--- a/src/lib/libssl/src/demos/easy_tls/cert.pem
+++ b/src/lib/libssl/src/demos/easy_tls/cert.pem
@@ -1,4 +1,4 @@
-$Id: cert.pem,v 1.1.1.1 2002/09/05 12:51:05 markus Exp $
+$Id: cert.pem,v 1.3 2002/09/10 16:31:56 markus Exp $
 
 Example certificate and key.
 
diff --git a/src/lib/libssl/src/demos/easy_tls/easy-tls.c b/src/lib/libssl/src/demos/easy_tls/easy-tls.c
index 66fac1f1e6..c958f4b609 100644
--- a/src/lib/libssl/src/demos/easy_tls/easy-tls.c
+++ b/src/lib/libssl/src/demos/easy_tls/easy-tls.c
@@ -1,7 +1,7 @@
 /* -*- Mode: C; c-file-style: "bsd" -*- */
 /*
  * easy-tls.c -- generic TLS proxy.
- * $Id: easy-tls.c,v 1.1.1.1 2002/09/05 12:51:06 markus Exp $
+ * $Id: easy-tls.c,v 1.3 2002/09/10 16:31:56 markus Exp $
  */
 /*
  (c) Copyright 1999 Bodo Moeller.  All rights reserved.
@@ -73,7 +73,7 @@
  */
 
 static char const rcsid[] =
-"$Id: easy-tls.c,v 1.1.1.1 2002/09/05 12:51:06 markus Exp $";
+"$Id: easy-tls.c,v 1.3 2002/09/10 16:31:56 markus Exp $";
 
 #include <assert.h>
 #include <errno.h>
diff --git a/src/lib/libssl/src/demos/easy_tls/easy-tls.h b/src/lib/libssl/src/demos/easy_tls/easy-tls.h
index c1a6448116..7ea26203c1 100644
--- a/src/lib/libssl/src/demos/easy_tls/easy-tls.h
+++ b/src/lib/libssl/src/demos/easy_tls/easy-tls.h
@@ -1,7 +1,7 @@
 /* -*- Mode: C; c-file-style: "bsd" -*- */
 /*
  * easy-tls.h -- generic TLS proxy.
- * $Id: easy-tls.h,v 1.1.1.1 2002/09/05 12:51:06 markus Exp $
+ * $Id: easy-tls.h,v 1.3 2002/09/10 16:31:56 markus Exp $
  */
 /*
  * (c) Copyright 1999 Bodo Moeller.  All rights reserved.
diff --git a/src/lib/libssl/src/demos/easy_tls/test.c b/src/lib/libssl/src/demos/easy_tls/test.c
index e7ccd26d30..9b478c3fd8 100644
--- a/src/lib/libssl/src/demos/easy_tls/test.c
+++ b/src/lib/libssl/src/demos/easy_tls/test.c
@@ -1,5 +1,5 @@
 /* test.c */
-/* $Id: test.c,v 1.1.1.1 2002/09/05 12:51:06 markus Exp $ */
+/* $Id: test.c,v 1.3 2002/09/10 16:31:56 markus Exp $ */
 
 #define L_PORT 9999
 #define C_PORT 443
diff --git a/src/lib/libssl/src/demos/easy_tls/test.h b/src/lib/libssl/src/demos/easy_tls/test.h
index 1af31dc456..b5792a0a81 100644
--- a/src/lib/libssl/src/demos/easy_tls/test.h
+++ b/src/lib/libssl/src/demos/easy_tls/test.h
@@ -1,5 +1,5 @@
 /* test.h */
-/* $Id: test.h,v 1.1.1.1 2002/09/05 12:51:06 markus Exp $ */
+/* $Id: test.h,v 1.3 2002/09/10 16:31:56 markus Exp $ */
 
 
 void test_process_init(int fd, int client_p, void *apparg);
diff --git a/src/lib/libssl/src/doc/apps/CA.pl.pod b/src/lib/libssl/src/doc/apps/CA.pl.pod
index ed69952f37..58e0f52001 100644
--- a/src/lib/libssl/src/doc/apps/CA.pl.pod
+++ b/src/lib/libssl/src/doc/apps/CA.pl.pod
@@ -47,7 +47,7 @@ written to the file "newreq.pem".
 creates a new certificate request. The private key and request are
 written to the file "newreq.pem".
 
-=item B<-newreq-nodes>
+=item B<-newreq-nowdes>
 
 is like B<-newreq> except that the private key will not be encrypted.
 
diff --git a/src/lib/libssl/src/doc/apps/ca.pod b/src/lib/libssl/src/doc/apps/ca.pod
index f15df49d4f..74f45ca2f9 100644
--- a/src/lib/libssl/src/doc/apps/ca.pod
+++ b/src/lib/libssl/src/doc/apps/ca.pod
@@ -391,7 +391,7 @@ the same as B<-msie_hack>
 the same as B<-policy>. Mandatory. See the B<POLICY FORMAT> section
 for more information.
 
-=item B<name_opt>, B<cert_opt>
+=item B<nameopt>, B<certopt>
 
 these options allow the format used to display the certificate details
 when asking the user to confirm signing. All the options supported by
@@ -513,8 +513,8 @@ A sample configuration file with the relevant sections for B<ca>:
  policy         = policy_any            # default policy
  email_in_dn    = no                    # Don't add the email into cert DN
 
- name_opt       = ca_default            # Subject name display option
- cert_opt       = ca_default            # Certificate display option
+ nameopt        = ca_default            # Subject name display option
+ certopt        = ca_default            # Certificate display option
  copy_extensions = none                 # Don't copy extensions from request
 
  [ policy_any ]
diff --git a/src/lib/libssl/src/doc/apps/enc.pod b/src/lib/libssl/src/doc/apps/enc.pod
index c43da5b3f1..18fe7c81c7 100644
--- a/src/lib/libssl/src/doc/apps/enc.pod
+++ b/src/lib/libssl/src/doc/apps/enc.pod
@@ -191,12 +191,12 @@ Blowfish and RC5 algorithms use a 128 bit key.
  des-ecb            DES in ECB mode
 
  des-ede-cbc        Two key triple DES EDE in CBC mode
- des-ede            Two key triple DES EDE in ECB mode
+ des-ede            Alias for des-ede
  des-ede-cfb        Two key triple DES EDE in CFB mode
  des-ede-ofb        Two key triple DES EDE in OFB mode
 
  des-ede3-cbc       Three key triple DES EDE in CBC mode
- des-ede3           Three key triple DES EDE in ECB mode
+ des-ede3           Alias for des-ede3-cbc
  des3               Alias for des-ede3-cbc
  des-ede3-cfb       Three key triple DES EDE CFB mode
  des-ede3-ofb       Three key triple DES EDE in OFB mode
@@ -211,9 +211,9 @@ Blowfish and RC5 algorithms use a 128 bit key.
 
  rc2-cbc            128 bit RC2 in CBC mode
  rc2                Alias for rc2-cbc
- rc2-cfb            128 bit RC2 in CFB mode
- rc2-ecb            128 bit RC2 in ECB mode
- rc2-ofb            128 bit RC2 in OFB mode
+ rc2-cfb            128 bit RC2 in CBC mode
+ rc2-ecb            128 bit RC2 in CBC mode
+ rc2-ofb            128 bit RC2 in CBC mode
  rc2-64-cbc         64 bit RC2 in CBC mode
  rc2-40-cbc         40 bit RC2 in CBC mode
 
@@ -223,9 +223,9 @@ Blowfish and RC5 algorithms use a 128 bit key.
 
  rc5-cbc            RC5 cipher in CBC mode
  rc5                Alias for rc5-cbc
- rc5-cfb            RC5 cipher in CFB mode
- rc5-ecb            RC5 cipher in ECB mode
- rc5-ofb            RC5 cipher in OFB mode
+ rc5-cfb            RC5 cipher in CBC mode
+ rc5-ecb            RC5 cipher in CBC mode
+ rc5-ofb            RC5 cipher in CBC mode
 
 =head1 EXAMPLES
 
diff --git a/src/lib/libssl/src/doc/crypto/EVP_DigestInit.pod b/src/lib/libssl/src/doc/crypto/EVP_DigestInit.pod
index 1cb315e739..faa992286b 100644
--- a/src/lib/libssl/src/doc/crypto/EVP_DigestInit.pod
+++ b/src/lib/libssl/src/doc/crypto/EVP_DigestInit.pod
@@ -236,9 +236,9 @@ even though they are identical digests.
 
 =head1 SEE ALSO
 
-L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
-L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
+L<evp(3)|evp(3)>, L<HMAC(3)|HMAC(3)>, L<MD2(3)|MD2(3)>,
+L<MD5(3)|MD5(3)>, L<MDC2(3)|MDC2(3)>, L<RIPEMD160(3)|RIPEMD160(3)>,
+L<SHA1(3)|SHA1(3)>
 
 =head1 HISTORY
 
diff --git a/src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod b/src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod
index 8271d3dfc4..40e525dd56 100644
--- a/src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod
+++ b/src/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod
@@ -22,7 +22,7 @@ EVP_CIPHER_CTX_set_padding - EVP cipher routines
 
  #include <openssl/evp.h>
 
- void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
+ int EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
 
  int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
          ENGINE *impl, unsigned char *key, unsigned char *iv);
@@ -236,8 +236,8 @@ RC5 can be set.
 
 =head1 RETURN VALUES
 
-EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex()
-return 1 for success and 0 for failure.
+EVP_CIPHER_CTX_init, EVP_EncryptInit_ex(), EVP_EncryptUpdate() and
+EVP_EncryptFinal_ex() return 1 for success and 0 for failure.
 
 EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure.
 EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.
diff --git a/src/lib/libssl/src/doc/crypto/EVP_SignInit.pod b/src/lib/libssl/src/doc/crypto/EVP_SignInit.pod
index b6e62ce7f6..0bace24938 100644
--- a/src/lib/libssl/src/doc/crypto/EVP_SignInit.pod
+++ b/src/lib/libssl/src/doc/crypto/EVP_SignInit.pod
@@ -80,10 +80,10 @@ EVP_SignUpdate() could not be made after calling EVP_SignFinal().
 =head1 SEE ALSO
 
 L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
-L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
-L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
+L<evp(3)|evp(3)>, L<HMAC(3)|HMAC(3)>, L<MD2(3)|MD2(3)>,
+L<MD5(3)|MD5(3)>, L<MDC2(3)|MDC2(3)>, L<RIPEMD(3)|RIPEMD(3)>,
+L<SHA1(3)|SHA1(3)>, L<digest(1)|digest(1)>
 
 =head1 HISTORY
 
diff --git a/src/lib/libssl/src/doc/crypto/acss.pod b/src/lib/libssl/src/doc/crypto/acss.pod
new file mode 100644
index 0000000000..022a803be5
--- /dev/null
+++ b/src/lib/libssl/src/doc/crypto/acss.pod
@@ -0,0 +1,66 @@
+=pod
+
+=head1 NAME
+
+acss, acss_setkey - ACSS encryption
+
+=head1 SYNOPSIS
+
+ #include <openssl/acss.h>
+
+ void acss_setkey(ACSS_KEY *key, const unsigned char *data, int enc,
+         int mode);
+
+ void acss(ACSS_KEY *key, unsigned long len, const unsigned char *in,
+         unsigned char *out);
+
+=head1 DESCRIPTION
+
+This library implements the Alleged Content Scrambling System.  It is believed
+to be interoperable with CSS of the DVD Copy Control Association.
+
+ACSS is a stream cipher with a fixed key length of 40 bit (5 byte).
+
+ACSS consists of a key setup phase and the actual encryption or decryption
+phase.
+
+acss_setkey() sets up the B<ACSS_KEY> B<key> using the 40 bit key at B<data>.
+If the flag B<enc> is set to B<1> B<key> will be used for encryption,
+otherwise for decryption.  The integer B<mode> denotes the mode to use.
+Acceptible values are B<0> to B<3>.  For any other value mode B<0> is used.
+
+acss() encrypts or decrypts the B<len> bytes of B<in> using B<key> and places
+the result at B<out>.
+
+Applications should use the higher level functions
+L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> etc.  instead of calling the acss
+functions directly.
+
+=head1 RETURN VALUES
+
+None of the functions presented here return any value.
+
+=head1 NOTE
+
+ACSS is considered as an insecure cipher.  Therefore, use of ACSS is
+discouraged.
+
+=head1 SEE ALSO
+
+RC4(3), arc4random(3)
+
+=head1 History
+
+A proprietary algorithm called CSS can be licensed from the DVD Copy Control
+Association (DVD CCA).  CSS is considered a trade secret and is not patented.
+In October 1999 source code for CSS was posted anonymously to the LiViD
+mailing list.  Since then, several implementations and mathematical
+descriptions of CSS are available and CSS has been subject to cryptanalysis.
+The DVD CCA has repeatedly failed to sue individuals for publishing such
+information about CSS.
+
+ACSS is a stream cipher written from scratch and believed to be interoperable
+with CSS.
+
+=cut
+
diff --git a/src/lib/libssl/src/doc/crypto/des_modes.pod b/src/lib/libssl/src/doc/crypto/des_modes.pod
index da75e8007d..0cc22150e7 100644
--- a/src/lib/libssl/src/doc/crypto/des_modes.pod
+++ b/src/lib/libssl/src/doc/crypto/des_modes.pod
@@ -2,7 +2,7 @@
 
 =head1 NAME
 
-Modes of DES - the variants of DES and other crypto algorithms of OpenSSL
+des_modes - the variants of DES and other crypto algorithms of OpenSSL
 
 =head1 DESCRIPTION
 
@@ -246,8 +246,7 @@ it to:
 
 =head1 SEE ALSO
 
-L<blowfish(3)|blowfish(3)>, L<des(3)|des(3)>, L<idea(3)|idea(3)>,
-L<rc2(3)|rc2(3)>
+L<blowfish(3)|blowfish(3)>
 
 =cut
 
diff --git a/src/lib/libssl/src/doc/crypto/dsa.pod b/src/lib/libssl/src/doc/crypto/dsa.pod
index da07d2b930..ae2e5d81f9 100644
--- a/src/lib/libssl/src/doc/crypto/dsa.pod
+++ b/src/lib/libssl/src/doc/crypto/dsa.pod
@@ -101,8 +101,7 @@ Standard, DSS), ANSI X9.30
 =head1 SEE ALSO
 
 L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>,
-L<rsa(3)|rsa(3)>, L<sha(3)|sha(3)>, L<engine(3)|engine(3)>,
-L<DSA_new(3)|DSA_new(3)>,
+L<rsa(3)|rsa(3)>, L<SHA1(3)|SHA1(3)>, L<DSA_new(3)|DSA_new(3)>,
 L<DSA_size(3)|DSA_size(3)>,
 L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>,
 L<DSA_dup_DH(3)|DSA_dup_DH(3)>,
diff --git a/src/lib/libssl/src/doc/crypto/hmac.pod b/src/lib/libssl/src/doc/crypto/hmac.pod
index 0bd79a6d3a..b1f5f368ed 100644
--- a/src/lib/libssl/src/doc/crypto/hmac.pod
+++ b/src/lib/libssl/src/doc/crypto/hmac.pod
@@ -18,7 +18,7 @@ authentication code
  void HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
                const EVP_MD *md);
  void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
-                   const EVP_MD *md, ENGINE *impl);
+                   const EVP_MD *md);
  void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
  void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
 
@@ -89,7 +89,7 @@ RFC 2104
 
 =head1 SEE ALSO
 
-L<sha(3)|sha(3)>, L<evp(3)|evp(3)>
+L<SHA1(3)|SHA1(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
 
 =head1 HISTORY
 
diff --git a/src/lib/libssl/src/doc/crypto/mdc2.pod b/src/lib/libssl/src/doc/crypto/mdc2.pod
index 11dc303e04..538f474e30 100644
--- a/src/lib/libssl/src/doc/crypto/mdc2.pod
+++ b/src/lib/libssl/src/doc/crypto/mdc2.pod
@@ -54,7 +54,7 @@ ISO/IEC 10118-2, with DES
 
 =head1 SEE ALSO
 
-L<sha(3)|sha(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
+L<SHA1(3)|SHA1(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
 
 =head1 HISTORY
 
diff --git a/src/lib/libssl/src/doc/crypto/ripemd.pod b/src/lib/libssl/src/doc/crypto/ripemd.pod
index 31054b6a8c..9a634ca866 100644
--- a/src/lib/libssl/src/doc/crypto/ripemd.pod
+++ b/src/lib/libssl/src/doc/crypto/ripemd.pod
@@ -56,7 +56,7 @@ ISO/IEC 10118-3 (draft) (??)
 
 =head1 SEE ALSO
 
-L<sha(3)|sha(3)>, L<hmac(3)|hmac(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
+L<SHA1(3)|SHA1(3)>, L<HMAC(3)|HMAC(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
 
 =head1 HISTORY
 
diff --git a/src/lib/libssl/src/doc/crypto/sha.pod b/src/lib/libssl/src/doc/crypto/sha.pod
index 0ba315d6d7..158457270f 100644
--- a/src/lib/libssl/src/doc/crypto/sha.pod
+++ b/src/lib/libssl/src/doc/crypto/sha.pod
@@ -60,7 +60,7 @@ ANSI X9.30
 
 =head1 SEE ALSO
 
-L<ripemd(3)|ripemd(3)>, L<hmac(3)|hmac(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
+L<RIPEMD160(3)|RIPEMD160(3)>, L<HMAC(3)|HMAC(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
 
 =head1 HISTORY
 
diff --git a/src/lib/libssl/src/doc/crypto/threads.pod b/src/lib/libssl/src/doc/crypto/threads.pod
index 3df4ecd776..afa45cd76c 100644
--- a/src/lib/libssl/src/doc/crypto/threads.pod
+++ b/src/lib/libssl/src/doc/crypto/threads.pod
@@ -65,10 +65,9 @@ B<CRYPTO_LOCK>, and releases it otherwise.
 B<file> and B<line> are the file number of the function setting the
 lock. They can be useful for debugging.
 
-id_function(void) is a function that returns a thread ID, for example
-pthread_self() if it returns an integer (see NOTES below).  It isn't
+id_function(void) is a function that returns a thread ID. It is not
 needed on Windows nor on platforms where getpid() returns a different
-ID for each thread (see NOTES below).
+ID for each thread (most notably Linux).
 
 Additionally, OpenSSL supports dynamic locks, and sometimes, some parts
 of OpenSSL need it for better performance.  To enable this, the following
@@ -125,13 +124,13 @@ CRYPTO_get_new_dynlockid() returns the index to the newly created lock.
 
 The other functions return no values.
 
-=head1 NOTES
+=head1 NOTE
 
 You can find out if OpenSSL was configured with thread support:
 
  #define OPENSSL_THREAD_DEFINES
  #include <openssl/opensslconf.h>
- #if defined(OPENSSL_THREADS)
+ #if defined(THREADS)
    // thread support enabled
  #else
    // no thread support
@@ -140,22 +139,6 @@ You can find out if OpenSSL was configured with thread support:
 Also, dynamic locks are currently not used internally by OpenSSL, but
 may do so in the future.
 
-Defining id_function(void) has it's own issues.  Generally speaking,
-pthread_self() should be used, even on platforms where getpid() gives
-different answers in each thread, since that may depend on the machine
-the program is run on, not the machine where the program is being
-compiled.  For instance, Red Hat 8 Linux and earlier used
-LinuxThreads, whose getpid() returns a different value for each
-thread.  Red Hat 9 Linux and later use NPTL, which is
-Posix-conformant, and has a getpid() that returns the same value for
-all threads in a process.  A program compiled on Red Hat 8 and run on
-Red Hat 9 will therefore see getpid() returning the same value for
-all threads.
-
-There is still the issue of platforms where pthread_self() returns
-something other than an integer.  This is a bit unusual, and this
-manual has no cookbook solution for that case.
-
 =head1 EXAMPLES
 
 B<crypto/threads/mttest.c> shows examples of the callback functions on
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CIPHER_get_name.pod b/src/lib/libssl/src/doc/ssl/SSL_CIPHER_get_name.pod
index f81f692df5..f62a869a9b 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CIPHER_get_name.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CIPHER_get_name.pod
@@ -28,7 +28,7 @@ SSL_CIPHER_get_version() returns the protocol version for B<cipher>, currently
 
 SSL_CIPHER_description() returns a textual description of the cipher used
 into the buffer B<buf> of length B<len> provided. B<len> must be at least
-128 bytes, otherwise a pointer to the the string "Buffer too small" is
+128 bytes, otherwise a pointer to the string "Buffer too small" is
 returned. If B<buf> is NULL, a buffer of 128 bytes is allocated using
 OPENSSL_malloc(). If the allocation fails, a pointer to the string
 "OPENSSL_malloc Error" is returned.
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod
index fa63263601..5ab1b32f93 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod
@@ -86,7 +86,7 @@ doing a re-connect, always takes the first cipher in the cipher list.
 
 =item SSL_OP_MSIE_SSLV2_RSA_PADDING
 
-As of OpenSSL 0.9.7h and 0.9.8a, this option has no effect.
+...
 
 =item SSL_OP_SSLEAY_080_CLIENT_DH_BUG
 
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod
index ca8d81b82c..81566839d3 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod
@@ -28,7 +28,7 @@ specifies the B<verify_callback> function to be used. If no callback function
 shall be specified, the NULL pointer can be used for B<verify_callback>. In
 this case last B<verify_callback> set specifically for this B<ssl> remains. If
 no special B<callback> was set before, the default callback for the underlying
-B<ctx> is used, that was valid at the the time B<ssl> was created with
+B<ctx> is used, that was valid at the time B<ssl> was created with
 L<SSL_new(3)|SSL_new(3)>.
 
 SSL_CTX_set_verify_depth() sets the maximum B<depth> for the certificate chain
diff --git a/src/lib/libssl/src/doc/ssl/SSL_SESSION_free.pod b/src/lib/libssl/src/doc/ssl/SSL_SESSION_free.pod
index 558de01df9..110ec73ab6 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_SESSION_free.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_SESSION_free.pod
@@ -14,7 +14,7 @@ SSL_SESSION_free - free an allocated SSL_SESSION structure
 
 SSL_SESSION_free() decrements the reference count of B<session> and removes
 the B<SSL_SESSION> structure pointed to by B<session> and frees up the allocated
-memory, if the the reference count has reached 0.
+memory, if the reference count has reached 0.
 
 =head1 NOTES
 
diff --git a/src/lib/libssl/src/doc/ssl/SSL_free.pod b/src/lib/libssl/src/doc/ssl/SSL_free.pod
index 2d4f8b6168..13c1abd9ec 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_free.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_free.pod
@@ -14,7 +14,7 @@ SSL_free - free an allocated SSL structure
 
 SSL_free() decrements the reference count of B<ssl>, and removes the SSL
 structure pointed to by B<ssl> and frees up the allocated memory if the
-the reference count has reached 0.
+reference count has reached 0.
 
 =head1 NOTES
 
diff --git a/src/lib/libssl/src/doc/ssl/ssl.pod b/src/lib/libssl/src/doc/ssl/ssl.pod
index 266697d221..b41f3e3645 100644
--- a/src/lib/libssl/src/doc/ssl/ssl.pod
+++ b/src/lib/libssl/src/doc/ssl/ssl.pod
@@ -3,7 +3,7 @@
 
 =head1 NAME
 
-SSL - OpenSSL SSL/TLS library
+ssl - OpenSSL SSL/TLS library
 
 =head1 SYNOPSIS
 
diff --git a/src/lib/libssl/src/doc/ssleay.txt b/src/lib/libssl/src/doc/ssleay.txt
index d44d2f04a0..666de94e50 100644
--- a/src/lib/libssl/src/doc/ssleay.txt
+++ b/src/lib/libssl/src/doc/ssleay.txt
@@ -3800,9 +3800,9 @@ made public on sci.crypt in Sep 1994 (RC4) and Feb 1996 (RC2).  I have
 copies of the origional postings if people are interested.  RSA I believe 
 claim that they were 'trade-secrets' and that some-one broke an NDA in 
 revealing them.  Other claim they reverse engineered the algorithms from 
-compiled binaries.  If the algorithms were reverse engineered, I belive 
+compiled binaries.  If the algorithms were reverse engineered, I believe 
 RSA had no legal leg to stand on.  If an NDA was broken, I don't know.
-Regardless, RSA, I belive, is willing to go to court over the issue so 
+Regardless, RSA, I believe, is willing to go to court over the issue so 
 licencing is probably the best idea, or at least talk to them.
 If there are people who actually know more about this, pease let me know, I 
 don't want to vilify or spread miss-information if I can help it.
diff --git a/src/lib/libssl/src/e_os.h b/src/lib/libssl/src/e_os.h
index e2b6561066..5a328b7fa8 100644
--- a/src/lib/libssl/src/e_os.h
+++ b/src/lib/libssl/src/e_os.h
@@ -214,8 +214,6 @@ extern "C" {
 #    define _setmode setmode
 #    define _O_TEXT O_TEXT
 #    define _O_BINARY O_BINARY
-#    undef DEVRANDOM
-#    define DEVRANDOM "/dev/urandom\x24"
 #  endif /* __DJGPP__ */
 
 #  ifndef S_IFDIR
diff --git a/src/lib/libssl/src/e_os2.h b/src/lib/libssl/src/e_os2.h
index d8de8beead..4ca79a4d65 100644
--- a/src/lib/libssl/src/e_os2.h
+++ b/src/lib/libssl/src/e_os2.h
@@ -237,8 +237,8 @@ extern "C" {
 # define OPENSSL_IMPORT globalref
 # define OPENSSL_GLOBAL globaldef
 #elif defined(OPENSSL_SYS_WINDOWS) && defined(OPENSSL_OPT_WINDLL)
-# define OPENSSL_EXPORT extern __declspec(dllexport)
-# define OPENSSL_IMPORT extern __declspec(dllimport)
+# define OPENSSL_EXPORT extern _declspec(dllexport)
+# define OPENSSL_IMPORT extern _declspec(dllimport)
 # define OPENSSL_GLOBAL
 #else
 # define OPENSSL_EXPORT extern
diff --git a/src/lib/libssl/src/fips/aes/fingerprint.sha1 b/src/lib/libssl/src/fips/aes/fingerprint.sha1
new file mode 100644
index 0000000000..33eafc7820
--- /dev/null
+++ b/src/lib/libssl/src/fips/aes/fingerprint.sha1
@@ -0,0 +1,3 @@
+HMAC-SHA1(fips_aes_core.c)= b70bbbd675efe0613da0d57055310926a0104d55
+HMAC-SHA1(fips_aes_selftest.c)= 98b01502221e7fe529fd981222f2cbb52eb4cbe0
+HMAC-SHA1(fips_aes_locl.h)= a98eb0aa449f1d95b8064e261b2ac2b1f328685e
diff --git a/src/lib/libssl/src/fips/aes/fips_aes_core.c b/src/lib/libssl/src/fips/aes/fips_aes_core.c
new file mode 100644
index 0000000000..82199c92e6
--- /dev/null
+++ b/src/lib/libssl/src/fips/aes/fips_aes_core.c
@@ -0,0 +1,1263 @@
+/* crypto/aes/aes_core.c -*- mode:C; c-file-style: "eay" -*- */
+/**
+ * rijndael-alg-fst.c
+ *
+ * @version 3.0 (December 2000)
+ *
+ * Optimised ANSI C code for the Rijndael cipher (now AES)
+ *
+ * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
+ * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
+ * @author Paulo Barreto <paulo.barreto@terra.com.br>
+ *
+ * This code is hereby placed in the public domain.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+ * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* Note: rewritten a little bit to provide error control and an OpenSSL-
+   compatible API */
+
+#ifndef AES_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+#include <stdlib.h>
+#include <openssl/aes.h>
+#include "fips_aes_locl.h"
+#include <openssl/fips.h>
+
+#ifdef OPENSSL_FIPS
+
+/*
+Te0[x] = S [x].[02, 01, 01, 03];
+Te1[x] = S [x].[03, 02, 01, 01];
+Te2[x] = S [x].[01, 03, 02, 01];
+Te3[x] = S [x].[01, 01, 03, 02];
+Te4[x] = S [x].[01, 01, 01, 01];
+
+Td0[x] = Si[x].[0e, 09, 0d, 0b];
+Td1[x] = Si[x].[0b, 0e, 09, 0d];
+Td2[x] = Si[x].[0d, 0b, 0e, 09];
+Td3[x] = Si[x].[09, 0d, 0b, 0e];
+Td4[x] = Si[x].[01, 01, 01, 01];
+*/
+
+static const u32 Te0[256] = {
+    0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
+    0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
+    0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU,
+    0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU,
+    0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U,
+    0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU,
+    0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU,
+    0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU,
+    0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU,
+    0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU,
+    0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U,
+    0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU,
+    0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU,
+    0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U,
+    0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU,
+    0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU,
+    0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU,
+    0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU,
+    0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU,
+    0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U,
+    0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU,
+    0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU,
+    0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU,
+    0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU,
+    0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U,
+    0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U,
+    0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U,
+    0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U,
+    0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU,
+    0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U,
+    0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U,
+    0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU,
+    0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU,
+    0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U,
+    0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U,
+    0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U,
+    0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU,
+    0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U,
+    0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU,
+    0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U,
+    0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU,
+    0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U,
+    0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U,
+    0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU,
+    0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U,
+    0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U,
+    0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U,
+    0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U,
+    0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U,
+    0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U,
+    0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U,
+    0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U,
+    0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU,
+    0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U,
+    0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U,
+    0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U,
+    0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U,
+    0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U,
+    0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U,
+    0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU,
+    0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U,
+    0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U,
+    0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U,
+    0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU,
+};
+static const u32 Te1[256] = {
+    0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU,
+    0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U,
+    0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU,
+    0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U,
+    0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU,
+    0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U,
+    0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU,
+    0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U,
+    0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U,
+    0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU,
+    0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U,
+    0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U,
+    0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U,
+    0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU,
+    0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U,
+    0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U,
+    0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU,
+    0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U,
+    0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U,
+    0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U,
+    0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU,
+    0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU,
+    0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U,
+    0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU,
+    0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU,
+    0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U,
+    0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU,
+    0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U,
+    0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU,
+    0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U,
+    0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U,
+    0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U,
+    0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU,
+    0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U,
+    0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU,
+    0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U,
+    0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU,
+    0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U,
+    0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U,
+    0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU,
+    0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU,
+    0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU,
+    0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U,
+    0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U,
+    0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU,
+    0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U,
+    0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU,
+    0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U,
+    0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU,
+    0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U,
+    0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU,
+    0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU,
+    0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U,
+    0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU,
+    0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U,
+    0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU,
+    0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U,
+    0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U,
+    0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U,
+    0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU,
+    0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU,
+    0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U,
+    0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU,
+    0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U,
+};
+static const u32 Te2[256] = {
+    0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU,
+    0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U,
+    0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU,
+    0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U,
+    0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU,
+    0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U,
+    0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU,
+    0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U,
+    0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U,
+    0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU,
+    0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U,
+    0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U,
+    0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U,
+    0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU,
+    0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U,
+    0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U,
+    0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU,
+    0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U,
+    0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U,
+    0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U,
+    0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU,
+    0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU,
+    0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U,
+    0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU,
+    0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU,
+    0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U,
+    0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU,
+    0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U,
+    0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU,
+    0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U,
+    0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U,
+    0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U,
+    0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU,
+    0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U,
+    0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU,
+    0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U,
+    0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU,
+    0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U,
+    0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U,
+    0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU,
+    0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU,
+    0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU,
+    0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U,
+    0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U,
+    0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU,
+    0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U,
+    0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU,
+    0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U,
+    0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU,
+    0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U,
+    0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU,
+    0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU,
+    0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U,
+    0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU,
+    0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U,
+    0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU,
+    0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U,
+    0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U,
+    0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U,
+    0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU,
+    0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU,
+    0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U,
+    0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU,
+    0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U,
+};
+static const u32 Te3[256] = {
+
+    0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U,
+    0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U,
+    0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U,
+    0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU,
+    0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU,
+    0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU,
+    0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U,
+    0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU,
+    0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU,
+    0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U,
+    0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U,
+    0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU,
+    0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU,
+    0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU,
+    0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU,
+    0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU,
+    0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U,
+    0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU,
+    0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU,
+    0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U,
+    0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U,
+    0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U,
+    0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U,
+    0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U,
+    0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU,
+    0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U,
+    0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU,
+    0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU,
+    0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U,
+    0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U,
+    0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U,
+    0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU,
+    0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U,
+    0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU,
+    0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU,
+    0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U,
+    0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U,
+    0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU,
+    0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U,
+    0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU,
+    0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U,
+    0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U,
+    0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U,
+    0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U,
+    0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU,
+    0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U,
+    0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU,
+    0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U,
+    0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU,
+    0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U,
+    0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU,
+    0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU,
+    0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU,
+    0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU,
+    0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U,
+    0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U,
+    0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U,
+    0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U,
+    0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U,
+    0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U,
+    0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU,
+    0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U,
+    0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
+    0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
+};
+static const u32 Te4[256] = {
+    0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU,
+    0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U,
+    0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU,
+    0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U,
+    0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU,
+    0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U,
+    0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU,
+    0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U,
+    0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U,
+    0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU,
+    0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U,
+    0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U,
+    0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U,
+    0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU,
+    0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U,
+    0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U,
+    0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU,
+    0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U,
+    0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U,
+    0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U,
+    0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU,
+    0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU,
+    0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U,
+    0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU,
+    0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU,
+    0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U,
+    0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU,
+    0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U,
+    0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU,
+    0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U,
+    0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U,
+    0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U,
+    0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU,
+    0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U,
+    0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU,
+    0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U,
+    0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU,
+    0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U,
+    0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U,
+    0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU,
+    0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU,
+    0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU,
+    0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U,
+    0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U,
+    0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU,
+    0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U,
+    0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU,
+    0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U,
+    0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU,
+    0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U,
+    0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU,
+    0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU,
+    0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U,
+    0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU,
+    0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U,
+    0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU,
+    0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U,
+    0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U,
+    0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U,
+    0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU,
+    0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU,
+    0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U,
+    0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU,
+    0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U,
+};
+static const u32 Td0[256] = {
+    0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
+    0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
+    0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U,
+    0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU,
+    0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U,
+    0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U,
+    0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU,
+    0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U,
+    0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU,
+    0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U,
+    0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U,
+    0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U,
+    0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U,
+    0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU,
+    0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U,
+    0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU,
+    0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U,
+    0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU,
+    0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U,
+    0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U,
+    0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U,
+    0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU,
+    0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U,
+    0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU,
+    0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U,
+    0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU,
+    0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U,
+    0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU,
+    0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU,
+    0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U,
+    0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU,
+    0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U,
+    0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU,
+    0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U,
+    0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U,
+    0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U,
+    0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU,
+    0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U,
+    0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U,
+    0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU,
+    0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U,
+    0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U,
+    0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U,
+    0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U,
+    0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U,
+    0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU,
+    0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U,
+    0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U,
+    0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U,
+    0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U,
+    0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U,
+    0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU,
+    0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU,
+    0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU,
+    0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU,
+    0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U,
+    0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U,
+    0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU,
+    0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU,
+    0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U,
+    0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU,
+    0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U,
+    0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U,
+    0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U,
+};
+static const u32 Td1[256] = {
+    0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU,
+    0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U,
+    0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU,
+    0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U,
+    0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U,
+    0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U,
+    0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U,
+    0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U,
+    0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U,
+    0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU,
+    0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU,
+    0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU,
+    0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U,
+    0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU,
+    0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U,
+    0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U,
+    0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U,
+    0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU,
+    0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU,
+    0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U,
+    0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU,
+    0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U,
+    0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU,
+    0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU,
+    0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U,
+    0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U,
+    0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U,
+    0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU,
+    0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U,
+    0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU,
+    0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U,
+    0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U,
+    0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U,
+    0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU,
+    0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U,
+    0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U,
+    0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U,
+    0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U,
+    0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U,
+    0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U,
+    0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU,
+    0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU,
+    0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U,
+    0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU,
+    0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U,
+    0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU,
+    0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU,
+    0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U,
+    0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU,
+    0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U,
+    0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U,
+    0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U,
+    0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U,
+    0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U,
+    0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U,
+    0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U,
+    0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU,
+    0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U,
+    0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U,
+    0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU,
+    0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U,
+    0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U,
+    0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U,
+    0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U,
+};
+static const u32 Td2[256] = {
+    0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U,
+    0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U,
+    0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U,
+    0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U,
+    0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU,
+    0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U,
+    0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U,
+    0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U,
+    0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U,
+    0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU,
+    0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U,
+    0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U,
+    0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU,
+    0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U,
+    0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U,
+    0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U,
+    0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U,
+    0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U,
+    0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U,
+    0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU,
+
+    0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U,
+    0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U,
+    0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U,
+    0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U,
+    0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U,
+    0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU,
+    0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU,
+    0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U,
+    0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU,
+    0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U,
+    0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU,
+    0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU,
+    0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU,
+    0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU,
+    0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U,
+    0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U,
+    0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U,
+    0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U,
+    0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U,
+    0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U,
+    0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U,
+    0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU,
+    0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU,
+    0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U,
+    0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U,
+    0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU,
+    0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU,
+    0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U,
+    0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U,
+    0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U,
+    0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U,
+    0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U,
+    0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U,
+    0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U,
+    0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU,
+    0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U,
+    0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U,
+    0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U,
+    0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U,
+    0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U,
+    0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U,
+    0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU,
+    0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U,
+    0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U,
+};
+static const u32 Td3[256] = {
+    0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU,
+    0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU,
+    0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U,
+    0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U,
+    0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU,
+    0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU,
+    0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U,
+    0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU,
+    0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U,
+    0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU,
+    0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U,
+    0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U,
+    0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U,
+    0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U,
+    0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U,
+    0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU,
+    0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU,
+    0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U,
+    0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U,
+    0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU,
+    0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU,
+    0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U,
+    0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U,
+    0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U,
+    0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U,
+    0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU,
+    0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U,
+    0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U,
+    0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU,
+    0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU,
+    0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U,
+    0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U,
+    0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U,
+    0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU,
+    0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U,
+    0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U,
+    0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U,
+    0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U,
+    0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U,
+    0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U,
+    0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U,
+    0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU,
+    0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U,
+    0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U,
+    0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU,
+    0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU,
+    0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U,
+    0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU,
+    0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U,
+    0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U,
+    0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U,
+    0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U,
+    0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U,
+    0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U,
+    0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU,
+    0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU,
+    0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU,
+    0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU,
+    0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U,
+    0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U,
+    0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U,
+    0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU,
+    0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
+    0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
+};
+static const u32 Td4[256] = {
+    0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U,
+    0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U,
+    0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU,
+    0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU,
+    0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U,
+    0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U,
+    0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U,
+    0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU,
+    0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U,
+    0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU,
+    0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU,
+    0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU,
+    0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U,
+    0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U,
+    0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U,
+    0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U,
+    0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U,
+    0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U,
+    0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU,
+    0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U,
+    0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U,
+    0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU,
+    0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U,
+    0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U,
+    0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U,
+    0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU,
+    0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U,
+    0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U,
+    0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU,
+    0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U,
+    0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U,
+    0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU,
+    0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U,
+    0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU,
+    0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU,
+    0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U,
+    0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U,
+    0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U,
+    0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U,
+    0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU,
+    0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U,
+    0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U,
+    0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU,
+    0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU,
+    0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU,
+    0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U,
+    0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU,
+    0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U,
+    0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U,
+    0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U,
+    0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U,
+    0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU,
+    0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U,
+    0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU,
+    0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU,
+    0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU,
+    0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU,
+    0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U,
+    0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU,
+    0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U,
+    0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU,
+    0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U,
+    0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U,
+    0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU,
+};
+static const u32 rcon[] = {
+        0x01000000, 0x02000000, 0x04000000, 0x08000000,
+        0x10000000, 0x20000000, 0x40000000, 0x80000000,
+        0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
+};
+
+/**
+ * Expand the cipher key into the encryption key schedule.
+ */
+int AES_set_encrypt_key(const unsigned char *userKey,
+                        const FIPS_AES_SIZE_T bits, AES_KEY *key) {
+
+        u32 *rk;
+        int i = 0;
+        u32 temp;
+
+        if (!userKey || !key)
+                return -1;
+        if (bits != 128 && bits != 192 && bits != 256)
+                return -2;
+        if(FIPS_selftest_failed())
+                return -3;
+
+        rk = key->rd_key;
+
+        if (bits==128)
+                key->rounds = 10;
+        else if (bits==192)
+                key->rounds = 12;
+        else
+                key->rounds = 14;
+
+        rk[0] = GETU32(userKey     );
+        rk[1] = GETU32(userKey +  4);
+        rk[2] = GETU32(userKey +  8);
+        rk[3] = GETU32(userKey + 12);
+        if (bits == 128) {
+                while (1) {
+                        temp  = rk[3];
+                        rk[4] = rk[0] ^
+                                (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
+                                (Te4[(temp >>  8) & 0xff] & 0x00ff0000) ^
+                                (Te4[(temp      ) & 0xff] & 0x0000ff00) ^
+                                (Te4[(temp >> 24)       ] & 0x000000ff) ^
+                                rcon[i];
+                        rk[5] = rk[1] ^ rk[4];
+                        rk[6] = rk[2] ^ rk[5];
+                        rk[7] = rk[3] ^ rk[6];
+                        if (++i == 10) {
+                                return 0;
+                        }
+                        rk += 4;
+                }
+        }
+        rk[4] = GETU32(userKey + 16);
+        rk[5] = GETU32(userKey + 20);
+        if (bits == 192) {
+                while (1) {
+                        temp = rk[ 5];
+                        rk[ 6] = rk[ 0] ^
+                                (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
+                                (Te4[(temp >>  8) & 0xff] & 0x00ff0000) ^
+                                (Te4[(temp      ) & 0xff] & 0x0000ff00) ^
+                                (Te4[(temp >> 24)       ] & 0x000000ff) ^
+                                rcon[i];
+                        rk[ 7] = rk[ 1] ^ rk[ 6];
+                        rk[ 8] = rk[ 2] ^ rk[ 7];
+                        rk[ 9] = rk[ 3] ^ rk[ 8];
+                        if (++i == 8) {
+                                return 0;
+                        }
+                        rk[10] = rk[ 4] ^ rk[ 9];
+                        rk[11] = rk[ 5] ^ rk[10];
+                        rk += 6;
+                }
+        }
+        rk[6] = GETU32(userKey + 24);
+        rk[7] = GETU32(userKey + 28);
+        if (bits == 256) {
+                while (1) {
+                        temp = rk[ 7];
+                        rk[ 8] = rk[ 0] ^
+                                (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
+                                (Te4[(temp >>  8) & 0xff] & 0x00ff0000) ^
+                                (Te4[(temp      ) & 0xff] & 0x0000ff00) ^
+                                (Te4[(temp >> 24)       ] & 0x000000ff) ^
+                                rcon[i];
+                        rk[ 9] = rk[ 1] ^ rk[ 8];
+                        rk[10] = rk[ 2] ^ rk[ 9];
+                        rk[11] = rk[ 3] ^ rk[10];
+                        if (++i == 7) {
+                                return 0;
+                        }
+                        temp = rk[11];
+                        rk[12] = rk[ 4] ^
+                                (Te4[(temp >> 24)       ] & 0xff000000) ^
+                                (Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^
+                                (Te4[(temp >>  8) & 0xff] & 0x0000ff00) ^
+                                (Te4[(temp      ) & 0xff] & 0x000000ff);
+                        rk[13] = rk[ 5] ^ rk[12];
+                        rk[14] = rk[ 6] ^ rk[13];
+                        rk[15] = rk[ 7] ^ rk[14];
+
+                        rk += 8;
+                }
+        }
+        return 0;
+}
+
+/**
+ * Expand the cipher key into the decryption key schedule.
+ */
+int AES_set_decrypt_key(const unsigned char *userKey,
+        const FIPS_AES_SIZE_T bits, AES_KEY *key) {
+
+        u32 *rk;
+        int i, j, status;
+        u32 temp;
+
+        /* first, start with an encryption schedule */
+        status = AES_set_encrypt_key(userKey, bits, key);
+        if (status < 0)
+                return status;
+
+        rk = key->rd_key;
+
+        /* invert the order of the round keys: */
+        for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
+                temp = rk[i    ]; rk[i    ] = rk[j    ]; rk[j    ] = temp;
+                temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
+                temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
+                temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
+        }
+        /* apply the inverse MixColumn transform to all round keys but the first and the last: */
+        for (i = 1; i < (key->rounds); i++) {
+                rk += 4;
+                rk[0] =
+                        Td0[Te4[(rk[0] >> 24)       ] & 0xff] ^
+                        Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^
+                        Td2[Te4[(rk[0] >>  8) & 0xff] & 0xff] ^
+                        Td3[Te4[(rk[0]      ) & 0xff] & 0xff];
+                rk[1] =
+                        Td0[Te4[(rk[1] >> 24)       ] & 0xff] ^
+                        Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^
+                        Td2[Te4[(rk[1] >>  8) & 0xff] & 0xff] ^
+                        Td3[Te4[(rk[1]      ) & 0xff] & 0xff];
+                rk[2] =
+                        Td0[Te4[(rk[2] >> 24)       ] & 0xff] ^
+                        Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^
+                        Td2[Te4[(rk[2] >>  8) & 0xff] & 0xff] ^
+                        Td3[Te4[(rk[2]      ) & 0xff] & 0xff];
+                rk[3] =
+                        Td0[Te4[(rk[3] >> 24)       ] & 0xff] ^
+                        Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^
+                        Td2[Te4[(rk[3] >>  8) & 0xff] & 0xff] ^
+                        Td3[Te4[(rk[3]      ) & 0xff] & 0xff];
+        }
+        return 0;
+}
+
+/*
+ * Encrypt a single block
+ * in and out can overlap
+ */
+void AES_encrypt(const unsigned char *in, unsigned char *out,
+                 const AES_KEY *key) {
+
+        const u32 *rk;
+        u32 s0, s1, s2, s3, t0, t1, t2, t3;
+#ifndef FULL_UNROLL
+        int r;
+#endif /* ?FULL_UNROLL */
+
+        assert(in && out && key);
+        rk = key->rd_key;
+
+        /*
+         * map byte array block to cipher state
+         * and add initial round key:
+         */
+        s0 = GETU32(in     ) ^ rk[0];
+        s1 = GETU32(in +  4) ^ rk[1];
+        s2 = GETU32(in +  8) ^ rk[2];
+        s3 = GETU32(in + 12) ^ rk[3];
+#ifdef FULL_UNROLL
+        /* round 1: */
+        t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4];
+        t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5];
+        t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6];
+        t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7];
+        /* round 2: */
+        s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8];
+        s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9];
+        s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10];
+        s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11];
+        /* round 3: */
+        t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12];
+        t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13];
+        t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14];
+        t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15];
+        /* round 4: */
+        s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16];
+        s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17];
+        s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18];
+        s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19];
+        /* round 5: */
+        t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20];
+        t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21];
+        t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22];
+        t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23];
+        /* round 6: */
+        s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24];
+        s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25];
+        s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26];
+        s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27];
+        /* round 7: */
+        t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28];
+        t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29];
+        t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30];
+        t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31];
+        /* round 8: */
+        s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32];
+        s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33];
+        s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34];
+        s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35];
+        /* round 9: */
+        t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36];
+        t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37];
+        t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38];
+        t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39];
+    if (key->rounds > 10) {
+        /* round 10: */
+        s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40];
+        s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41];
+        s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42];
+        s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43];
+        /* round 11: */
+        t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44];
+        t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45];
+        t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46];
+        t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47];
+        if (key->rounds > 12) {
+            /* round 12: */
+            s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48];
+            s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49];
+            s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50];
+            s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51];
+            /* round 13: */
+            t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52];
+            t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53];
+            t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54];
+            t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55];
+        }
+    }
+    rk += key->rounds << 2;
+#else  /* !FULL_UNROLL */
+    /*
+     * Nr - 1 full rounds:
+     */
+    r = key->rounds >> 1;
+    for (;;) {
+        t0 =
+            Te0[(s0 >> 24)       ] ^
+            Te1[(s1 >> 16) & 0xff] ^
+            Te2[(s2 >>  8) & 0xff] ^
+            Te3[(s3      ) & 0xff] ^
+            rk[4];
+        t1 =
+            Te0[(s1 >> 24)       ] ^
+            Te1[(s2 >> 16) & 0xff] ^
+            Te2[(s3 >>  8) & 0xff] ^
+            Te3[(s0      ) & 0xff] ^
+            rk[5];
+        t2 =
+            Te0[(s2 >> 24)       ] ^
+            Te1[(s3 >> 16) & 0xff] ^
+            Te2[(s0 >>  8) & 0xff] ^
+            Te3[(s1      ) & 0xff] ^
+            rk[6];
+        t3 =
+            Te0[(s3 >> 24)       ] ^
+            Te1[(s0 >> 16) & 0xff] ^
+            Te2[(s1 >>  8) & 0xff] ^
+            Te3[(s2      ) & 0xff] ^
+            rk[7];
+
+        rk += 8;
+        if (--r == 0) {
+            break;
+        }
+
+        s0 =
+            Te0[(t0 >> 24)       ] ^
+            Te1[(t1 >> 16) & 0xff] ^
+            Te2[(t2 >>  8) & 0xff] ^
+            Te3[(t3      ) & 0xff] ^
+            rk[0];
+        s1 =
+            Te0[(t1 >> 24)       ] ^
+            Te1[(t2 >> 16) & 0xff] ^
+            Te2[(t3 >>  8) & 0xff] ^
+            Te3[(t0      ) & 0xff] ^
+            rk[1];
+        s2 =
+            Te0[(t2 >> 24)       ] ^
+            Te1[(t3 >> 16) & 0xff] ^
+            Te2[(t0 >>  8) & 0xff] ^
+            Te3[(t1      ) & 0xff] ^
+            rk[2];
+        s3 =
+            Te0[(t3 >> 24)       ] ^
+            Te1[(t0 >> 16) & 0xff] ^
+            Te2[(t1 >>  8) & 0xff] ^
+            Te3[(t2      ) & 0xff] ^
+            rk[3];
+    }
+#endif /* ?FULL_UNROLL */
+    /*
+         * apply last round and
+         * map cipher state to byte array block:
+         */
+        s0 =
+                (Te4[(t0 >> 24)       ] & 0xff000000) ^
+                (Te4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
+                (Te4[(t2 >>  8) & 0xff] & 0x0000ff00) ^
+                (Te4[(t3      ) & 0xff] & 0x000000ff) ^
+                rk[0];
+        PUTU32(out     , s0);
+        s1 =
+                (Te4[(t1 >> 24)       ] & 0xff000000) ^
+                (Te4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
+                (Te4[(t3 >>  8) & 0xff] & 0x0000ff00) ^
+                (Te4[(t0      ) & 0xff] & 0x000000ff) ^
+                rk[1];
+        PUTU32(out +  4, s1);
+        s2 =
+                (Te4[(t2 >> 24)       ] & 0xff000000) ^
+                (Te4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
+                (Te4[(t0 >>  8) & 0xff] & 0x0000ff00) ^
+                (Te4[(t1      ) & 0xff] & 0x000000ff) ^
+                rk[2];
+        PUTU32(out +  8, s2);
+        s3 =
+                (Te4[(t3 >> 24)       ] & 0xff000000) ^
+                (Te4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
+                (Te4[(t1 >>  8) & 0xff] & 0x0000ff00) ^
+                (Te4[(t2      ) & 0xff] & 0x000000ff) ^
+                rk[3];
+        PUTU32(out + 12, s3);
+}
+
+/*
+ * Decrypt a single block
+ * in and out can overlap
+ */
+void AES_decrypt(const unsigned char *in, unsigned char *out,
+                 const AES_KEY *key) {
+
+        const u32 *rk;
+        u32 s0, s1, s2, s3, t0, t1, t2, t3;
+#ifndef FULL_UNROLL
+        int r;
+#endif /* ?FULL_UNROLL */
+
+        assert(in && out && key);
+        rk = key->rd_key;
+
+        /*
+         * map byte array block to cipher state
+         * and add initial round key:
+         */
+    s0 = GETU32(in     ) ^ rk[0];
+    s1 = GETU32(in +  4) ^ rk[1];
+    s2 = GETU32(in +  8) ^ rk[2];
+    s3 = GETU32(in + 12) ^ rk[3];
+#ifdef FULL_UNROLL
+    /* round 1: */
+    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[ 4];
+    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[ 5];
+    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[ 6];
+    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[ 7];
+    /* round 2: */
+    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[ 8];
+    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[ 9];
+    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[10];
+    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[11];
+    /* round 3: */
+    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[12];
+    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[13];
+    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[14];
+    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[15];
+    /* round 4: */
+    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[16];
+    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[17];
+    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[18];
+    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[19];
+    /* round 5: */
+    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[20];
+    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[21];
+    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[22];
+    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[23];
+    /* round 6: */
+    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[24];
+    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[25];
+    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[26];
+    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[27];
+    /* round 7: */
+    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[28];
+    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[29];
+    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[30];
+    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[31];
+    /* round 8: */
+    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[32];
+    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[33];
+    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[34];
+    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[35];
+    /* round 9: */
+    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[36];
+    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[37];
+    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38];
+    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39];
+    if (key->rounds > 10) {
+        /* round 10: */
+        s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40];
+        s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41];
+        s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42];
+        s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43];
+        /* round 11: */
+        t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44];
+        t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45];
+        t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46];
+        t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47];
+        if (key->rounds > 12) {
+            /* round 12: */
+            s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48];
+            s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49];
+            s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50];
+            s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51];
+            /* round 13: */
+            t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52];
+            t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53];
+            t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54];
+            t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55];
+        }
+    }
+        rk += key->rounds << 2;
+#else  /* !FULL_UNROLL */
+    /*
+     * Nr - 1 full rounds:
+     */
+    r = key->rounds >> 1;
+    for (;;) {
+        t0 =
+            Td0[(s0 >> 24)       ] ^
+            Td1[(s3 >> 16) & 0xff] ^
+            Td2[(s2 >>  8) & 0xff] ^
+            Td3[(s1      ) & 0xff] ^
+            rk[4];
+        t1 =
+            Td0[(s1 >> 24)       ] ^
+            Td1[(s0 >> 16) & 0xff] ^
+            Td2[(s3 >>  8) & 0xff] ^
+            Td3[(s2      ) & 0xff] ^
+            rk[5];
+        t2 =
+            Td0[(s2 >> 24)       ] ^
+            Td1[(s1 >> 16) & 0xff] ^
+            Td2[(s0 >>  8) & 0xff] ^
+            Td3[(s3      ) & 0xff] ^
+            rk[6];
+        t3 =
+            Td0[(s3 >> 24)       ] ^
+            Td1[(s2 >> 16) & 0xff] ^
+            Td2[(s1 >>  8) & 0xff] ^
+            Td3[(s0      ) & 0xff] ^
+            rk[7];
+
+        rk += 8;
+        if (--r == 0) {
+            break;
+        }
+
+        s0 =
+            Td0[(t0 >> 24)       ] ^
+            Td1[(t3 >> 16) & 0xff] ^
+            Td2[(t2 >>  8) & 0xff] ^
+            Td3[(t1      ) & 0xff] ^
+            rk[0];
+        s1 =
+            Td0[(t1 >> 24)       ] ^
+            Td1[(t0 >> 16) & 0xff] ^
+            Td2[(t3 >>  8) & 0xff] ^
+            Td3[(t2      ) & 0xff] ^
+            rk[1];
+        s2 =
+            Td0[(t2 >> 24)       ] ^
+            Td1[(t1 >> 16) & 0xff] ^
+            Td2[(t0 >>  8) & 0xff] ^
+            Td3[(t3      ) & 0xff] ^
+            rk[2];
+        s3 =
+            Td0[(t3 >> 24)       ] ^
+            Td1[(t2 >> 16) & 0xff] ^
+            Td2[(t1 >>  8) & 0xff] ^
+            Td3[(t0      ) & 0xff] ^
+            rk[3];
+    }
+#endif /* ?FULL_UNROLL */
+    /*
+         * apply last round and
+         * map cipher state to byte array block:
+         */
+        s0 =
+                (Td4[(t0 >> 24)       ] & 0xff000000) ^
+                (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
+                (Td4[(t2 >>  8) & 0xff] & 0x0000ff00) ^
+                (Td4[(t1      ) & 0xff] & 0x000000ff) ^
+                rk[0];
+        PUTU32(out     , s0);
+        s1 =
+                (Td4[(t1 >> 24)       ] & 0xff000000) ^
+                (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
+                (Td4[(t3 >>  8) & 0xff] & 0x0000ff00) ^
+                (Td4[(t2      ) & 0xff] & 0x000000ff) ^
+                rk[1];
+        PUTU32(out +  4, s1);
+        s2 =
+                (Td4[(t2 >> 24)       ] & 0xff000000) ^
+                (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
+                (Td4[(t0 >>  8) & 0xff] & 0x0000ff00) ^
+                (Td4[(t3      ) & 0xff] & 0x000000ff) ^
+                rk[2];
+        PUTU32(out +  8, s2);
+        s3 =
+                (Td4[(t3 >> 24)       ] & 0xff000000) ^
+                (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
+                (Td4[(t1 >>  8) & 0xff] & 0x0000ff00) ^
+                (Td4[(t0      ) & 0xff] & 0x000000ff) ^
+                rk[3];
+        PUTU32(out + 12, s3);
+}
+
+#endif /* def OPENSSL_FIPS */
diff --git a/src/lib/libssl/src/fips/aes/fips_aes_locl.h b/src/lib/libssl/src/fips/aes/fips_aes_locl.h
new file mode 100644
index 0000000000..4184729e34
--- /dev/null
+++ b/src/lib/libssl/src/fips/aes/fips_aes_locl.h
@@ -0,0 +1,85 @@
+/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#ifndef HEADER_AES_LOCL_H
+#define HEADER_AES_LOCL_H
+
+#include <openssl/e_os2.h>
+
+#ifdef OPENSSL_NO_AES
+#error AES is disabled.
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#if defined(_MSC_VER) && !defined(_M_IA64) && !defined(OPENSSL_SYS_WINCE)
+# define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
+# define GETU32(p) SWAP(*((u32 *)(p)))
+# define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); }
+#else
+# define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] <<  8) ^ ((u32)(pt)[3]))
+# define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >>  8); (ct)[3] = (u8)(st); }
+#endif
+
+typedef unsigned long u32;
+typedef unsigned short u16;
+typedef unsigned char u8;
+
+#define MAXKC   (256/32)
+#define MAXKB   (256/8)
+#define MAXNR   14
+
+/* This controls loop-unrolling in aes_core.c */
+#undef FULL_UNROLL
+
+#endif /* !HEADER_AES_LOCL_H */
diff --git a/src/lib/libssl/src/fips/des/asm/fips-dx86-elf.s b/src/lib/libssl/src/fips/des/asm/fips-dx86-elf.s
new file mode 100644
index 0000000000..c9939221e4
--- /dev/null
+++ b/src/lib/libssl/src/fips/des/asm/fips-dx86-elf.s
@@ -0,0 +1,2697 @@
+
+
+
+
+
+
+        .file   "des-586.s"
+        .version        "01.01"
+gcc2_compiled.:
+.text
+        .align 16
+.globl DES_encrypt1
+        .type   DES_encrypt1,@function
+DES_encrypt1:
+        pushl   %esi
+        pushl   %edi
+
+
+        movl    12(%esp),       %esi
+        xorl    %ecx,           %ecx
+        pushl   %ebx
+        pushl   %ebp
+        movl    (%esi),         %eax
+        movl    28(%esp),       %ebx
+        movl    4(%esi),        %edi
+
+
+        roll    $4,             %eax
+        movl    %eax,           %esi
+        xorl    %edi,           %eax
+        andl    $0xf0f0f0f0,    %eax
+        xorl    %eax,           %esi
+        xorl    %eax,           %edi
+
+        roll    $20,            %edi
+        movl    %edi,           %eax
+        xorl    %esi,           %edi
+        andl    $0xfff0000f,    %edi
+        xorl    %edi,           %eax
+        xorl    %edi,           %esi
+
+        roll    $14,            %eax
+        movl    %eax,           %edi
+        xorl    %esi,           %eax
+        andl    $0x33333333,    %eax
+        xorl    %eax,           %edi
+        xorl    %eax,           %esi
+
+        roll    $22,            %esi
+        movl    %esi,           %eax
+        xorl    %edi,           %esi
+        andl    $0x03fc03fc,    %esi
+        xorl    %esi,           %eax
+        xorl    %esi,           %edi
+
+        roll    $9,             %eax
+        movl    %eax,           %esi
+        xorl    %edi,           %eax
+        andl    $0xaaaaaaaa,    %eax
+        xorl    %eax,           %esi
+        xorl    %eax,           %edi
+
+.byte 209
+.byte 199       
+        leal    DES_SPtrans,    %ebp
+        movl    24(%esp),       %ecx
+        cmpl    $0,             %ebx
+        je      .L000start_decrypt
+
+
+        movl    (%ecx),         %eax
+        xorl    %ebx,           %ebx
+        movl    4(%ecx),        %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    8(%ecx),        %eax
+        xorl    %ebx,           %ebx
+        movl    12(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    16(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    20(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    24(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    28(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    32(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    36(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    40(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    44(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    48(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    52(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    56(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    60(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    64(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    68(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    72(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    76(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    80(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    84(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    88(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    92(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    96(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    100(%ecx),      %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    104(%ecx),      %eax
+        xorl    %ebx,           %ebx
+        movl    108(%ecx),      %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    112(%ecx),      %eax
+        xorl    %ebx,           %ebx
+        movl    116(%ecx),      %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    120(%ecx),      %eax
+        xorl    %ebx,           %ebx
+        movl    124(%ecx),      %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+        jmp     .L001end
+.L000start_decrypt:
+
+
+        movl    120(%ecx),      %eax
+        xorl    %ebx,           %ebx
+        movl    124(%ecx),      %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    112(%ecx),      %eax
+        xorl    %ebx,           %ebx
+        movl    116(%ecx),      %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    104(%ecx),      %eax
+        xorl    %ebx,           %ebx
+        movl    108(%ecx),      %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    96(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    100(%ecx),      %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    88(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    92(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    80(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    84(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    72(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    76(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    64(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    68(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    56(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    60(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    48(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    52(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    40(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    44(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    32(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    36(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    24(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    28(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    16(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    20(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    8(%ecx),        %eax
+        xorl    %ebx,           %ebx
+        movl    12(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    (%ecx),         %eax
+        xorl    %ebx,           %ebx
+        movl    4(%ecx),        %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+.L001end:
+
+
+        movl    20(%esp),       %edx
+.byte 209
+.byte 206       
+        movl    %edi,           %eax
+        xorl    %esi,           %edi
+        andl    $0xaaaaaaaa,    %edi
+        xorl    %edi,           %eax
+        xorl    %edi,           %esi
+
+        roll    $23,            %eax
+        movl    %eax,           %edi
+        xorl    %esi,           %eax
+        andl    $0x03fc03fc,    %eax
+        xorl    %eax,           %edi
+        xorl    %eax,           %esi
+
+        roll    $10,            %edi
+        movl    %edi,           %eax
+        xorl    %esi,           %edi
+        andl    $0x33333333,    %edi
+        xorl    %edi,           %eax
+        xorl    %edi,           %esi
+
+        roll    $18,            %esi
+        movl    %esi,           %edi
+        xorl    %eax,           %esi
+        andl    $0xfff0000f,    %esi
+        xorl    %esi,           %edi
+        xorl    %esi,           %eax
+
+        roll    $12,            %edi
+        movl    %edi,           %esi
+        xorl    %eax,           %edi
+        andl    $0xf0f0f0f0,    %edi
+        xorl    %edi,           %esi
+        xorl    %edi,           %eax
+
+        rorl    $4,             %eax
+        movl    %eax,           (%edx)
+        movl    %esi,           4(%edx)
+        popl    %ebp
+        popl    %ebx
+        popl    %edi
+        popl    %esi
+        ret
+.L_DES_encrypt1_end:
+        .size   DES_encrypt1,.L_DES_encrypt1_end-DES_encrypt1
+.ident  "desasm.pl"
+.text
+        .align 16
+.globl DES_encrypt2
+        .type   DES_encrypt2,@function
+DES_encrypt2:
+        pushl   %esi
+        pushl   %edi
+
+
+        movl    12(%esp),       %eax
+        xorl    %ecx,           %ecx
+        pushl   %ebx
+        pushl   %ebp
+        movl    (%eax),         %esi
+        movl    28(%esp),       %ebx
+        roll    $3,             %esi
+        movl    4(%eax),        %edi
+        roll    $3,             %edi
+        leal    DES_SPtrans,    %ebp
+        movl    24(%esp),       %ecx
+        cmpl    $0,             %ebx
+        je      .L002start_decrypt
+
+
+        movl    (%ecx),         %eax
+        xorl    %ebx,           %ebx
+        movl    4(%ecx),        %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    8(%ecx),        %eax
+        xorl    %ebx,           %ebx
+        movl    12(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    16(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    20(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    24(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    28(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    32(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    36(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    40(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    44(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    48(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    52(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    56(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    60(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    64(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    68(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    72(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    76(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    80(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    84(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    88(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    92(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    96(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    100(%ecx),      %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    104(%ecx),      %eax
+        xorl    %ebx,           %ebx
+        movl    108(%ecx),      %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    112(%ecx),      %eax
+        xorl    %ebx,           %ebx
+        movl    116(%ecx),      %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    120(%ecx),      %eax
+        xorl    %ebx,           %ebx
+        movl    124(%ecx),      %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+        jmp     .L003end
+.L002start_decrypt:
+
+
+        movl    120(%ecx),      %eax
+        xorl    %ebx,           %ebx
+        movl    124(%ecx),      %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    112(%ecx),      %eax
+        xorl    %ebx,           %ebx
+        movl    116(%ecx),      %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    104(%ecx),      %eax
+        xorl    %ebx,           %ebx
+        movl    108(%ecx),      %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    96(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    100(%ecx),      %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    88(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    92(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    80(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    84(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    72(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    76(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    64(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    68(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    56(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    60(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    48(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    52(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    40(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    44(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    32(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    36(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    24(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    28(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    16(%ecx),       %eax
+        xorl    %ebx,           %ebx
+        movl    20(%ecx),       %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+
+
+        movl    8(%ecx),        %eax
+        xorl    %ebx,           %ebx
+        movl    12(%ecx),       %edx
+        xorl    %esi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %esi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%edi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%edi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%edi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%edi
+        xorl    0x700(%ebp,%ecx),%edi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%edi
+        xorl    0x500(%ebp,%edx),%edi
+
+
+        movl    (%ecx),         %eax
+        xorl    %ebx,           %ebx
+        movl    4(%ecx),        %edx
+        xorl    %edi,           %eax
+        xorl    %ecx,           %ecx
+        xorl    %edi,           %edx
+        andl    $0xfcfcfcfc,    %eax
+        andl    $0xcfcfcfcf,    %edx
+        movb    %al,            %bl
+        movb    %ah,            %cl
+        rorl    $4,             %edx
+        xorl         (%ebp,%ebx),%esi
+        movb    %dl,            %bl
+        xorl    0x200(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        shrl    $16,            %eax
+        xorl    0x100(%ebp,%ebx),%esi
+        movb    %ah,            %bl
+        shrl    $16,            %edx
+        xorl    0x300(%ebp,%ecx),%esi
+        movb    %dh,            %cl
+        andl    $0xff,          %eax
+        andl    $0xff,          %edx
+        xorl    0x600(%ebp,%ebx),%esi
+        xorl    0x700(%ebp,%ecx),%esi
+        movl    24(%esp),       %ecx
+        xorl    0x400(%ebp,%eax),%esi
+        xorl    0x500(%ebp,%edx),%esi
+.L003end:
+
+
+        rorl    $3,             %edi
+        movl    20(%esp),       %eax
+        rorl    $3,             %esi
+        movl    %edi,           (%eax)
+        movl    %esi,           4(%eax)
+        popl    %ebp
+        popl    %ebx
+        popl    %edi
+        popl    %esi
+        ret
+.L_DES_encrypt2_end:
+        .size   DES_encrypt2,.L_DES_encrypt2_end-DES_encrypt2
+.ident  "desasm.pl"
+.text
+        .align 16
+.globl DES_encrypt3
+        .type   DES_encrypt3,@function
+DES_encrypt3:
+        pushl   %ebx
+        movl    8(%esp),        %ebx
+        pushl   %ebp
+        pushl   %esi
+        pushl   %edi
+
+
+        movl    (%ebx),         %edi
+        movl    4(%ebx),        %esi
+        subl    $12,            %esp
+
+
+        roll    $4,             %edi
+        movl    %edi,           %edx
+        xorl    %esi,           %edi
+        andl    $0xf0f0f0f0,    %edi
+        xorl    %edi,           %edx
+        xorl    %edi,           %esi
+
+        roll    $20,            %esi
+        movl    %esi,           %edi
+        xorl    %edx,           %esi
+        andl    $0xfff0000f,    %esi
+        xorl    %esi,           %edi
+        xorl    %esi,           %edx
+
+        roll    $14,            %edi
+        movl    %edi,           %esi
+        xorl    %edx,           %edi
+        andl    $0x33333333,    %edi
+        xorl    %edi,           %esi
+        xorl    %edi,           %edx
+
+        roll    $22,            %edx
+        movl    %edx,           %edi
+        xorl    %esi,           %edx
+        andl    $0x03fc03fc,    %edx
+        xorl    %edx,           %edi
+        xorl    %edx,           %esi
+
+        roll    $9,             %edi
+        movl    %edi,           %edx
+        xorl    %esi,           %edi
+        andl    $0xaaaaaaaa,    %edi
+        xorl    %edi,           %edx
+        xorl    %edi,           %esi
+
+        rorl    $3,             %edx
+        rorl    $2,             %esi
+        movl    %esi,           4(%ebx)
+        movl    36(%esp),       %eax
+        movl    %edx,           (%ebx)
+        movl    40(%esp),       %edi
+        movl    44(%esp),       %esi
+        movl    $1,             8(%esp)
+        movl    %eax,           4(%esp)
+        movl    %ebx,           (%esp)
+        call    DES_encrypt2
+        movl    $0,             8(%esp)
+        movl    %edi,           4(%esp)
+        movl    %ebx,           (%esp)
+        call    DES_encrypt2
+        movl    $1,             8(%esp)
+        movl    %esi,           4(%esp)
+        movl    %ebx,           (%esp)
+        call    DES_encrypt2
+        addl    $12,            %esp
+        movl    (%ebx),         %edi
+        movl    4(%ebx),        %esi
+
+
+        roll    $2,             %esi
+        roll    $3,             %edi
+        movl    %edi,           %eax
+        xorl    %esi,           %edi
+        andl    $0xaaaaaaaa,    %edi
+        xorl    %edi,           %eax
+        xorl    %edi,           %esi
+
+        roll    $23,            %eax
+        movl    %eax,           %edi
+        xorl    %esi,           %eax
+        andl    $0x03fc03fc,    %eax
+        xorl    %eax,           %edi
+        xorl    %eax,           %esi
+
+        roll    $10,            %edi
+        movl    %edi,           %eax
+        xorl    %esi,           %edi
+        andl    $0x33333333,    %edi
+        xorl    %edi,           %eax
+        xorl    %edi,           %esi
+
+        roll    $18,            %esi
+        movl    %esi,           %edi
+        xorl    %eax,           %esi
+        andl    $0xfff0000f,    %esi
+        xorl    %esi,           %edi
+        xorl    %esi,           %eax
+
+        roll    $12,            %edi
+        movl    %edi,           %esi
+        xorl    %eax,           %edi
+        andl    $0xf0f0f0f0,    %edi
+        xorl    %edi,           %esi
+        xorl    %edi,           %eax
+
+        rorl    $4,             %eax
+        movl    %eax,           (%ebx)
+        movl    %esi,           4(%ebx)
+        popl    %edi
+        popl    %esi
+        popl    %ebp
+        popl    %ebx
+        ret
+.L_DES_encrypt3_end:
+        .size   DES_encrypt3,.L_DES_encrypt3_end-DES_encrypt3
+.ident  "desasm.pl"
+.text
+        .align 16
+.globl DES_decrypt3
+        .type   DES_decrypt3,@function
+DES_decrypt3:
+        pushl   %ebx
+        movl    8(%esp),        %ebx
+        pushl   %ebp
+        pushl   %esi
+        pushl   %edi
+
+
+        movl    (%ebx),         %edi
+        movl    4(%ebx),        %esi
+        subl    $12,            %esp
+
+
+        roll    $4,             %edi
+        movl    %edi,           %edx
+        xorl    %esi,           %edi
+        andl    $0xf0f0f0f0,    %edi
+        xorl    %edi,           %edx
+        xorl    %edi,           %esi
+
+        roll    $20,            %esi
+        movl    %esi,           %edi
+        xorl    %edx,           %esi
+        andl    $0xfff0000f,    %esi
+        xorl    %esi,           %edi
+        xorl    %esi,           %edx
+
+        roll    $14,            %edi
+        movl    %edi,           %esi
+        xorl    %edx,           %edi
+        andl    $0x33333333,    %edi
+        xorl    %edi,           %esi
+        xorl    %edi,           %edx
+
+        roll    $22,            %edx
+        movl    %edx,           %edi
+        xorl    %esi,           %edx
+        andl    $0x03fc03fc,    %edx
+        xorl    %edx,           %edi
+        xorl    %edx,           %esi
+
+        roll    $9,             %edi
+        movl    %edi,           %edx
+        xorl    %esi,           %edi
+        andl    $0xaaaaaaaa,    %edi
+        xorl    %edi,           %edx
+        xorl    %edi,           %esi
+
+        rorl    $3,             %edx
+        rorl    $2,             %esi
+        movl    %esi,           4(%ebx)
+        movl    36(%esp),       %esi
+        movl    %edx,           (%ebx)
+        movl    40(%esp),       %edi
+        movl    44(%esp),       %eax
+        movl    $0,             8(%esp)
+        movl    %eax,           4(%esp)
+        movl    %ebx,           (%esp)
+        call    DES_encrypt2
+        movl    $1,             8(%esp)
+        movl    %edi,           4(%esp)
+        movl    %ebx,           (%esp)
+        call    DES_encrypt2
+        movl    $0,             8(%esp)
+        movl    %esi,           4(%esp)
+        movl    %ebx,           (%esp)
+        call    DES_encrypt2
+        addl    $12,            %esp
+        movl    (%ebx),         %edi
+        movl    4(%ebx),        %esi
+
+
+        roll    $2,             %esi
+        roll    $3,             %edi
+        movl    %edi,           %eax
+        xorl    %esi,           %edi
+        andl    $0xaaaaaaaa,    %edi
+        xorl    %edi,           %eax
+        xorl    %edi,           %esi
+
+        roll    $23,            %eax
+        movl    %eax,           %edi
+        xorl    %esi,           %eax
+        andl    $0x03fc03fc,    %eax
+        xorl    %eax,           %edi
+        xorl    %eax,           %esi
+
+        roll    $10,            %edi
+        movl    %edi,           %eax
+        xorl    %esi,           %edi
+        andl    $0x33333333,    %edi
+        xorl    %edi,           %eax
+        xorl    %edi,           %esi
+
+        roll    $18,            %esi
+        movl    %esi,           %edi
+        xorl    %eax,           %esi
+        andl    $0xfff0000f,    %esi
+        xorl    %esi,           %edi
+        xorl    %esi,           %eax
+
+        roll    $12,            %edi
+        movl    %edi,           %esi
+        xorl    %eax,           %edi
+        andl    $0xf0f0f0f0,    %edi
+        xorl    %edi,           %esi
+        xorl    %edi,           %eax
+
+        rorl    $4,             %eax
+        movl    %eax,           (%ebx)
+        movl    %esi,           4(%ebx)
+        popl    %edi
+        popl    %esi
+        popl    %ebp
+        popl    %ebx
+        ret
+.L_DES_decrypt3_end:
+        .size   DES_decrypt3,.L_DES_decrypt3_end-DES_decrypt3
+.ident  "desasm.pl"
+.text
+        .align 16
+.globl DES_ncbc_encrypt
+        .type   DES_ncbc_encrypt,@function
+DES_ncbc_encrypt:
+
+        pushl   %ebp
+        pushl   %ebx
+        pushl   %esi
+        pushl   %edi
+        movl    28(%esp),       %ebp
+
+        movl    36(%esp),       %ebx
+        movl    (%ebx),         %esi
+        movl    4(%ebx),        %edi
+        pushl   %edi
+        pushl   %esi
+        pushl   %edi
+        pushl   %esi
+        movl    %esp,           %ebx
+        movl    36(%esp),       %esi
+        movl    40(%esp),       %edi
+
+        movl    56(%esp),       %ecx
+
+        pushl   %ecx
+
+        movl    52(%esp),       %eax
+        pushl   %eax
+        pushl   %ebx
+        cmpl    $0,             %ecx
+        jz      .L004decrypt
+        andl    $4294967288,    %ebp
+        movl    12(%esp),       %eax
+        movl    16(%esp),       %ebx
+        jz      .L005encrypt_finish
+.L006encrypt_loop:
+        movl    (%esi),         %ecx
+        movl    4(%esi),        %edx
+        xorl    %ecx,           %eax
+        xorl    %edx,           %ebx
+        movl    %eax,           12(%esp)
+        movl    %ebx,           16(%esp)
+        call    DES_encrypt1
+        movl    12(%esp),       %eax
+        movl    16(%esp),       %ebx
+        movl    %eax,           (%edi)
+        movl    %ebx,           4(%edi)
+        addl    $8,             %esi
+        addl    $8,             %edi
+        subl    $8,             %ebp
+        jnz     .L006encrypt_loop
+.L005encrypt_finish:
+        movl    56(%esp),       %ebp
+        andl    $7,             %ebp
+        jz      .L007finish
+        call    .L008PIC_point
+.L008PIC_point:
+        popl    %edx
+        leal    .L009cbc_enc_jmp_table-.L008PIC_point(%edx),%ecx
+        movl    (%ecx,%ebp,4),  %ebp
+        addl    %edx,           %ebp
+        xorl    %ecx,           %ecx
+        xorl    %edx,           %edx
+        jmp     *%ebp
+.L010ej7:
+        movb    6(%esi),        %dh
+        sall    $8,             %edx
+.L011ej6:
+        movb    5(%esi),        %dh
+.L012ej5:
+        movb    4(%esi),        %dl
+.L013ej4:
+        movl    (%esi),         %ecx
+        jmp     .L014ejend
+.L015ej3:
+        movb    2(%esi),        %ch
+        sall    $8,             %ecx
+.L016ej2:
+        movb    1(%esi),        %ch
+.L017ej1:
+        movb    (%esi),         %cl
+.L014ejend:
+        xorl    %ecx,           %eax
+        xorl    %edx,           %ebx
+        movl    %eax,           12(%esp)
+        movl    %ebx,           16(%esp)
+        call    DES_encrypt1
+        movl    12(%esp),       %eax
+        movl    16(%esp),       %ebx
+        movl    %eax,           (%edi)
+        movl    %ebx,           4(%edi)
+        jmp     .L007finish
+.align 16
+.L004decrypt:
+        andl    $4294967288,    %ebp
+        movl    20(%esp),       %eax
+        movl    24(%esp),       %ebx
+        jz      .L018decrypt_finish
+.L019decrypt_loop:
+        movl    (%esi),         %eax
+        movl    4(%esi),        %ebx
+        movl    %eax,           12(%esp)
+        movl    %ebx,           16(%esp)
+        call    DES_encrypt1
+        movl    12(%esp),       %eax
+        movl    16(%esp),       %ebx
+        movl    20(%esp),       %ecx
+        movl    24(%esp),       %edx
+        xorl    %eax,           %ecx
+        xorl    %ebx,           %edx
+        movl    (%esi),         %eax
+        movl    4(%esi),        %ebx
+        movl    %ecx,           (%edi)
+        movl    %edx,           4(%edi)
+        movl    %eax,           20(%esp)
+        movl    %ebx,           24(%esp)
+        addl    $8,             %esi
+        addl    $8,             %edi
+        subl    $8,             %ebp
+        jnz     .L019decrypt_loop
+.L018decrypt_finish:
+        movl    56(%esp),       %ebp
+        andl    $7,             %ebp
+        jz      .L007finish
+        movl    (%esi),         %eax
+        movl    4(%esi),        %ebx
+        movl    %eax,           12(%esp)
+        movl    %ebx,           16(%esp)
+        call    DES_encrypt1
+        movl    12(%esp),       %eax
+        movl    16(%esp),       %ebx
+        movl    20(%esp),       %ecx
+        movl    24(%esp),       %edx
+        xorl    %eax,           %ecx
+        xorl    %ebx,           %edx
+        movl    (%esi),         %eax
+        movl    4(%esi),        %ebx
+.L020dj7:
+        rorl    $16,            %edx
+        movb    %dl,            6(%edi)
+        shrl    $16,            %edx
+.L021dj6:
+        movb    %dh,            5(%edi)
+.L022dj5:
+        movb    %dl,            4(%edi)
+.L023dj4:
+        movl    %ecx,           (%edi)
+        jmp     .L024djend
+.L025dj3:
+        rorl    $16,            %ecx
+        movb    %cl,            2(%edi)
+        sall    $16,            %ecx
+.L026dj2:
+        movb    %ch,            1(%esi)
+.L027dj1:
+        movb    %cl,            (%esi)
+.L024djend:
+        jmp     .L007finish
+.align 16
+.L007finish:
+        movl    64(%esp),       %ecx
+        addl    $28,            %esp
+        movl    %eax,           (%ecx)
+        movl    %ebx,           4(%ecx)
+        popl    %edi
+        popl    %esi
+        popl    %ebx
+        popl    %ebp
+        ret
+.align 16
+.L009cbc_enc_jmp_table:
+        .long 0
+        .long .L017ej1-.L008PIC_point
+        .long .L016ej2-.L008PIC_point
+        .long .L015ej3-.L008PIC_point
+        .long .L013ej4-.L008PIC_point
+        .long .L012ej5-.L008PIC_point
+        .long .L011ej6-.L008PIC_point
+        .long .L010ej7-.L008PIC_point
+.L_DES_ncbc_encrypt_end:
+        .size   DES_ncbc_encrypt,.L_DES_ncbc_encrypt_end-DES_ncbc_encrypt
+.ident  "desasm.pl"
+.text
+        .align 16
+.globl DES_ede3_cbc_encrypt
+        .type   DES_ede3_cbc_encrypt,@function
+DES_ede3_cbc_encrypt:
+
+        pushl   %ebp
+        pushl   %ebx
+        pushl   %esi
+        pushl   %edi
+        movl    28(%esp),       %ebp
+
+        movl    44(%esp),       %ebx
+        movl    (%ebx),         %esi
+        movl    4(%ebx),        %edi
+        pushl   %edi
+        pushl   %esi
+        pushl   %edi
+        pushl   %esi
+        movl    %esp,           %ebx
+        movl    36(%esp),       %esi
+        movl    40(%esp),       %edi
+
+        movl    64(%esp),       %ecx
+
+        movl    56(%esp),       %eax
+        pushl   %eax
+
+        movl    56(%esp),       %eax
+        pushl   %eax
+
+        movl    56(%esp),       %eax
+        pushl   %eax
+        pushl   %ebx
+        cmpl    $0,             %ecx
+        jz      .L028decrypt
+        andl    $4294967288,    %ebp
+        movl    16(%esp),       %eax
+        movl    20(%esp),       %ebx
+        jz      .L029encrypt_finish
+.L030encrypt_loop:
+        movl    (%esi),         %ecx
+        movl    4(%esi),        %edx
+        xorl    %ecx,           %eax
+        xorl    %edx,           %ebx
+        movl    %eax,           16(%esp)
+        movl    %ebx,           20(%esp)
+        call    DES_encrypt3
+        movl    16(%esp),       %eax
+        movl    20(%esp),       %ebx
+        movl    %eax,           (%edi)
+        movl    %ebx,           4(%edi)
+        addl    $8,             %esi
+        addl    $8,             %edi
+        subl    $8,             %ebp
+        jnz     .L030encrypt_loop
+.L029encrypt_finish:
+        movl    60(%esp),       %ebp
+        andl    $7,             %ebp
+        jz      .L031finish
+        call    .L032PIC_point
+.L032PIC_point:
+        popl    %edx
+        leal    .L033cbc_enc_jmp_table-.L032PIC_point(%edx),%ecx
+        movl    (%ecx,%ebp,4),  %ebp
+        addl    %edx,           %ebp
+        xorl    %ecx,           %ecx
+        xorl    %edx,           %edx
+        jmp     *%ebp
+.L034ej7:
+        movb    6(%esi),        %dh
+        sall    $8,             %edx
+.L035ej6:
+        movb    5(%esi),        %dh
+.L036ej5:
+        movb    4(%esi),        %dl
+.L037ej4:
+        movl    (%esi),         %ecx
+        jmp     .L038ejend
+.L039ej3:
+        movb    2(%esi),        %ch
+        sall    $8,             %ecx
+.L040ej2:
+        movb    1(%esi),        %ch
+.L041ej1:
+        movb    (%esi),         %cl
+.L038ejend:
+        xorl    %ecx,           %eax
+        xorl    %edx,           %ebx
+        movl    %eax,           16(%esp)
+        movl    %ebx,           20(%esp)
+        call    DES_encrypt3
+        movl    16(%esp),       %eax
+        movl    20(%esp),       %ebx
+        movl    %eax,           (%edi)
+        movl    %ebx,           4(%edi)
+        jmp     .L031finish
+.align 16
+.L028decrypt:
+        andl    $4294967288,    %ebp
+        movl    24(%esp),       %eax
+        movl    28(%esp),       %ebx
+        jz      .L042decrypt_finish
+.L043decrypt_loop:
+        movl    (%esi),         %eax
+        movl    4(%esi),        %ebx
+        movl    %eax,           16(%esp)
+        movl    %ebx,           20(%esp)
+        call    DES_decrypt3
+        movl    16(%esp),       %eax
+        movl    20(%esp),       %ebx
+        movl    24(%esp),       %ecx
+        movl    28(%esp),       %edx
+        xorl    %eax,           %ecx
+        xorl    %ebx,           %edx
+        movl    (%esi),         %eax
+        movl    4(%esi),        %ebx
+        movl    %ecx,           (%edi)
+        movl    %edx,           4(%edi)
+        movl    %eax,           24(%esp)
+        movl    %ebx,           28(%esp)
+        addl    $8,             %esi
+        addl    $8,             %edi
+        subl    $8,             %ebp
+        jnz     .L043decrypt_loop
+.L042decrypt_finish:
+        movl    60(%esp),       %ebp
+        andl    $7,             %ebp
+        jz      .L031finish
+        movl    (%esi),         %eax
+        movl    4(%esi),        %ebx
+        movl    %eax,           16(%esp)
+        movl    %ebx,           20(%esp)
+        call    DES_decrypt3
+        movl    16(%esp),       %eax
+        movl    20(%esp),       %ebx
+        movl    24(%esp),       %ecx
+        movl    28(%esp),       %edx
+        xorl    %eax,           %ecx
+        xorl    %ebx,           %edx
+        movl    (%esi),         %eax
+        movl    4(%esi),        %ebx
+.L044dj7:
+        rorl    $16,            %edx
+        movb    %dl,            6(%edi)
+        shrl    $16,            %edx
+.L045dj6:
+        movb    %dh,            5(%edi)
+.L046dj5:
+        movb    %dl,            4(%edi)
+.L047dj4:
+        movl    %ecx,           (%edi)
+        jmp     .L048djend
+.L049dj3:
+        rorl    $16,            %ecx
+        movb    %cl,            2(%edi)
+        sall    $16,            %ecx
+.L050dj2:
+        movb    %ch,            1(%esi)
+.L051dj1:
+        movb    %cl,            (%esi)
+.L048djend:
+        jmp     .L031finish
+.align 16
+.L031finish:
+        movl    76(%esp),       %ecx
+        addl    $32,            %esp
+        movl    %eax,           (%ecx)
+        movl    %ebx,           4(%ecx)
+        popl    %edi
+        popl    %esi
+        popl    %ebx
+        popl    %ebp
+        ret
+.align 16
+.L033cbc_enc_jmp_table:
+        .long 0
+        .long .L041ej1-.L032PIC_point
+        .long .L040ej2-.L032PIC_point
+        .long .L039ej3-.L032PIC_point
+        .long .L037ej4-.L032PIC_point
+        .long .L036ej5-.L032PIC_point
+        .long .L035ej6-.L032PIC_point
+        .long .L034ej7-.L032PIC_point
+.L_DES_ede3_cbc_encrypt_end:
+        .size   DES_ede3_cbc_encrypt,.L_DES_ede3_cbc_encrypt_end-DES_ede3_cbc_encrypt
+.ident  "desasm.pl"
diff --git a/src/lib/libssl/src/fips/des/fingerprint.sha1 b/src/lib/libssl/src/fips/des/fingerprint.sha1
new file mode 100644
index 0000000000..83833d83d1
--- /dev/null
+++ b/src/lib/libssl/src/fips/des/fingerprint.sha1
@@ -0,0 +1,5 @@
+HMAC-SHA1(fips_des_enc.c)= 9527f8ea81602358f1aa11348237fdb1e9eeff32
+HMAC-SHA1(asm/fips-dx86-elf.s)= 2f85e8e86806c92ee4c12cf5354e19eccf6ed47d
+HMAC-SHA1(fips_des_selftest.c)= 3bc574e51647c5f5ab45d1007b2cf461d67764a9
+HMAC-SHA1(fips_set_key.c)= 2858450d3d9c8d4ab8edea683baa54fa34f3a605
+HMAC-SHA1(fips_des_locl.h)= 7053848e884df47f06de9f2248380b92e58ef4e5
diff --git a/src/lib/libssl/src/fips/des/fips_des_enc.c b/src/lib/libssl/src/fips/des/fips_des_enc.c
new file mode 100644
index 0000000000..40e25efa58
--- /dev/null
+++ b/src/lib/libssl/src/fips/des/fips_des_enc.c
@@ -0,0 +1,310 @@
+/* crypto/des/des_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "fips_des_locl.h"
+#include <openssl/fips.h>
+
+#ifdef OPENSSL_FIPS
+
+void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
+        {
+        register DES_LONG l,r,t,u;
+#ifdef DES_PTR
+        register const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
+#endif
+#ifndef DES_UNROLL
+        register int i;
+#endif
+        register DES_LONG *s;
+
+        if(FIPS_selftest_failed())
+            {
+            data[0]=data[1]=0;
+            return;
+            }
+
+        r=data[0];
+        l=data[1];
+
+        IP(r,l);
+        /* Things have been modified so that the initial rotate is
+         * done outside the loop.  This required the
+         * DES_SPtrans values in sp.h to be rotated 1 bit to the right.
+         * One perl script later and things have a 5% speed up on a sparc2.
+         * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+         * for pointing this out. */
+        /* clear the top bits on machines with 8byte longs */
+        /* shift left by 2 */
+        r=ROTATE(r,29)&0xffffffffL;
+        l=ROTATE(l,29)&0xffffffffL;
+
+        s=ks->ks->deslong;
+        /* I don't know if it is worth the effort of loop unrolling the
+         * inner loop */
+        if (enc)
+                {
+#ifdef DES_UNROLL
+                D_ENCRYPT(l,r, 0); /*  1 */
+                D_ENCRYPT(r,l, 2); /*  2 */
+                D_ENCRYPT(l,r, 4); /*  3 */
+                D_ENCRYPT(r,l, 6); /*  4 */
+                D_ENCRYPT(l,r, 8); /*  5 */
+                D_ENCRYPT(r,l,10); /*  6 */
+                D_ENCRYPT(l,r,12); /*  7 */
+                D_ENCRYPT(r,l,14); /*  8 */
+                D_ENCRYPT(l,r,16); /*  9 */
+                D_ENCRYPT(r,l,18); /*  10 */
+                D_ENCRYPT(l,r,20); /*  11 */
+                D_ENCRYPT(r,l,22); /*  12 */
+                D_ENCRYPT(l,r,24); /*  13 */
+                D_ENCRYPT(r,l,26); /*  14 */
+                D_ENCRYPT(l,r,28); /*  15 */
+                D_ENCRYPT(r,l,30); /*  16 */
+#else
+                for (i=0; i<32; i+=8)
+                        {
+                        D_ENCRYPT(l,r,i+0); /*  1 */
+                        D_ENCRYPT(r,l,i+2); /*  2 */
+                        D_ENCRYPT(l,r,i+4); /*  3 */
+                        D_ENCRYPT(r,l,i+6); /*  4 */
+                        }
+#endif
+                }
+        else
+                {
+#ifdef DES_UNROLL
+                D_ENCRYPT(l,r,30); /* 16 */
+                D_ENCRYPT(r,l,28); /* 15 */
+                D_ENCRYPT(l,r,26); /* 14 */
+                D_ENCRYPT(r,l,24); /* 13 */
+                D_ENCRYPT(l,r,22); /* 12 */
+                D_ENCRYPT(r,l,20); /* 11 */
+                D_ENCRYPT(l,r,18); /* 10 */
+                D_ENCRYPT(r,l,16); /*  9 */
+                D_ENCRYPT(l,r,14); /*  8 */
+                D_ENCRYPT(r,l,12); /*  7 */
+                D_ENCRYPT(l,r,10); /*  6 */
+                D_ENCRYPT(r,l, 8); /*  5 */
+                D_ENCRYPT(l,r, 6); /*  4 */
+                D_ENCRYPT(r,l, 4); /*  3 */
+                D_ENCRYPT(l,r, 2); /*  2 */
+                D_ENCRYPT(r,l, 0); /*  1 */
+#else
+                for (i=30; i>0; i-=8)
+                        {
+                        D_ENCRYPT(l,r,i-0); /* 16 */
+                        D_ENCRYPT(r,l,i-2); /* 15 */
+                        D_ENCRYPT(l,r,i-4); /* 14 */
+                        D_ENCRYPT(r,l,i-6); /* 13 */
+                        }
+#endif
+                }
+
+        /* rotate and clear the top bits on machines with 8byte longs */
+        l=ROTATE(l,3)&0xffffffffL;
+        r=ROTATE(r,3)&0xffffffffL;
+
+        FP(r,l);
+        data[0]=l;
+        data[1]=r;
+        l=r=t=u=0;
+        }
+
+void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc)
+        {
+        register DES_LONG l,r,t,u;
+#ifdef DES_PTR
+        register const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
+#endif
+#ifndef DES_UNROLL
+        register int i;
+#endif
+        register DES_LONG *s;
+
+        if(FIPS_selftest_failed())
+            {
+            data[0]=data[1]=0;
+            return;
+            }
+
+        r=data[0];
+        l=data[1];
+
+        /* Things have been modified so that the initial rotate is
+         * done outside the loop.  This required the
+         * DES_SPtrans values in sp.h to be rotated 1 bit to the right.
+         * One perl script later and things have a 5% speed up on a sparc2.
+         * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+         * for pointing this out. */
+        /* clear the top bits on machines with 8byte longs */
+        r=ROTATE(r,29)&0xffffffffL;
+        l=ROTATE(l,29)&0xffffffffL;
+
+        s=ks->ks->deslong;
+        /* I don't know if it is worth the effort of loop unrolling the
+         * inner loop */
+        if (enc)
+                {
+#ifdef DES_UNROLL
+                D_ENCRYPT(l,r, 0); /*  1 */
+                D_ENCRYPT(r,l, 2); /*  2 */
+                D_ENCRYPT(l,r, 4); /*  3 */
+                D_ENCRYPT(r,l, 6); /*  4 */
+                D_ENCRYPT(l,r, 8); /*  5 */
+                D_ENCRYPT(r,l,10); /*  6 */
+                D_ENCRYPT(l,r,12); /*  7 */
+                D_ENCRYPT(r,l,14); /*  8 */
+                D_ENCRYPT(l,r,16); /*  9 */
+                D_ENCRYPT(r,l,18); /*  10 */
+                D_ENCRYPT(l,r,20); /*  11 */
+                D_ENCRYPT(r,l,22); /*  12 */
+                D_ENCRYPT(l,r,24); /*  13 */
+                D_ENCRYPT(r,l,26); /*  14 */
+                D_ENCRYPT(l,r,28); /*  15 */
+                D_ENCRYPT(r,l,30); /*  16 */
+#else
+                for (i=0; i<32; i+=8)
+                        {
+                        D_ENCRYPT(l,r,i+0); /*  1 */
+                        D_ENCRYPT(r,l,i+2); /*  2 */
+                        D_ENCRYPT(l,r,i+4); /*  3 */
+                        D_ENCRYPT(r,l,i+6); /*  4 */
+                        }
+#endif
+                }
+        else
+                {
+#ifdef DES_UNROLL
+                D_ENCRYPT(l,r,30); /* 16 */
+                D_ENCRYPT(r,l,28); /* 15 */
+                D_ENCRYPT(l,r,26); /* 14 */
+                D_ENCRYPT(r,l,24); /* 13 */
+                D_ENCRYPT(l,r,22); /* 12 */
+                D_ENCRYPT(r,l,20); /* 11 */
+                D_ENCRYPT(l,r,18); /* 10 */
+                D_ENCRYPT(r,l,16); /*  9 */
+                D_ENCRYPT(l,r,14); /*  8 */
+                D_ENCRYPT(r,l,12); /*  7 */
+                D_ENCRYPT(l,r,10); /*  6 */
+                D_ENCRYPT(r,l, 8); /*  5 */
+                D_ENCRYPT(l,r, 6); /*  4 */
+                D_ENCRYPT(r,l, 4); /*  3 */
+                D_ENCRYPT(l,r, 2); /*  2 */
+                D_ENCRYPT(r,l, 0); /*  1 */
+#else
+                for (i=30; i>0; i-=8)
+                        {
+                        D_ENCRYPT(l,r,i-0); /* 16 */
+                        D_ENCRYPT(r,l,i-2); /* 15 */
+                        D_ENCRYPT(l,r,i-4); /* 14 */
+                        D_ENCRYPT(r,l,i-6); /* 13 */
+                        }
+#endif
+                }
+        /* rotate and clear the top bits on machines with 8byte longs */
+        data[0]=ROTATE(l,3)&0xffffffffL;
+        data[1]=ROTATE(r,3)&0xffffffffL;
+        l=r=t=u=0;
+        }
+
+void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
+                  DES_key_schedule *ks2, DES_key_schedule *ks3)
+        {
+        register DES_LONG l,r;
+
+        l=data[0];
+        r=data[1];
+        IP(l,r);
+        data[0]=l;
+        data[1]=r;
+        DES_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT);
+        DES_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT);
+        DES_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT);
+        l=data[0];
+        r=data[1];
+        FP(r,l);
+        data[0]=l;
+        data[1]=r;
+        }
+
+void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
+                  DES_key_schedule *ks2, DES_key_schedule *ks3)
+        {
+        register DES_LONG l,r;
+
+        l=data[0];
+        r=data[1];
+        IP(l,r);
+        data[0]=l;
+        data[1]=r;
+        DES_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT);
+        DES_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT);
+        DES_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT);
+        l=data[0];
+        r=data[1];
+        FP(r,l);
+        data[0]=l;
+        data[1]=r;
+        }
+
+#else /* ndef OPENSSL_FIPS */
+
+static void *dummy=&dummy;
+
+#endif /* ndef OPENSSL_FIPS */
+
diff --git a/src/lib/libssl/src/fips/des/fips_des_locl.h b/src/lib/libssl/src/fips/des/fips_des_locl.h
new file mode 100644
index 0000000000..ef9323a6d6
--- /dev/null
+++ b/src/lib/libssl/src/fips/des/fips_des_locl.h
@@ -0,0 +1,428 @@
+/* crypto/des/des_locl.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_DES_LOCL_H
+#define HEADER_DES_LOCL_H
+
+#include "e_os.h"
+
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
+#ifndef OPENSSL_SYS_MSDOS
+#define OPENSSL_SYS_MSDOS
+#endif
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#ifndef OPENSSL_SYS_MSDOS
+#if !defined(OPENSSL_SYS_VMS) || defined(__DECC)
+#ifdef OPENSSL_UNISTD
+# include OPENSSL_UNISTD
+#else
+# include <unistd.h>
+#endif
+#include <math.h>
+#endif
+#endif
+#include <openssl/des.h>
+
+#ifdef OPENSSL_SYS_MSDOS                /* Visual C++ 2.1 (Windows NT/95) */
+#include <stdlib.h>
+#include <errno.h>
+#include <time.h>
+#include <io.h>
+#endif
+
+#if defined(__STDC__) || defined(OPENSSL_SYS_VMS) || defined(M_XENIX) || defined(OPENSSL_SYS_MSDOS)
+#include <string.h>
+#endif
+
+#ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+#endif
+
+#define ITERATIONS 16
+#define HALF_ITERATIONS 8
+
+/* used in des_read and des_write */
+#define MAXWRITE        (1024*16)
+#define BSIZE           (MAXWRITE+4)
+
+#define c2l(c,l)        (l =((DES_LONG)(*((c)++)))    , \
+                         l|=((DES_LONG)(*((c)++)))<< 8L, \
+                         l|=((DES_LONG)(*((c)++)))<<16L, \
+                         l|=((DES_LONG)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#define c2ln(c,l1,l2,n) { \
+                        c+=n; \
+                        l1=l2=0; \
+                        switch (n) { \
+                        case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
+                        case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
+                        case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
+                        case 5: l2|=((DES_LONG)(*(--(c))));     \
+                        case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
+                        case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
+                        case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
+                        case 1: l1|=((DES_LONG)(*(--(c))));     \
+                                } \
+                        }
+
+#define l2c(l,c)        (*((c)++)=(unsigned char)(((l)     )&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* replacements for htonl and ntohl since I have no idea what to do
+ * when faced with machines with 8 byte longs. */
+#define HDRSIZE 4
+
+#define n2l(c,l)        (l =((DES_LONG)(*((c)++)))<<24L, \
+                         l|=((DES_LONG)(*((c)++)))<<16L, \
+                         l|=((DES_LONG)(*((c)++)))<< 8L, \
+                         l|=((DES_LONG)(*((c)++))))
+
+#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)     )&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#define l2cn(l1,l2,c,n) { \
+                        c+=n; \
+                        switch (n) { \
+                        case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+                        case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+                        case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+                        case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
+                        case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+                        case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+                        case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+                        case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
+                                } \
+                        }
+
+#if defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER)
+#define ROTATE(a,n)     (_lrotr(a,n))
+#elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC)
+# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
+#  define ROTATE(a,n)   ({ register unsigned int ret;   \
+                                asm ("rorl %1,%0"       \
+                                        : "=r"(ret)     \
+                                        : "I"(n),"0"(a) \
+                                        : "cc");        \
+                           ret;                         \
+                        })
+# endif
+#endif
+#ifndef ROTATE
+#define ROTATE(a,n)     (((a)>>(n))+((a)<<(32-(n))))
+#endif
+
+/* Don't worry about the LOAD_DATA() stuff, that is used by
+ * fcrypt() to add it's little bit to the front */
+
+#ifdef DES_FCRYPT
+
+#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
+        { DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }
+
+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
+        t=R^(R>>16L); \
+        u=t&E0; t&=E1; \
+        tmp=(u<<16); u^=R^s[S  ]; u^=tmp; \
+        tmp=(t<<16); t^=R^s[S+1]; t^=tmp
+#else
+#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
+        u=R^s[S  ]; \
+        t=R^s[S+1]
+#endif
+
+/* The changes to this macro may help or hinder, depending on the
+ * compiler and the architecture.  gcc2 always seems to do well :-).
+ * Inspired by Dana How <how@isl.stanford.edu>
+ * DO NOT use the alternative version on machines with 8 byte longs.
+ * It does not seem to work on the Alpha, even when DES_LONG is 4
+ * bytes, probably an issue of accessing non-word aligned objects :-( */
+#ifdef DES_PTR
+
+/* It recently occurred to me that 0^0^0^0^0^0^0 == 0, so there
+ * is no reason to not xor all the sub items together.  This potentially
+ * saves a register since things can be xored directly into L */
+
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+#define D_ENCRYPT(LL,R,S) { \
+        unsigned int u1,u2,u3; \
+        LOAD_DATA(R,S,u,t,E0,E1,u1); \
+        u2=(int)u>>8L; \
+        u1=(int)u&0xfc; \
+        u2&=0xfc; \
+        t=ROTATE(t,4); \
+        u>>=16L; \
+        LL^= *(const DES_LONG *)(des_SP      +u1); \
+        LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
+        u3=(int)(u>>8L); \
+        u1=(int)u&0xfc; \
+        u3&=0xfc; \
+        LL^= *(const DES_LONG *)(des_SP+0x400+u1); \
+        LL^= *(const DES_LONG *)(des_SP+0x600+u3); \
+        u2=(int)t>>8L; \
+        u1=(int)t&0xfc; \
+        u2&=0xfc; \
+        t>>=16L; \
+        LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
+        LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
+        u3=(int)t>>8L; \
+        u1=(int)t&0xfc; \
+        u3&=0xfc; \
+        LL^= *(const DES_LONG *)(des_SP+0x500+u1); \
+        LL^= *(const DES_LONG *)(des_SP+0x700+u3); }
+#endif
+#ifdef DES_RISC2
+#define D_ENCRYPT(LL,R,S) { \
+        unsigned int u1,u2,s1,s2; \
+        LOAD_DATA(R,S,u,t,E0,E1,u1); \
+        u2=(int)u>>8L; \
+        u1=(int)u&0xfc; \
+        u2&=0xfc; \
+        t=ROTATE(t,4); \
+        LL^= *(const DES_LONG *)(des_SP      +u1); \
+        LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
+        s1=(int)(u>>16L); \
+        s2=(int)(u>>24L); \
+        s1&=0xfc; \
+        s2&=0xfc; \
+        LL^= *(const DES_LONG *)(des_SP+0x400+s1); \
+        LL^= *(const DES_LONG *)(des_SP+0x600+s2); \
+        u2=(int)t>>8L; \
+        u1=(int)t&0xfc; \
+        u2&=0xfc; \
+        LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
+        LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
+        s1=(int)(t>>16L); \
+        s2=(int)(t>>24L); \
+        s1&=0xfc; \
+        s2&=0xfc; \
+        LL^= *(const DES_LONG *)(des_SP+0x500+s1); \
+        LL^= *(const DES_LONG *)(des_SP+0x700+s2); }
+#endif
+#else
+#define D_ENCRYPT(LL,R,S) { \
+        LOAD_DATA_tmp(R,S,u,t,E0,E1); \
+        t=ROTATE(t,4); \
+        LL^= \
+        *(const DES_LONG *)(des_SP      +((u     )&0xfc))^ \
+        *(const DES_LONG *)(des_SP+0x200+((u>> 8L)&0xfc))^ \
+        *(const DES_LONG *)(des_SP+0x400+((u>>16L)&0xfc))^ \
+        *(const DES_LONG *)(des_SP+0x600+((u>>24L)&0xfc))^ \
+        *(const DES_LONG *)(des_SP+0x100+((t     )&0xfc))^ \
+        *(const DES_LONG *)(des_SP+0x300+((t>> 8L)&0xfc))^ \
+        *(const DES_LONG *)(des_SP+0x500+((t>>16L)&0xfc))^ \
+        *(const DES_LONG *)(des_SP+0x700+((t>>24L)&0xfc)); }
+#endif
+
+#else /* original version */
+
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+#define D_ENCRYPT(LL,R,S) {\
+        unsigned int u1,u2,u3; \
+        LOAD_DATA(R,S,u,t,E0,E1,u1); \
+        u>>=2L; \
+        t=ROTATE(t,6); \
+        u2=(int)u>>8L; \
+        u1=(int)u&0x3f; \
+        u2&=0x3f; \
+        u>>=16L; \
+        LL^=DES_SPtrans[0][u1]; \
+        LL^=DES_SPtrans[2][u2]; \
+        u3=(int)u>>8L; \
+        u1=(int)u&0x3f; \
+        u3&=0x3f; \
+        LL^=DES_SPtrans[4][u1]; \
+        LL^=DES_SPtrans[6][u3]; \
+        u2=(int)t>>8L; \
+        u1=(int)t&0x3f; \
+        u2&=0x3f; \
+        t>>=16L; \
+        LL^=DES_SPtrans[1][u1]; \
+        LL^=DES_SPtrans[3][u2]; \
+        u3=(int)t>>8L; \
+        u1=(int)t&0x3f; \
+        u3&=0x3f; \
+        LL^=DES_SPtrans[5][u1]; \
+        LL^=DES_SPtrans[7][u3]; }
+#endif
+#ifdef DES_RISC2
+#define D_ENCRYPT(LL,R,S) {\
+        unsigned int u1,u2,s1,s2; \
+        LOAD_DATA(R,S,u,t,E0,E1,u1); \
+        u>>=2L; \
+        t=ROTATE(t,6); \
+        u2=(int)u>>8L; \
+        u1=(int)u&0x3f; \
+        u2&=0x3f; \
+        LL^=DES_SPtrans[0][u1]; \
+        LL^=DES_SPtrans[2][u2]; \
+        s1=(int)u>>16L; \
+        s2=(int)u>>24L; \
+        s1&=0x3f; \
+        s2&=0x3f; \
+        LL^=DES_SPtrans[4][s1]; \
+        LL^=DES_SPtrans[6][s2]; \
+        u2=(int)t>>8L; \
+        u1=(int)t&0x3f; \
+        u2&=0x3f; \
+        LL^=DES_SPtrans[1][u1]; \
+        LL^=DES_SPtrans[3][u2]; \
+        s1=(int)t>>16; \
+        s2=(int)t>>24L; \
+        s1&=0x3f; \
+        s2&=0x3f; \
+        LL^=DES_SPtrans[5][s1]; \
+        LL^=DES_SPtrans[7][s2]; }
+#endif
+
+#else
+
+#define D_ENCRYPT(LL,R,S) {\
+        LOAD_DATA_tmp(R,S,u,t,E0,E1); \
+        t=ROTATE(t,4); \
+        LL^=\
+                DES_SPtrans[0][(u>> 2L)&0x3f]^ \
+                DES_SPtrans[2][(u>>10L)&0x3f]^ \
+                DES_SPtrans[4][(u>>18L)&0x3f]^ \
+                DES_SPtrans[6][(u>>26L)&0x3f]^ \
+                DES_SPtrans[1][(t>> 2L)&0x3f]^ \
+                DES_SPtrans[3][(t>>10L)&0x3f]^ \
+                DES_SPtrans[5][(t>>18L)&0x3f]^ \
+                DES_SPtrans[7][(t>>26L)&0x3f]; }
+#endif
+#endif
+
+        /* IP and FP
+         * The problem is more of a geometric problem that random bit fiddling.
+         0  1  2  3  4  5  6  7      62 54 46 38 30 22 14  6
+         8  9 10 11 12 13 14 15      60 52 44 36 28 20 12  4
+        16 17 18 19 20 21 22 23      58 50 42 34 26 18 10  2
+        24 25 26 27 28 29 30 31  to  56 48 40 32 24 16  8  0
+
+        32 33 34 35 36 37 38 39      63 55 47 39 31 23 15  7
+        40 41 42 43 44 45 46 47      61 53 45 37 29 21 13  5
+        48 49 50 51 52 53 54 55      59 51 43 35 27 19 11  3
+        56 57 58 59 60 61 62 63      57 49 41 33 25 17  9  1
+
+        The output has been subject to swaps of the form
+        0 1 -> 3 1 but the odd and even bits have been put into
+        2 3    2 0
+        different words.  The main trick is to remember that
+        t=((l>>size)^r)&(mask);
+        r^=t;
+        l^=(t<<size);
+        can be used to swap and move bits between words.
+
+        So l =  0  1  2  3  r = 16 17 18 19
+                4  5  6  7      20 21 22 23
+                8  9 10 11      24 25 26 27
+               12 13 14 15      28 29 30 31
+        becomes (for size == 2 and mask == 0x3333)
+           t =   2^16  3^17 -- --   l =  0  1 16 17  r =  2  3 18 19
+                 6^20  7^21 -- --        4  5 20 21       6  7 22 23
+                10^24 11^25 -- --        8  9 24 25      10 11 24 25
+                14^28 15^29 -- --       12 13 28 29      14 15 28 29
+
+        Thanks for hints from Richard Outerbridge - he told me IP&FP
+        could be done in 15 xor, 10 shifts and 5 ands.
+        When I finally started to think of the problem in 2D
+        I first got ~42 operations without xors.  When I remembered
+        how to use xors :-) I got it to its final state.
+        */
+#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+        (b)^=(t),\
+        (a)^=((t)<<(n)))
+
+#define IP(l,r) \
+        { \
+        register DES_LONG tt; \
+        PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
+        PERM_OP(l,r,tt,16,0x0000ffffL); \
+        PERM_OP(r,l,tt, 2,0x33333333L); \
+        PERM_OP(l,r,tt, 8,0x00ff00ffL); \
+        PERM_OP(r,l,tt, 1,0x55555555L); \
+        }
+
+#define FP(l,r) \
+        { \
+        register DES_LONG tt; \
+        PERM_OP(l,r,tt, 1,0x55555555L); \
+        PERM_OP(r,l,tt, 8,0x00ff00ffL); \
+        PERM_OP(l,r,tt, 2,0x33333333L); \
+        PERM_OP(r,l,tt,16,0x0000ffffL); \
+        PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
+        }
+
+OPENSSL_EXTERN const DES_LONG DES_SPtrans[8][64];
+
+void fcrypt_body(DES_LONG *out,DES_key_schedule *ks,
+                 DES_LONG Eswap0, DES_LONG Eswap1);
+#endif
diff --git a/src/lib/libssl/src/fips/des/fips_set_key.c b/src/lib/libssl/src/fips/des/fips_set_key.c
new file mode 100644
index 0000000000..1490a3cf54
--- /dev/null
+++ b/src/lib/libssl/src/fips/des/fips_set_key.c
@@ -0,0 +1,417 @@
+/* crypto/des/set_key.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* set_key.c v 1.4 eay 24/9/91
+ * 1.4 Speed up by 400% :-)
+ * 1.3 added register declarations.
+ * 1.2 unrolled make_key_sched a bit more
+ * 1.1 added norm_expand_bits
+ * 1.0 First working version
+ */
+#include "fips_des_locl.h"
+#include <openssl/fips.h>
+
+#ifdef OPENSSL_FIPS
+
+OPENSSL_IMPLEMENT_GLOBAL(int,DES_check_key);    /* defaults to false */
+
+static const unsigned char odd_parity[256]={
+  1,  1,  2,  2,  4,  4,  7,  7,  8,  8, 11, 11, 13, 13, 14, 14,
+ 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
+ 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
+ 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
+ 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
+ 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
+ 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
+112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
+128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
+145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
+161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
+176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
+193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
+208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
+224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
+241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254};
+
+void DES_set_odd_parity(DES_cblock *key)
+        {
+        int i;
+
+        for (i=0; i<DES_KEY_SZ; i++)
+                (*key)[i]=odd_parity[(*key)[i]];
+        }
+
+int DES_check_key_parity(const_DES_cblock *key)
+        {
+        int i;
+
+        for (i=0; i<DES_KEY_SZ; i++)
+                {
+                if ((*key)[i] != odd_parity[(*key)[i]])
+                        return(0);
+                }
+        return(1);
+        }
+
+/* Weak and semi week keys as take from
+ * %A D.W. Davies
+ * %A W.L. Price
+ * %T Security for Computer Networks
+ * %I John Wiley & Sons
+ * %D 1984
+ * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
+ * (and actual cblock values).
+ */
+#define NUM_WEAK_KEY    16
+static DES_cblock weak_keys[NUM_WEAK_KEY]={
+        /* weak keys */
+        {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
+        {0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
+        {0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
+        {0xE0,0xE0,0xE0,0xE0,0xF1,0xF1,0xF1,0xF1},
+        /* semi-weak keys */
+        {0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE},
+        {0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01},
+        {0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1},
+        {0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E},
+        {0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1},
+        {0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01},
+        {0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE},
+        {0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E},
+        {0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E},
+        {0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01},
+        {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
+        {0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1}};
+
+int DES_is_weak_key(const_DES_cblock *key)
+        {
+        int i;
+
+        for (i=0; i<NUM_WEAK_KEY; i++)
+                /* Added == 0 to comparison, I obviously don't run
+                 * this section very often :-(, thanks to
+                 * engineering@MorningStar.Com for the fix
+                 * eay 93/06/29
+                 * Another problem, I was comparing only the first 4
+                 * bytes, 97/03/18 */
+                if (memcmp(weak_keys[i],key,sizeof(DES_cblock)) == 0) return(1);
+        return(0);
+        }
+
+/* NOW DEFINED IN des_local.h
+ * See ecb_encrypt.c for a pseudo description of these macros. 
+ * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+ *      (b)^=(t),\
+ *      (a)=((a)^((t)<<(n))))
+ */
+
+#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
+        (a)=(a)^(t)^(t>>(16-(n))))
+
+static const DES_LONG des_skb[8][64]={
+        {
+        /* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
+        0x00000000L,0x00000010L,0x20000000L,0x20000010L,
+        0x00010000L,0x00010010L,0x20010000L,0x20010010L,
+        0x00000800L,0x00000810L,0x20000800L,0x20000810L,
+        0x00010800L,0x00010810L,0x20010800L,0x20010810L,
+        0x00000020L,0x00000030L,0x20000020L,0x20000030L,
+        0x00010020L,0x00010030L,0x20010020L,0x20010030L,
+        0x00000820L,0x00000830L,0x20000820L,0x20000830L,
+        0x00010820L,0x00010830L,0x20010820L,0x20010830L,
+        0x00080000L,0x00080010L,0x20080000L,0x20080010L,
+        0x00090000L,0x00090010L,0x20090000L,0x20090010L,
+        0x00080800L,0x00080810L,0x20080800L,0x20080810L,
+        0x00090800L,0x00090810L,0x20090800L,0x20090810L,
+        0x00080020L,0x00080030L,0x20080020L,0x20080030L,
+        0x00090020L,0x00090030L,0x20090020L,0x20090030L,
+        0x00080820L,0x00080830L,0x20080820L,0x20080830L,
+        0x00090820L,0x00090830L,0x20090820L,0x20090830L,
+        },{
+        /* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
+        0x00000000L,0x02000000L,0x00002000L,0x02002000L,
+        0x00200000L,0x02200000L,0x00202000L,0x02202000L,
+        0x00000004L,0x02000004L,0x00002004L,0x02002004L,
+        0x00200004L,0x02200004L,0x00202004L,0x02202004L,
+        0x00000400L,0x02000400L,0x00002400L,0x02002400L,
+        0x00200400L,0x02200400L,0x00202400L,0x02202400L,
+        0x00000404L,0x02000404L,0x00002404L,0x02002404L,
+        0x00200404L,0x02200404L,0x00202404L,0x02202404L,
+        0x10000000L,0x12000000L,0x10002000L,0x12002000L,
+        0x10200000L,0x12200000L,0x10202000L,0x12202000L,
+        0x10000004L,0x12000004L,0x10002004L,0x12002004L,
+        0x10200004L,0x12200004L,0x10202004L,0x12202004L,
+        0x10000400L,0x12000400L,0x10002400L,0x12002400L,
+        0x10200400L,0x12200400L,0x10202400L,0x12202400L,
+        0x10000404L,0x12000404L,0x10002404L,0x12002404L,
+        0x10200404L,0x12200404L,0x10202404L,0x12202404L,
+        },{
+        /* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
+        0x00000000L,0x00000001L,0x00040000L,0x00040001L,
+        0x01000000L,0x01000001L,0x01040000L,0x01040001L,
+        0x00000002L,0x00000003L,0x00040002L,0x00040003L,
+        0x01000002L,0x01000003L,0x01040002L,0x01040003L,
+        0x00000200L,0x00000201L,0x00040200L,0x00040201L,
+        0x01000200L,0x01000201L,0x01040200L,0x01040201L,
+        0x00000202L,0x00000203L,0x00040202L,0x00040203L,
+        0x01000202L,0x01000203L,0x01040202L,0x01040203L,
+        0x08000000L,0x08000001L,0x08040000L,0x08040001L,
+        0x09000000L,0x09000001L,0x09040000L,0x09040001L,
+        0x08000002L,0x08000003L,0x08040002L,0x08040003L,
+        0x09000002L,0x09000003L,0x09040002L,0x09040003L,
+        0x08000200L,0x08000201L,0x08040200L,0x08040201L,
+        0x09000200L,0x09000201L,0x09040200L,0x09040201L,
+        0x08000202L,0x08000203L,0x08040202L,0x08040203L,
+        0x09000202L,0x09000203L,0x09040202L,0x09040203L,
+        },{
+        /* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
+        0x00000000L,0x00100000L,0x00000100L,0x00100100L,
+        0x00000008L,0x00100008L,0x00000108L,0x00100108L,
+        0x00001000L,0x00101000L,0x00001100L,0x00101100L,
+        0x00001008L,0x00101008L,0x00001108L,0x00101108L,
+        0x04000000L,0x04100000L,0x04000100L,0x04100100L,
+        0x04000008L,0x04100008L,0x04000108L,0x04100108L,
+        0x04001000L,0x04101000L,0x04001100L,0x04101100L,
+        0x04001008L,0x04101008L,0x04001108L,0x04101108L,
+        0x00020000L,0x00120000L,0x00020100L,0x00120100L,
+        0x00020008L,0x00120008L,0x00020108L,0x00120108L,
+        0x00021000L,0x00121000L,0x00021100L,0x00121100L,
+        0x00021008L,0x00121008L,0x00021108L,0x00121108L,
+        0x04020000L,0x04120000L,0x04020100L,0x04120100L,
+        0x04020008L,0x04120008L,0x04020108L,0x04120108L,
+        0x04021000L,0x04121000L,0x04021100L,0x04121100L,
+        0x04021008L,0x04121008L,0x04021108L,0x04121108L,
+        },{
+        /* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
+        0x00000000L,0x10000000L,0x00010000L,0x10010000L,
+        0x00000004L,0x10000004L,0x00010004L,0x10010004L,
+        0x20000000L,0x30000000L,0x20010000L,0x30010000L,
+        0x20000004L,0x30000004L,0x20010004L,0x30010004L,
+        0x00100000L,0x10100000L,0x00110000L,0x10110000L,
+        0x00100004L,0x10100004L,0x00110004L,0x10110004L,
+        0x20100000L,0x30100000L,0x20110000L,0x30110000L,
+        0x20100004L,0x30100004L,0x20110004L,0x30110004L,
+        0x00001000L,0x10001000L,0x00011000L,0x10011000L,
+        0x00001004L,0x10001004L,0x00011004L,0x10011004L,
+        0x20001000L,0x30001000L,0x20011000L,0x30011000L,
+        0x20001004L,0x30001004L,0x20011004L,0x30011004L,
+        0x00101000L,0x10101000L,0x00111000L,0x10111000L,
+        0x00101004L,0x10101004L,0x00111004L,0x10111004L,
+        0x20101000L,0x30101000L,0x20111000L,0x30111000L,
+        0x20101004L,0x30101004L,0x20111004L,0x30111004L,
+        },{
+        /* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
+        0x00000000L,0x08000000L,0x00000008L,0x08000008L,
+        0x00000400L,0x08000400L,0x00000408L,0x08000408L,
+        0x00020000L,0x08020000L,0x00020008L,0x08020008L,
+        0x00020400L,0x08020400L,0x00020408L,0x08020408L,
+        0x00000001L,0x08000001L,0x00000009L,0x08000009L,
+        0x00000401L,0x08000401L,0x00000409L,0x08000409L,
+        0x00020001L,0x08020001L,0x00020009L,0x08020009L,
+        0x00020401L,0x08020401L,0x00020409L,0x08020409L,
+        0x02000000L,0x0A000000L,0x02000008L,0x0A000008L,
+        0x02000400L,0x0A000400L,0x02000408L,0x0A000408L,
+        0x02020000L,0x0A020000L,0x02020008L,0x0A020008L,
+        0x02020400L,0x0A020400L,0x02020408L,0x0A020408L,
+        0x02000001L,0x0A000001L,0x02000009L,0x0A000009L,
+        0x02000401L,0x0A000401L,0x02000409L,0x0A000409L,
+        0x02020001L,0x0A020001L,0x02020009L,0x0A020009L,
+        0x02020401L,0x0A020401L,0x02020409L,0x0A020409L,
+        },{
+        /* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
+        0x00000000L,0x00000100L,0x00080000L,0x00080100L,
+        0x01000000L,0x01000100L,0x01080000L,0x01080100L,
+        0x00000010L,0x00000110L,0x00080010L,0x00080110L,
+        0x01000010L,0x01000110L,0x01080010L,0x01080110L,
+        0x00200000L,0x00200100L,0x00280000L,0x00280100L,
+        0x01200000L,0x01200100L,0x01280000L,0x01280100L,
+        0x00200010L,0x00200110L,0x00280010L,0x00280110L,
+        0x01200010L,0x01200110L,0x01280010L,0x01280110L,
+        0x00000200L,0x00000300L,0x00080200L,0x00080300L,
+        0x01000200L,0x01000300L,0x01080200L,0x01080300L,
+        0x00000210L,0x00000310L,0x00080210L,0x00080310L,
+        0x01000210L,0x01000310L,0x01080210L,0x01080310L,
+        0x00200200L,0x00200300L,0x00280200L,0x00280300L,
+        0x01200200L,0x01200300L,0x01280200L,0x01280300L,
+        0x00200210L,0x00200310L,0x00280210L,0x00280310L,
+        0x01200210L,0x01200310L,0x01280210L,0x01280310L,
+        },{
+        /* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
+        0x00000000L,0x04000000L,0x00040000L,0x04040000L,
+        0x00000002L,0x04000002L,0x00040002L,0x04040002L,
+        0x00002000L,0x04002000L,0x00042000L,0x04042000L,
+        0x00002002L,0x04002002L,0x00042002L,0x04042002L,
+        0x00000020L,0x04000020L,0x00040020L,0x04040020L,
+        0x00000022L,0x04000022L,0x00040022L,0x04040022L,
+        0x00002020L,0x04002020L,0x00042020L,0x04042020L,
+        0x00002022L,0x04002022L,0x00042022L,0x04042022L,
+        0x00000800L,0x04000800L,0x00040800L,0x04040800L,
+        0x00000802L,0x04000802L,0x00040802L,0x04040802L,
+        0x00002800L,0x04002800L,0x00042800L,0x04042800L,
+        0x00002802L,0x04002802L,0x00042802L,0x04042802L,
+        0x00000820L,0x04000820L,0x00040820L,0x04040820L,
+        0x00000822L,0x04000822L,0x00040822L,0x04040822L,
+        0x00002820L,0x04002820L,0x00042820L,0x04042820L,
+        0x00002822L,0x04002822L,0x00042822L,0x04042822L,
+        }};
+
+int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule)
+        {
+        if (FIPS_selftest_failed())
+                return -3;
+        if (DES_check_key)
+                {
+                return DES_set_key_checked(key, schedule);
+                }
+        else
+                {
+                DES_set_key_unchecked(key, schedule);
+                return 0;
+                }
+        }
+
+/* return 0 if key parity is odd (correct),
+ * return -1 if key parity error,
+ * return -2 if illegal weak key.
+ */
+int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule)
+        {
+        if (!DES_check_key_parity(key))
+                return(-1);
+        if (DES_is_weak_key(key))
+                return(-2);
+        if (FIPS_selftest_failed())
+                return -3;
+
+        DES_set_key_unchecked(key, schedule);
+        return 0;
+        }
+
+void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule)
+        {
+        static int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
+        register DES_LONG c,d,t,s,t2;
+        register const unsigned char *in;
+        register DES_LONG *k;
+        register int i;
+
+#ifdef OPENBSD_DEV_CRYPTO
+        memcpy(schedule->key,key,sizeof schedule->key);
+        schedule->session=NULL;
+#endif
+        k = &schedule->ks->deslong[0];
+        in = &(*key)[0];
+
+        c2l(in,c);
+        c2l(in,d);
+
+        /* do PC1 in 47 simple operations :-)
+         * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
+         * for the inspiration. :-) */
+        PERM_OP (d,c,t,4,0x0f0f0f0fL);
+        HPERM_OP(c,t,-2,0xcccc0000L);
+        HPERM_OP(d,t,-2,0xcccc0000L);
+        PERM_OP (d,c,t,1,0x55555555L);
+        PERM_OP (c,d,t,8,0x00ff00ffL);
+        PERM_OP (d,c,t,1,0x55555555L);
+        d=      (((d&0x000000ffL)<<16L)| (d&0x0000ff00L)     |
+                 ((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L));
+        c&=0x0fffffffL;
+
+        for (i=0; i<ITERATIONS; i++)
+                {
+                if (shifts2[i])
+                        { c=((c>>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); }
+                else
+                        { c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); }
+                c&=0x0fffffffL;
+                d&=0x0fffffffL;
+                /* could be a few less shifts but I am to lazy at this
+                 * point in time to investigate */
+                s=      des_skb[0][ (c    )&0x3f                ]|
+                        des_skb[1][((c>> 6L)&0x03)|((c>> 7L)&0x3c)]|
+                        des_skb[2][((c>>13L)&0x0f)|((c>>14L)&0x30)]|
+                        des_skb[3][((c>>20L)&0x01)|((c>>21L)&0x06) |
+                                                  ((c>>22L)&0x38)];
+                t=      des_skb[4][ (d    )&0x3f                ]|
+                        des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]|
+                        des_skb[6][ (d>>15L)&0x3f                ]|
+                        des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)];
+
+                /* table contained 0213 4657 */
+                t2=((t<<16L)|(s&0x0000ffffL))&0xffffffffL;
+                *(k++)=ROTATE(t2,30)&0xffffffffL;
+
+                t2=((s>>16L)|(t&0xffff0000L));
+                *(k++)=ROTATE(t2,26)&0xffffffffL;
+                }
+        }
+
+int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule)
+        {
+        return(DES_set_key(key,schedule));
+        }
+/*
+#undef des_fixup_key_parity
+void des_fixup_key_parity(des_cblock *key)
+        {
+        des_set_odd_parity(key);
+        }
+*/
+
+#endif /* def OPENSSL_FIPS */
diff --git a/src/lib/libssl/src/fips/dh/fingerprint.sha1 b/src/lib/libssl/src/fips/dh/fingerprint.sha1
new file mode 100644
index 0000000000..6896d38649
--- /dev/null
+++ b/src/lib/libssl/src/fips/dh/fingerprint.sha1
@@ -0,0 +1,3 @@
+HMAC-SHA1(fips_dh_check.c)= 63347e2007e224381d4a7b6d871633889de72cf3
+HMAC-SHA1(fips_dh_gen.c)= 93fe69b758ca9d70d70cda1c57fff4eb5c668e85
+HMAC-SHA1(fips_dh_key.c)= 7bf23b329a776953bbe7c30ebd7f9faf5249ddbe
diff --git a/src/lib/libssl/src/fips/dsa/fingerprint.sha1 b/src/lib/libssl/src/fips/dsa/fingerprint.sha1
new file mode 100644
index 0000000000..4a89db5cf3
--- /dev/null
+++ b/src/lib/libssl/src/fips/dsa/fingerprint.sha1
@@ -0,0 +1,3 @@
+HMAC-SHA1(fips_dsa_ossl.c)= d5f718695397fe56d6bb46f7c410794cb895e206
+HMAC-SHA1(fips_dsa_gen.c)= c252db14699f3ff641db052311da7d7521569c53
+HMAC-SHA1(fips_dsa_selftest.c)= 4bfc5d3a6b977527b053f3a03d0760a822a26135
diff --git a/src/lib/libssl/src/fips/fingerprint.sha1 b/src/lib/libssl/src/fips/fingerprint.sha1
new file mode 100644
index 0000000000..1af4792eb1
--- /dev/null
+++ b/src/lib/libssl/src/fips/fingerprint.sha1
@@ -0,0 +1,4 @@
+HMAC-SHA1(fips.c)= 4eef19c535c1f3deacdf93eb806479ea3b374115
+HMAC-SHA1(fips_err_wrapper.c)= d3e2be316062510312269e98f964cb87e7577898
+HMAC-SHA1(fips.h)= fbedad5dbd8986ddd521ea576bf2a20e6881540a
+HMAC-SHA1(fips_err.h)= 4a73f2a88e206f1f88edfd9b26609a0eed818491
diff --git a/src/lib/libssl/src/fips/fips_check_sha1 b/src/lib/libssl/src/fips/fips_check_sha1
new file mode 100755
index 0000000000..d60404a51c
--- /dev/null
+++ b/src/lib/libssl/src/fips/fips_check_sha1
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+FP=$1
+shift
+
+egrep 'define OPENSSL_FIPS' $TOP/include/openssl/opensslconf.h > /dev/null || exit 0
+
+$TOP/fips/sha1/fips_standalone_sha1 $@ | diff -w $FP - || { echo; echo "*** Your source code does not match the FIPS validated source ***"; echo; exit 1; }
diff --git a/src/lib/libssl/src/fips/fips_err.h b/src/lib/libssl/src/fips/fips_err.h
new file mode 100644
index 0000000000..d643c9f55f
--- /dev/null
+++ b/src/lib/libssl/src/fips/fips_err.h
@@ -0,0 +1,118 @@
+/* fips/fips_err.h */
+/* ====================================================================
+ * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/fips.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+static ERR_STRING_DATA FIPS_str_functs[]=
+        {
+{ERR_PACK(0,FIPS_F_DSA_DO_SIGN,0),      "DSA_do_sign"},
+{ERR_PACK(0,FIPS_F_DSA_DO_VERIFY,0),    "DSA_do_verify"},
+{ERR_PACK(0,FIPS_F_DSA_GENERATE_PARAMETERS,0),  "DSA_generate_parameters"},
+{ERR_PACK(0,FIPS_F_FIPS_CHECK_DSA,0),   "FIPS_CHECK_DSA"},
+{ERR_PACK(0,FIPS_F_FIPS_CHECK_EXE,0),   "FIPS_CHECK_EXE"},
+{ERR_PACK(0,FIPS_F_FIPS_CHECK_RSA,0),   "FIPS_CHECK_RSA"},
+{ERR_PACK(0,FIPS_F_FIPS_DSA_CHECK,0),   "FIPS_dsa_check"},
+{ERR_PACK(0,FIPS_F_FIPS_MODE_SET,0),    "FIPS_mode_set"},
+{ERR_PACK(0,FIPS_F_FIPS_SELFTEST_AES,0),        "FIPS_selftest_aes"},
+{ERR_PACK(0,FIPS_F_FIPS_SELFTEST_DES,0),        "FIPS_selftest_des"},
+{ERR_PACK(0,FIPS_F_FIPS_SELFTEST_DSA,0),        "FIPS_selftest_dsa"},
+{ERR_PACK(0,FIPS_F_FIPS_SELFTEST_RSA,0),        "FIPS_selftest_rsa"},
+{ERR_PACK(0,FIPS_F_FIPS_SELFTEST_SHA1,0),       "FIPS_selftest_sha1"},
+{ERR_PACK(0,FIPS_F_HASH_FINAL,0),       "HASH_FINAL"},
+{ERR_PACK(0,FIPS_F_DH_GENERATE_PARAMETERS,0),   "DH_generate_parameters"},
+{ERR_PACK(0,FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,0),   "RSA_EAY_PUBLIC_ENCRYPT"},
+{ERR_PACK(0,FIPS_F_RSA_GENERATE_KEY,0), "RSA_generate_key"},
+{ERR_PACK(0,FIPS_F_SSLEAY_RAND_BYTES,0),        "SSLEAY_RAND_BYTES"},
+{0,NULL}
+        };
+
+static ERR_STRING_DATA FIPS_str_reasons[]=
+        {
+{FIPS_R_CANNOT_READ_EXE                  ,"cannot read exe"},
+{FIPS_R_CANNOT_READ_EXE_DIGEST           ,"cannot read exe digest"},
+{FIPS_R_EXE_DIGEST_DOES_NOT_MATCH        ,"exe digest does not match"},
+{FIPS_R_FIPS_MODE_ALREADY_SET            ,"fips mode already set"},
+{FIPS_R_FIPS_SELFTEST_FAILED             ,"fips selftest failed"},
+{FIPS_R_NON_FIPS_METHOD                  ,"non fips method"},
+{FIPS_R_PAIRWISE_TEST_FAILED             ,"pairwise test failed"},
+{FIPS_R_SELFTEST_FAILED                  ,"selftest failed"},
+{0,NULL}
+        };
+
+#endif
+
+void ERR_load_FIPS_strings(void)
+        {
+        static int init=1;
+
+        if (init)
+                {
+                init=0;
+#ifndef OPENSSL_NO_ERR
+                ERR_load_strings(ERR_LIB_FIPS,FIPS_str_functs);
+                ERR_load_strings(ERR_LIB_FIPS,FIPS_str_reasons);
+#endif
+
+                }
+        }
diff --git a/src/lib/libssl/src/fips/fips_err_wrapper.c b/src/lib/libssl/src/fips/fips_err_wrapper.c
new file mode 100644
index 0000000000..09f11748f6
--- /dev/null
+++ b/src/lib/libssl/src/fips/fips_err_wrapper.c
@@ -0,0 +1,7 @@
+#include <openssl/opensslconf.h>
+
+#ifdef OPENSSL_FIPS
+# include "fips_err.h"
+#else
+static void *dummy=&dummy;
+#endif
diff --git a/src/lib/libssl/src/fips/fips_make_sha1 b/src/lib/libssl/src/fips/fips_make_sha1
new file mode 100755
index 0000000000..a326ea3a07
--- /dev/null
+++ b/src/lib/libssl/src/fips/fips_make_sha1
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+S=`pwd`/fips/sha1/fips_standalone_sha1
+
+cd fips/sha1
+$S fips_sha1dgst.c fips_sha1_selftest.c  asm/sx86-elf.s fips_standalone_sha1.c fips_sha_locl.h fips_md32_common.h > standalone.sha1
+
+cd ..
+$S fips.c fips_err_wrapper.c fips.h fips_err.h > fingerprint.sha1
+
+cd rand
+$S fips_rand.c fips_rand.h > fingerprint.sha1
+
+cd ../sha1
+$S fips_sha1dgst.c fips_sha1_selftest.c asm/sx86-elf.s fips_sha_locl.h fips_md32_common.h > fingerprint.sha1
+
+cd ../aes
+$S fips_aes_core.c fips_aes_selftest.c fips_aes_locl.h > fingerprint.sha1
+
+cd ../dsa
+$S fips_dsa_ossl.c fips_dsa_gen.c fips_dsa_selftest.c > fingerprint.sha1
+
+cd ../des
+$S fips_des_enc.c asm/fips-dx86-elf.s fips_des_selftest.c fips_set_key.c fips_des_locl.h > fingerprint.sha1
+
+cd ../rsa
+$S fips_rsa_eay.c fips_rsa_gen.c fips_rsa_selftest.c > fingerprint.sha1
+
+cd ../dh
+$S fips_dh_check.c fips_dh_gen.c fips_dh_key.c > fingerprint.sha1
diff --git a/src/lib/libssl/src/fips/rand/fingerprint.sha1 b/src/lib/libssl/src/fips/rand/fingerprint.sha1
new file mode 100644
index 0000000000..0b1d91104f
--- /dev/null
+++ b/src/lib/libssl/src/fips/rand/fingerprint.sha1
@@ -0,0 +1,2 @@
+HMAC-SHA1(fips_rand.c)= 5dc4aa11c0377a049bee01d427e5b0bc3dd9f10f
+HMAC-SHA1(fips_rand.h)= 0567b1fe9b0efe034a537f335659b0b681809791
diff --git a/src/lib/libssl/src/fips/rsa/fingerprint.sha1 b/src/lib/libssl/src/fips/rsa/fingerprint.sha1
new file mode 100644
index 0000000000..569434700c
--- /dev/null
+++ b/src/lib/libssl/src/fips/rsa/fingerprint.sha1
@@ -0,0 +1,3 @@
+HMAC-SHA1(fips_rsa_eay.c)= eabab59a2f11f3da4c21e1144efe1684f5e8f1ec
+HMAC-SHA1(fips_rsa_gen.c)= 4bbc0afcade1ac53f469aaa89f84c413678254bf
+HMAC-SHA1(fips_rsa_selftest.c)= 70553a5212e86f65b068564946d39b738a201e22
diff --git a/src/lib/libssl/src/fips/sha1/Makefile b/src/lib/libssl/src/fips/sha1/Makefile
new file mode 100644
index 0000000000..1fa25b32be
--- /dev/null
+++ b/src/lib/libssl/src/fips/sha1/Makefile
@@ -0,0 +1,157 @@
+#
+# SSLeay/fips/sha1/Makefile
+#
+
+DIR=    sha1
+TOP=    ../..
+CC=     cc
+INCLUDES=
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST= fips_sha1test.c
+TESTDATA= sha1vectors.txt sha1hashes.txt
+APPS=
+EXE= fips_standalone_sha1
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=fips_sha1dgst.c fips_sha1_selftest.c asm/sx86-elf.s
+LIBOBJ=fips_sha1dgst.o fips_sha1_selftest.o $(FIPS_SHA1_ASM_OBJ)
+
+SRC= $(LIBSRC) fips_standalone_sha1.c
+
+EXHEADER=
+HEADER= $(EXHEADER) fips_sha_locl.h fips_md32_common.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd $(TOP); $(MAKE) DIRS=fips SDIRS=$(DIR) sub_all)
+
+all:    check_standalone check lib
+
+check:
+        TOP=`pwd`/$(TOP) ../fips_check_sha1 fingerprint.sha1 $(LIBSRC) $(HEADER)
+
+check_standalone: fips_standalone_sha1
+        TOP=`pwd`/$(TOP) ../fips_check_sha1 standalone.sha1 $(SRC) $(HEADER)
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @sleep 2; touch lib
+
+fips_standalone_sha1: fips_standalone_sha1.o fips_sha1dgst.o $(FIPS_SHA1_ASM_OBJ)
+        $(CC) -o fips_standalone_sha1 $(CFLAGS) fips_standalone_sha1.o \
+        fips_sha1dgst.o $(FIPS_SHA1_ASM_OBJ)
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+        @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST)
+        cp $(TESTDATA) $(TOP)/test
+        @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS)
+
+install:
+        @headerlist="$(EXHEADER)"; for i in $$headerlist; \
+        do  \
+          (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+          chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+top_fips_sha1test:
+        (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) TARGET=fips_sha1test sub_target)
+
+fips_sha1test: fips_sha1test.o $(TOP)/libcrypto.a
+        $(CC) $(CFLAGS) -o fips_sha1test fips_sha1test.o $(PEX_LIBS) $(TOP)/libcrypto.a $(EX_LIBS)
+        TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a fips_sha1test
+
+fips_test: top_fips_sha1test
+        -rm -rf ../testvectors/sha1/rsp
+        mkdir ../testvectors/sha1/rsp
+        ./fips_sha1test ../testvectors/sha1/req/sha.req  > ../testvectors/sha1/rsp/sha.rsp
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(SRC) $(TEST)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE)
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+fips_sha1_selftest.o: ../../include/openssl/bio.h
+fips_sha1_selftest.o: ../../include/openssl/crypto.h
+fips_sha1_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+fips_sha1_selftest.o: ../../include/openssl/fips.h
+fips_sha1_selftest.o: ../../include/openssl/lhash.h
+fips_sha1_selftest.o: ../../include/openssl/opensslconf.h
+fips_sha1_selftest.o: ../../include/openssl/opensslv.h
+fips_sha1_selftest.o: ../../include/openssl/safestack.h
+fips_sha1_selftest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+fips_sha1_selftest.o: ../../include/openssl/symhacks.h fips_sha1_selftest.c
+fips_sha1dgst.o: ../../include/openssl/opensslconf.h
+fips_sha1dgst.o: ../../include/openssl/opensslv.h fips_sha1dgst.c
+fips_sha1test.o: ../../e_os.h ../../include/openssl/bio.h
+fips_sha1test.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+fips_sha1test.o: ../../include/openssl/err.h ../../include/openssl/fips.h
+fips_sha1test.o: ../../include/openssl/lhash.h
+fips_sha1test.o: ../../include/openssl/opensslconf.h
+fips_sha1test.o: ../../include/openssl/opensslv.h
+fips_sha1test.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+fips_sha1test.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+fips_sha1test.o: fips_sha1test.c
+fips_standalone_sha1.o: ../../include/openssl/aes.h
+fips_standalone_sha1.o: ../../include/openssl/asn1.h
+fips_standalone_sha1.o: ../../include/openssl/bio.h
+fips_standalone_sha1.o: ../../include/openssl/blowfish.h
+fips_standalone_sha1.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
+fips_standalone_sha1.o: ../../include/openssl/crypto.h
+fips_standalone_sha1.o: ../../include/openssl/des.h
+fips_standalone_sha1.o: ../../include/openssl/des_old.h
+fips_standalone_sha1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+fips_standalone_sha1.o: ../../include/openssl/e_os2.h
+fips_standalone_sha1.o: ../../include/openssl/evp.h
+fips_standalone_sha1.o: ../../include/openssl/hmac.h
+fips_standalone_sha1.o: ../../include/openssl/idea.h
+fips_standalone_sha1.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+fips_standalone_sha1.o: ../../include/openssl/md5.h
+fips_standalone_sha1.o: ../../include/openssl/mdc2.h
+fips_standalone_sha1.o: ../../include/openssl/obj_mac.h
+fips_standalone_sha1.o: ../../include/openssl/objects.h
+fips_standalone_sha1.o: ../../include/openssl/opensslconf.h
+fips_standalone_sha1.o: ../../include/openssl/opensslv.h
+fips_standalone_sha1.o: ../../include/openssl/ossl_typ.h
+fips_standalone_sha1.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+fips_standalone_sha1.o: ../../include/openssl/rc5.h
+fips_standalone_sha1.o: ../../include/openssl/ripemd.h
+fips_standalone_sha1.o: ../../include/openssl/rsa.h
+fips_standalone_sha1.o: ../../include/openssl/safestack.h
+fips_standalone_sha1.o: ../../include/openssl/sha.h
+fips_standalone_sha1.o: ../../include/openssl/stack.h
+fips_standalone_sha1.o: ../../include/openssl/symhacks.h
+fips_standalone_sha1.o: ../../include/openssl/ui.h
+fips_standalone_sha1.o: ../../include/openssl/ui_compat.h
+fips_standalone_sha1.o: fips_standalone_sha1.c
diff --git a/src/lib/libssl/src/fips/sha1/asm/sx86-elf.s b/src/lib/libssl/src/fips/sha1/asm/sx86-elf.s
new file mode 100644
index 0000000000..2a4d98791d
--- /dev/null
+++ b/src/lib/libssl/src/fips/sha1/asm/sx86-elf.s
@@ -0,0 +1,1568 @@
+
+
+
+
+
+
+        .file   "sha1-586.s"
+        .version        "01.01"
+gcc2_compiled.:
+.text
+        .align 16
+.globl sha1_block_asm_data_order
+        .type   sha1_block_asm_data_order,@function
+sha1_block_asm_data_order:
+        movl    12(%esp),       %ecx
+        pushl   %esi
+        sall    $6,             %ecx
+        movl    12(%esp),       %esi
+        pushl   %ebp
+        addl    %esi,           %ecx
+        pushl   %ebx
+        movl    16(%esp),       %ebp
+        pushl   %edi
+        movl    12(%ebp),       %edx
+        subl    $108,           %esp
+        movl    16(%ebp),       %edi
+        movl    8(%ebp),        %ebx
+        movl    %ecx,           68(%esp)
+
+.L000start:
+
+        movl    (%esi),         %eax
+        movl    4(%esi),        %ecx
+
+        xchgb   %al,            %ah
+        rorl    $16,            %eax
+        xchgb   %al,            %ah
+
+        xchgb   %cl,            %ch
+        rorl    $16,            %ecx
+        xchgb   %cl,            %ch
+        movl    %eax,           (%esp)
+        movl    %ecx,           4(%esp)
+        movl    8(%esi),        %eax
+        movl    12(%esi),       %ecx
+
+        xchgb   %al,            %ah
+        rorl    $16,            %eax
+        xchgb   %al,            %ah
+
+        xchgb   %cl,            %ch
+        rorl    $16,            %ecx
+        xchgb   %cl,            %ch
+        movl    %eax,           8(%esp)
+        movl    %ecx,           12(%esp)
+        movl    16(%esi),       %eax
+        movl    20(%esi),       %ecx
+
+        xchgb   %al,            %ah
+        rorl    $16,            %eax
+        xchgb   %al,            %ah
+
+        xchgb   %cl,            %ch
+        rorl    $16,            %ecx
+        xchgb   %cl,            %ch
+        movl    %eax,           16(%esp)
+        movl    %ecx,           20(%esp)
+        movl    24(%esi),       %eax
+        movl    28(%esi),       %ecx
+
+        xchgb   %al,            %ah
+        rorl    $16,            %eax
+        xchgb   %al,            %ah
+
+        xchgb   %cl,            %ch
+        rorl    $16,            %ecx
+        xchgb   %cl,            %ch
+        movl    %eax,           24(%esp)
+        movl    %ecx,           28(%esp)
+        movl    32(%esi),       %eax
+        movl    36(%esi),       %ecx
+
+        xchgb   %al,            %ah
+        rorl    $16,            %eax
+        xchgb   %al,            %ah
+
+        xchgb   %cl,            %ch
+        rorl    $16,            %ecx
+        xchgb   %cl,            %ch
+        movl    %eax,           32(%esp)
+        movl    %ecx,           36(%esp)
+        movl    40(%esi),       %eax
+        movl    44(%esi),       %ecx
+
+        xchgb   %al,            %ah
+        rorl    $16,            %eax
+        xchgb   %al,            %ah
+
+        xchgb   %cl,            %ch
+        rorl    $16,            %ecx
+        xchgb   %cl,            %ch
+        movl    %eax,           40(%esp)
+        movl    %ecx,           44(%esp)
+        movl    48(%esi),       %eax
+        movl    52(%esi),       %ecx
+
+        xchgb   %al,            %ah
+        rorl    $16,            %eax
+        xchgb   %al,            %ah
+
+        xchgb   %cl,            %ch
+        rorl    $16,            %ecx
+        xchgb   %cl,            %ch
+        movl    %eax,           48(%esp)
+        movl    %ecx,           52(%esp)
+        movl    56(%esi),       %eax
+        movl    60(%esi),       %ecx
+
+        xchgb   %al,            %ah
+        rorl    $16,            %eax
+        xchgb   %al,            %ah
+
+        xchgb   %cl,            %ch
+        rorl    $16,            %ecx
+        xchgb   %cl,            %ch
+        movl    %eax,           56(%esp)
+        movl    %ecx,           60(%esp)
+
+
+        movl    %esi,           132(%esp)
+.L001shortcut:
+
+
+        movl    (%ebp),         %eax
+        movl    4(%ebp),        %ecx
+
+        movl    %eax,           %ebp
+        movl    %ebx,           %esi
+        roll    $5,             %ebp
+        xorl    %edx,           %esi
+        andl    %ecx,           %esi
+        rorl    $2,             %ecx
+        addl    %edi,           %ebp
+        movl    (%esp),         %edi
+        xorl    %edx,           %esi
+        leal    1518500249(%ebp,%edi,1),%ebp
+        addl    %ebp,           %esi
+
+        movl    %esi,           %ebp
+        movl    %ecx,           %edi
+        roll    $5,             %ebp
+        xorl    %ebx,           %edi
+        andl    %eax,           %edi
+        rorl    $2,             %eax
+        addl    %edx,           %ebp
+        movl    4(%esp),        %edx
+        xorl    %ebx,           %edi
+        leal    1518500249(%ebp,%edx,1),%ebp
+        addl    %ebp,           %edi
+
+        movl    %edi,           %ebp
+        movl    %eax,           %edx
+        roll    $5,             %ebp
+        xorl    %ecx,           %edx
+        andl    %esi,           %edx
+        rorl    $2,             %esi
+        addl    %ebx,           %ebp
+        movl    8(%esp),        %ebx
+        xorl    %ecx,           %edx
+        leal    1518500249(%ebp,%ebx,1),%ebp
+        addl    %ebp,           %edx
+
+        movl    %edx,           %ebp
+        movl    %esi,           %ebx
+        roll    $5,             %ebp
+        xorl    %eax,           %ebx
+        andl    %edi,           %ebx
+        rorl    $2,             %edi
+        addl    %ecx,           %ebp
+        movl    12(%esp),       %ecx
+        xorl    %eax,           %ebx
+        leal    1518500249(%ebp,%ecx,1),%ebp
+        addl    %ebp,           %ebx
+
+        movl    %ebx,           %ebp
+        movl    %edi,           %ecx
+        roll    $5,             %ebp
+        xorl    %esi,           %ecx
+        andl    %edx,           %ecx
+        rorl    $2,             %edx
+        addl    %eax,           %ebp
+        movl    16(%esp),       %eax
+        xorl    %esi,           %ecx
+        leal    1518500249(%ebp,%eax,1),%ebp
+        addl    %ebp,           %ecx
+
+        movl    %ecx,           %ebp
+        movl    %edx,           %eax
+        roll    $5,             %ebp
+        xorl    %edi,           %eax
+        andl    %ebx,           %eax
+        rorl    $2,             %ebx
+        addl    %esi,           %ebp
+        movl    20(%esp),       %esi
+        xorl    %edi,           %eax
+        leal    1518500249(%ebp,%esi,1),%ebp
+        addl    %ebp,           %eax
+
+        movl    %eax,           %ebp
+        movl    %ebx,           %esi
+        roll    $5,             %ebp
+        xorl    %edx,           %esi
+        andl    %ecx,           %esi
+        rorl    $2,             %ecx
+        addl    %edi,           %ebp
+        movl    24(%esp),       %edi
+        xorl    %edx,           %esi
+        leal    1518500249(%ebp,%edi,1),%ebp
+        addl    %ebp,           %esi
+
+        movl    %esi,           %ebp
+        movl    %ecx,           %edi
+        roll    $5,             %ebp
+        xorl    %ebx,           %edi
+        andl    %eax,           %edi
+        rorl    $2,             %eax
+        addl    %edx,           %ebp
+        movl    28(%esp),       %edx
+        xorl    %ebx,           %edi
+        leal    1518500249(%ebp,%edx,1),%ebp
+        addl    %ebp,           %edi
+
+        movl    %edi,           %ebp
+        movl    %eax,           %edx
+        roll    $5,             %ebp
+        xorl    %ecx,           %edx
+        andl    %esi,           %edx
+        rorl    $2,             %esi
+        addl    %ebx,           %ebp
+        movl    32(%esp),       %ebx
+        xorl    %ecx,           %edx
+        leal    1518500249(%ebp,%ebx,1),%ebp
+        addl    %ebp,           %edx
+
+        movl    %edx,           %ebp
+        movl    %esi,           %ebx
+        roll    $5,             %ebp
+        xorl    %eax,           %ebx
+        andl    %edi,           %ebx
+        rorl    $2,             %edi
+        addl    %ecx,           %ebp
+        movl    36(%esp),       %ecx
+        xorl    %eax,           %ebx
+        leal    1518500249(%ebp,%ecx,1),%ebp
+        addl    %ebp,           %ebx
+
+        movl    %ebx,           %ebp
+        movl    %edi,           %ecx
+        roll    $5,             %ebp
+        xorl    %esi,           %ecx
+        andl    %edx,           %ecx
+        rorl    $2,             %edx
+        addl    %eax,           %ebp
+        movl    40(%esp),       %eax
+        xorl    %esi,           %ecx
+        leal    1518500249(%ebp,%eax,1),%ebp
+        addl    %ebp,           %ecx
+
+        movl    %ecx,           %ebp
+        movl    %edx,           %eax
+        roll    $5,             %ebp
+        xorl    %edi,           %eax
+        andl    %ebx,           %eax
+        rorl    $2,             %ebx
+        addl    %esi,           %ebp
+        movl    44(%esp),       %esi
+        xorl    %edi,           %eax
+        leal    1518500249(%ebp,%esi,1),%ebp
+        addl    %ebp,           %eax
+
+        movl    %eax,           %ebp
+        movl    %ebx,           %esi
+        roll    $5,             %ebp
+        xorl    %edx,           %esi
+        andl    %ecx,           %esi
+        rorl    $2,             %ecx
+        addl    %edi,           %ebp
+        movl    48(%esp),       %edi
+        xorl    %edx,           %esi
+        leal    1518500249(%ebp,%edi,1),%ebp
+        addl    %ebp,           %esi
+
+        movl    %esi,           %ebp
+        movl    %ecx,           %edi
+        roll    $5,             %ebp
+        xorl    %ebx,           %edi
+        andl    %eax,           %edi
+        rorl    $2,             %eax
+        addl    %edx,           %ebp
+        movl    52(%esp),       %edx
+        xorl    %ebx,           %edi
+        leal    1518500249(%ebp,%edx,1),%ebp
+        addl    %ebp,           %edi
+
+        movl    %edi,           %ebp
+        movl    %eax,           %edx
+        roll    $5,             %ebp
+        xorl    %ecx,           %edx
+        andl    %esi,           %edx
+        rorl    $2,             %esi
+        addl    %ebx,           %ebp
+        movl    56(%esp),       %ebx
+        xorl    %ecx,           %edx
+        leal    1518500249(%ebp,%ebx,1),%ebp
+        addl    %ebp,           %edx
+
+        movl    %edx,           %ebp
+        movl    %esi,           %ebx
+        roll    $5,             %ebp
+        xorl    %eax,           %ebx
+        andl    %edi,           %ebx
+        rorl    $2,             %edi
+        addl    %ecx,           %ebp
+        movl    60(%esp),       %ecx
+        xorl    %eax,           %ebx
+        leal    1518500249(%ebp,%ecx,1),%ebp
+        addl    %ebp,           %ebx
+
+        movl    8(%esp),        %ecx
+        movl    %edi,           %ebp
+        xorl    (%esp),         %ecx
+        xorl    %esi,           %ebp
+        xorl    32(%esp),       %ecx
+        andl    %edx,           %ebp
+        xorl    52(%esp),       %ecx
+        rorl    $2,             %edx
+        xorl    %esi,           %ebp
+.byte 209
+.byte 193       
+        movl    %ecx,           (%esp)
+        leal    1518500249(%ecx,%eax,1),%ecx
+        movl    %ebx,           %eax
+        addl    %ebp,           %ecx
+        roll    $5,             %eax
+        addl    %eax,           %ecx
+
+        movl    12(%esp),       %eax
+        movl    %edx,           %ebp
+        xorl    4(%esp),        %eax
+        xorl    %edi,           %ebp
+        xorl    36(%esp),       %eax
+        andl    %ebx,           %ebp
+        xorl    56(%esp),       %eax
+        rorl    $2,             %ebx
+        xorl    %edi,           %ebp
+.byte 209
+.byte 192       
+        movl    %eax,           4(%esp)
+        leal    1518500249(%eax,%esi,1),%eax
+        movl    %ecx,           %esi
+        addl    %ebp,           %eax
+        roll    $5,             %esi
+        addl    %esi,           %eax
+
+        movl    16(%esp),       %esi
+        movl    %ebx,           %ebp
+        xorl    8(%esp),        %esi
+        xorl    %edx,           %ebp
+        xorl    40(%esp),       %esi
+        andl    %ecx,           %ebp
+        xorl    60(%esp),       %esi
+        rorl    $2,             %ecx
+        xorl    %edx,           %ebp
+.byte 209
+.byte 198       
+        movl    %esi,           8(%esp)
+        leal    1518500249(%esi,%edi,1),%esi
+        movl    %eax,           %edi
+        addl    %ebp,           %esi
+        roll    $5,             %edi
+        addl    %edi,           %esi
+
+        movl    20(%esp),       %edi
+        movl    %ecx,           %ebp
+        xorl    12(%esp),       %edi
+        xorl    %ebx,           %ebp
+        xorl    44(%esp),       %edi
+        andl    %eax,           %ebp
+        xorl    (%esp),         %edi
+        rorl    $2,             %eax
+        xorl    %ebx,           %ebp
+.byte 209
+.byte 199       
+        movl    %edi,           12(%esp)
+        leal    1518500249(%edi,%edx,1),%edi
+        movl    %esi,           %edx
+        addl    %ebp,           %edi
+        roll    $5,             %edx
+        addl    %edx,           %edi
+
+        movl    16(%esp),       %edx
+        movl    %esi,           %ebp
+        xorl    24(%esp),       %edx
+        rorl    $2,             %esi
+        xorl    48(%esp),       %edx
+        xorl    %eax,           %ebp
+        xorl    4(%esp),        %edx
+        xorl    %ecx,           %ebp
+.byte 209
+.byte 194       
+        movl    %edx,           16(%esp)
+        leal    1859775393(%edx,%ebx,1),%edx
+        movl    %edi,           %ebx
+        roll    $5,             %ebx
+        addl    %ebp,           %edx
+        addl    %ebx,           %edx
+
+        movl    20(%esp),       %ebx
+        movl    %edi,           %ebp
+        xorl    28(%esp),       %ebx
+        rorl    $2,             %edi
+        xorl    52(%esp),       %ebx
+        xorl    %esi,           %ebp
+        xorl    8(%esp),        %ebx
+        xorl    %eax,           %ebp
+.byte 209
+.byte 195       
+        movl    %ebx,           20(%esp)
+        leal    1859775393(%ebx,%ecx,1),%ebx
+        movl    %edx,           %ecx
+        roll    $5,             %ecx
+        addl    %ebp,           %ebx
+        addl    %ecx,           %ebx
+
+        movl    24(%esp),       %ecx
+        movl    %edx,           %ebp
+        xorl    32(%esp),       %ecx
+        rorl    $2,             %edx
+        xorl    56(%esp),       %ecx
+        xorl    %edi,           %ebp
+        xorl    12(%esp),       %ecx
+        xorl    %esi,           %ebp
+.byte 209
+.byte 193       
+        movl    %ecx,           24(%esp)
+        leal    1859775393(%ecx,%eax,1),%ecx
+        movl    %ebx,           %eax
+        roll    $5,             %eax
+        addl    %ebp,           %ecx
+        addl    %eax,           %ecx
+
+        movl    28(%esp),       %eax
+        movl    %ebx,           %ebp
+        xorl    36(%esp),       %eax
+        rorl    $2,             %ebx
+        xorl    60(%esp),       %eax
+        xorl    %edx,           %ebp
+        xorl    16(%esp),       %eax
+        xorl    %edi,           %ebp
+.byte 209
+.byte 192       
+        movl    %eax,           28(%esp)
+        leal    1859775393(%eax,%esi,1),%eax
+        movl    %ecx,           %esi
+        roll    $5,             %esi
+        addl    %ebp,           %eax
+        addl    %esi,           %eax
+
+        movl    32(%esp),       %esi
+        movl    %ecx,           %ebp
+        xorl    40(%esp),       %esi
+        rorl    $2,             %ecx
+        xorl    (%esp),         %esi
+        xorl    %ebx,           %ebp
+        xorl    20(%esp),       %esi
+        xorl    %edx,           %ebp
+.byte 209
+.byte 198       
+        movl    %esi,           32(%esp)
+        leal    1859775393(%esi,%edi,1),%esi
+        movl    %eax,           %edi
+        roll    $5,             %edi
+        addl    %ebp,           %esi
+        addl    %edi,           %esi
+
+        movl    36(%esp),       %edi
+        movl    %eax,           %ebp
+        xorl    44(%esp),       %edi
+        rorl    $2,             %eax
+        xorl    4(%esp),        %edi
+        xorl    %ecx,           %ebp
+        xorl    24(%esp),       %edi
+        xorl    %ebx,           %ebp
+.byte 209
+.byte 199       
+        movl    %edi,           36(%esp)
+        leal    1859775393(%edi,%edx,1),%edi
+        movl    %esi,           %edx
+        roll    $5,             %edx
+        addl    %ebp,           %edi
+        addl    %edx,           %edi
+
+        movl    40(%esp),       %edx
+        movl    %esi,           %ebp
+        xorl    48(%esp),       %edx
+        rorl    $2,             %esi
+        xorl    8(%esp),        %edx
+        xorl    %eax,           %ebp
+        xorl    28(%esp),       %edx
+        xorl    %ecx,           %ebp
+.byte 209
+.byte 194       
+        movl    %edx,           40(%esp)
+        leal    1859775393(%edx,%ebx,1),%edx
+        movl    %edi,           %ebx
+        roll    $5,             %ebx
+        addl    %ebp,           %edx
+        addl    %ebx,           %edx
+
+        movl    44(%esp),       %ebx
+        movl    %edi,           %ebp
+        xorl    52(%esp),       %ebx
+        rorl    $2,             %edi
+        xorl    12(%esp),       %ebx
+        xorl    %esi,           %ebp
+        xorl    32(%esp),       %ebx
+        xorl    %eax,           %ebp
+.byte 209
+.byte 195       
+        movl    %ebx,           44(%esp)
+        leal    1859775393(%ebx,%ecx,1),%ebx
+        movl    %edx,           %ecx
+        roll    $5,             %ecx
+        addl    %ebp,           %ebx
+        addl    %ecx,           %ebx
+
+        movl    48(%esp),       %ecx
+        movl    %edx,           %ebp
+        xorl    56(%esp),       %ecx
+        rorl    $2,             %edx
+        xorl    16(%esp),       %ecx
+        xorl    %edi,           %ebp
+        xorl    36(%esp),       %ecx
+        xorl    %esi,           %ebp
+.byte 209
+.byte 193       
+        movl    %ecx,           48(%esp)
+        leal    1859775393(%ecx,%eax,1),%ecx
+        movl    %ebx,           %eax
+        roll    $5,             %eax
+        addl    %ebp,           %ecx
+        addl    %eax,           %ecx
+
+        movl    52(%esp),       %eax
+        movl    %ebx,           %ebp
+        xorl    60(%esp),       %eax
+        rorl    $2,             %ebx
+        xorl    20(%esp),       %eax
+        xorl    %edx,           %ebp
+        xorl    40(%esp),       %eax
+        xorl    %edi,           %ebp
+.byte 209
+.byte 192       
+        movl    %eax,           52(%esp)
+        leal    1859775393(%eax,%esi,1),%eax
+        movl    %ecx,           %esi
+        roll    $5,             %esi
+        addl    %ebp,           %eax
+        addl    %esi,           %eax
+
+        movl    56(%esp),       %esi
+        movl    %ecx,           %ebp
+        xorl    (%esp),         %esi
+        rorl    $2,             %ecx
+        xorl    24(%esp),       %esi
+        xorl    %ebx,           %ebp
+        xorl    44(%esp),       %esi
+        xorl    %edx,           %ebp
+.byte 209
+.byte 198       
+        movl    %esi,           56(%esp)
+        leal    1859775393(%esi,%edi,1),%esi
+        movl    %eax,           %edi
+        roll    $5,             %edi
+        addl    %ebp,           %esi
+        addl    %edi,           %esi
+
+        movl    60(%esp),       %edi
+        movl    %eax,           %ebp
+        xorl    4(%esp),        %edi
+        rorl    $2,             %eax
+        xorl    28(%esp),       %edi
+        xorl    %ecx,           %ebp
+        xorl    48(%esp),       %edi
+        xorl    %ebx,           %ebp
+.byte 209
+.byte 199       
+        movl    %edi,           60(%esp)
+        leal    1859775393(%edi,%edx,1),%edi
+        movl    %esi,           %edx
+        roll    $5,             %edx
+        addl    %ebp,           %edi
+        addl    %edx,           %edi
+
+        movl    (%esp),         %edx
+        movl    %esi,           %ebp
+        xorl    8(%esp),        %edx
+        rorl    $2,             %esi
+        xorl    32(%esp),       %edx
+        xorl    %eax,           %ebp
+        xorl    52(%esp),       %edx
+        xorl    %ecx,           %ebp
+.byte 209
+.byte 194       
+        movl    %edx,           (%esp)
+        leal    1859775393(%edx,%ebx,1),%edx
+        movl    %edi,           %ebx
+        roll    $5,             %ebx
+        addl    %ebp,           %edx
+        addl    %ebx,           %edx
+
+        movl    4(%esp),        %ebx
+        movl    %edi,           %ebp
+        xorl    12(%esp),       %ebx
+        rorl    $2,             %edi
+        xorl    36(%esp),       %ebx
+        xorl    %esi,           %ebp
+        xorl    56(%esp),       %ebx
+        xorl    %eax,           %ebp
+.byte 209
+.byte 195       
+        movl    %ebx,           4(%esp)
+        leal    1859775393(%ebx,%ecx,1),%ebx
+        movl    %edx,           %ecx
+        roll    $5,             %ecx
+        addl    %ebp,           %ebx
+        addl    %ecx,           %ebx
+
+        movl    8(%esp),        %ecx
+        movl    %edx,           %ebp
+        xorl    16(%esp),       %ecx
+        rorl    $2,             %edx
+        xorl    40(%esp),       %ecx
+        xorl    %edi,           %ebp
+        xorl    60(%esp),       %ecx
+        xorl    %esi,           %ebp
+.byte 209
+.byte 193       
+        movl    %ecx,           8(%esp)
+        leal    1859775393(%ecx,%eax,1),%ecx
+        movl    %ebx,           %eax
+        roll    $5,             %eax
+        addl    %ebp,           %ecx
+        addl    %eax,           %ecx
+
+        movl    12(%esp),       %eax
+        movl    %ebx,           %ebp
+        xorl    20(%esp),       %eax
+        rorl    $2,             %ebx
+        xorl    44(%esp),       %eax
+        xorl    %edx,           %ebp
+        xorl    (%esp),         %eax
+        xorl    %edi,           %ebp
+.byte 209
+.byte 192       
+        movl    %eax,           12(%esp)
+        leal    1859775393(%eax,%esi,1),%eax
+        movl    %ecx,           %esi
+        roll    $5,             %esi
+        addl    %ebp,           %eax
+        addl    %esi,           %eax
+
+        movl    16(%esp),       %esi
+        movl    %ecx,           %ebp
+        xorl    24(%esp),       %esi
+        rorl    $2,             %ecx
+        xorl    48(%esp),       %esi
+        xorl    %ebx,           %ebp
+        xorl    4(%esp),        %esi
+        xorl    %edx,           %ebp
+.byte 209
+.byte 198       
+        movl    %esi,           16(%esp)
+        leal    1859775393(%esi,%edi,1),%esi
+        movl    %eax,           %edi
+        roll    $5,             %edi
+        addl    %ebp,           %esi
+        addl    %edi,           %esi
+
+        movl    20(%esp),       %edi
+        movl    %eax,           %ebp
+        xorl    28(%esp),       %edi
+        rorl    $2,             %eax
+        xorl    52(%esp),       %edi
+        xorl    %ecx,           %ebp
+        xorl    8(%esp),        %edi
+        xorl    %ebx,           %ebp
+.byte 209
+.byte 199       
+        movl    %edi,           20(%esp)
+        leal    1859775393(%edi,%edx,1),%edi
+        movl    %esi,           %edx
+        roll    $5,             %edx
+        addl    %ebp,           %edi
+        addl    %edx,           %edi
+
+        movl    24(%esp),       %edx
+        movl    %esi,           %ebp
+        xorl    32(%esp),       %edx
+        rorl    $2,             %esi
+        xorl    56(%esp),       %edx
+        xorl    %eax,           %ebp
+        xorl    12(%esp),       %edx
+        xorl    %ecx,           %ebp
+.byte 209
+.byte 194       
+        movl    %edx,           24(%esp)
+        leal    1859775393(%edx,%ebx,1),%edx
+        movl    %edi,           %ebx
+        roll    $5,             %ebx
+        addl    %ebp,           %edx
+        addl    %ebx,           %edx
+
+        movl    28(%esp),       %ebx
+        movl    %edi,           %ebp
+        xorl    36(%esp),       %ebx
+        rorl    $2,             %edi
+        xorl    60(%esp),       %ebx
+        xorl    %esi,           %ebp
+        xorl    16(%esp),       %ebx
+        xorl    %eax,           %ebp
+.byte 209
+.byte 195       
+        movl    %ebx,           28(%esp)
+        leal    1859775393(%ebx,%ecx,1),%ebx
+        movl    %edx,           %ecx
+        roll    $5,             %ecx
+        addl    %ebp,           %ebx
+        addl    %ecx,           %ebx
+
+        movl    32(%esp),       %ecx
+        movl    %edx,           %ebp
+        xorl    40(%esp),       %ecx
+        orl     %edi,           %ebp
+        xorl    (%esp),         %ecx
+        andl    %esi,           %ebp
+        xorl    20(%esp),       %ecx
+.byte 209
+.byte 193       
+        movl    %ecx,           32(%esp)
+        leal    2400959708(%ecx,%eax,1),%ecx
+        movl    %edx,           %eax
+        rorl    $2,             %edx
+        andl    %edi,           %eax
+        orl     %eax,           %ebp
+        movl    %ebx,           %eax
+        roll    $5,             %eax
+        addl    %eax,           %ebp
+        addl    %ebp,           %ecx
+
+        movl    36(%esp),       %eax
+        movl    %ebx,           %ebp
+        xorl    44(%esp),       %eax
+        orl     %edx,           %ebp
+        xorl    4(%esp),        %eax
+        andl    %edi,           %ebp
+        xorl    24(%esp),       %eax
+.byte 209
+.byte 192       
+        movl    %eax,           36(%esp)
+        leal    2400959708(%eax,%esi,1),%eax
+        movl    %ebx,           %esi
+        rorl    $2,             %ebx
+        andl    %edx,           %esi
+        orl     %esi,           %ebp
+        movl    %ecx,           %esi
+        roll    $5,             %esi
+        addl    %esi,           %ebp
+        addl    %ebp,           %eax
+
+        movl    40(%esp),       %esi
+        movl    %ecx,           %ebp
+        xorl    48(%esp),       %esi
+        orl     %ebx,           %ebp
+        xorl    8(%esp),        %esi
+        andl    %edx,           %ebp
+        xorl    28(%esp),       %esi
+.byte 209
+.byte 198       
+        movl    %esi,           40(%esp)
+        leal    2400959708(%esi,%edi,1),%esi
+        movl    %ecx,           %edi
+        rorl    $2,             %ecx
+        andl    %ebx,           %edi
+        orl     %edi,           %ebp
+        movl    %eax,           %edi
+        roll    $5,             %edi
+        addl    %edi,           %ebp
+        addl    %ebp,           %esi
+
+        movl    44(%esp),       %edi
+        movl    %eax,           %ebp
+        xorl    52(%esp),       %edi
+        orl     %ecx,           %ebp
+        xorl    12(%esp),       %edi
+        andl    %ebx,           %ebp
+        xorl    32(%esp),       %edi
+.byte 209
+.byte 199       
+        movl    %edi,           44(%esp)
+        leal    2400959708(%edi,%edx,1),%edi
+        movl    %eax,           %edx
+        rorl    $2,             %eax
+        andl    %ecx,           %edx
+        orl     %edx,           %ebp
+        movl    %esi,           %edx
+        roll    $5,             %edx
+        addl    %edx,           %ebp
+        addl    %ebp,           %edi
+
+        movl    48(%esp),       %edx
+        movl    %esi,           %ebp
+        xorl    56(%esp),       %edx
+        orl     %eax,           %ebp
+        xorl    16(%esp),       %edx
+        andl    %ecx,           %ebp
+        xorl    36(%esp),       %edx
+.byte 209
+.byte 194       
+        movl    %edx,           48(%esp)
+        leal    2400959708(%edx,%ebx,1),%edx
+        movl    %esi,           %ebx
+        rorl    $2,             %esi
+        andl    %eax,           %ebx
+        orl     %ebx,           %ebp
+        movl    %edi,           %ebx
+        roll    $5,             %ebx
+        addl    %ebx,           %ebp
+        addl    %ebp,           %edx
+
+        movl    52(%esp),       %ebx
+        movl    %edi,           %ebp
+        xorl    60(%esp),       %ebx
+        orl     %esi,           %ebp
+        xorl    20(%esp),       %ebx
+        andl    %eax,           %ebp
+        xorl    40(%esp),       %ebx
+.byte 209
+.byte 195       
+        movl    %ebx,           52(%esp)
+        leal    2400959708(%ebx,%ecx,1),%ebx
+        movl    %edi,           %ecx
+        rorl    $2,             %edi
+        andl    %esi,           %ecx
+        orl     %ecx,           %ebp
+        movl    %edx,           %ecx
+        roll    $5,             %ecx
+        addl    %ecx,           %ebp
+        addl    %ebp,           %ebx
+
+        movl    56(%esp),       %ecx
+        movl    %edx,           %ebp
+        xorl    (%esp),         %ecx
+        orl     %edi,           %ebp
+        xorl    24(%esp),       %ecx
+        andl    %esi,           %ebp
+        xorl    44(%esp),       %ecx
+.byte 209
+.byte 193       
+        movl    %ecx,           56(%esp)
+        leal    2400959708(%ecx,%eax,1),%ecx
+        movl    %edx,           %eax
+        rorl    $2,             %edx
+        andl    %edi,           %eax
+        orl     %eax,           %ebp
+        movl    %ebx,           %eax
+        roll    $5,             %eax
+        addl    %eax,           %ebp
+        addl    %ebp,           %ecx
+
+        movl    60(%esp),       %eax
+        movl    %ebx,           %ebp
+        xorl    4(%esp),        %eax
+        orl     %edx,           %ebp
+        xorl    28(%esp),       %eax
+        andl    %edi,           %ebp
+        xorl    48(%esp),       %eax
+.byte 209
+.byte 192       
+        movl    %eax,           60(%esp)
+        leal    2400959708(%eax,%esi,1),%eax
+        movl    %ebx,           %esi
+        rorl    $2,             %ebx
+        andl    %edx,           %esi
+        orl     %esi,           %ebp
+        movl    %ecx,           %esi
+        roll    $5,             %esi
+        addl    %esi,           %ebp
+        addl    %ebp,           %eax
+
+        movl    (%esp),         %esi
+        movl    %ecx,           %ebp
+        xorl    8(%esp),        %esi
+        orl     %ebx,           %ebp
+        xorl    32(%esp),       %esi
+        andl    %edx,           %ebp
+        xorl    52(%esp),       %esi
+.byte 209
+.byte 198       
+        movl    %esi,           (%esp)
+        leal    2400959708(%esi,%edi,1),%esi
+        movl    %ecx,           %edi
+        rorl    $2,             %ecx
+        andl    %ebx,           %edi
+        orl     %edi,           %ebp
+        movl    %eax,           %edi
+        roll    $5,             %edi
+        addl    %edi,           %ebp
+        addl    %ebp,           %esi
+
+        movl    4(%esp),        %edi
+        movl    %eax,           %ebp
+        xorl    12(%esp),       %edi
+        orl     %ecx,           %ebp
+        xorl    36(%esp),       %edi
+        andl    %ebx,           %ebp
+        xorl    56(%esp),       %edi
+.byte 209
+.byte 199       
+        movl    %edi,           4(%esp)
+        leal    2400959708(%edi,%edx,1),%edi
+        movl    %eax,           %edx
+        rorl    $2,             %eax
+        andl    %ecx,           %edx
+        orl     %edx,           %ebp
+        movl    %esi,           %edx
+        roll    $5,             %edx
+        addl    %edx,           %ebp
+        addl    %ebp,           %edi
+
+        movl    8(%esp),        %edx
+        movl    %esi,           %ebp
+        xorl    16(%esp),       %edx
+        orl     %eax,           %ebp
+        xorl    40(%esp),       %edx
+        andl    %ecx,           %ebp
+        xorl    60(%esp),       %edx
+.byte 209
+.byte 194       
+        movl    %edx,           8(%esp)
+        leal    2400959708(%edx,%ebx,1),%edx
+        movl    %esi,           %ebx
+        rorl    $2,             %esi
+        andl    %eax,           %ebx
+        orl     %ebx,           %ebp
+        movl    %edi,           %ebx
+        roll    $5,             %ebx
+        addl    %ebx,           %ebp
+        addl    %ebp,           %edx
+
+        movl    12(%esp),       %ebx
+        movl    %edi,           %ebp
+        xorl    20(%esp),       %ebx
+        orl     %esi,           %ebp
+        xorl    44(%esp),       %ebx
+        andl    %eax,           %ebp
+        xorl    (%esp),         %ebx
+.byte 209
+.byte 195       
+        movl    %ebx,           12(%esp)
+        leal    2400959708(%ebx,%ecx,1),%ebx
+        movl    %edi,           %ecx
+        rorl    $2,             %edi
+        andl    %esi,           %ecx
+        orl     %ecx,           %ebp
+        movl    %edx,           %ecx
+        roll    $5,             %ecx
+        addl    %ecx,           %ebp
+        addl    %ebp,           %ebx
+
+        movl    16(%esp),       %ecx
+        movl    %edx,           %ebp
+        xorl    24(%esp),       %ecx
+        orl     %edi,           %ebp
+        xorl    48(%esp),       %ecx
+        andl    %esi,           %ebp
+        xorl    4(%esp),        %ecx
+.byte 209
+.byte 193       
+        movl    %ecx,           16(%esp)
+        leal    2400959708(%ecx,%eax,1),%ecx
+        movl    %edx,           %eax
+        rorl    $2,             %edx
+        andl    %edi,           %eax
+        orl     %eax,           %ebp
+        movl    %ebx,           %eax
+        roll    $5,             %eax
+        addl    %eax,           %ebp
+        addl    %ebp,           %ecx
+
+        movl    20(%esp),       %eax
+        movl    %ebx,           %ebp
+        xorl    28(%esp),       %eax
+        orl     %edx,           %ebp
+        xorl    52(%esp),       %eax
+        andl    %edi,           %ebp
+        xorl    8(%esp),        %eax
+.byte 209
+.byte 192       
+        movl    %eax,           20(%esp)
+        leal    2400959708(%eax,%esi,1),%eax
+        movl    %ebx,           %esi
+        rorl    $2,             %ebx
+        andl    %edx,           %esi
+        orl     %esi,           %ebp
+        movl    %ecx,           %esi
+        roll    $5,             %esi
+        addl    %esi,           %ebp
+        addl    %ebp,           %eax
+
+        movl    24(%esp),       %esi
+        movl    %ecx,           %ebp
+        xorl    32(%esp),       %esi
+        orl     %ebx,           %ebp
+        xorl    56(%esp),       %esi
+        andl    %edx,           %ebp
+        xorl    12(%esp),       %esi
+.byte 209
+.byte 198       
+        movl    %esi,           24(%esp)
+        leal    2400959708(%esi,%edi,1),%esi
+        movl    %ecx,           %edi
+        rorl    $2,             %ecx
+        andl    %ebx,           %edi
+        orl     %edi,           %ebp
+        movl    %eax,           %edi
+        roll    $5,             %edi
+        addl    %edi,           %ebp
+        addl    %ebp,           %esi
+
+        movl    28(%esp),       %edi
+        movl    %eax,           %ebp
+        xorl    36(%esp),       %edi
+        orl     %ecx,           %ebp
+        xorl    60(%esp),       %edi
+        andl    %ebx,           %ebp
+        xorl    16(%esp),       %edi
+.byte 209
+.byte 199       
+        movl    %edi,           28(%esp)
+        leal    2400959708(%edi,%edx,1),%edi
+        movl    %eax,           %edx
+        rorl    $2,             %eax
+        andl    %ecx,           %edx
+        orl     %edx,           %ebp
+        movl    %esi,           %edx
+        roll    $5,             %edx
+        addl    %edx,           %ebp
+        addl    %ebp,           %edi
+
+        movl    32(%esp),       %edx
+        movl    %esi,           %ebp
+        xorl    40(%esp),       %edx
+        orl     %eax,           %ebp
+        xorl    (%esp),         %edx
+        andl    %ecx,           %ebp
+        xorl    20(%esp),       %edx
+.byte 209
+.byte 194       
+        movl    %edx,           32(%esp)
+        leal    2400959708(%edx,%ebx,1),%edx
+        movl    %esi,           %ebx
+        rorl    $2,             %esi
+        andl    %eax,           %ebx
+        orl     %ebx,           %ebp
+        movl    %edi,           %ebx
+        roll    $5,             %ebx
+        addl    %ebx,           %ebp
+        addl    %ebp,           %edx
+
+        movl    36(%esp),       %ebx
+        movl    %edi,           %ebp
+        xorl    44(%esp),       %ebx
+        orl     %esi,           %ebp
+        xorl    4(%esp),        %ebx
+        andl    %eax,           %ebp
+        xorl    24(%esp),       %ebx
+.byte 209
+.byte 195       
+        movl    %ebx,           36(%esp)
+        leal    2400959708(%ebx,%ecx,1),%ebx
+        movl    %edi,           %ecx
+        rorl    $2,             %edi
+        andl    %esi,           %ecx
+        orl     %ecx,           %ebp
+        movl    %edx,           %ecx
+        roll    $5,             %ecx
+        addl    %ecx,           %ebp
+        addl    %ebp,           %ebx
+
+        movl    40(%esp),       %ecx
+        movl    %edx,           %ebp
+        xorl    48(%esp),       %ecx
+        orl     %edi,           %ebp
+        xorl    8(%esp),        %ecx
+        andl    %esi,           %ebp
+        xorl    28(%esp),       %ecx
+.byte 209
+.byte 193       
+        movl    %ecx,           40(%esp)
+        leal    2400959708(%ecx,%eax,1),%ecx
+        movl    %edx,           %eax
+        rorl    $2,             %edx
+        andl    %edi,           %eax
+        orl     %eax,           %ebp
+        movl    %ebx,           %eax
+        roll    $5,             %eax
+        addl    %eax,           %ebp
+        addl    %ebp,           %ecx
+
+        movl    44(%esp),       %eax
+        movl    %ebx,           %ebp
+        xorl    52(%esp),       %eax
+        orl     %edx,           %ebp
+        xorl    12(%esp),       %eax
+        andl    %edi,           %ebp
+        xorl    32(%esp),       %eax
+.byte 209
+.byte 192       
+        movl    %eax,           44(%esp)
+        leal    2400959708(%eax,%esi,1),%eax
+        movl    %ebx,           %esi
+        rorl    $2,             %ebx
+        andl    %edx,           %esi
+        orl     %esi,           %ebp
+        movl    %ecx,           %esi
+        roll    $5,             %esi
+        addl    %esi,           %ebp
+        addl    %ebp,           %eax
+
+        movl    48(%esp),       %esi
+        movl    %ecx,           %ebp
+        xorl    56(%esp),       %esi
+        rorl    $2,             %ecx
+        xorl    16(%esp),       %esi
+        xorl    %ebx,           %ebp
+        xorl    36(%esp),       %esi
+        xorl    %edx,           %ebp
+.byte 209
+.byte 198       
+        movl    %esi,           48(%esp)
+        leal    3395469782(%esi,%edi,1),%esi
+        movl    %eax,           %edi
+        roll    $5,             %edi
+        addl    %ebp,           %esi
+        addl    %edi,           %esi
+
+        movl    52(%esp),       %edi
+        movl    %eax,           %ebp
+        xorl    60(%esp),       %edi
+        rorl    $2,             %eax
+        xorl    20(%esp),       %edi
+        xorl    %ecx,           %ebp
+        xorl    40(%esp),       %edi
+        xorl    %ebx,           %ebp
+.byte 209
+.byte 199       
+        movl    %edi,           52(%esp)
+        leal    3395469782(%edi,%edx,1),%edi
+        movl    %esi,           %edx
+        roll    $5,             %edx
+        addl    %ebp,           %edi
+        addl    %edx,           %edi
+
+        movl    56(%esp),       %edx
+        movl    %esi,           %ebp
+        xorl    (%esp),         %edx
+        rorl    $2,             %esi
+        xorl    24(%esp),       %edx
+        xorl    %eax,           %ebp
+        xorl    44(%esp),       %edx
+        xorl    %ecx,           %ebp
+.byte 209
+.byte 194       
+        movl    %edx,           56(%esp)
+        leal    3395469782(%edx,%ebx,1),%edx
+        movl    %edi,           %ebx
+        roll    $5,             %ebx
+        addl    %ebp,           %edx
+        addl    %ebx,           %edx
+
+        movl    60(%esp),       %ebx
+        movl    %edi,           %ebp
+        xorl    4(%esp),        %ebx
+        rorl    $2,             %edi
+        xorl    28(%esp),       %ebx
+        xorl    %esi,           %ebp
+        xorl    48(%esp),       %ebx
+        xorl    %eax,           %ebp
+.byte 209
+.byte 195       
+        movl    %ebx,           60(%esp)
+        leal    3395469782(%ebx,%ecx,1),%ebx
+        movl    %edx,           %ecx
+        roll    $5,             %ecx
+        addl    %ebp,           %ebx
+        addl    %ecx,           %ebx
+
+        movl    (%esp),         %ecx
+        movl    %edx,           %ebp
+        xorl    8(%esp),        %ecx
+        rorl    $2,             %edx
+        xorl    32(%esp),       %ecx
+        xorl    %edi,           %ebp
+        xorl    52(%esp),       %ecx
+        xorl    %esi,           %ebp
+.byte 209
+.byte 193       
+        movl    %ecx,           (%esp)
+        leal    3395469782(%ecx,%eax,1),%ecx
+        movl    %ebx,           %eax
+        roll    $5,             %eax
+        addl    %ebp,           %ecx
+        addl    %eax,           %ecx
+
+        movl    4(%esp),        %eax
+        movl    %ebx,           %ebp
+        xorl    12(%esp),       %eax
+        rorl    $2,             %ebx
+        xorl    36(%esp),       %eax
+        xorl    %edx,           %ebp
+        xorl    56(%esp),       %eax
+        xorl    %edi,           %ebp
+.byte 209
+.byte 192       
+        movl    %eax,           4(%esp)
+        leal    3395469782(%eax,%esi,1),%eax
+        movl    %ecx,           %esi
+        roll    $5,             %esi
+        addl    %ebp,           %eax
+        addl    %esi,           %eax
+
+        movl    8(%esp),        %esi
+        movl    %ecx,           %ebp
+        xorl    16(%esp),       %esi
+        rorl    $2,             %ecx
+        xorl    40(%esp),       %esi
+        xorl    %ebx,           %ebp
+        xorl    60(%esp),       %esi
+        xorl    %edx,           %ebp
+.byte 209
+.byte 198       
+        movl    %esi,           8(%esp)
+        leal    3395469782(%esi,%edi,1),%esi
+        movl    %eax,           %edi
+        roll    $5,             %edi
+        addl    %ebp,           %esi
+        addl    %edi,           %esi
+
+        movl    12(%esp),       %edi
+        movl    %eax,           %ebp
+        xorl    20(%esp),       %edi
+        rorl    $2,             %eax
+        xorl    44(%esp),       %edi
+        xorl    %ecx,           %ebp
+        xorl    (%esp),         %edi
+        xorl    %ebx,           %ebp
+.byte 209
+.byte 199       
+        movl    %edi,           12(%esp)
+        leal    3395469782(%edi,%edx,1),%edi
+        movl    %esi,           %edx
+        roll    $5,             %edx
+        addl    %ebp,           %edi
+        addl    %edx,           %edi
+
+        movl    16(%esp),       %edx
+        movl    %esi,           %ebp
+        xorl    24(%esp),       %edx
+        rorl    $2,             %esi
+        xorl    48(%esp),       %edx
+        xorl    %eax,           %ebp
+        xorl    4(%esp),        %edx
+        xorl    %ecx,           %ebp
+.byte 209
+.byte 194       
+        movl    %edx,           16(%esp)
+        leal    3395469782(%edx,%ebx,1),%edx
+        movl    %edi,           %ebx
+        roll    $5,             %ebx
+        addl    %ebp,           %edx
+        addl    %ebx,           %edx
+
+        movl    20(%esp),       %ebx
+        movl    %edi,           %ebp
+        xorl    28(%esp),       %ebx
+        rorl    $2,             %edi
+        xorl    52(%esp),       %ebx
+        xorl    %esi,           %ebp
+        xorl    8(%esp),        %ebx
+        xorl    %eax,           %ebp
+.byte 209
+.byte 195       
+        movl    %ebx,           20(%esp)
+        leal    3395469782(%ebx,%ecx,1),%ebx
+        movl    %edx,           %ecx
+        roll    $5,             %ecx
+        addl    %ebp,           %ebx
+        addl    %ecx,           %ebx
+
+        movl    24(%esp),       %ecx
+        movl    %edx,           %ebp
+        xorl    32(%esp),       %ecx
+        rorl    $2,             %edx
+        xorl    56(%esp),       %ecx
+        xorl    %edi,           %ebp
+        xorl    12(%esp),       %ecx
+        xorl    %esi,           %ebp
+.byte 209
+.byte 193       
+        movl    %ecx,           24(%esp)
+        leal    3395469782(%ecx,%eax,1),%ecx
+        movl    %ebx,           %eax
+        roll    $5,             %eax
+        addl    %ebp,           %ecx
+        addl    %eax,           %ecx
+
+        movl    28(%esp),       %eax
+        movl    %ebx,           %ebp
+        xorl    36(%esp),       %eax
+        rorl    $2,             %ebx
+        xorl    60(%esp),       %eax
+        xorl    %edx,           %ebp
+        xorl    16(%esp),       %eax
+        xorl    %edi,           %ebp
+.byte 209
+.byte 192       
+        movl    %eax,           28(%esp)
+        leal    3395469782(%eax,%esi,1),%eax
+        movl    %ecx,           %esi
+        roll    $5,             %esi
+        addl    %ebp,           %eax
+        addl    %esi,           %eax
+
+        movl    32(%esp),       %esi
+        movl    %ecx,           %ebp
+        xorl    40(%esp),       %esi
+        rorl    $2,             %ecx
+        xorl    (%esp),         %esi
+        xorl    %ebx,           %ebp
+        xorl    20(%esp),       %esi
+        xorl    %edx,           %ebp
+.byte 209
+.byte 198       
+        movl    %esi,           32(%esp)
+        leal    3395469782(%esi,%edi,1),%esi
+        movl    %eax,           %edi
+        roll    $5,             %edi
+        addl    %ebp,           %esi
+        addl    %edi,           %esi
+
+        movl    36(%esp),       %edi
+        movl    %eax,           %ebp
+        xorl    44(%esp),       %edi
+        rorl    $2,             %eax
+        xorl    4(%esp),        %edi
+        xorl    %ecx,           %ebp
+        xorl    24(%esp),       %edi
+        xorl    %ebx,           %ebp
+.byte 209
+.byte 199       
+        movl    %edi,           36(%esp)
+        leal    3395469782(%edi,%edx,1),%edi
+        movl    %esi,           %edx
+        roll    $5,             %edx
+        addl    %ebp,           %edi
+        addl    %edx,           %edi
+
+        movl    40(%esp),       %edx
+        movl    %esi,           %ebp
+        xorl    48(%esp),       %edx
+        rorl    $2,             %esi
+        xorl    8(%esp),        %edx
+        xorl    %eax,           %ebp
+        xorl    28(%esp),       %edx
+        xorl    %ecx,           %ebp
+.byte 209
+.byte 194       
+        movl    %edx,           40(%esp)
+        leal    3395469782(%edx,%ebx,1),%edx
+        movl    %edi,           %ebx
+        roll    $5,             %ebx
+        addl    %ebp,           %edx
+        addl    %ebx,           %edx
+
+        movl    44(%esp),       %ebx
+        movl    %edi,           %ebp
+        xorl    52(%esp),       %ebx
+        rorl    $2,             %edi
+        xorl    12(%esp),       %ebx
+        xorl    %esi,           %ebp
+        xorl    32(%esp),       %ebx
+        xorl    %eax,           %ebp
+.byte 209
+.byte 195       
+        movl    %ebx,           44(%esp)
+        leal    3395469782(%ebx,%ecx,1),%ebx
+        movl    %edx,           %ecx
+        roll    $5,             %ecx
+        addl    %ebp,           %ebx
+        addl    %ecx,           %ebx
+
+        movl    48(%esp),       %ecx
+        movl    %edx,           %ebp
+        xorl    56(%esp),       %ecx
+        rorl    $2,             %edx
+        xorl    16(%esp),       %ecx
+        xorl    %edi,           %ebp
+        xorl    36(%esp),       %ecx
+        xorl    %esi,           %ebp
+.byte 209
+.byte 193       
+        movl    %ecx,           48(%esp)
+        leal    3395469782(%ecx,%eax,1),%ecx
+        movl    %ebx,           %eax
+        roll    $5,             %eax
+        addl    %ebp,           %ecx
+        addl    %eax,           %ecx
+
+        movl    52(%esp),       %eax
+        movl    %ebx,           %ebp
+        xorl    60(%esp),       %eax
+        rorl    $2,             %ebx
+        xorl    20(%esp),       %eax
+        xorl    %edx,           %ebp
+        xorl    40(%esp),       %eax
+        xorl    %edi,           %ebp
+.byte 209
+.byte 192       
+        movl    %eax,           52(%esp)
+        leal    3395469782(%eax,%esi,1),%eax
+        movl    %ecx,           %esi
+        roll    $5,             %esi
+        addl    %ebp,           %eax
+        addl    %esi,           %eax
+
+        movl    56(%esp),       %esi
+        movl    %ecx,           %ebp
+        xorl    (%esp),         %esi
+        rorl    $2,             %ecx
+        xorl    24(%esp),       %esi
+        xorl    %ebx,           %ebp
+        xorl    44(%esp),       %esi
+        xorl    %edx,           %ebp
+.byte 209
+.byte 198       
+        movl    %esi,           56(%esp)
+        leal    3395469782(%esi,%edi,1),%esi
+        movl    %eax,           %edi
+        roll    $5,             %edi
+        addl    %ebp,           %esi
+        addl    %edi,           %esi
+
+        movl    60(%esp),       %edi
+        movl    %eax,           %ebp
+        xorl    4(%esp),        %edi
+        rorl    $2,             %eax
+        xorl    28(%esp),       %edi
+        xorl    %ecx,           %ebp
+        xorl    48(%esp),       %edi
+        xorl    %ebx,           %ebp
+.byte 209
+.byte 199       
+        movl    %edi,           60(%esp)
+        leal    3395469782(%edi,%edx,1),%edi
+        movl    %esi,           %edx
+        roll    $5,             %edx
+        addl    %ebp,           %edi
+        addl    %edx,           %edi
+
+
+        movl    128(%esp),      %ebp
+        movl    12(%ebp),       %edx
+        addl    %ecx,           %edx
+        movl    4(%ebp),        %ecx
+        addl    %esi,           %ecx
+        movl    %eax,           %esi
+        movl    (%ebp),         %eax
+        movl    %edx,           12(%ebp)
+        addl    %edi,           %eax
+        movl    16(%ebp),       %edi
+        addl    %ebx,           %edi
+        movl    8(%ebp),        %ebx
+        addl    %esi,           %ebx
+        movl    %eax,           (%ebp)
+        movl    132(%esp),      %esi
+        movl    %ebx,           8(%ebp)
+        addl    $64,            %esi
+        movl    68(%esp),       %eax
+        movl    %edi,           16(%ebp)
+        cmpl    %eax,           %esi
+        movl    %ecx,           4(%ebp)
+        jb      .L000start
+        addl    $108,           %esp
+        popl    %edi
+        popl    %ebx
+        popl    %ebp
+        popl    %esi
+        ret
+.L_sha1_block_asm_data_order_end:
+        .size   sha1_block_asm_data_order,.L_sha1_block_asm_data_order_end-sha1_block_asm_data_order
+.ident  "desasm.pl"
+.text
+        .align 16
+.globl sha1_block_asm_host_order
+        .type   sha1_block_asm_host_order,@function
+sha1_block_asm_host_order:
+        movl    12(%esp),       %ecx
+        pushl   %esi
+        sall    $6,             %ecx
+        movl    12(%esp),       %esi
+        pushl   %ebp
+        addl    %esi,           %ecx
+        pushl   %ebx
+        movl    16(%esp),       %ebp
+        pushl   %edi
+        movl    12(%ebp),       %edx
+        subl    $108,           %esp
+        movl    16(%ebp),       %edi
+        movl    8(%ebp),        %ebx
+        movl    %ecx,           68(%esp)
+
+        movl    (%esi),         %eax
+        movl    4(%esi),        %ecx
+        movl    %eax,           (%esp)
+        movl    %ecx,           4(%esp)
+        movl    8(%esi),        %eax
+        movl    12(%esi),       %ecx
+        movl    %eax,           8(%esp)
+        movl    %ecx,           12(%esp)
+        movl    16(%esi),       %eax
+        movl    20(%esi),       %ecx
+        movl    %eax,           16(%esp)
+        movl    %ecx,           20(%esp)
+        movl    24(%esi),       %eax
+        movl    28(%esi),       %ecx
+        movl    %eax,           24(%esp)
+        movl    %ecx,           28(%esp)
+        movl    32(%esi),       %eax
+        movl    36(%esi),       %ecx
+        movl    %eax,           32(%esp)
+        movl    %ecx,           36(%esp)
+        movl    40(%esi),       %eax
+        movl    44(%esi),       %ecx
+        movl    %eax,           40(%esp)
+        movl    %ecx,           44(%esp)
+        movl    48(%esi),       %eax
+        movl    52(%esi),       %ecx
+        movl    %eax,           48(%esp)
+        movl    %ecx,           52(%esp)
+        movl    56(%esi),       %eax
+        movl    60(%esi),       %ecx
+        movl    %eax,           56(%esp)
+        movl    %ecx,           60(%esp)
+        jmp     .L001shortcut
+.L_sha1_block_asm_host_order_end:
+        .size   sha1_block_asm_host_order,.L_sha1_block_asm_host_order_end-sha1_block_asm_host_order
+.ident  "desasm.pl"
diff --git a/src/lib/libssl/src/fips/sha1/fingerprint.sha1 b/src/lib/libssl/src/fips/sha1/fingerprint.sha1
new file mode 100644
index 0000000000..5cb919fdc5
--- /dev/null
+++ b/src/lib/libssl/src/fips/sha1/fingerprint.sha1
@@ -0,0 +1,5 @@
+HMAC-SHA1(fips_sha1dgst.c)= 10575600a9540eb15188a7d3b0b031e60aedbc18
+HMAC-SHA1(fips_sha1_selftest.c)= 98910a0c85eff1688bd7adb23e738dc75b39546e
+HMAC-SHA1(asm/sx86-elf.s)= ae66fb23ab8e1a2287e87a0a2dd30a4b9039fe63
+HMAC-SHA1(fips_sha_locl.h)= c1b4c82eec5f0ee119658456690f3ea9d77ed1c5
+HMAC-SHA1(fips_md32_common.h)= 08a057a7b94acf5df4301ea6c894ce14082e1ec4
diff --git a/src/lib/libssl/src/fips/sha1/fips_md32_common.h b/src/lib/libssl/src/fips/sha1/fips_md32_common.h
new file mode 100644
index 0000000000..cf1110e897
--- /dev/null
+++ b/src/lib/libssl/src/fips/sha1/fips_md32_common.h
@@ -0,0 +1,623 @@
+/* crypto/md32_common.h */
+/* ====================================================================
+ * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * This is a generic 32 bit "collector" for message digest algorithms.
+ * Whenever needed it collects input character stream into chunks of
+ * 32 bit values and invokes a block function that performs actual hash
+ * calculations.
+ *
+ * Porting guide.
+ *
+ * Obligatory macros:
+ *
+ * DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN
+ *      this macro defines byte order of input stream.
+ * HASH_CBLOCK
+ *      size of a unit chunk HASH_BLOCK operates on.
+ * HASH_LONG
+ *      has to be at lest 32 bit wide, if it's wider, then
+ *      HASH_LONG_LOG2 *has to* be defined along
+ * HASH_CTX
+ *      context structure that at least contains following
+ *      members:
+ *              typedef struct {
+ *                      ...
+ *                      HASH_LONG       Nl,Nh;
+ *                      HASH_LONG       data[HASH_LBLOCK];
+ *                      unsigned int    num;
+ *                      ...
+ *                      } HASH_CTX;
+ * HASH_UPDATE
+ *      name of "Update" function, implemented here.
+ * HASH_TRANSFORM
+ *      name of "Transform" function, implemented here.
+ * HASH_FINAL
+ *      name of "Final" function, implemented here.
+ * HASH_BLOCK_HOST_ORDER
+ *      name of "block" function treating *aligned* input message
+ *      in host byte order, implemented externally.
+ * HASH_BLOCK_DATA_ORDER
+ *      name of "block" function treating *unaligned* input message
+ *      in original (data) byte order, implemented externally (it
+ *      actually is optional if data and host are of the same
+ *      "endianess").
+ * HASH_MAKE_STRING
+ *      macro convering context variables to an ASCII hash string.
+ *
+ * Optional macros:
+ *
+ * B_ENDIAN or L_ENDIAN
+ *      defines host byte-order.
+ * HASH_LONG_LOG2
+ *      defaults to 2 if not states otherwise.
+ * HASH_LBLOCK
+ *      assumed to be HASH_CBLOCK/4 if not stated otherwise.
+ * HASH_BLOCK_DATA_ORDER_ALIGNED
+ *      alternative "block" function capable of treating
+ *      aligned input message in original (data) order,
+ *      implemented externally.
+ *
+ * MD5 example:
+ *
+ *      #define DATA_ORDER_IS_LITTLE_ENDIAN
+ *
+ *      #define HASH_LONG               MD5_LONG
+ *      #define HASH_LONG_LOG2          MD5_LONG_LOG2
+ *      #define HASH_CTX                MD5_CTX
+ *      #define HASH_CBLOCK             MD5_CBLOCK
+ *      #define HASH_LBLOCK             MD5_LBLOCK
+ *      #define HASH_UPDATE             MD5_Update
+ *      #define HASH_TRANSFORM          MD5_Transform
+ *      #define HASH_FINAL              MD5_Final
+ *      #define HASH_BLOCK_HOST_ORDER   md5_block_host_order
+ *      #define HASH_BLOCK_DATA_ORDER   md5_block_data_order
+ *
+ *                                      <appro@fy.chalmers.se>
+ */
+
+#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN)
+#error "DATA_ORDER must be defined!"
+#endif
+
+#ifndef HASH_CBLOCK
+#error "HASH_CBLOCK must be defined!"
+#endif
+#ifndef HASH_LONG
+#error "HASH_LONG must be defined!"
+#endif
+#ifndef HASH_CTX
+#error "HASH_CTX must be defined!"
+#endif
+
+#ifndef HASH_UPDATE
+#error "HASH_UPDATE must be defined!"
+#endif
+#ifndef HASH_TRANSFORM
+#error "HASH_TRANSFORM must be defined!"
+#endif
+#ifndef HASH_FINAL
+#error "HASH_FINAL must be defined!"
+#endif
+
+#ifndef HASH_BLOCK_HOST_ORDER
+#error "HASH_BLOCK_HOST_ORDER must be defined!"
+#endif
+
+#if 0
+/*
+ * Moved below as it's required only if HASH_BLOCK_DATA_ORDER_ALIGNED
+ * isn't defined.
+ */
+#ifndef HASH_BLOCK_DATA_ORDER
+#error "HASH_BLOCK_DATA_ORDER must be defined!"
+#endif
+#endif
+
+#ifndef HASH_LBLOCK
+#define HASH_LBLOCK     (HASH_CBLOCK/4)
+#endif
+
+#ifndef HASH_LONG_LOG2
+#define HASH_LONG_LOG2  2
+#endif
+
+/*
+ * Engage compiler specific rotate intrinsic function if available.
+ */
+#undef ROTATE
+#ifndef PEDANTIC
+# if defined(_MSC_VER) || defined(__ICC)
+#  define ROTATE(a,n)   _lrotl(a,n)
+# elif defined(__MWERKS__)
+#  if defined(__POWERPC__)
+#   define ROTATE(a,n)  __rlwinm(a,n,0,31)
+#  elif defined(__MC68K__)
+    /* Motorola specific tweak. <appro@fy.chalmers.se> */
+#   define ROTATE(a,n)  ( n<24 ? __rol(a,n) : __ror(a,32-n) )
+#  else
+#   define ROTATE(a,n)  __rol(a,n)
+#  endif
+# elif defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+  /*
+   * Some GNU C inline assembler templates. Note that these are
+   * rotates by *constant* number of bits! But that's exactly
+   * what we need here...
+   *                                    <appro@fy.chalmers.se>
+   */
+#  if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
+#   define ROTATE(a,n)  ({ register unsigned int ret;   \
+                                asm (                   \
+                                "roll %1,%0"            \
+                                : "=r"(ret)             \
+                                : "I"(n), "0"(a)        \
+                                : "cc");                \
+                           ret;                         \
+                        })
+#  elif defined(__powerpc) || defined(__ppc)
+#   define ROTATE(a,n)  ({ register unsigned int ret;   \
+                                asm (                   \
+                                "rlwinm %0,%1,%2,0,31"  \
+                                : "=r"(ret)             \
+                                : "r"(a), "I"(n));      \
+                           ret;                         \
+                        })
+#  endif
+# endif
+#endif /* PEDANTIC */
+
+#if HASH_LONG_LOG2==2   /* Engage only if sizeof(HASH_LONG)== 4 */
+/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */
+#ifdef ROTATE
+/* 5 instructions with rotate instruction, else 9 */
+#define REVERSE_FETCH32(a,l)    (                                       \
+                l=*(const HASH_LONG *)(a),                              \
+                ((ROTATE(l,8)&0x00FF00FF)|(ROTATE((l&0x00FF00FF),24)))  \
+                                )
+#else
+/* 6 instructions with rotate instruction, else 8 */
+#define REVERSE_FETCH32(a,l)    (                               \
+                l=*(const HASH_LONG *)(a),                      \
+                l=(((l>>8)&0x00FF00FF)|((l&0x00FF00FF)<<8)),    \
+                ROTATE(l,16)                                    \
+                                )
+/*
+ * Originally the middle line started with l=(((l&0xFF00FF00)>>8)|...
+ * It's rewritten as above for two reasons:
+ *      - RISCs aren't good at long constants and have to explicitely
+ *        compose 'em with several (well, usually 2) instructions in a
+ *        register before performing the actual operation and (as you
+ *        already realized:-) having same constant should inspire the
+ *        compiler to permanently allocate the only register for it;
+ *      - most modern CPUs have two ALUs, but usually only one has
+ *        circuitry for shifts:-( this minor tweak inspires compiler
+ *        to schedule shift instructions in a better way...
+ *
+ *                              <appro@fy.chalmers.se>
+ */
+#endif
+#endif
+
+#ifndef ROTATE
+#define ROTATE(a,n)     (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
+#endif
+
+/*
+ * Make some obvious choices. E.g., HASH_BLOCK_DATA_ORDER_ALIGNED
+ * and HASH_BLOCK_HOST_ORDER ought to be the same if input data
+ * and host are of the same "endianess". It's possible to mask
+ * this with blank #define HASH_BLOCK_DATA_ORDER though...
+ *
+ *                              <appro@fy.chalmers.se>
+ */
+#if defined(B_ENDIAN)
+#  if defined(DATA_ORDER_IS_BIG_ENDIAN)
+#    if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2
+#      define HASH_BLOCK_DATA_ORDER_ALIGNED     HASH_BLOCK_HOST_ORDER
+#    endif
+#  endif
+#elif defined(L_ENDIAN)
+#  if defined(DATA_ORDER_IS_LITTLE_ENDIAN)
+#    if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2
+#      define HASH_BLOCK_DATA_ORDER_ALIGNED     HASH_BLOCK_HOST_ORDER
+#    endif
+#  endif
+#endif
+
+#if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
+#ifndef HASH_BLOCK_DATA_ORDER
+#error "HASH_BLOCK_DATA_ORDER must be defined!"
+#endif
+#endif
+
+#if defined(DATA_ORDER_IS_BIG_ENDIAN)
+
+#ifndef PEDANTIC
+# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+#  if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
+    /*
+     * This gives ~30-40% performance improvement in SHA-256 compiled
+     * with gcc [on P4]. Well, first macro to be frank. We can pull
+     * this trick on x86* platforms only, because these CPUs can fetch
+     * unaligned data without raising an exception.
+     */
+#   define HOST_c2l(c,l)        ({ unsigned int r=*((const unsigned int *)(c)); \
+                                   asm ("bswapl %0":"=r"(r):"0"(r));    \
+                                   (c)+=4; (l)=r;                       })
+#   define HOST_l2c(l,c)        ({ unsigned int r=(l);                  \
+                                   asm ("bswapl %0":"=r"(r):"0"(r));    \
+                                   *((unsigned int *)(c))=r; (c)+=4; r; })
+#  endif
+# endif
+#endif
+
+#ifndef HOST_c2l
+#define HOST_c2l(c,l)   (l =(((unsigned long)(*((c)++)))<<24),          \
+                         l|=(((unsigned long)(*((c)++)))<<16),          \
+                         l|=(((unsigned long)(*((c)++)))<< 8),          \
+                         l|=(((unsigned long)(*((c)++)))    ),          \
+                         l)
+#endif
+#define HOST_p_c2l(c,l,n)       {                                       \
+                        switch (n) {                                    \
+                        case 0: l =((unsigned long)(*((c)++)))<<24;     \
+                        case 1: l|=((unsigned long)(*((c)++)))<<16;     \
+                        case 2: l|=((unsigned long)(*((c)++)))<< 8;     \
+                        case 3: l|=((unsigned long)(*((c)++)));         \
+                                } }
+#define HOST_p_c2l_p(c,l,sc,len) {                                      \
+                        switch (sc) {                                   \
+                        case 0: l =((unsigned long)(*((c)++)))<<24;     \
+                                if (--len == 0) break;                  \
+                        case 1: l|=((unsigned long)(*((c)++)))<<16;     \
+                                if (--len == 0) break;                  \
+                        case 2: l|=((unsigned long)(*((c)++)))<< 8;     \
+                                } }
+/* NOTE the pointer is not incremented at the end of this */
+#define HOST_c2l_p(c,l,n)       {                                       \
+                        l=0; (c)+=n;                                    \
+                        switch (n) {                                    \
+                        case 3: l =((unsigned long)(*(--(c))))<< 8;     \
+                        case 2: l|=((unsigned long)(*(--(c))))<<16;     \
+                        case 1: l|=((unsigned long)(*(--(c))))<<24;     \
+                                } }
+#ifndef HOST_l2c
+#define HOST_l2c(l,c)   (*((c)++)=(unsigned char)(((l)>>24)&0xff),      \
+                         *((c)++)=(unsigned char)(((l)>>16)&0xff),      \
+                         *((c)++)=(unsigned char)(((l)>> 8)&0xff),      \
+                         *((c)++)=(unsigned char)(((l)    )&0xff),      \
+                         l)
+#endif
+
+#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
+
+#if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
+  /* See comment in DATA_ORDER_IS_BIG_ENDIAN section. */
+# define HOST_c2l(c,l)  ((l)=*((const unsigned int *)(c)), (c)+=4, l)
+# define HOST_l2c(l,c)  (*((unsigned int *)(c))=(l), (c)+=4, l)
+#endif
+
+#ifndef HOST_c2l
+#define HOST_c2l(c,l)   (l =(((unsigned long)(*((c)++)))    ),          \
+                         l|=(((unsigned long)(*((c)++)))<< 8),          \
+                         l|=(((unsigned long)(*((c)++)))<<16),          \
+                         l|=(((unsigned long)(*((c)++)))<<24),          \
+                         l)
+#endif
+#define HOST_p_c2l(c,l,n)       {                                       \
+                        switch (n) {                                    \
+                        case 0: l =((unsigned long)(*((c)++)));         \
+                        case 1: l|=((unsigned long)(*((c)++)))<< 8;     \
+                        case 2: l|=((unsigned long)(*((c)++)))<<16;     \
+                        case 3: l|=((unsigned long)(*((c)++)))<<24;     \
+                                } }
+#define HOST_p_c2l_p(c,l,sc,len) {                                      \
+                        switch (sc) {                                   \
+                        case 0: l =((unsigned long)(*((c)++)));         \
+                                if (--len == 0) break;                  \
+                        case 1: l|=((unsigned long)(*((c)++)))<< 8;     \
+                                if (--len == 0) break;                  \
+                        case 2: l|=((unsigned long)(*((c)++)))<<16;     \
+                                } }
+/* NOTE the pointer is not incremented at the end of this */
+#define HOST_c2l_p(c,l,n)       {                                       \
+                        l=0; (c)+=n;                                    \
+                        switch (n) {                                    \
+                        case 3: l =((unsigned long)(*(--(c))))<<16;     \
+                        case 2: l|=((unsigned long)(*(--(c))))<< 8;     \
+                        case 1: l|=((unsigned long)(*(--(c))));         \
+                                } }
+#ifndef HOST_l2c
+#define HOST_l2c(l,c)   (*((c)++)=(unsigned char)(((l)    )&0xff),      \
+                         *((c)++)=(unsigned char)(((l)>> 8)&0xff),      \
+                         *((c)++)=(unsigned char)(((l)>>16)&0xff),      \
+                         *((c)++)=(unsigned char)(((l)>>24)&0xff),      \
+                         l)
+#endif
+
+#endif
+
+/*
+ * Time for some action:-)
+ */
+
+int HASH_UPDATE (HASH_CTX *c, const void *data_, FIPS_SHA_SIZE_T len)
+        {
+        const unsigned char *data=data_;
+        register HASH_LONG * p;
+        register HASH_LONG l;
+        size_t sw,sc,ew,ec;
+
+        if(FIPS_selftest_failed())
+                return 0;
+
+        if (len==0) return 1;
+
+        l=(c->Nl+(((HASH_LONG)len)<<3))&0xffffffffUL;
+        /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to
+         * Wei Dai <weidai@eskimo.com> for pointing it out. */
+        if (l < c->Nl) /* overflow */
+                c->Nh++;
+        c->Nh+=(len>>29);       /* might cause compiler warning on 16-bit */
+        c->Nl=l;
+
+        if (c->num != 0)
+                {
+                p=c->data;
+                sw=c->num>>2;
+                sc=c->num&0x03;
+
+                if ((c->num+len) >= HASH_CBLOCK)
+                        {
+                        l=p[sw]; HOST_p_c2l(data,l,sc); p[sw++]=l;
+                        for (; sw<HASH_LBLOCK; sw++)
+                                {
+                                HOST_c2l(data,l); p[sw]=l;
+                                }
+                        HASH_BLOCK_HOST_ORDER (c,p,1);
+                        len-=(HASH_CBLOCK-c->num);
+                        c->num=0;
+                        /* drop through and do the rest */
+                        }
+                else
+                        {
+                        c->num+=(unsigned int)len;
+                        if ((sc+len) < 4) /* ugly, add char's to a word */
+                                {
+                                l=p[sw]; HOST_p_c2l_p(data,l,sc,len); p[sw]=l;
+                                }
+                        else
+                                {
+                                ew=(c->num>>2);
+                                ec=(c->num&0x03);
+                                if (sc)
+                                        l=p[sw];
+                                HOST_p_c2l(data,l,sc);
+                                p[sw++]=l;
+                                for (; sw < ew; sw++)
+                                        {
+                                        HOST_c2l(data,l); p[sw]=l;
+                                        }
+                                if (ec)
+                                        {
+                                        HOST_c2l_p(data,l,ec); p[sw]=l;
+                                        }
+                                }
+                        return 1;
+                        }
+                }
+
+        sw=len/HASH_CBLOCK;
+        if (sw > 0)
+                {
+#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
+                /*
+                 * Note that HASH_BLOCK_DATA_ORDER_ALIGNED gets defined
+                 * only if sizeof(HASH_LONG)==4.
+                 */
+                if ((((size_t)data)%4) == 0)
+                        {
+                        /* data is properly aligned so that we can cast it: */
+                        HASH_BLOCK_DATA_ORDER_ALIGNED (c,(const HASH_LONG *)data,sw);
+                        sw*=HASH_CBLOCK;
+                        data+=sw;
+                        len-=sw;
+                        }
+                else
+#if !defined(HASH_BLOCK_DATA_ORDER)
+                        while (sw--)
+                                {
+                                memcpy (p=c->data,data,HASH_CBLOCK);
+                                HASH_BLOCK_DATA_ORDER_ALIGNED(c,p,1);
+                                data+=HASH_CBLOCK;
+                                len-=HASH_CBLOCK;
+                                }
+#endif
+#endif
+#if defined(HASH_BLOCK_DATA_ORDER)
+                        {
+                        HASH_BLOCK_DATA_ORDER(c,data,sw);
+                        sw*=HASH_CBLOCK;
+                        data+=sw;
+                        len-=sw;
+                        }
+#endif
+                }
+
+        if (len!=0)
+                {
+                p = c->data;
+                c->num = len;
+                ew=len>>2;      /* words to copy */
+                ec=len&0x03;
+                for (; ew; ew--,p++)
+                        {
+                        HOST_c2l(data,l); *p=l;
+                        }
+                HOST_c2l_p(data,l,ec);
+                *p=l;
+                }
+        return 1;
+        }
+
+
+void HASH_TRANSFORM (HASH_CTX *c, const unsigned char *data)
+        {
+#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
+        if ((((size_t)data)%4) == 0)
+                /* data is properly aligned so that we can cast it: */
+                HASH_BLOCK_DATA_ORDER_ALIGNED (c,(const HASH_LONG *)data,1);
+        else
+#if !defined(HASH_BLOCK_DATA_ORDER)
+                {
+                memcpy (c->data,data,HASH_CBLOCK);
+                HASH_BLOCK_DATA_ORDER_ALIGNED (c,c->data,1);
+                }
+#endif
+#endif
+#if defined(HASH_BLOCK_DATA_ORDER)
+        HASH_BLOCK_DATA_ORDER (c,data,1);
+#endif
+        }
+
+
+int HASH_FINAL (unsigned char *md, HASH_CTX *c)
+        {
+        register HASH_LONG *p;
+        register unsigned long l;
+        register int i,j;
+        static const unsigned char end[4]={0x80,0x00,0x00,0x00};
+        const unsigned char *cp=end;
+
+        /* c->num should definitly have room for at least one more byte. */
+        p=c->data;
+        i=c->num>>2;
+        j=c->num&0x03;
+
+#if 0
+        /* purify often complains about the following line as an
+         * Uninitialized Memory Read.  While this can be true, the
+         * following p_c2l macro will reset l when that case is true.
+         * This is because j&0x03 contains the number of 'valid' bytes
+         * already in p[i].  If and only if j&0x03 == 0, the UMR will
+         * occur but this is also the only time p_c2l will do
+         * l= *(cp++) instead of l|= *(cp++)
+         * Many thanks to Alex Tang <altitude@cic.net> for pickup this
+         * 'potential bug' */
+#ifdef PURIFY
+        if (j==0) p[i]=0; /* Yeah, but that's not the way to fix it:-) */
+#endif
+        l=p[i];
+#else
+        l = (j==0) ? 0 : p[i];
+#endif
+        HOST_p_c2l(cp,l,j); p[i++]=l; /* i is the next 'undefined word' */
+
+        if (i>(HASH_LBLOCK-2)) /* save room for Nl and Nh */
+                {
+                if (i<HASH_LBLOCK) p[i]=0;
+                HASH_BLOCK_HOST_ORDER (c,p,1);
+                i=0;
+                }
+        for (; i<(HASH_LBLOCK-2); i++)
+                p[i]=0;
+
+#if   defined(DATA_ORDER_IS_BIG_ENDIAN)
+        p[HASH_LBLOCK-2]=c->Nh;
+        p[HASH_LBLOCK-1]=c->Nl;
+#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
+        p[HASH_LBLOCK-2]=c->Nl;
+        p[HASH_LBLOCK-1]=c->Nh;
+#endif
+        HASH_BLOCK_HOST_ORDER (c,p,1);
+
+#ifndef HASH_MAKE_STRING
+#error "HASH_MAKE_STRING must be defined!"
+#else
+        HASH_MAKE_STRING(c,md);
+#endif
+
+        c->num=0;
+        /* clear stuff, HASH_BLOCK may be leaving some stuff on the stack
+         * but I'm not worried :-)
+        OPENSSL_cleanse((void *)c,sizeof(HASH_CTX));
+         */
+        return 1;
+        }
+
+#ifndef MD32_REG_T
+#define MD32_REG_T long
+/*
+ * This comment was originaly written for MD5, which is why it
+ * discusses A-D. But it basically applies to all 32-bit digests,
+ * which is why it was moved to common header file.
+ *
+ * In case you wonder why A-D are declared as long and not
+ * as MD5_LONG. Doing so results in slight performance
+ * boost on LP64 architectures. The catch is we don't
+ * really care if 32 MSBs of a 64-bit register get polluted
+ * with eventual overflows as we *save* only 32 LSBs in
+ * *either* case. Now declaring 'em long excuses the compiler
+ * from keeping 32 MSBs zeroed resulting in 13% performance
+ * improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
+ * Well, to be honest it should say that this *prevents* 
+ * performance degradation.
+ *                              <appro@fy.chalmers.se>
+ * Apparently there're LP64 compilers that generate better
+ * code if A-D are declared int. Most notably GCC-x86_64
+ * generates better code.
+ *                              <appro@fy.chalmers.se>
+ */
+#endif
diff --git a/src/lib/libssl/src/fips/sha1/fips_sha1_selftest.c b/src/lib/libssl/src/fips/sha1/fips_sha1_selftest.c
new file mode 100644
index 0000000000..248539acb0
--- /dev/null
+++ b/src/lib/libssl/src/fips/sha1/fips_sha1_selftest.c
@@ -0,0 +1,97 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <string.h>
+#include <openssl/err.h>
+#include <openssl/fips.h>
+#include <openssl/sha.h>
+
+#ifdef OPENSSL_FIPS
+static char *test[]=
+    {
+    "",
+    "abc",
+    "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+    NULL,
+    };
+
+static unsigned char ret[][SHA_DIGEST_LENGTH]=
+    {
+    { 0xda,0x39,0xa3,0xee,0x5e,0x6b,0x4b,0x0d,0x32,0x55,
+      0xbf,0xef,0x95,0x60,0x18,0x90,0xaf,0xd8,0x07,0x09 },
+    { 0xa9,0x99,0x3e,0x36,0x47,0x06,0x81,0x6a,0xba,0x3e,
+      0x25,0x71,0x78,0x50,0xc2,0x6c,0x9c,0xd0,0xd8,0x9d },
+    { 0x84,0x98,0x3e,0x44,0x1c,0x3b,0xd2,0x6e,0xba,0xae,
+      0x4a,0xa1,0xf9,0x51,0x29,0xe5,0xe5,0x46,0x70,0xf1 },
+    };
+
+void FIPS_corrupt_sha1()
+    {
+    ret[0][0]++;
+    }
+
+int FIPS_selftest_sha1()
+    {
+    int n;
+
+    for(n=0 ; test[n] ; ++n)
+        {
+        unsigned char md[SHA_DIGEST_LENGTH];
+
+        SHA1((unsigned char*)test[n],strlen(test[n]),md);
+        if(memcmp(md,ret[n],sizeof md))
+            {
+            FIPSerr(FIPS_F_FIPS_SELFTEST_SHA1,FIPS_R_SELFTEST_FAILED);
+            return 0;
+            }
+        }
+    return 1;
+    }
+
+#endif
diff --git a/src/lib/libssl/src/fips/sha1/fips_sha1dgst.c b/src/lib/libssl/src/fips/sha1/fips_sha1dgst.c
new file mode 100644
index 0000000000..dc2ce7daf0
--- /dev/null
+++ b/src/lib/libssl/src/fips/sha1/fips_sha1dgst.c
@@ -0,0 +1,80 @@
+/* crypto/sha/sha1dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA)
+
+#undef  SHA_0
+#define SHA_1
+
+#include <openssl/opensslv.h>
+#include <openssl/opensslconf.h>
+
+#ifdef OPENSSL_FIPS
+const char *SHA1_version="SHA1" OPENSSL_VERSION_PTEXT;
+
+/* The implementation is in fips_md32_common.h */
+#include "fips_sha_locl.h"
+
+#else /* ndef OPENSSL_FIPS */
+
+static void *dummy=&dummy;
+
+#endif /* ndef OPENSSL_FIPS */
+
+#endif
+
diff --git a/src/lib/libssl/src/fips/sha1/fips_sha1test.c b/src/lib/libssl/src/fips/sha1/fips_sha1test.c
new file mode 100644
index 0000000000..176d6009bb
--- /dev/null
+++ b/src/lib/libssl/src/fips/sha1/fips_sha1test.c
@@ -0,0 +1,151 @@
+#include <stdio.h>
+#include <assert.h>
+#include <ctype.h>
+#include <string.h>
+#include <stdlib.h>
+#include <openssl/sha.h>
+#include <openssl/err.h>
+#include <openssl/fips.h>
+#ifdef FLAT_INC
+#include "e_os.h"
+#else
+#include "../e_os.h"
+#endif
+
+#ifndef OPENSSL_FIPS
+int main(int argc, char *argv[])
+{
+    printf("No FIPS SHA1 support\n");
+    return(0);
+}
+#else
+
+#define MAX_TEST_BITS 103432
+
+static void dump(const unsigned char *b,int n)
+    {
+    while(n-- > 0)
+        printf("%02X",*b++);
+    }
+
+static void bitfill(unsigned char *buf,int bit,int b,int n)
+    {
+    for( ; n > 0 ; --n,++bit)
+        {
+        assert(bit < MAX_TEST_BITS);
+        buf[bit/8]|=b << (7-bit%8);
+        }
+    }
+
+void montecarlo(unsigned char *seed,int n)
+    {
+    int i,j;
+    unsigned char m[10240];
+
+    memcpy(m,seed,n);
+    for(j=0 ; j < 100 ; ++j)
+        {
+        for(i=1 ; i <= 50000 ; ++i)
+            {
+            memset(m+n,'\0',j/4+3);
+            n+=j/4+3;
+            m[n++]=i >> 24;
+            m[n++]=i >> 16;
+            m[n++]=i >> 8;
+            m[n++]=i;
+/*          putchar(' '); */
+/*          dump(m,bit/8); */
+/*          putchar('\n'); */
+            SHA1(m,n,m);
+            n=20;
+            }
+        dump(m,20);
+        puts(" ^");
+        }
+    }
+
+int main(int argc,char **argv)
+    {
+    FILE *fp;
+    int phase;
+
+    if(argc != 2)
+        {
+        fprintf(stderr,"%s <test vector file>\n",argv[0]);
+        EXIT(1);
+        }
+
+    if(!FIPS_mode_set(1,argv[0]))
+        {
+        ERR_load_crypto_strings();
+        ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
+        EXIT(1);
+        }
+    fp=fopen(argv[1],"r");
+    if(!fp)
+        {
+        perror(argv[1]);
+        EXIT(2);
+        }
+
+    for(phase=0 ; ; )
+        {
+        unsigned char buf[MAX_TEST_BITS/8];
+        unsigned char md[20];
+        char line[10240];
+        int n,t,b,bit;
+        char *p;
+
+        fgets(line,1024,fp);
+        if(feof(fp))
+            break;
+        n=strlen(line);
+        line[n-1]='\0';
+        if(!strcmp(line,"D>"))
+            ++phase;
+
+        if(!isdigit(line[0]))
+            {
+            puts(line);
+            continue;
+            }
+        for( ; ; )
+            {
+            assert(n > 1);
+            if(line[n-2] == '^')
+                break;
+            fgets(line+n-1,sizeof(line)-n+1,fp);
+            n=strlen(line);
+            /*      printf("line=%s\n",line); */
+            assert(!feof(fp));
+            }
+
+        p=strtok(line," ");
+        t=atoi(p);
+        p=strtok(NULL," ");
+        b=atoi(p);
+        memset(buf,'\0',sizeof buf);
+        for(bit=0,p=strtok(NULL," ") ; p && *p != '^' ; p=strtok(NULL," "))
+            {
+            assert(t-- > 0);
+            bitfill(buf,bit,b,atoi(p));
+            bit+=atoi(p);
+            b=1-b;
+            }
+        assert(t == 0);
+        assert((bit%8) == 0);
+        /*      dump(buf,bit/8); */
+        /*      putchar('\n'); */
+        if(phase < 3)
+            {
+            SHA1(buf,bit/8,md);
+            dump(md,20);
+            puts(" ^");
+            }
+        else
+            montecarlo(buf,bit/8);
+        }
+    EXIT(0);
+    return(0);
+    }
+#endif
diff --git a/src/lib/libssl/src/fips/sha1/fips_sha_locl.h b/src/lib/libssl/src/fips/sha1/fips_sha_locl.h
new file mode 100644
index 0000000000..6146b07812
--- /dev/null
+++ b/src/lib/libssl/src/fips/sha1/fips_sha_locl.h
@@ -0,0 +1,479 @@
+/* crypto/sha/sha_locl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <openssl/opensslconf.h>
+#include <openssl/sha.h>
+#include <openssl/fips.h>
+
+#ifndef SHA_LONG_LOG2
+#define SHA_LONG_LOG2   2       /* default to 32 bits */
+#endif
+
+#define DATA_ORDER_IS_BIG_ENDIAN
+
+#define HASH_LONG               SHA_LONG
+#define HASH_LONG_LOG2          SHA_LONG_LOG2
+#define HASH_CTX                SHA_CTX
+#define HASH_CBLOCK             SHA_CBLOCK
+#define HASH_LBLOCK             SHA_LBLOCK
+#define HASH_MAKE_STRING(c,s)   do {    \
+        unsigned long ll;               \
+        ll=(c)->h0; HOST_l2c(ll,(s));   \
+        ll=(c)->h1; HOST_l2c(ll,(s));   \
+        ll=(c)->h2; HOST_l2c(ll,(s));   \
+        ll=(c)->h3; HOST_l2c(ll,(s));   \
+        ll=(c)->h4; HOST_l2c(ll,(s));   \
+        } while (0)
+
+#if defined(SHA_0)
+
+# define HASH_UPDATE                    SHA_Update
+# define HASH_TRANSFORM                 SHA_Transform
+# define HASH_FINAL                     SHA_Final
+# define HASH_INIT                      SHA_Init
+# define HASH_BLOCK_HOST_ORDER          sha_block_host_order
+# define HASH_BLOCK_DATA_ORDER          sha_block_data_order
+# define Xupdate(a,ix,ia,ib,ic,id)      (ix=(a)=(ia^ib^ic^id))
+
+  void sha_block_host_order (SHA_CTX *c, const void *p,FIPS_SHA_SIZE_T num);
+  void sha_block_data_order (SHA_CTX *c, const void *p,FIPS_SHA_SIZE_T num);
+
+#elif defined(SHA_1)
+
+# define HASH_UPDATE                    SHA1_Update
+# define HASH_TRANSFORM                 SHA1_Transform
+# define HASH_FINAL                     SHA1_Final
+# define HASH_INIT                      SHA1_Init
+# define HASH_BLOCK_HOST_ORDER          sha1_block_host_order
+# define HASH_BLOCK_DATA_ORDER          sha1_block_data_order
+# if defined(__MWERKS__) && defined(__MC68K__)
+   /* Metrowerks for Motorola fails otherwise:-( <appro@fy.chalmers.se> */
+#  define Xupdate(a,ix,ia,ib,ic,id)     do { (a)=(ia^ib^ic^id);         \
+                                             ix=(a)=ROTATE((a),1);      \
+                                        } while (0)
+# else
+#  define Xupdate(a,ix,ia,ib,ic,id)     ( (a)=(ia^ib^ic^id),    \
+                                          ix=(a)=ROTATE((a),1)  \
+                                        )
+# endif
+
+# ifdef SHA1_ASM
+#  if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
+#   define sha1_block_host_order                sha1_block_asm_host_order
+#   define DONT_IMPLEMENT_BLOCK_HOST_ORDER
+#   define sha1_block_data_order                sha1_block_asm_data_order
+#   define DONT_IMPLEMENT_BLOCK_DATA_ORDER
+#   define HASH_BLOCK_DATA_ORDER_ALIGNED        sha1_block_asm_data_order
+#  endif
+# endif
+  void sha1_block_host_order (SHA_CTX *c, const void *p,FIPS_SHA_SIZE_T num);
+  void sha1_block_data_order (SHA_CTX *c, const void *p,FIPS_SHA_SIZE_T num);
+
+#else
+# error "Either SHA_0 or SHA_1 must be defined."
+#endif
+
+#include "fips_md32_common.h"
+
+#define INIT_DATA_h0 0x67452301UL
+#define INIT_DATA_h1 0xefcdab89UL
+#define INIT_DATA_h2 0x98badcfeUL
+#define INIT_DATA_h3 0x10325476UL
+#define INIT_DATA_h4 0xc3d2e1f0UL
+
+int HASH_INIT (SHA_CTX *c)
+        {
+        c->h0=INIT_DATA_h0;
+        c->h1=INIT_DATA_h1;
+        c->h2=INIT_DATA_h2;
+        c->h3=INIT_DATA_h3;
+        c->h4=INIT_DATA_h4;
+        c->Nl=0;
+        c->Nh=0;
+        c->num=0;
+        return 1;
+        }
+
+#define K_00_19 0x5a827999UL
+#define K_20_39 0x6ed9eba1UL
+#define K_40_59 0x8f1bbcdcUL
+#define K_60_79 0xca62c1d6UL
+
+/* As  pointed out by Wei Dai <weidai@eskimo.com>, F() below can be
+ * simplified to the code in F_00_19.  Wei attributes these optimisations
+ * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
+ * #define F(x,y,z) (((x) & (y))  |  ((~(x)) & (z)))
+ * I've just become aware of another tweak to be made, again from Wei Dai,
+ * in F_40_59, (x&a)|(y&a) -> (x|y)&a
+ */
+#define F_00_19(b,c,d)  ((((c) ^ (d)) & (b)) ^ (d)) 
+#define F_20_39(b,c,d)  ((b) ^ (c) ^ (d))
+#define F_40_59(b,c,d)  (((b) & (c)) | (((b)|(c)) & (d))) 
+#define F_60_79(b,c,d)  F_20_39(b,c,d)
+
+#define BODY_00_15(i,a,b,c,d,e,f,xi) \
+        (f)=xi+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
+        (b)=ROTATE((b),30);
+
+#define BODY_16_19(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
+        Xupdate(f,xi,xa,xb,xc,xd); \
+        (f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
+        (b)=ROTATE((b),30);
+
+#define BODY_20_31(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
+        Xupdate(f,xi,xa,xb,xc,xd); \
+        (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
+        (b)=ROTATE((b),30);
+
+#define BODY_32_39(i,a,b,c,d,e,f,xa,xb,xc,xd) \
+        Xupdate(f,xa,xa,xb,xc,xd); \
+        (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
+        (b)=ROTATE((b),30);
+
+#define BODY_40_59(i,a,b,c,d,e,f,xa,xb,xc,xd) \
+        Xupdate(f,xa,xa,xb,xc,xd); \
+        (f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \
+        (b)=ROTATE((b),30);
+
+#define BODY_60_79(i,a,b,c,d,e,f,xa,xb,xc,xd) \
+        Xupdate(f,xa,xa,xb,xc,xd); \
+        (f)=xa+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \
+        (b)=ROTATE((b),30);
+
+#ifdef X
+#undef X
+#endif
+#ifndef MD32_XARRAY
+  /*
+   * Originally X was an array. As it's automatic it's natural
+   * to expect RISC compiler to accomodate at least part of it in
+   * the register bank, isn't it? Unfortunately not all compilers
+   * "find" this expectation reasonable:-( On order to make such
+   * compilers generate better code I replace X[] with a bunch of
+   * X0, X1, etc. See the function body below...
+   *                                    <appro@fy.chalmers.se>
+   */
+# define X(i)   XX##i
+#else
+  /*
+   * However! Some compilers (most notably HP C) get overwhelmed by
+   * that many local variables so that we have to have the way to
+   * fall down to the original behavior.
+   */
+# define X(i)   XX[i]
+#endif
+
+#ifndef DONT_IMPLEMENT_BLOCK_HOST_ORDER
+void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, FIPS_SHA_SIZE_T num)
+        {
+        const SHA_LONG *W=d;
+        register unsigned MD32_REG_T A,B,C,D,E,T;
+#ifndef MD32_XARRAY
+        unsigned MD32_REG_T     XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
+                                XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
+#else
+        SHA_LONG        XX[16];
+#endif
+
+        if(FIPS_selftest_failed())
+            return;
+
+        A=c->h0;
+        B=c->h1;
+        C=c->h2;
+        D=c->h3;
+        E=c->h4;
+
+        for (;;)
+                {
+        BODY_00_15( 0,A,B,C,D,E,T,W[ 0]);
+        BODY_00_15( 1,T,A,B,C,D,E,W[ 1]);
+        BODY_00_15( 2,E,T,A,B,C,D,W[ 2]);
+        BODY_00_15( 3,D,E,T,A,B,C,W[ 3]);
+        BODY_00_15( 4,C,D,E,T,A,B,W[ 4]);
+        BODY_00_15( 5,B,C,D,E,T,A,W[ 5]);
+        BODY_00_15( 6,A,B,C,D,E,T,W[ 6]);
+        BODY_00_15( 7,T,A,B,C,D,E,W[ 7]);
+        BODY_00_15( 8,E,T,A,B,C,D,W[ 8]);
+        BODY_00_15( 9,D,E,T,A,B,C,W[ 9]);
+        BODY_00_15(10,C,D,E,T,A,B,W[10]);
+        BODY_00_15(11,B,C,D,E,T,A,W[11]);
+        BODY_00_15(12,A,B,C,D,E,T,W[12]);
+        BODY_00_15(13,T,A,B,C,D,E,W[13]);
+        BODY_00_15(14,E,T,A,B,C,D,W[14]);
+        BODY_00_15(15,D,E,T,A,B,C,W[15]);
+
+        BODY_16_19(16,C,D,E,T,A,B,X( 0),W[ 0],W[ 2],W[ 8],W[13]);
+        BODY_16_19(17,B,C,D,E,T,A,X( 1),W[ 1],W[ 3],W[ 9],W[14]);
+        BODY_16_19(18,A,B,C,D,E,T,X( 2),W[ 2],W[ 4],W[10],W[15]);
+        BODY_16_19(19,T,A,B,C,D,E,X( 3),W[ 3],W[ 5],W[11],X( 0));
+
+        BODY_20_31(20,E,T,A,B,C,D,X( 4),W[ 4],W[ 6],W[12],X( 1));
+        BODY_20_31(21,D,E,T,A,B,C,X( 5),W[ 5],W[ 7],W[13],X( 2));
+        BODY_20_31(22,C,D,E,T,A,B,X( 6),W[ 6],W[ 8],W[14],X( 3));
+        BODY_20_31(23,B,C,D,E,T,A,X( 7),W[ 7],W[ 9],W[15],X( 4));
+        BODY_20_31(24,A,B,C,D,E,T,X( 8),W[ 8],W[10],X( 0),X( 5));
+        BODY_20_31(25,T,A,B,C,D,E,X( 9),W[ 9],W[11],X( 1),X( 6));
+        BODY_20_31(26,E,T,A,B,C,D,X(10),W[10],W[12],X( 2),X( 7));
+        BODY_20_31(27,D,E,T,A,B,C,X(11),W[11],W[13],X( 3),X( 8));
+        BODY_20_31(28,C,D,E,T,A,B,X(12),W[12],W[14],X( 4),X( 9));
+        BODY_20_31(29,B,C,D,E,T,A,X(13),W[13],W[15],X( 5),X(10));
+        BODY_20_31(30,A,B,C,D,E,T,X(14),W[14],X( 0),X( 6),X(11));
+        BODY_20_31(31,T,A,B,C,D,E,X(15),W[15],X( 1),X( 7),X(12));
+
+        BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
+        BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
+        BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15));
+        BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0));
+        BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1));
+        BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2));
+        BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3));
+        BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4));
+
+        BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5));
+        BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6));
+        BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7));
+        BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8));
+        BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9));
+        BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10));
+        BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11));
+        BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12));
+        BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13));
+        BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14));
+        BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15));
+        BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0));
+        BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1));
+        BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2));
+        BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3));
+        BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4));
+        BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5));
+        BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6));
+        BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7));
+        BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8));
+
+        BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9));
+        BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10));
+        BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11));
+        BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12));
+        BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13));
+        BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14));
+        BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15));
+        BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0));
+        BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1));
+        BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2));
+        BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3));
+        BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4));
+        BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5));
+        BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6));
+        BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7));
+        BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8));
+        BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9));
+        BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10));
+        BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
+        BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
+        
+        c->h0=(c->h0+E)&0xffffffffL; 
+        c->h1=(c->h1+T)&0xffffffffL;
+        c->h2=(c->h2+A)&0xffffffffL;
+        c->h3=(c->h3+B)&0xffffffffL;
+        c->h4=(c->h4+C)&0xffffffffL;
+
+        if (--num == 0) break;
+
+        A=c->h0;
+        B=c->h1;
+        C=c->h2;
+        D=c->h3;
+        E=c->h4;
+
+        W+=SHA_LBLOCK;
+                }
+        }
+#endif
+
+#ifndef DONT_IMPLEMENT_BLOCK_DATA_ORDER
+void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, FIPS_SHA_SIZE_T num)
+        {
+        const unsigned char *data=p;
+        register unsigned MD32_REG_T A,B,C,D,E,T,l;
+#ifndef MD32_XARRAY
+        unsigned MD32_REG_T     XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
+                                XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
+#else
+        SHA_LONG        XX[16];
+#endif
+
+        if(FIPS_selftest_failed())
+            return;
+
+        A=c->h0;
+        B=c->h1;
+        C=c->h2;
+        D=c->h3;
+        E=c->h4;
+
+        for (;;)
+                {
+
+        HOST_c2l(data,l); X( 0)=l;              HOST_c2l(data,l); X( 1)=l;
+        BODY_00_15( 0,A,B,C,D,E,T,X( 0));       HOST_c2l(data,l); X( 2)=l;
+        BODY_00_15( 1,T,A,B,C,D,E,X( 1));       HOST_c2l(data,l); X( 3)=l;
+        BODY_00_15( 2,E,T,A,B,C,D,X( 2));       HOST_c2l(data,l); X( 4)=l;
+        BODY_00_15( 3,D,E,T,A,B,C,X( 3));       HOST_c2l(data,l); X( 5)=l;
+        BODY_00_15( 4,C,D,E,T,A,B,X( 4));       HOST_c2l(data,l); X( 6)=l;
+        BODY_00_15( 5,B,C,D,E,T,A,X( 5));       HOST_c2l(data,l); X( 7)=l;
+        BODY_00_15( 6,A,B,C,D,E,T,X( 6));       HOST_c2l(data,l); X( 8)=l;
+        BODY_00_15( 7,T,A,B,C,D,E,X( 7));       HOST_c2l(data,l); X( 9)=l;
+        BODY_00_15( 8,E,T,A,B,C,D,X( 8));       HOST_c2l(data,l); X(10)=l;
+        BODY_00_15( 9,D,E,T,A,B,C,X( 9));       HOST_c2l(data,l); X(11)=l;
+        BODY_00_15(10,C,D,E,T,A,B,X(10));       HOST_c2l(data,l); X(12)=l;
+        BODY_00_15(11,B,C,D,E,T,A,X(11));       HOST_c2l(data,l); X(13)=l;
+        BODY_00_15(12,A,B,C,D,E,T,X(12));       HOST_c2l(data,l); X(14)=l;
+        BODY_00_15(13,T,A,B,C,D,E,X(13));       HOST_c2l(data,l); X(15)=l;
+        BODY_00_15(14,E,T,A,B,C,D,X(14));
+        BODY_00_15(15,D,E,T,A,B,C,X(15));
+
+        BODY_16_19(16,C,D,E,T,A,B,X( 0),X( 0),X( 2),X( 8),X(13));
+        BODY_16_19(17,B,C,D,E,T,A,X( 1),X( 1),X( 3),X( 9),X(14));
+        BODY_16_19(18,A,B,C,D,E,T,X( 2),X( 2),X( 4),X(10),X(15));
+        BODY_16_19(19,T,A,B,C,D,E,X( 3),X( 3),X( 5),X(11),X( 0));
+
+        BODY_20_31(20,E,T,A,B,C,D,X( 4),X( 4),X( 6),X(12),X( 1));
+        BODY_20_31(21,D,E,T,A,B,C,X( 5),X( 5),X( 7),X(13),X( 2));
+        BODY_20_31(22,C,D,E,T,A,B,X( 6),X( 6),X( 8),X(14),X( 3));
+        BODY_20_31(23,B,C,D,E,T,A,X( 7),X( 7),X( 9),X(15),X( 4));
+        BODY_20_31(24,A,B,C,D,E,T,X( 8),X( 8),X(10),X( 0),X( 5));
+        BODY_20_31(25,T,A,B,C,D,E,X( 9),X( 9),X(11),X( 1),X( 6));
+        BODY_20_31(26,E,T,A,B,C,D,X(10),X(10),X(12),X( 2),X( 7));
+        BODY_20_31(27,D,E,T,A,B,C,X(11),X(11),X(13),X( 3),X( 8));
+        BODY_20_31(28,C,D,E,T,A,B,X(12),X(12),X(14),X( 4),X( 9));
+        BODY_20_31(29,B,C,D,E,T,A,X(13),X(13),X(15),X( 5),X(10));
+        BODY_20_31(30,A,B,C,D,E,T,X(14),X(14),X( 0),X( 6),X(11));
+        BODY_20_31(31,T,A,B,C,D,E,X(15),X(15),X( 1),X( 7),X(12));
+
+        BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
+        BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
+        BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15));
+        BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0));
+        BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1));
+        BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2));
+        BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3));
+        BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4));
+
+        BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5));
+        BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6));
+        BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7));
+        BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8));
+        BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9));
+        BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10));
+        BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11));
+        BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12));
+        BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13));
+        BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14));
+        BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15));
+        BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0));
+        BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1));
+        BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2));
+        BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3));
+        BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4));
+        BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5));
+        BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6));
+        BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7));
+        BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8));
+
+        BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9));
+        BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10));
+        BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11));
+        BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12));
+        BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13));
+        BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14));
+        BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15));
+        BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0));
+        BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1));
+        BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2));
+        BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3));
+        BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4));
+        BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5));
+        BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6));
+        BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7));
+        BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8));
+        BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9));
+        BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10));
+        BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
+        BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
+        
+        c->h0=(c->h0+E)&0xffffffffL; 
+        c->h1=(c->h1+T)&0xffffffffL;
+        c->h2=(c->h2+A)&0xffffffffL;
+        c->h3=(c->h3+B)&0xffffffffL;
+        c->h4=(c->h4+C)&0xffffffffL;
+
+        if (--num == 0) break;
+
+        A=c->h0;
+        B=c->h1;
+        C=c->h2;
+        D=c->h3;
+        E=c->h4;
+
+                }
+        }
+#endif
diff --git a/src/lib/libssl/src/fips/sha1/fips_standalone_sha1.c b/src/lib/libssl/src/fips/sha1/fips_standalone_sha1.c
new file mode 100644
index 0000000000..1c2ec469e9
--- /dev/null
+++ b/src/lib/libssl/src/fips/sha1/fips_standalone_sha1.c
@@ -0,0 +1,156 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <openssl/sha.h>
+#include <openssl/hmac.h>
+#include <openssl/opensslconf.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+int FIPS_selftest_failed() { return 0; }
+
+#ifdef OPENSSL_FIPS
+
+static void hmac_init(SHA_CTX *md_ctx,SHA_CTX *o_ctx,
+                      const char *key)
+    {
+    int len=strlen(key);
+    int i;
+    unsigned char keymd[HMAC_MAX_MD_CBLOCK];
+    unsigned char pad[HMAC_MAX_MD_CBLOCK];
+
+    if (len > SHA_CBLOCK)
+        {
+        SHA1_Init(md_ctx);
+        SHA1_Update(md_ctx,key,len);
+        SHA1_Final(keymd,md_ctx);
+        len=20;
+        }
+    else
+        memcpy(keymd,key,len);
+    memset(&keymd[len],'\0',HMAC_MAX_MD_CBLOCK-len);
+
+    for(i=0 ; i < HMAC_MAX_MD_CBLOCK ; i++)
+        pad[i]=0x36^keymd[i];
+    SHA1_Init(md_ctx);
+    SHA1_Update(md_ctx,pad,SHA_CBLOCK);
+
+    for(i=0 ; i < HMAC_MAX_MD_CBLOCK ; i++)
+        pad[i]=0x5c^keymd[i];
+    SHA1_Init(o_ctx);
+    SHA1_Update(o_ctx,pad,SHA_CBLOCK);
+    }
+
+static void hmac_final(unsigned char *md,SHA_CTX *md_ctx,SHA_CTX *o_ctx)
+    {
+    unsigned char buf[20];
+
+    SHA1_Final(buf,md_ctx);
+    SHA1_Update(o_ctx,buf,sizeof buf);
+    SHA1_Final(md,o_ctx);
+    }
+
+#endif
+
+int main(int argc,char **argv)
+    {
+#ifdef OPENSSL_FIPS
+    static char key[]="etaonrishdlcupfm";
+    int n;
+
+    if(argc < 2)
+        {
+        fprintf(stderr,"%s [<file>]+\n",argv[0]);
+        exit(1);
+        }
+
+    for(n=1 ; n < argc ; ++n)
+        {
+        FILE *f=fopen(argv[n],"rb");
+        SHA_CTX md_ctx,o_ctx;
+        unsigned char md[20];
+        int i;
+
+        if(!f)
+            {
+            perror(argv[n]);
+            exit(2);
+            }
+
+        hmac_init(&md_ctx,&o_ctx,key);
+        for( ; ; )
+            {
+            char buf[1024];
+            int l=fread(buf,1,sizeof buf,f);
+
+            if(l == 0)
+                {
+                if(ferror(f))
+                    {
+                    perror(argv[n]);
+                    exit(3);
+                    }
+                else
+                    break;
+                }
+            SHA1_Update(&md_ctx,buf,l);
+            }
+        hmac_final(md,&md_ctx,&o_ctx);
+
+        printf("HMAC-SHA1(%s)= ",argv[n]);
+        for(i=0 ; i < 20 ; ++i)
+            printf("%02x",md[i]);
+        printf("\n");
+        }
+#endif
+    return 0;
+    }
+
+
diff --git a/src/lib/libssl/src/fips/sha1/sha1hashes.txt b/src/lib/libssl/src/fips/sha1/sha1hashes.txt
new file mode 100644
index 0000000000..4adfa197e9
--- /dev/null
+++ b/src/lib/libssl/src/fips/sha1/sha1hashes.txt
@@ -0,0 +1,342 @@
+#  Configuration information for "SHA-1 Test"
+#  SHA tests are configured for BYTE oriented implementations
+H>SHS Type 1 Hashes<H
+D>
+DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 ^
+3CDF2936DA2FC556BFA533AB1EB59CE710AC80E5 ^
+19C1E2048FA7393CFBF2D310AD8209EC11D996E5 ^
+CA775D8C80FAA6F87FA62BECA6CA6089D63B56E5 ^
+71AC973D0E4B50AE9E5043FF4D615381120A25A0 ^
+A6B5B9F854CFB76701C3BDDBF374B3094EA49CBA ^
+D87A0EE74E4B9AD72E6847C87BDEEB3D07844380 ^
+1976B8DD509FE66BF09C9A8D33534D4EF4F63BFD ^
+5A78F439B6DB845BB8A558E4CEB106CD7B7FF783 ^
+F871BCE62436C1E280357416695EE2EF9B83695C ^
+62B243D1B780E1D31CF1BA2DE3F01C72AEEA0E47 ^
+1698994A273404848E56E7FDA4457B5900DE1342 ^
+056F4CDC02791DA7ED1EB2303314F7667518DEEF ^
+9FE2DA967BD8441EEA1C32DF68DDAA9DC1FC8E4B ^
+73A31777B4ACE9384EFA8BBEAD45C51A71ABA6DD ^
+3F9D7C4E2384EDDABFF5DD8A31E23DE3D03F42AC ^
+4814908F72B93FFD011135BEE347DE9A08DA838F ^
+0978374B67A412A3102C5AA0B10E1A6596FC68EB ^
+44AD6CB618BD935460D46D3F921D87B99AB91C1E ^
+02DC989AF265B09CF8485640842128DCF95E9F39 ^
+67507B8D497B35D6E99FC01976D73F54AECA75CF ^
+1EAE0373C1317CB60C36A42A867B716039D441F5 ^
+9C3834589E5BFFAC9F50950E0199B3EC2620BEC8 ^
+209F7ABC7F3B878EE46CDF3A1FBB9C21C3474F32 ^
+05FC054B00D97753A9B3E2DA8FBBA3EE808CEF22 ^
+0C4980EA3A46C757DFBFC5BAA38AC6C8E72DDCE7 ^
+96A460D2972D276928B69864445BEA353BDCFFD2 ^
+F3EF04D8FA8C6FA9850F394A4554C080956FA64B ^
+F2A31D875D1D7B30874D416C4D2EA6BAF0FFBAFE ^
+F4942D3B9E9588DCFDC6312A84DF75D05F111C20 ^
+310207DF35B014E4676D30806FA34424813734DD ^
+4DA1955B2FA7C7E74E3F47D7360CE530BBF57CA3 ^
+74C4BC5B26FB4A08602D40CCEC6C6161B6C11478 ^
+0B103CE297338DFC7395F7715EE47539B556DDB6 ^
+EFC72D99E3D2311CE14190C0B726BDC68F4B0821 ^
+660EDAC0A8F4CE33DA0D8DBAE597650E97687250 ^
+FE0A55A988B3B93946A63EB36B23785A5E6EFC3E ^
+0CBDF2A5781C59F907513147A0DE3CC774B54BF3 ^
+663E40FEE5A44BFCB1C99EA5935A6B5BC9F583B0 ^
+00162134256952DD9AE6B51EFB159B35C3C138C7 ^
+CEB88E4736E354416E2010FC1061B3B53B81664B ^
+A6A2C4B6BCC41DDC67278F3DF4D8D0B9DD7784EF ^
+C23D083CD8820B57800A869F5F261D45E02DC55D ^
+E8AC31927B78DDEC41A31CA7A44EB7177165E7AB ^
+E864EC5DBAB0F9FF6984AB6AD43A8C9B81CC9F9C ^
+CFED6269069417A84D6DE2347220F4B858BCD530 ^
+D9217BFB46C96348722C3783D29D4B1A3FEDA38C ^
+DEC24E5554F79697218D317315FA986229CE3350 ^
+83A099DF7071437BA5495A5B0BFBFEFE1C0EF7F3 ^
+AA3198E30891A83E33CE3BFA0587D86A197D4F80 ^
+9B6ACBEB4989CBEE7015C7D515A75672FFDE3442 ^
+B021EB08A436B02658EAA7BA3C88D49F1219C035 ^
+CAE36DAB8AEA29F62E0855D9CB3CD8E7D39094B1 ^
+02DE8BA699F3C1B0CB5AD89A01F2346E630459D7 ^
+88021458847DD39B4495368F7254941859FAD44B ^
+91A165295C666FE85C2ADBC5A10329DAF0CB81A0 ^
+4B31312EAF8B506811151A9DBD162961F7548C4B ^
+3FE70971B20558F7E9BAC303ED2BC14BDE659A62 ^
+93FB769D5BF49D6C563685954E2AECC024DC02D6 ^
+BC8827C3E614D515E83DEA503989DEA4FDA6EA13 ^
+E83868DBE4A389AB48E61CFC4ED894F32AE112AC ^
+55C95459CDE4B33791B4B2BCAAF840930AF3F3BD ^
+36BB0E2BA438A3E03214D9ED2B28A4D5C578FCAA ^
+3ACBF874199763EBA20F3789DFC59572ACA4CF33 ^
+86BE037C4D509C9202020767D860DAB039CADACE ^
+51B57D7080A87394EEC3EB2E0B242E553F2827C9 ^
+1EFBFA78866315CE6A71E457F3A750A38FACAB41 ^
+57D6CB41AEEC20236F365B3A490C61D0CFA39611 ^
+C532CB64B4BA826372BCCF2B4B5793D5B88BB715 ^
+15833B5631032663E783686A209C6A2B47A1080E ^
+D04F2043C96E10CD83B574B1E1C217052CD4A6B2 ^
+E8882627C64DB743F7DB8B4413DD033FC63BEB20 ^
+CD2D32286B8867BC124A0AF2236FC74BE3622199 ^
+019B70D745375091ED5C7B218445EC986D0F5A82 ^
+E5FF5FEC1DADBAED02BF2DAD4026BE6A96B3F2AF ^
+6F4E23B3F2E2C068D13921FE4E5E053FFED4E146 ^
+25E179602A575C915067566FBA6DA930E97F8678 ^
+67DED0E68E235C8A523E051E86108EEB757EFBFD ^
+AF78536EA83C822796745556D62A3EE82C7BE098 ^
+64D7AC52E47834BE72455F6C64325F9C358B610D ^
+9D4866BAA3639C13E541F250FFA3D8BC157A491F ^
+2E258811961D3EB876F30E7019241A01F9517BEC ^
+8E0EBC487146F83BC9077A1630E0FB3AB3C89E63 ^
+CE8953741FFF3425D2311FBBF4AB481B669DEF70 ^
+789D1D2DAB52086BD90C0E137E2515ED9C6B59B5 ^
+B76CE7472700DD68D6328B7AA8437FB051D15745 ^
+F218669B596C5FFB0B1C14BD03C467FC873230A0 ^
+1FF3BDBE0D504CB0CDFAB17E6C37ABA6B3CFFDED ^
+2F3CBACBB14405A4652ED52793C1814FD8C4FCE0 ^
+982C8AB6CE164F481915AF59AAED9FFF2A391752 ^
+5CD92012D488A07ECE0E47901D0E083B6BD93E3F ^
+69603FEC02920851D4B3B8782E07B92BB2963009 ^
+3E90F76437B1EA44CF98A08D83EA24CECF6E6191 ^
+34C09F107C42D990EB4881D4BF2DDDCAB01563AE ^
+474BE0E5892EB2382109BFC5E3C8249A9283B03D ^
+A04B4F75051786682483252438F6A75BF4705EC6 ^
+BE88A6716083EB50ED9416719D6A247661299383 ^
+C67E38717FEE1A5F65EC6C7C7C42AFC00CD37F04 ^
+959AC4082388E19E9BE5DE571C047EF10C174A8D ^
+BAA7AA7B7753FA0ABDC4A541842B5D238D949F0A ^
+351394DCEBC08155D100FCD488578E6AE71D0E9C ^
+AB8BE94C5AF60D9477EF1252D604E58E27B2A9EE ^
+3429EC74A695FDD3228F152564952308AFE0680A ^
+907FA46C029BC67EAA8E4F46E3C2A232F85BD122 ^
+2644C87D1FBBBC0FC8D65F64BCA2492DA15BAAE4 ^
+110A3EEB408756E2E81ABAF4C5DCD4D4C6AFCF6D ^
+CD4FDC35FAC7E1ADB5DE40F47F256EF74D584959 ^
+8E6E273208AC256F9ECCF296F3F5A37BC8A0F9F7 ^
+FE0606100BDBC268DB39B503E0FDFE3766185828 ^
+6C63C3E58047BCDB35A17F74EEBA4E9B14420809 ^
+BCC2BD305F0BCDA8CF2D478EF9FE080486CB265F ^
+CE5223FD3DD920A3B666481D5625B16457DCB5E8 ^
+948886776E42E4F5FAE1B2D0C906AC3759E3F8B0 ^
+4C12A51FCFE242F832E3D7329304B11B75161EFB ^
+C54BDD2050504D92F551D378AD5FC72C9ED03932 ^
+8F53E8FA79EA09FD1B682AF5ED1515ECA965604C ^
+2D7E17F6294524CE78B33EAB72CDD08E5FF6E313 ^
+64582B4B57F782C9302BFE7D07F74AA176627A3A ^
+6D88795B71D3E386BBD1EB830FB9F161BA98869F ^
+86AD34A6463F12CEE6DE9596ABA72F0DF1397FD1 ^
+7EB46685A57C0D466152DC339C8122548C757ED1 ^
+E7A98FB0692684054407CC221ABC60C199D6F52A ^
+34DF1306662206FD0A5FC2969A4BEEC4EB0197F7 ^
+56CF7EBF08D10F0CB9FE7EE3B63A5C3A02BCB450 ^
+3BAE5CB8226642088DA760A6F78B0CF8EDDEA9F1 ^
+6475DF681E061FA506672C27CBABFA9AA6DDFF62 ^
+79D81991FA4E4957C8062753439DBFD47BBB277D ^
+BAE224477B20302E881F5249F52EC6C34DA8ECEF ^
+EDE4DEB4293CFE4138C2C056B7C46FF821CC0ACC ^
+<D
+
+H>SHS Type 2 Hashes<H
+D>
+A771FA5C812BD0C9596D869EC99E4F4AC988B13F ^
+E99D566212BBBCEEE903946F6100C9C96039A8F4 ^
+B48CE6B1D13903E3925AE0C88CB931388C013F9C ^
+E647D5BAF670D4BF3AFC0A6B72A2424B0C64F194 ^
+65C1CD932A06B05CD0B43AFB3BC7891F6BCEF45C ^
+70FFAE353A5CD0F8A65A8B2746D0F16281B25EC7 ^
+CC8221F2B829B8CF39646BF46888317C3EB378EA ^
+26ACCC2D6D51FF7BF3E5895588907765111BB69B ^
+01072915B8E868D9B28E759CF2BC1AEA4BB92165 ^
+3016115711D74236ADF0C371E47992F87A428598 ^
+BF30417999C1368F008C1F19FECA4D18A5E1C3C9 ^
+62BA49087185F2742C26E1C1F4844112178BF673 ^
+E1F6B9536F384DD3098285BBFD495A474140DC5A ^
+B522DAE1D67726EBA7C4136D4E2F6D6D645AC43E ^
+E9A021C3EB0B9F2C710554D4BF21B19F78E09478 ^
+DF13573188F3BF705E697A3E1F580145F2183377 ^
+188835CFE52ECFA0C4135C2825F245DC29973970 ^
+41B615A34EE2CEC9D84A91B141CFAB115821950B ^
+AB3DD6221D2AFE6613B815DA1C389EEC74AA0337 ^
+0706D414B4AA7FB4A9051AA70D6856A7264054FB ^
+3CBF8151F3A00B1D5A809CBB8C4F3135055A6BD1 ^
+DA5D6A0319272BBCCEA63ACFA6799756FFDA6840 ^
+FB4429C95F6277B346D3B389413758DFFFEEDC98 ^
+2C6E30D9C895B42DCCCFC84C906EC88C09B20DE1 ^
+3DE3189A5E19F225CDCE254DFF23DACD22C61363 ^
+93530A9BC9A817F6922518A73A1505C411D05DA2 ^
+E31354345F832D31E05C1B842D405D4BD4588EC8 ^
+3FF76957E80B60CF74D015AD431FCA147B3AF232 ^
+34AE3B806BE143A84DCE82E4B830EB7D3D2BAC69 ^
+D7447E53D66BB5E4C26E8B41F83EFD107BF4ADDA ^
+77DD2A4482705BC2E9DC96EC0A13395771AC850C ^
+EAA1465DB1F59DE3F25EB8629602B568E693BB57 ^
+9329D5B40E0DC43AA25FED69A0FA9C211A948411 ^
+E94C0B6AA62AA08C625FAF817DDF8F51EC645273 ^
+7FF02B909D82AD668E31E547E0FB66CB8E213771 ^
+5BB3570858FA1744123BAC2873B0BB9810F53FA1 ^
+905F43940B3591CE39D1145ACB1ECA80AB5E43CD ^
+336C79FBD82F33E490C577E3F791C3CBFE842AFF ^
+5C6D07A6B44F7A75A64F6CE592F3BAE91E022210 ^
+7E0D3E9D33127F4A30EB8D9C134A58409FA8695B ^
+9A5F50DFCFB19286206C229019F0ABF25283028C ^
+DCA737E269F9D8626D488988C996E06B352C0708 ^
+B8FFC1D4972FCE63241E0E77850AC46DDE75DBFA ^
+E9C9BF41C8549354151B977003CE1D830BE667DB ^
+0942908960B54F96CB43452E583F4F9CB66E398A ^
+FCE34051C34D4B81B85DDC4B543CDE8007E284B3 ^
+61E8916532503627F4024D13884640A46F1D61D4 ^
+F008D5D7853B6A17B7466CD9E18BD135E520FAF4 ^
+BD8D2E873CF659B5C77AAC1616827EF8A3B1A3B3 ^
+B25A04DD425302ED211A1C2412D2410FA10C63B6 ^
+A404E21588123E0893718B4B44E91414A785B91F ^
+A1E13BC55BF6DAD83CF3AABDA3287AD68681EA64 ^
+D5FD35FFABED6733C92365929DF0FB4CAE864D15 ^
+C12E9C280EE9C079E0506FF89F9B20536E0A83EF ^
+E22769DC00748A9BBD6C05BBC8E81F2CD1DC4E2D ^
+F29835A93475740E888E8C14318F3CA45A3C8606 ^
+1A1D77C6D0F97C4B620FAA90F3F8644408E4B13D ^
+4EC84870E9BDD25F523C6DFB6EDD605052CA4EAA ^
+D689513FED08B80C39B67371959BC4E3FECB0537 ^
+C4FED58F209FC3C34AD19F86A6DACADC86C04D33 ^
+051888C6D00029C176DE792B84DECE2DC1C74B00 ^
+1A3540BEE05518505827954F58B751C475AEECE0 ^
+DFA19180359D5A7A38E842F172359CAF4208FC05 ^
+7B0FA84EBBCFF7D7F4500F73D79660C4A3431B67 ^
+9E886081C9ACAAD0F97B10810D1DE6FCDCE6B5F4 ^
+A4D46E4BA0AE4B012F75B1B50D0534D578AE9CB6 ^
+6342B199EE64C7B2C9CBCD4F2DCB65ACEF51516F ^
+AABFD63688EB678357869130083E1B52F6EA861D ^
+F732B7372DAF44801F81EFFE3108726239837936 ^
+5E9347FE4574CDCB80281ED092191199BADD7B42 ^
+D5776B7DFFF75C1358ABDBBB3F27A20BB6CA7C55 ^
+022B7ADA472FB7A9DA9219621C9C5F563D3792F6 ^
+7F1DE4ECA20362DA624653D225A5B3F7964A9FF2 ^
+CA0F2B1BFB4469C11ED006A994734F0F2F5EFD17 ^
+833D63F5C2EA0CD43EC15F2B9DD97FF12B030479 ^
+14FD356190416C00592B86FF7CA50B622F85593A ^
+4AB6B57EDDEF1CE935622F935C1619AE7C1667D6 ^
+B456A6A968ACD66CAA974F96A9A916E700AA3C5D ^
+FD1C257FE046B2A27E2F0CD55ED2DECA845F01D7 ^
+66E0D01780F1063E2929EAAD74826BC64060E38C ^
+A8478DF406F179FD4EF97F4574D7F99EA1CE9EB8 ^
+248E58CF09A372114FC2F93B09C5FC14F3D0059E ^
+F15767DE91796A6816977EFA4FCED4B7FD9B8A57 ^
+36A6BC5E680E15675D9696338C88B36248BBBAF4 ^
+4DEA6251B2A6DF017A8093AB066EE3863A4EC369 ^
+D30E70E357D57E3D82CA554B8A3D58DFF528FA94 ^
+70CA84D827F7FD61446233F88CF2F990B0F3E2AA ^
+8D500C9CFDE0288530A2106B70BED39326C52C3C ^
+F3D4D139EDFC24596377BC97A96FB7621F27FFC7 ^
+5509BAFFAC6D507860CEFC5AB5832CB63CD4B687 ^
+0C0AEA0C2FD7A620C77866B1A177481E26B4F592 ^
+149176007FEE58A591E3F00F8DB658B605F8390C ^
+17C0D7B0256159F3626786FFDB20237AE154FA84 ^
+741A58618ABEB1D983D67AFDCBC49AA397A3B8E0 ^
+B738D6B3409EB9ED2F1719B84D13F7C36169CDEC ^
+3D33DE31F64055D3B128AC9A6AA3F92DFD4F5330 ^
+B6925F4DF94949B8844C867428BA3DEDF4CF2B51 ^
+CF5E7256292ABEC431D8E8B9CBEAF22AF072377E ^
+975DCE94902923977F129C0E4ACF40AD28DDB9AA ^
+333B0259B18CE64D6B52CF563DD3041E5F63A516 ^
+<D
+
+H>SHS Type 3 Hashes<H
+D>
+80E044703A880C20EC41F645120A8A5B5D194ECE ^
+E142829CA08FC9787F17AA16CE727396169B2713 ^
+6A2BAF62469D311F9257A0727F52C7EAA87CCEB4 ^
+362E3E7136CA611D7FBF687D3BBDC54CDA64843F ^
+F5900ADC6223A5D24A7526ABFC60FA8E2D59A5AB ^
+AD0CAC6A21D5B10833DDE7FA85927D74EDA142A9 ^
+47AD337EAFFDC177AAF7CBD035BE6F398B9D0536 ^
+9CF58595DF80872535BCC7C056E223546F0BB4EE ^
+7151CEB1918278CED2902B1D663D596F8D1B986F ^
+ADDC9F09AA4026EF6C4B7F1A84D3A13B4CDC65B3 ^
+921FE78A863A317B1FA1FB3CA3BE1948DE7EF754 ^
+64BE10732D71D52CE8A486DA23E6B453DF7C6FBD ^
+4A450659470DD759ABFAE1D73972A6D2E63AC16C ^
+0D665E4BBF30B7EAB955BDE84759E185EECAB4CB ^
+0C1B8EE94D61CDD0837EAED9FE33DE4A8334B596 ^
+D93BFE2A6227A4BF9B7C61EBCE4A8CDE131593FE ^
+BDA883F804B470C90BD6AC490DFC34EBC27F9648 ^
+46A0969373552213632591C52030C38E5DBDC49E ^
+4781289E48B910C550DC23CA7D3AF5324C03532D ^
+693A34CFCDDED0F3AC72E7197FCE9BB66A8E3981 ^
+AE088AF1D8865140963B3ABFB63E32E04CD1506F ^
+ADF0F8F1D85CA97586F5DC6DC5FD11FA39270F55 ^
+E484F5AD86C5F4D09E366ADF6E0DE73449F97B28 ^
+81C49842BA3D7072FB42288E03CE737A2672C091 ^
+F6CC71AD897C23A16835490DED289BFD45500AB0 ^
+23E71AED62FE8E28F34F58E7FE5594EC5EB0486C ^
+92BA7934AA5867EE52960F4E0EDFB90AA7B69305 ^
+C3D1CC8CBD1B6FFEE0D90CE962CD9C09AB1548AA ^
+3CE37A583B71A6A77BE325066A0F00C5D11DFC3E ^
+76EF5D236E1042D356A3234A422C092F86003064 ^
+8C3F703436C6C882E60263540A8E4C3E5646DC15 ^
+6138F9F3AB43B988DD3857422CCB304352459F40 ^
+B812DE98775B4690B4FC2ECFCAB61C73C7271DC7 ^
+06660985CD80D48E7B9F88455B4233924C3B64BB ^
+76AB4B6378D6F63499A94EB67EB1CB31AFF8D775 ^
+F31F6B0BE7AB059A1F59A46481967E88392979E6 ^
+0C1638498FBB7DB9600B98B4B22EF85E0FE245FB ^
+5607C6AF600939736795AC523FA43B736F41A118 ^
+8A03244866BDD21B9D8A82E98436C894FAD86ECC ^
+8A75BFD911AF87303B9B8FB7A1A47CCA52D3D98A ^
+16F0F3B5D37411236A1E3D6B1EDAB74CDA25ED4B ^
+AC72BF45477481F58A302628DC5299FFA32E7C9F ^
+74CFFD5881F75AC20726E1447DCF7F47024380EF ^
+5BFBECEECBC27DA05729C4D1AC8C1286EA6DCEC9 ^
+012AACBC0579FA4CB4F107E9A9AD1A86AD2F6A4D ^
+F7D552CBC5EF90F1A579388B5A8A9EC71EB67681 ^
+10C70115C4C34753274BFED477DF01440A67A361 ^
+078D2FACD293B6B6219D89899C16AA1AA8E3DE82 ^
+83C6BF9FB0D3091ADF374EBFA0A69916F17E6D26 ^
+2CDB1924DA62AB64C007C6505FF657E4ADDEA9C1 ^
+E95D209BCB9864B076FF4DFCA8F8BD75D62D1B48 ^
+632824CF5025F8F90AD2923BDDF449550D64C0F5 ^
+02B1C0B41FC27EC5A32E586F1AC480BF0061E56A ^
+28156BC6769AE390BF32C6512C46169181E1536D ^
+F730E6E287D992E7F3E013B6F1E088F0B9C41598 ^
+B056A6A832FA5FE964EF77FF3E0BE1C32E0D58C0 ^
+D5B3D19AFBB48FB56BA6D44A82DE6BD08DB208DE ^
+0215AD79BD6B8023C05FD2F8966211897DF6337A ^
+EC4CF38C244EB6526A44F70570925247145DA8CA ^
+C0D931262ECE93DA5A6ABC89CD6AD3162EA6B09E ^
+6BB48FAC26AA2B4859BBDEFCFB53AE4D1D9A0340 ^
+58611D43741E67A7F0DA9CB337A59DCD1EBE758E ^
+7C2AEC216AF231509E47B7EED06BB17859812B7E ^
+F60EE5DBF4A7A676EC98B3DDB1CDD6CDF3CDA33B ^
+0492E59B1F4C94E97F29A26C3EE7D57E1B0FDD72 ^
+4FCF549D902D9BE1101A756DB9E45415FB61BCD2 ^
+95C71D26AD6B38CC771376B4A4F962F12E1E3D4F ^
+F6A2449E773C72FB886B3C43E2B30EC2A1B7454A ^
+CDE86695E00AEC9A5DB6FDDB5D5A5934448D58E0 ^
+502318A758FABFF6AC53844E9E2BCD159C678510 ^
+589D295148F95F75DAE964DD743FE981FA236D4E ^
+7973DD33AE3599A556BACC77E8656E782E029EFF ^
+9F5BE43AADD43C6DB3883C9DA4B52E1A50257AEE ^
+454289D8FFB237A56D5214EAE88F0A9D328FEA1A ^
+7E686B36595BEB4C0D4528FF960EDB55088A028D ^
+F9789D1EF19A0084AC0E9F43A4BC0EE0478939EF ^
+2F32B0E7CC8BE19C325545C816E77056D7BBE70F ^
+6B1617746F073CFCD2CEBCAFBBE6FD0E28ED2D56 ^
+CF8D2EA3888AD76761799383E5A15979F6DB7A88 ^
+557AF6D9D5947203C60E98C9A79B92B8BD085E2B ^
+C61A217423DE68ED6CD34C91756C8DD3A650A2A2 ^
+73F3F79C151B6C1BD9369EDB26B932C2362B0593 ^
+364141E5FBCDE83F210C5BBBEB6810F6299DE14B ^
+F806BECD025D264FD59E93D9E3606A674C40F216 ^
+E0C761A57F00CBFB07D49BCB034C36A7122F4C5B ^
+5D3831044B9E0032FBE3C3425FFD13698F413B33 ^
+7EB1AB41E9997753C5D530DF118E71E72D7B86FC ^
+CC053EA1556269D7E8BCBA30B208FCBF0EE2EE64 ^
+A57739B1DD41E7DC0C40D6B6159A7E73CE2748AA ^
+90DA527C9DB9ACC2FD530D560A2F1191A80D0567 ^
+6AC1F2A0B8CA0E5ABC9FDF1ADCE588FBDF5CC53E ^
+43C1A0A0EE4163EC929726989F92B03639B233AB ^
+8927F299462413AC29A74080E54D8EE2DB7165E7 ^
+0C8D7E22226D91B423E781B508F31517EAAB607B ^
+7286E20D7F08D18A893254FBD3CC833F7973DCAF ^
+0CB8C235928B8E936C43B8F29EF3758B9FD54A7B ^
+F67C24CC23E440CA3F206CEEB5504ECA54CD5CA3 ^
+D78A25DEAA1E7ADADDB3C145ED0E5263BA4F2910 ^
+00AA68174D29492C578AC853FFCD55908292D41A ^
+D5570EEDB09A62A5948F7F311F7ED5EF247F9AD9 ^
+<D
diff --git a/src/lib/libssl/src/fips/sha1/sha1vectors.txt b/src/lib/libssl/src/fips/sha1/sha1vectors.txt
new file mode 100644
index 0000000000..c2ea186603
--- /dev/null
+++ b/src/lib/libssl/src/fips/sha1/sha1vectors.txt
@@ -0,0 +1,2293 @@
+#  Configuration information for "SHA-1 Test"
+#  SHA tests are configured for BYTE oriented implementations
+H>SHS Type 1 Strings<H
+D>
+0 1 ^
+5 0 2 1 2 1 2 ^
+5 0 1 3 4 4 4 ^
+7 0 4 3 4 4 1 4 4 ^
+10 0 4 1 5 3 4 4 3 1 3 4 ^
+10 0 3 1 6 5 5 1 3 6 6 4 ^
+13 1 3 2 5 3 3 3 4 6 6 1 4 6 2 ^
+16 1 3 5 5 1 2 1 3 3 6 3 5 2 3 5 7 2 ^
+15 1 8 1 5 3 2 7 4 5 6 7 3 3 1 6 3 ^
+15 1 4 6 8 2 1 4 2 5 1 6 8 8 6 4 7 ^
+18 1 1 2 7 3 8 6 7 5 4 3 4 3 5 3 3 2 6 8 ^
+16 0 9 8 1 8 1 7 6 7 7 1 2 6 9 5 4 7 ^
+18 0 7 1 7 3 9 4 7 7 5 2 8 1 7 8 2 7 2 9 ^
+19 1 2 3 1 8 8 6 9 10 3 10 8 9 2 4 1 5 1 5 9 ^
+19 1 8 5 4 8 1 3 9 5 7 7 2 7 2 7 8 7 4 8 10 ^
+20 1 1 9 7 4 1 4 5 1 10 8 6 4 4 9 9 9 8 2 9 10 ^
+19 1 11 6 7 7 2 6 2 6 10 6 9 10 5 11 1 6 8 11 4 ^
+22 0 10 5 10 3 7 8 9 9 1 1 1 10 2 1 5 10 2 9 9 9 7 8 ^
+21 0 1 10 1 6 9 4 2 5 2 11 8 12 12 9 8 1 3 10 7 11 12 ^
+24 1 3 9 5 12 3 4 2 9 12 11 6 6 1 1 9 5 9 1 4 9 4 10 8 9 ^
+25 1 3 2 3 11 1 12 5 6 2 7 8 4 8 8 9 9 8 4 9 1 4 8 10 9 9 ^
+23 0 11 10 7 10 10 6 10 9 4 5 10 5 8 4 1 10 12 4 6 1 8 11 6 ^
+22 0 12 8 10 4 3 8 5 5 7 11 13 11 12 11 4 12 3 6 5 11 10 5 ^
+26 1 10 9 6 9 7 2 10 4 4 5 5 2 12 13 5 3 1 10 1 4 7 8 13 13 12 9 ^
+31 0 2 6 5 4 7 3 10 6 13 6 3 9 6 2 10 5 3 8 4 1 11 3 5 3 7 11 1 12 9 12 5 ^
+27 1 14 5 1 3 7 2 3 9 3 4 14 4 4 10 8 5 14 1 11 12 12 10 4 13 7 11 9 ^
+30 1 4 9 5 5 8 9 5 10 4 2 4 7 9 9 6 3 5 1 8 3 2 13 3 14 9 8 9 10 14 10 ^
+27 0 12 9 5 8 7 2 14 12 3 8 14 6 6 4 7 5 7 10 7 11 10 1 9 6 7 12 14 ^
+24 0 12 9 9 2 11 13 12 11 11 6 14 13 10 5 6 8 10 4 3 11 11 14 5 14 ^
+24 0 15 4 5 3 8 12 15 8 14 15 9 12 12 3 10 13 6 11 10 4 13 14 8 8 ^
+28 1 1 8 1 5 11 4 9 12 4 13 15 5 9 11 7 14 11 1 11 7 8 8 11 1 13 15 12 13 ^
+32 1 5 8 3 8 10 7 8 1 5 13 12 14 5 3 6 4 12 15 6 6 10 11 13 9 1 11 6 10 3 7 14 
+2 ^
+31 0 10 3 5 1 14 11 11 16 1 2 2 11 6 13 15 12 6 5 16 2 14 2 10 12 2 5 5 6 10 13 
+15 ^
+34 0 3 10 8 16 9 5 12 15 4 11 13 3 6 5 10 8 1 3 9 3 11 1 2 16 12 10 6 1 9 1 16 
+5 6 14 ^
+30 1 1 12 4 4 2 15 13 15 11 15 5 11 9 7 15 16 6 16 12 3 2 10 16 5 5 7 1 7 11 16 
+^
+34 0 7 9 11 2 5 5 5 4 13 13 14 4 7 12 6 4 8 2 9 9 13 13 3 3 6 7 16 7 6 15 5 8 
+15 14 ^
+36 1 4 6 16 15 11 14 14 4 7 10 3 4 10 3 6 7 14 4 6 6 5 2 7 8 16 2 12 16 10 14 3 
+2 3 7 14 3 ^
+32 0 15 10 9 1 14 10 14 6 6 16 3 2 3 8 3 12 8 11 17 3 9 7 16 14 4 11 15 5 13 9 
+5 17 ^
+30 0 17 17 13 8 2 6 8 16 1 12 5 17 2 9 8 10 13 14 11 17 12 5 14 9 11 9 11 4 11 
+12 ^
+30 1 16 6 10 5 8 3 17 16 14 1 15 15 15 6 13 2 11 6 13 11 13 4 6 7 11 11 12 16 
+13 16 ^
+33 1 16 16 14 16 2 4 16 11 6 15 7 4 17 6 5 7 6 3 14 16 5 17 11 13 1 1 14 13 3 6 
+14 5 16 ^
+39 1 2 16 13 7 8 6 2 15 1 9 12 4 4 11 13 7 2 11 9 18 4 5 4 8 2 14 9 9 1 8 13 11 
+15 8 5 9 10 16 7 ^
+34 0 2 7 1 1 17 13 6 11 10 8 5 12 15 6 15 10 12 4 18 1 2 8 11 12 16 10 12 18 11 
+16 12 11 17 6 ^
+34 1 4 7 13 7 10 7 10 6 1 12 7 18 11 18 2 10 15 10 14 8 18 9 9 12 12 3 13 12 6 
+4 9 17 13 17 ^
+40 0 5 7 3 2 1 17 14 4 16 6 13 1 13 6 6 10 1 3 18 3 11 7 9 5 7 11 17 1 9 16 5 
+15 10 17 3 8 15 17 8 12 ^
+40 0 11 3 15 17 11 1 1 4 3 14 18 4 2 18 8 15 6 4 6 3 15 11 16 10 17 17 9 6 3 2 
+6 16 4 9 12 6 8 1 11 17 ^
+37 1 2 19 12 8 16 14 2 9 16 2 6 6 7 9 10 9 11 9 14 11 15 5 16 9 2 17 2 8 15 8 4 
+3 14 14 16 16 12 ^
+37 1 11 10 16 12 11 7 14 14 14 6 10 10 1 6 13 19 5 6 4 7 12 12 10 5 10 15 15 8 
+5 13 17 13 5 6 14 1 19 ^
+38 1 2 6 5 17 9 11 18 18 8 6 13 15 3 3 15 5 13 18 3 2 5 5 14 7 13 4 17 7 2 17 3 
+18 15 7 15 16 18 11 ^
+38 1 12 8 6 3 17 12 13 19 15 9 7 17 16 15 3 11 11 5 2 13 19 16 2 4 16 7 8 1 2 9 
+17 12 3 5 18 19 11 9 ^
+39 1 14 16 14 8 9 16 5 1 6 3 17 18 16 9 1 15 9 10 9 19 1 3 3 20 11 13 17 1 19 8 
+3 4 3 7 1 14 19 19 19 ^
+37 1 18 13 11 5 18 4 19 10 6 19 11 17 10 10 7 9 13 16 9 10 18 4 12 5 16 5 20 12 
+3 8 10 1 18 1 6 20 14 ^
+36 0 8 9 6 12 11 7 7 3 17 13 6 20 17 9 20 16 10 12 17 8 11 8 11 10 5 10 14 18 8 
+19 9 12 12 2 20 19 ^
+39 0 12 16 20 3 9 9 19 17 13 13 4 17 2 11 7 14 3 6 16 13 10 13 5 16 10 2 8 2 17 
+19 4 17 7 19 6 9 15 15 6 ^
+43 0 7 2 18 5 7 18 5 2 15 7 11 10 9 3 2 14 19 3 11 8 18 15 5 3 5 12 15 16 10 17 
+7 19 16 2 1 16 6 3 19 12 5 18 16 ^
+49 1 9 11 2 1 12 11 14 12 14 10 4 11 6 8 16 7 5 11 20 8 17 4 14 4 15 3 2 2 4 3 
+2 3 14 15 10 2 12 7 3 7 20 20 19 10 2 3 1 10 20 ^
+36 0 19 20 12 5 19 21 5 21 11 14 19 1 17 8 9 4 19 3 17 1 14 21 14 7 6 5 20 14 
+21 20 4 6 21 7 11 12 ^
+41 0 12 9 11 6 16 18 18 10 11 20 6 12 11 5 7 21 19 18 6 15 21 10 4 14 9 19 10 3 
+3 5 13 1 8 12 3 13 9 7 10 17 14 ^
+45 0 10 6 8 3 17 18 3 21 19 6 17 15 4 9 15 9 15 14 4 7 14 8 10 13 4 11 10 7 6 
+21 1 14 5 11 7 7 2 13 13 3 9 13 8 14 20 ^
+39 1 3 7 18 4 9 9 5 15 13 17 10 15 16 20 8 19 9 10 9 1 19 14 21 2 18 13 10 4 18 
+16 4 21 15 10 18 19 3 12 18 ^
+41 0 14 4 13 11 1 11 1 10 2 12 4 21 10 21 18 9 2 16 7 20 6 7 12 19 20 1 13 12 
+10 8 21 15 7 19 13 6 8 19 20 18 19 ^
+37 0 11 18 1 17 14 15 20 16 20 8 2 17 10 4 21 5 19 19 14 22 21 18 13 14 1 3 12 
+11 11 4 22 13 5 18 7 21 21 ^
+48 0 9 22 19 12 8 16 5 17 5 9 1 2 9 6 12 6 1 7 4 3 15 1 14 1 12 3 10 2 10 14 21 
+13 17 6 6 17 1 21 2 14 16 17 9 11 20 21 11 18 ^
+50 1 12 8 20 13 2 9 20 9 14 10 1 16 2 22 6 4 16 14 15 1 12 4 14 9 21 3 3 9 8 21 
+15 14 8 4 14 4 2 3 8 12 8 6 1 2 18 20 15 3 19 10 ^
+44 0 10 20 14 6 3 4 21 1 12 4 18 2 6 7 6 9 20 14 10 10 19 17 21 12 15 17 7 10 
+11 8 10 12 1 19 19 9 18 21 4 18 11 9 22 5 ^
+47 0 15 8 15 3 5 6 2 19 12 17 4 20 8 11 20 2 18 4 16 20 12 9 9 6 16 21 16 3 16 
+18 3 19 5 16 2 4 2 12 11 15 11 14 17 2 10 18 8 ^
+48 1 5 13 3 21 5 3 6 18 18 10 1 21 21 7 1 13 12 19 1 14 6 8 21 19 21 11 19 13 2 
+13 4 1 10 22 16 4 9 4 10 16 3 7 15 11 9 13 17 12 ^
+45 0 14 7 6 2 20 3 6 19 19 10 2 22 12 17 12 1 20 7 7 15 20 6 18 8 3 14 23 18 15 
+4 7 5 23 15 7 14 10 10 19 17 2 4 15 17 21 ^
+45 1 15 11 8 9 17 5 12 18 14 6 20 17 21 12 16 9 22 9 20 15 2 22 11 2 6 11 9 8 2 
+4 14 19 3 21 21 23 8 2 11 4 8 4 20 22 11 ^
+38 0 21 18 22 10 19 9 14 17 23 21 10 7 15 13 16 5 4 10 13 14 20 23 12 20 23 18 
+10 12 8 21 11 6 12 7 19 14 18 17 ^
+40 0 18 22 6 9 22 5 23 13 6 8 23 20 22 5 22 15 19 20 9 9 1 13 13 10 14 13 5 22 
+14 21 9 21 19 14 14 4 18 13 12 14 ^
+48 1 7 3 15 5 17 14 23 14 5 17 22 11 1 8 13 23 6 21 3 6 11 7 23 8 6 21 4 4 22 
+19 13 8 5 19 7 5 23 1 4 19 11 23 11 21 14 1 3 21 ^
+43 0 22 14 11 7 18 16 17 24 12 12 3 13 19 16 22 4 16 4 6 23 8 18 11 2 3 20 22 9 
+21 8 23 1 23 20 7 16 13 23 4 13 3 7 22 ^
+47 1 23 6 13 19 2 3 7 2 9 9 15 6 13 4 22 6 19 20 1 9 7 14 1 15 3 23 24 22 18 12 
+12 17 19 10 8 11 22 12 10 2 20 15 18 17 18 7 19 ^
+47 1 12 21 6 12 4 7 18 17 3 2 14 24 14 1 23 1 11 15 10 6 18 20 7 1 8 1 16 6 20 
+23 23 21 10 10 12 24 10 11 23 2 12 23 9 3 24 24 10 ^
+52 0 14 10 18 15 14 5 16 11 22 2 15 24 8 22 1 4 24 9 10 15 3 9 5 4 17 15 9 12 
+19 19 1 3 10 6 8 3 17 8 18 24 19 3 4 15 4 9 2 24 5 20 13 13 ^
+42 0 20 17 19 22 13 8 10 19 15 11 1 14 17 20 22 10 7 11 16 9 21 22 17 23 12 15 
+4 24 7 21 18 2 21 16 1 19 18 20 11 3 15 17 ^
+50 0 18 1 6 14 5 5 5 19 13 10 24 19 16 24 15 13 2 19 15 24 21 17 4 13 17 1 1 9 
+1 10 2 18 1 21 19 5 18 12 2 22 16 23 15 19 6 18 9 1 23 5 ^
+51 0 21 13 14 11 18 12 13 3 19 9 20 22 20 2 11 12 6 1 12 16 18 2 9 8 4 3 11 17 
+11 5 4 19 16 11 23 13 18 1 20 8 2 16 16 21 4 19 5 5 20 24 16 ^
+53 1 20 25 17 11 8 4 19 25 17 7 16 21 6 4 8 2 15 9 2 9 19 3 6 3 3 10 25 13 15 7 
+8 20 21 12 10 12 5 24 11 20 3 13 13 16 9 13 10 3 9 16 3 7 25 ^
+49 1 9 9 14 2 13 17 25 2 18 5 19 23 9 25 9 10 23 12 12 7 13 8 15 7 1 6 21 2 8 7 
+6 16 14 14 12 15 13 24 10 15 11 10 8 14 15 21 25 21 25 ^
+47 0 9 18 20 22 21 20 11 14 23 22 10 13 14 8 19 12 2 11 20 23 13 4 10 6 5 7 23 
+11 3 16 8 21 4 8 18 5 12 14 8 6 20 19 24 8 23 17 23 ^
+48 1 7 19 1 18 1 14 22 13 14 5 8 22 18 14 25 17 11 12 22 2 12 12 16 12 13 18 17 
+12 17 14 18 8 25 9 23 5 3 8 14 24 17 7 3 3 23 17 22 19 ^
+51 1 19 17 16 22 24 14 16 20 23 20 9 19 16 7 12 16 5 8 9 7 10 21 24 10 11 19 1 
+21 14 14 19 3 22 8 12 20 1 18 5 6 5 12 14 1 1 11 9 22 3 24 4 ^
+52 1 6 1 11 16 1 12 8 11 11 17 10 22 7 3 10 2 6 4 24 16 24 19 4 5 18 11 12 9 20 
+21 25 2 21 18 10 20 25 21 3 17 17 5 8 22 25 19 8 10 19 7 11 18 ^
+44 0 26 14 21 25 25 4 9 13 5 8 9 21 8 12 26 24 9 24 15 1 23 22 16 14 8 22 15 19 
+24 20 7 8 15 24 12 4 4 23 21 13 19 15 21 12 ^
+59 1 15 7 3 21 20 8 22 14 23 26 19 2 10 18 3 5 3 1 9 15 15 3 7 13 23 9 7 1 13 
+17 14 25 9 16 2 2 6 13 7 19 25 17 1 5 21 2 7 22 5 6 25 3 12 19 6 2 4 24 17 ^
+60 0 9 18 20 19 4 11 14 1 6 8 26 6 9 22 4 10 2 7 21 9 8 24 25 14 22 12 22 3 23 
+3 3 20 6 11 23 6 1 7 5 18 5 15 25 26 1 1 10 11 11 4 12 11 20 3 14 2 3 2 23 15 ^
+49 0 12 17 24 11 8 6 24 16 15 22 21 14 6 12 20 19 5 5 12 11 6 23 2 16 23 7 24 6 
+21 2 17 17 5 25 11 25 20 25 24 18 6 12 19 25 7 6 5 2 25 ^
+54 1 12 16 1 15 7 1 26 19 19 13 20 11 17 6 20 5 24 24 1 21 11 9 20 21 15 10 19 
+26 3 2 6 7 12 9 10 8 14 10 15 5 17 8 21 1 20 25 6 19 8 3 22 16 16 20 ^
+63 0 17 13 11 10 17 15 12 6 13 14 17 4 12 10 24 5 13 24 3 5 2 5 11 14 8 5 10 17 
+16 8 4 14 21 15 3 6 17 25 8 2 3 3 19 10 13 22 22 8 2 13 25 17 2 1 19 1 14 20 2 
+5 4 15 24 ^
+49 0 14 20 7 25 20 26 20 16 7 17 17 22 1 13 6 5 1 18 14 15 23 15 10 5 19 18 18 
+26 12 13 3 25 12 21 16 24 4 16 3 6 26 26 10 20 13 1 20 24 15 ^
+56 0 3 8 14 5 5 7 11 13 11 26 11 4 26 17 20 19 11 10 3 10 14 9 6 9 7 16 10 4 4 
+19 19 2 26 13 19 17 15 24 15 4 21 22 13 13 12 22 2 14 20 5 18 7 17 24 20 20 ^
+58 1 6 17 9 20 2 10 19 3 22 4 1 11 3 5 3 21 11 15 12 23 26 5 2 27 6 5 16 6 3 2 
+23 5 3 20 20 4 24 2 18 21 7 14 10 27 23 6 24 6 19 23 3 9 22 16 21 17 19 23 ^
+58 1 17 7 21 19 6 16 15 15 20 14 2 25 19 14 18 19 7 9 1 14 11 10 16 3 23 14 26 
+10 11 1 18 1 12 24 19 19 1 7 2 3 24 7 12 9 2 8 16 20 24 5 26 26 4 9 2 7 25 17 ^
+54 1 8 12 18 14 26 7 17 18 4 20 1 16 14 21 26 4 6 8 24 11 25 15 24 16 23 4 10 
+23 21 24 15 10 9 26 7 14 24 21 6 20 5 17 16 17 1 3 12 1 4 13 3 9 21 26 ^
+56 1 7 18 11 1 19 20 23 12 12 27 13 13 15 16 13 1 16 15 12 26 3 16 16 8 17 13 
+21 4 6 5 19 14 16 4 16 11 14 18 18 27 9 13 21 3 26 22 3 7 6 4 26 3 15 8 25 21 ^
+50 1 20 13 9 11 20 6 11 21 27 25 20 7 4 18 26 16 27 5 12 19 7 23 6 25 25 2 11 
+13 25 21 18 17 6 12 14 13 24 11 14 19 26 27 25 6 1 15 4 7 27 15 ^
+51 0 15 16 26 27 23 14 12 28 22 15 8 19 2 20 13 1 24 2 25 1 6 19 19 8 11 24 24 
+21 13 27 5 11 28 17 7 25 6 23 24 14 25 12 5 13 26 2 5 8 10 16 17 ^
+58 1 5 26 18 19 21 3 12 11 13 4 14 22 22 14 16 13 3 22 16 23 5 19 6 13 10 26 17 
+27 26 4 3 25 6 14 2 3 5 7 23 11 22 8 25 2 9 25 18 17 8 2 14 4 19 1 5 27 13 24 ^
+53 0 2 27 28 2 17 23 10 27 18 26 7 22 16 3 27 1 26 21 28 10 3 6 2 2 10 17 13 16 
+6 17 21 23 13 20 22 5 6 11 12 12 8 23 13 17 9 23 20 3 28 27 12 17 22 ^
+59 0 28 19 5 21 4 27 8 1 19 14 20 6 7 9 1 6 22 3 19 26 14 8 6 7 19 15 23 1 17 
+16 6 26 14 5 22 25 4 7 10 16 21 10 18 19 24 16 23 8 3 17 28 18 10 2 5 3 21 21 
+15 ^
+58 0 6 24 1 4 24 18 10 22 1 21 12 5 4 4 20 25 24 26 8 25 11 2 7 27 22 19 4 18 
+27 10 28 4 12 24 8 16 12 11 16 17 25 8 12 16 1 9 9 10 5 24 23 18 5 14 18 8 4 28 
+^
+61 0 5 17 8 28 1 22 4 11 3 2 17 3 14 9 27 13 18 24 9 8 7 28 25 14 21 27 24 6 18 
+16 2 12 15 9 14 10 1 8 17 4 6 15 26 11 15 2 28 20 26 16 3 7 5 8 9 26 10 12 25 
+11 22 ^
+53 0 9 13 24 15 20 2 4 8 2 22 20 19 4 15 14 28 13 25 10 10 12 28 24 22 26 28 15 
+9 11 26 19 22 27 2 21 8 20 23 26 12 10 21 9 15 13 25 7 26 1 13 5 9 20 ^
+58 0 3 9 21 22 7 1 23 28 1 2 8 22 12 18 28 5 18 14 7 11 17 20 20 7 21 13 8 28 
+21 22 2 16 20 15 28 9 3 22 13 10 23 4 16 11 14 1 10 8 14 14 15 18 13 12 21 18 
+25 28 ^
+60 1 29 20 2 29 22 8 16 20 4 12 9 6 12 16 16 7 9 20 29 11 9 4 1 15 25 16 29 10 
+22 7 2 8 5 18 14 23 24 4 6 26 3 11 6 12 1 7 14 24 14 6 10 21 16 23 29 25 6 14 
+17 24 ^
+64 0 12 10 5 10 15 25 8 15 3 7 13 25 16 14 1 29 22 26 15 27 9 1 8 8 28 6 13 5 
+13 3 15 5 23 8 23 2 5 5 4 17 13 14 7 17 12 27 3 18 5 7 5 26 18 15 22 28 16 13 7 
+2 23 19 25 15 ^
+56 1 17 7 16 25 23 11 11 15 2 13 9 26 2 24 26 7 28 11 2 29 7 22 23 5 28 19 1 27 
+29 1 24 11 18 20 3 13 11 7 3 15 17 24 1 18 13 6 3 25 27 16 28 18 24 8 23 22 ^
+51 1 29 28 6 28 14 12 28 27 22 4 14 25 1 3 9 7 11 14 15 16 10 19 12 19 11 20 13 
+28 4 27 28 7 27 12 4 28 21 17 22 20 17 15 15 23 22 13 12 21 22 21 29 ^
+64 1 12 14 12 18 27 8 7 4 9 14 16 15 8 11 21 20 10 10 21 23 20 2 11 23 1 11 1 5 
+3 23 16 15 27 14 5 16 3 22 2 3 24 3 19 29 4 4 10 8 20 14 15 1 26 12 27 25 4 28 
+22 11 19 19 24 9 ^
+60 1 20 8 9 5 25 19 17 19 15 7 24 24 21 3 20 16 8 3 17 28 18 29 9 23 9 10 29 4 
+12 24 15 5 8 22 17 29 12 3 8 29 15 21 21 4 7 20 7 10 7 26 10 16 24 6 7 12 8 12 
+15 17 ^
+60 0 9 17 11 28 12 26 26 6 29 13 10 20 6 23 10 4 3 26 26 14 20 20 25 14 13 15 
+24 14 11 4 23 27 24 20 9 16 17 24 13 12 6 1 14 26 25 7 8 21 1 19 3 2 2 17 21 13 
+5 9 21 11 ^
+54 0 25 1 27 24 6 23 16 5 1 20 29 22 25 9 25 10 3 28 28 25 19 18 16 24 14 15 5 
+28 12 28 26 29 2 15 15 9 5 18 19 22 12 15 4 6 15 24 16 9 4 26 25 18 27 12 ^
+61 1 20 4 26 12 3 22 1 22 30 3 28 10 9 24 14 29 6 30 3 10 20 14 6 3 19 21 21 28 
+16 18 11 30 11 20 30 1 9 8 11 5 19 10 24 4 22 4 2 26 5 15 20 8 3 13 30 18 8 1 
+25 28 19 ^
+56 1 20 15 21 18 18 12 16 13 24 9 21 2 28 6 1 23 9 18 27 27 4 9 13 10 8 14 16 
+15 12 11 14 21 14 10 11 25 17 17 30 21 13 27 26 26 22 14 13 17 21 19 9 9 20 23 
+13 28 ^
+59 1 10 28 24 10 22 27 23 27 8 17 14 6 4 21 26 15 1 8 29 27 6 28 15 3 27 25 25 
+14 19 13 29 8 24 2 8 2 4 12 19 11 10 6 26 14 22 24 30 10 11 12 2 12 17 23 8 8 
+12 28 12 ^
+56 0 14 28 2 17 4 8 3 26 9 23 21 30 30 20 4 13 28 29 9 3 17 7 19 30 28 1 2 20 9 
+12 24 15 30 20 27 3 23 11 6 29 25 23 26 17 20 10 22 15 23 6 25 5 4 30 2 29 ^
+63 1 23 15 27 14 26 1 1 7 19 12 7 6 20 18 14 4 15 17 28 7 11 7 8 9 22 17 12 5 
+23 18 25 18 6 12 26 30 12 30 14 3 1 18 10 20 27 21 8 6 24 26 20 11 24 7 2 4 18 
+15 14 30 16 19 14 ^
+52 0 27 15 4 19 25 29 29 7 14 18 9 11 9 27 11 15 29 9 28 20 2 30 26 21 17 8 28 
+17 22 29 24 8 11 18 29 15 6 7 27 27 17 24 18 23 11 19 8 30 5 24 22 24 ^
+66 1 25 15 28 23 5 10 21 5 8 7 3 10 19 17 6 9 15 29 10 7 4 1 16 21 16 29 13 18 
+5 3 8 15 8 21 29 20 5 27 2 13 27 7 7 30 2 18 26 10 2 5 29 21 15 25 26 24 8 12 
+20 3 9 10 30 7 12 29 ^
+53 1 30 26 20 11 22 19 27 2 16 10 6 4 24 17 20 25 20 15 8 23 23 20 30 18 16 3 
+30 15 26 23 28 7 21 8 7 31 31 14 26 18 3 1 26 28 15 25 11 31 3 25 9 21 30 ^
+67 0 2 6 14 4 9 5 28 8 17 22 1 4 8 7 10 14 19 10 14 8 27 9 24 26 4 30 11 8 19 5 
+21 7 2 27 20 16 20 20 22 14 13 16 26 14 10 3 25 22 25 23 21 10 15 15 29 8 13 4 
+2 13 22 20 7 4 20 31 23 ^
+65 0 2 2 28 13 19 14 12 23 27 6 2 14 2 22 6 25 30 29 31 13 14 16 31 12 16 30 5 
+14 31 11 4 1 1 25 21 13 26 22 21 5 22 14 29 1 21 3 14 30 4 2 29 12 15 23 3 15 5 
+1 6 23 22 13 1 14 23 ^
+59 1 25 5 15 6 13 3 22 11 23 31 24 6 5 20 4 14 3 29 8 29 19 7 29 23 25 28 19 11 
+15 27 21 14 1 19 20 26 12 7 12 1 18 13 29 28 23 29 14 23 7 1 9 29 24 5 30 18 5 
+25 30 ^
+55 1 31 25 13 7 24 25 24 1 12 19 9 7 6 28 20 14 28 21 19 31 20 20 6 24 18 27 24 
+4 18 21 1 31 15 1 15 2 27 4 26 25 4 23 19 2 31 22 30 21 22 5 27 12 30 28 31 ^
+62 0 27 15 18 14 25 15 17 7 28 11 28 29 30 1 17 12 10 2 18 20 21 2 11 12 5 4 12 
+25 14 5 5 24 22 18 31 15 22 29 11 3 21 31 21 27 3 28 7 10 25 2 15 30 9 30 7 22 
+15 9 3 20 24 14 ^
+60 0 28 14 18 9 27 14 22 27 31 10 8 14 7 15 7 20 5 26 1 29 7 17 17 8 3 13 27 18 
+8 31 27 28 22 22 17 19 18 18 11 19 13 25 10 19 6 28 4 31 23 10 18 26 31 5 10 13 
+12 8 15 27 ^
+60 1 24 22 4 29 22 31 28 20 4 16 21 3 1 15 5 15 6 30 3 29 29 7 27 20 2 20 31 22 
+26 9 29 16 4 26 32 17 20 14 28 17 19 6 24 11 26 28 5 18 15 8 16 20 21 4 9 12 4 
+8 17 29 ^
+<D
+
+H>SHS Type 2 Strings<H
+D>
+69 1 5 3 11 15 12 24 31 23 1 6 28 2 8 31 6 7 30 5 19 23 12 6 9 31 19 17 24 25 
+22 6 12 16 3 7 9 9 11 29 4 11 2 5 13 29 10 12 30 32 18 28 18 27 3 30 4 4 26 6 
+13 31 13 2 11 7 24 4 17 29 12 ^
+95 0 21 19 21 23 11 42 36 2 13 4 1 33 22 16 27 9 4 33 16 3 30 15 11 32 13 17 38 
+32 9 38 4 36 15 32 27 19 42 18 6 36 22 10 29 12 25 40 15 29 23 28 30 4 8 11 24 
+9 10 31 28 43 23 16 29 33 5 40 26 3 19 12 36 43 5 35 37 5 14 11 45 35 16 10 8 
+32 4 15 35 26 2 39 22 37 22 30 29 ^
+106 1 18 14 51 2 6 32 51 9 32 50 44 46 51 8 11 53 45 55 16 10 3 52 8 20 20 46 
+46 13 32 2 46 50 43 25 54 9 31 29 2 47 15 29 24 45 44 18 37 14 28 39 36 44 47 
+16 50 10 44 24 53 35 22 40 20 15 51 22 18 22 42 6 54 49 38 21 7 13 30 16 7 52 
+16 22 13 38 7 11 44 33 9 25 13 37 42 14 45 53 30 38 5 25 5 35 38 22 28 53 ^
+127 0 58 35 43 28 5 28 63 8 12 25 9 47 53 29 62 7 37 2 3 48 5 12 55 56 28 35 12 
+63 6 58 27 27 48 44 35 14 17 22 56 10 8 1 16 15 42 63 14 51 57 19 41 7 8 56 47 
+34 52 22 48 60 43 9 1 52 4 21 49 61 18 50 23 13 46 62 23 45 62 9 56 18 23 31 8 
+30 27 36 13 38 4 58 53 47 24 18 41 58 19 12 18 52 42 29 44 45 26 63 34 32 41 64 
+15 26 55 19 2 49 6 30 53 13 54 12 53 37 12 37 43 ^
+148 0 60 4 51 47 58 38 17 63 33 23 28 43 12 69 70 33 17 12 50 18 18 36 45 2 67 
+4 45 20 4 33 38 29 45 8 22 58 39 71 38 32 53 35 19 53 31 29 51 35 4 63 18 33 26 
+47 70 9 64 62 63 30 15 1 35 28 16 40 20 14 50 33 19 38 30 27 55 10 16 46 47 7 
+55 12 53 26 56 33 29 55 25 17 48 43 21 43 18 24 63 27 68 46 38 33 35 10 18 11 
+27 5 9 58 35 70 36 36 39 47 2 10 66 47 5 18 21 44 71 51 57 3 22 7 56 55 28 25 
+14 40 16 24 48 37 66 50 24 45 18 39 53 55 ^
+165 1 15 62 35 29 15 40 19 76 67 4 5 71 46 61 26 8 77 48 1 23 12 60 40 24 44 33 
+29 42 73 66 49 61 20 30 1 54 52 42 39 64 23 65 37 24 20 11 26 66 22 77 22 57 7 
+38 57 33 61 73 7 64 1 49 35 76 14 27 21 45 68 38 58 73 13 72 47 73 33 8 66 23 
+38 4 56 77 47 10 71 13 20 31 41 6 51 3 18 17 61 47 14 48 76 46 28 34 43 1 56 4 
+25 7 65 41 1 34 37 23 59 59 27 26 13 15 14 75 60 14 1 28 59 26 65 61 16 23 17 
+28 6 19 2 35 49 30 29 48 2 63 73 59 1 3 76 41 11 19 18 43 54 63 67 51 4 9 78 60 
+66 ^
+181 0 18 19 84 17 12 10 57 18 77 51 52 16 39 74 49 52 63 38 72 2 15 64 83 62 49 
+56 11 26 68 58 83 33 23 50 63 71 53 27 84 22 39 41 52 58 11 64 7 60 45 70 22 5 
+73 38 30 30 48 21 75 80 40 21 8 53 9 26 30 34 81 71 71 51 23 75 33 41 23 32 5 8 
+66 40 72 40 16 66 45 14 48 34 21 41 27 3 55 27 37 23 41 65 4 57 51 74 22 19 75 
+42 16 19 46 16 10 48 20 19 37 41 14 57 9 17 55 38 5 60 7 46 20 43 36 39 52 20 
+10 62 45 23 46 7 35 75 29 70 35 36 34 25 12 15 84 26 10 6 71 29 79 33 32 25 59 
+76 82 64 58 7 8 19 41 74 2 53 65 24 1 55 51 36 21 79 7 ^
+184 1 60 66 66 6 3 9 73 12 7 40 70 18 71 70 65 51 14 14 27 50 9 87 81 50 22 19 
+40 37 16 79 12 34 37 76 82 10 61 7 81 49 67 26 45 82 50 81 63 45 69 31 31 76 51 
+9 59 34 51 54 34 83 10 33 51 86 81 82 69 18 8 22 64 19 86 62 58 33 37 17 34 5 
+29 83 42 76 50 54 66 39 9 1 36 43 17 65 6 35 56 72 71 83 88 10 1 8 87 22 6 21 
+78 25 89 43 62 40 55 85 31 89 74 63 46 28 24 26 31 17 7 8 27 19 12 85 17 20 27 
+77 10 2 54 80 17 52 74 76 69 78 11 20 80 4 29 24 85 75 18 39 23 70 83 29 57 67 
+72 70 33 4 15 46 42 2 69 13 53 33 69 64 33 64 14 40 69 59 78 54 ^
+193 1 68 43 95 53 38 58 55 28 20 16 67 48 17 86 32 44 68 67 28 16 14 79 25 15 
+72 67 50 80 18 30 10 75 1 60 45 87 78 28 95 49 63 70 59 26 6 51 73 60 65 18 26 
+8 87 5 58 31 25 57 40 46 78 57 34 78 61 36 66 57 38 80 22 32 68 71 30 74 37 81 
+66 77 66 55 2 51 24 93 61 40 68 45 61 12 63 24 89 59 52 72 43 20 20 69 36 40 88 
+46 9 62 55 77 84 20 18 6 77 15 52 39 75 3 26 4 85 17 62 29 11 92 46 58 29 59 28 
+42 80 71 96 2 49 85 37 63 4 61 14 2 53 87 25 86 6 75 76 93 41 39 93 92 42 56 41 
+63 26 28 18 77 11 50 78 79 1 12 12 91 29 13 58 5 56 92 66 59 4 39 47 95 5 5 62 
+33 13 80 27 ^
+203 1 35 28 11 7 20 7 17 3 3 30 89 13 65 56 66 63 22 82 16 31 55 56 77 91 91 71 
+101 13 10 85 101 95 17 99 98 91 33 14 20 48 32 7 64 29 38 35 25 4 95 23 34 1 85 
+81 23 31 96 71 84 50 15 79 47 25 51 45 35 66 19 61 60 9 31 93 64 70 30 42 86 53 
+1 71 46 42 22 38 96 10 99 34 76 26 55 73 63 63 97 23 92 81 64 46 1 30 31 35 86 
+91 88 64 87 16 37 69 84 94 60 100 3 47 52 8 71 87 57 29 76 43 18 45 46 15 65 12 
+44 42 66 60 15 68 19 58 39 62 76 9 92 101 57 32 4 34 15 41 62 32 89 71 43 35 31 
+41 21 17 82 33 96 27 62 29 82 57 46 62 15 24 99 37 83 40 52 46 56 80 98 3 91 74 
+6 27 7 58 94 10 41 79 97 84 77 74 26 99 35 ^
+212 1 26 101 17 91 45 97 80 59 102 30 68 4 85 9 4 39 16 18 85 70 11 87 62 72 78 
+38 3 41 53 82 82 35 18 13 94 64 52 39 77 59 26 9 65 46 64 98 32 29 86 79 16 63 
+54 76 56 98 16 98 78 22 72 33 103 104 52 84 12 65 15 85 101 97 84 31 51 26 100 
+100 38 80 13 2 78 7 24 44 84 103 27 7 28 16 33 99 25 103 54 14 42 62 87 92 27 
+22 42 5 52 100 84 73 72 63 24 48 56 52 23 5 17 76 31 1 95 58 43 60 50 62 30 23 
+35 79 20 35 3 72 32 45 51 87 41 84 27 79 77 70 102 15 54 15 100 8 52 69 105 3 
+30 84 42 93 66 89 69 74 24 33 42 97 4 38 99 106 13 93 6 106 74 100 54 45 21 59 
+56 37 9 50 32 75 79 31 77 9 61 1 8 68 6 60 81 7 100 99 14 61 48 25 73 26 70 72 
+94 34 ^
+233 0 11 98 110 88 35 110 35 64 49 88 93 28 85 6 78 65 90 52 24 97 51 39 51 59 
+23 1 3 49 33 11 78 27 35 55 64 5 102 4 70 25 56 58 38 66 11 31 96 66 104 59 41 
+86 58 29 79 41 40 72 51 12 92 34 52 44 69 104 21 97 89 96 48 21 4 61 40 28 67 
+34 23 85 44 22 62 52 33 84 23 30 73 74 4 79 12 81 47 80 53 47 89 40 19 80 62 34 
+61 29 41 95 43 1 70 63 55 53 18 19 13 48 10 19 89 49 4 52 53 56 76 10 8 104 77 
+15 28 38 75 109 3 85 90 8 40 8 93 90 43 39 14 60 17 36 78 56 105 80 35 75 36 58 
+82 50 100 98 45 74 13 66 95 72 71 95 34 14 98 72 33 38 37 52 6 14 107 59 3 29 
+61 67 98 92 5 93 17 98 36 87 41 75 71 57 88 17 25 91 84 3 58 20 92 69 51 50 36 
+31 14 25 18 30 18 1 41 104 30 82 59 87 70 34 96 28 47 62 81 103 48 ^
+234 1 63 90 108 108 102 64 82 88 4 111 76 97 22 1 108 41 34 91 33 20 25 24 26 8 
+83 11 31 7 85 109 106 4 105 85 68 28 33 99 53 8 16 12 11 74 17 83 66 70 16 30 9 
+67 68 34 24 81 47 92 72 47 37 33 38 92 17 8 28 88 22 62 69 32 89 75 3 72 96 85 
+13 105 24 38 37 94 115 83 72 108 114 24 93 76 103 60 99 102 9 43 10 59 95 46 33 
+93 15 26 69 44 2 86 107 55 45 61 65 92 66 9 55 39 70 83 29 98 67 13 111 15 20 
+31 62 8 2 51 20 19 33 44 14 115 71 112 97 10 41 28 53 51 26 57 15 38 98 55 106 
+22 56 31 50 95 107 110 84 70 10 108 96 73 100 25 36 55 88 71 63 96 30 90 96 79 
+22 7 30 23 28 59 89 8 51 99 47 86 34 18 43 65 98 104 107 49 7 79 71 8 57 21 29 
+80 2 74 78 44 57 9 61 22 13 68 52 91 74 98 43 30 58 68 95 101 72 102 76 42 99 
+61 ^
+249 0 27 117 45 119 80 2 59 52 8 76 20 94 102 69 96 42 46 106 67 9 110 89 71 69 
+34 31 15 85 16 29 100 82 37 62 68 95 108 44 23 114 34 36 56 93 11 30 96 12 31 
+67 14 114 14 66 70 30 81 46 53 119 85 6 104 47 92 72 70 5 70 15 115 68 105 33 
+97 13 85 106 14 61 29 22 86 45 57 69 91 38 38 28 66 13 60 95 103 3 15 5 113 38 
+23 62 5 65 94 107 73 104 37 47 102 117 3 78 35 7 95 56 78 45 52 28 46 43 37 32 
+53 19 55 29 47 97 76 115 83 71 11 45 62 73 99 116 2 24 116 7 28 41 2 29 37 52 
+23 5 118 79 31 57 89 61 24 101 78 50 93 73 41 7 33 45 47 24 1 48 73 36 3 25 87 
+46 28 108 54 68 53 67 119 28 36 118 104 42 88 27 112 4 74 85 1 63 39 97 71 74 
+75 76 10 49 12 79 11 50 103 118 94 117 118 37 27 12 94 60 28 51 47 82 110 17 15 
+105 23 52 43 12 21 22 81 41 12 74 90 42 108 117 98 67 4 69 85 ^
+243 0 76 81 26 101 13 68 62 106 87 19 98 32 81 63 79 93 31 121 123 75 52 11 66 
+41 54 87 38 5 104 62 51 38 55 29 31 120 44 16 48 94 46 105 91 66 78 27 43 6 64 
+2 55 79 75 84 113 22 4 113 109 31 33 17 96 11 29 63 98 103 107 116 34 14 9 95 
+38 18 51 75 33 109 118 55 66 4 76 7 75 70 82 74 23 1 26 69 40 112 99 47 65 31 
+70 119 52 103 88 85 86 28 16 12 76 25 22 78 64 21 86 27 61 77 72 108 2 18 106 
+119 121 54 16 85 72 2 73 26 88 66 60 80 35 24 117 63 24 44 67 52 122 119 33 72 
+16 99 98 69 54 19 42 28 53 114 32 117 81 100 57 49 123 56 21 68 80 53 95 1 45 
+95 107 98 87 1 27 24 99 116 16 67 1 113 91 84 25 40 25 72 3 28 90 87 112 80 16 
+117 45 77 36 90 105 59 88 122 64 108 108 71 98 18 50 115 93 105 77 35 6 46 55 
+47 102 4 26 87 111 120 81 113 4 57 105 3 84 94 115 61 73 ^
+255 1 91 47 51 9 57 9 55 94 61 61 68 46 107 6 35 81 114 78 96 74 14 89 73 67 67 
+69 113 107 11 98 113 109 20 92 17 67 70 88 57 10 124 9 60 122 93 91 45 7 15 24 
+51 5 98 115 24 49 90 104 117 66 128 94 64 80 12 43 91 46 111 59 58 77 30 14 88 
+60 123 68 41 44 68 40 104 118 41 43 93 90 105 92 16 127 26 54 125 114 79 71 24 
+48 21 25 118 40 103 49 91 44 67 65 25 119 109 18 48 23 69 112 38 61 64 87 84 
+104 119 110 122 92 22 1 8 83 34 100 32 62 41 46 112 34 102 76 56 39 4 127 30 13 
+19 110 124 7 16 128 95 4 124 11 104 116 126 49 95 3 55 96 70 90 101 4 122 96 75 
+118 39 128 99 92 18 42 20 87 83 35 75 111 61 67 71 28 101 9 56 34 105 95 71 23 
+73 71 26 57 15 23 76 55 99 89 128 98 117 68 43 88 62 38 62 39 2 83 36 15 26 60 
+128 96 73 74 10 1 12 42 22 2 77 33 33 32 57 13 14 82 57 12 39 3 58 80 14 87 85 
+44 69 109 119 ^
+283 0 102 55 53 41 60 88 25 67 58 76 44 22 68 118 108 40 95 96 81 90 85 28 77 
+18 11 37 72 93 60 110 124 119 95 131 91 37 109 126 8 73 69 72 80 17 83 5 76 20 
+32 15 10 1 103 18 22 116 98 9 51 104 102 44 33 15 12 24 31 89 1 6 28 101 8 64 
+72 106 30 5 52 89 111 39 108 64 85 17 57 124 22 105 78 115 3 40 108 66 108 77 
+128 103 44 35 38 13 95 10 111 63 98 117 61 51 126 69 96 70 70 59 39 13 97 33 
+112 2 77 7 123 70 83 29 66 67 49 79 19 104 115 14 60 2 55 40 71 33 28 114 51 91 
+17 46 45 128 57 87 62 25 115 38 50 55 90 74 8 51 102 79 43 94 36 122 94 12 41 
+36 25 104 91 24 7 99 80 30 126 32 63 122 107 114 27 28 79 41 12 35 51 115 122 
+70 22 79 65 2 88 27 17 59 15 23 44 57 5 65 6 26 78 80 125 93 84 100 45 22 129 
+68 36 111 74 118 11 50 42 120 47 21 8 86 112 26 67 60 99 45 93 47 8 38 59 52 56 
+124 20 82 18 117 24 18 46 106 19 117 26 41 47 45 130 7 15 1 4 5 100 10 85 50 44 
+11 48 92 119 108 42 118 125 ^
+272 0 8 61 99 70 96 20 87 123 134 82 22 2 110 118 33 86 5 7 5 94 56 15 60 96 54 
+13 22 55 99 4 25 105 17 37 69 10 38 117 117 30 70 13 9 109 115 62 94 52 66 117 
+100 135 7 75 23 5 81 110 31 118 29 1 62 11 41 88 109 119 102 37 3 30 123 47 31 
+56 134 29 124 116 118 99 21 56 77 91 23 37 135 81 44 51 67 95 51 133 30 57 67 
+116 122 48 100 7 132 97 106 69 93 4 95 125 102 103 119 81 57 133 96 37 118 50 
+117 113 81 127 17 45 103 32 121 129 60 43 65 127 30 36 132 110 52 53 35 71 12 
+76 22 72 130 112 99 76 26 21 73 63 63 97 23 58 115 132 114 1 132 31 35 18 23 54 
+30 53 118 37 35 84 94 60 100 3 47 18 110 105 87 57 63 76 43 52 45 46 49 65 12 
+10 42 66 60 117 34 19 92 5 28 76 9 126 101 125 32 38 34 15 7 62 32 21 3 43 69 
+31 109 123 51 116 135 130 129 130 63 14 57 80 62 15 126 31 105 83 108 120 80 
+124 46 98 105 91 6 6 27 7 58 128 78 7 79 63 84 77 74 128 65 61 95 121 17 24 123 
+117 51 122 ^
+284 0 44 71 43 20 126 58 53 47 98 18 19 119 93 29 70 39 94 112 44 115 135 98 82 
+10 67 29 102 113 68 80 19 75 1 91 114 87 80 7 40 37 86 120 16 104 136 117 82 
+138 32 65 114 119 137 121 8 12 46 126 26 119 73 130 60 76 113 100 14 133 26 116 
+34 120 80 95 84 53 15 24 44 51 4 10 23 77 24 99 66 37 54 63 42 136 21 34 76 5 
+17 128 101 1 59 40 113 112 32 97 31 93 105 79 91 18 39 1 103 132 51 68 124 111 
+13 97 43 128 69 84 85 72 15 12 26 87 16 16 92 101 13 77 4 118 89 103 56 42 16 
+60 44 39 126 46 18 83 93 41 105 3 82 106 115 91 6 4 54 115 15 120 109 113 48 41 
+9 95 20 62 67 105 111 25 132 7 116 46 138 44 83 61 124 131 35 107 6 109 81 114 
+67 41 137 77 56 74 73 34 12 14 69 52 11 98 47 54 83 81 6 1 15 88 35 139 80 83 
+49 89 27 47 130 92 133 87 51 112 76 49 109 49 57 93 73 22 117 50 64 58 97 139 
+36 131 111 133 58 33 8 88 55 38 90 46 30 118 57 29 82 74 41 117 38 46 94 92 5 
+105 15 117 70 103 68 60 120 48 21 110 85 40 81 66 ^
+291 0 46 113 52 134 79 74 64 57 18 23 9 52 8 16 103 57 138 59 59 65 92 2 7 130 
+92 8 34 40 86 131 140 100 112 4 42 1 110 108 43 37 15 67 19 35 94 61 130 98 35 
+88 34 65 104 56 126 118 50 87 10 81 109 90 86 118 32 6 114 88 39 38 39 62 3 12 
+134 72 137 35 75 81 115 106 140 112 11 123 41 103 45 95 84 71 107 13 26 110 96 
+62 16 109 84 59 53 38 27 8 28 13 32 137 17 138 41 122 36 99 65 99 83 36 112 29 
+49 70 96 126 136 131 116 3 18 17 126 142 14 37 141 141 123 42 13 20 83 42 139 
+83 54 49 58 42 7 137 29 48 16 121 127 34 52 140 106 128 58 36 124 83 24 69 54 
+61 112 17 6 95 97 24 57 86 124 59 71 119 67 1 109 54 68 49 57 132 32 5 71 113 
+40 80 104 75 106 133 31 126 130 104 62 9 39 44 66 116 141 135 96 132 19 41 121 
+126 124 77 8 4 60 82 6 101 124 89 51 123 48 40 85 77 21 112 10 69 66 115 87 16 
+108 30 84 65 80 103 32 131 134 73 47 10 63 39 50 93 37 135 114 69 48 34 58 23 
+27 133 37 9 40 98 41 115 99 70 83 29 42 67 133 55 79 80 91 122 12 2 115 112 47 ^
+293 1 33 13 99 138 1 42 89 118 87 113 99 12 134 142 100 38 5 55 75 14 110 108 
+42 64 130 79 138 62 64 69 57 11 123 25 59 16 111 94 24 65 30 51 119 48 107 92 
+84 69 28 136 143 54 20 6 70 47 142 64 4 65 59 73 99 134 146 102 125 116 57 137 
+137 72 48 128 78 5 80 63 54 85 30 22 129 68 21 21 74 28 128 107 27 60 2 93 95 
+71 37 11 37 15 39 102 3 104 65 80 59 52 113 34 20 67 60 27 81 135 46 106 106 
+102 68 128 17 15 100 124 15 43 136 122 100 67 142 35 14 53 120 2 89 93 99 73 9 
+122 39 77 15 96 90 43 79 134 60 92 105 55 96 31 119 77 97 72 23 140 38 30 43 83 
+136 88 107 117 72 109 118 58 91 119 73 95 100 59 138 123 54 49 143 50 133 66 
+106 45 80 88 42 93 5 59 77 101 74 110 104 40 92 19 77 76 86 102 129 3 144 101 
+139 134 56 90 18 91 94 85 55 10 137 11 58 1 107 113 70 22 7 56 29 143 111 8 46 
+45 116 122 129 89 7 121 53 95 14 49 118 62 125 91 37 97 15 35 100 63 140 63 50 
+51 58 26 127 6 45 59 102 121 114 85 141 135 10 72 19 106 66 66 41 53 13 38 1 21 
+103 50 108 46 119 ^
+297 1 46 31 132 112 28 63 124 97 129 43 40 72 99 107 132 137 96 139 99 145 121 
+144 118 37 81 39 94 60 55 109 47 109 110 75 42 12 139 137 43 128 106 107 19 126 
+12 101 148 127 15 117 125 125 62 96 13 76 70 96 101 110 138 8 95 76 143 17 32 
+97 79 149 39 31 94 123 21 41 135 55 84 70 33 135 118 50 62 121 81 1 45 144 93 
+60 5 64 137 8 105 91 82 67 27 113 119 53 18 98 79 48 84 32 135 128 5 1 20 76 17 
+85 108 72 36 141 140 49 150 105 104 3 149 14 54 18 148 64 49 125 37 28 28 101 
+22 104 91 32 82 117 12 114 69 58 2 58 115 9 108 47 59 65 14 92 7 4 86 98 16 82 
+92 95 38 94 10 10 48 97 104 66 115 97 142 115 122 119 40 97 16 32 47 34 88 89 
+26 50 12 76 80 51 40 9 133 24 44 40 122 84 108 22 142 140 99 44 15 54 8 42 125 
+150 130 21 79 124 62 46 119 15 29 91 57 150 42 138 71 61 68 80 114 6 1 70 121 
+18 35 113 56 87 86 10 73 14 29 41 72 89 1 133 87 101 123 59 90 142 77 133 52 78 
+48 34 138 134 27 17 60 131 147 61 93 148 39 132 49 62 71 36 91 4 139 49 100 120 
+43 113 144 30 94 73 127 40 125 ^
+313 1 35 97 95 76 105 88 32 138 30 69 61 40 47 21 107 6 39 81 114 53 125 53 147 
+14 4 73 146 96 98 13 136 11 98 117 138 153 67 146 71 99 88 7 139 24 13 35 47 97 
+145 74 36 119 3 51 84 48 119 53 49 15 79 17 120 103 148 64 30 41 97 120 75 111 
+63 58 131 134 18 13 10 48 18 16 48 43 15 54 18 41 47 122 144 80 92 145 77 1 33 
+89 54 46 78 48 21 54 43 40 53 24 16 73 42 94 29 44 34 151 152 23 123 12 142 140 
+43 37 88 29 19 35 72 96 151 130 62 112 34 36 91 120 50 112 138 2 105 60 68 137 
+131 5 17 19 139 74 11 120 78 149 58 128 15 104 16 126 78 20 57 134 71 49 90 76 
+108 126 100 54 68 39 132 153 42 147 146 124 62 87 35 75 61 65 46 100 82 105 113 
+31 63 5 95 54 71 77 127 150 80 36 144 2 130 59 74 39 3 152 121 122 18 117 12 
+117 141 118 135 62 36 69 5 39 53 150 52 153 143 30 66 96 126 131 56 137 8 7 86 
+142 14 7 111 141 93 136 137 134 43 12 89 23 44 9 152 146 121 97 19 38 110 91 67 
+14 32 110 66 68 8 130 84 73 118 59 24 41 72 121 150 55 37 138 27 104 66 124 9 
+51 109 47 125 109 148 8 29 47 72 146 149 61 93 10 20 54 15 76 133 125 106 110 
+67 ^
+330 0 23 9 26 136 27 51 115 122 44 106 6 146 108 113 85 51 8 96 47 56 137 62 59 
+89 143 71 140 14 85 156 139 99 154 30 53 115 35 147 108 148 58 52 28 103 19 92 
+95 152 152 10 11 13 155 67 11 83 101 69 153 152 45 141 14 120 129 140 119 59 2 
+89 73 70 83 29 16 67 81 29 1 54 65 96 117 2 37 47 128 33 3 89 108 98 139 49 78 
+27 103 39 119 94 132 90 38 132 55 65 131 90 58 2 54 100 69 118 22 44 19 7 148 
+93 25 29 123 81 64 131 55 30 1 89 38 97 82 64 9 28 86 123 151 10 133 40 154 102 
+4 111 65 9 63 59 124 116 72 105 76 57 137 97 32 145 108 78 112 50 43 34 75 20 
+22 129 68 11 118 74 125 118 57 17 20 129 53 65 61 144 1 17 142 156 52 100 54 15 
+20 59 52 63 131 20 57 124 31 125 46 106 76 92 8 98 154 152 80 114 15 140 136 
+112 100 17 92 25 151 150 80 99 69 83 49 43 156 102 19 57 122 96 30 3 39 134 40 
+32 75 5 76 127 138 99 17 57 52 150 130 18 127 33 23 116 107 78 77 77 42 69 68 
+48 41 69 33 75 40 49 128 103 4 146 93 10 83 66 96 152 30 38 12 33 5 39 47 41 34 
+60 74 20 42 156 67 46 56 102 89 3 124 81 99 104 56 50 8 61 74 55 15 87 108 28 
+138 47 93 60 2 124 46 126 103 91 145 36 25 116 122 51 ^
+322 0 75 7 107 158 81 105 154 90 20 125 77 114 69 92 7 58 21 98 154 50 128 149 
+117 127 153 45 3 18 121 86 29 71 79 101 2 5 22 143 10 27 53 146 157 148 112 33 
+22 80 123 24 147 1 112 82 159 63 74 97 109 33 151 32 89 87 132 117 46 129 59 
+115 91 114 118 37 21 9 94 60 25 89 47 79 110 55 12 143 99 87 43 88 56 57 160 76 
+12 71 128 77 146 117 95 105 42 66 3 76 20 76 101 100 118 149 45 26 143 148 32 
+57 39 129 19 31 84 123 1 152 135 5 54 30 13 125 68 30 62 101 51 142 5 94 83 20 
+116 24 107 109 105 91 42 17 27 93 69 3 139 68 79 38 84 2 85 128 126 122 131 46 
+17 35 98 42 26 111 100 29 120 55 84 114 109 145 14 18 138 14 9 85 7 18 129 91 2 
+94 51 133 82 87 123 64 39 8 103 38 75 110 78 7 9 45 115 42 138 135 86 78 16 62 
+52 75 159 54 151 121 149 77 74 16 85 47 102 105 82 119 10 67 137 153 148 135 28 
+49 26 151 153 36 80 11 130 113 24 44 30 102 24 58 133 122 140 99 24 156 54 119 
+42 115 140 90 132 19 94 2 157 99 136 19 71 7 130 153 108 51 21 58 70 74 137 1 
+40 111 149 5 103 6 27 76 141 23 125 140 1 72 29 152 103 87 51 93 29 80 132 77 
+123 153 68 159 14 98 114 158 121 158 81 131 ^
+322 0 35 93 109 125 119 10 10 19 135 26 4 74 135 35 120 129 113 92 17 29 47 88 
+14 159 149 87 45 36 75 68 22 138 20 59 61 144 151 11 107 6 153 81 114 43 85 157 
+97 148 118 73 126 56 58 137 96 11 98 67 98 103 57 146 21 59 88 151 139 148 127 
+25 17 47 115 34 160 109 107 51 64 28 69 13 49 149 69 141 90 93 118 64 10 1 67 
+80 35 111 13 58 101 124 132 147 154 18 162 6 162 33 5 34 142 41 161 82 114 70 
+92 145 57 155 137 114 79 44 36 48 48 21 14 13 40 33 14 150 33 32 54 143 14 4 
+101 142 23 93 136 132 120 147 17 38 163 143 5 52 46 151 130 32 72 34 124 150 51 
+100 112 128 126 65 10 28 87 81 159 131 19 99 54 125 110 58 119 28 78 129 104 
+140 126 38 154 27 114 61 153 90 66 98 76 50 158 48 39 82 123 22 147 136 114 52 
+37 35 75 41 15 150 60 52 55 103 21 23 129 95 24 71 47 97 130 50 140 144 106 100 
+9 64 19 117 122 71 92 8 77 156 97 121 98 85 2 36 39 109 143 23 120 156 133 93 
+154 36 66 116 131 160 127 162 161 46 142 14 141 81 141 63 86 117 104 3 146 39 
+127 34 133 102 106 91 57 9 28 60 61 7 158 12 80 26 8 122 80 44 63 68 49 158 21 
+32 81 150 15 141 108 161 64 46 124 123 31 99 27 105 109 98 112 144 ^
+336 1 34 161 107 149 48 67 138 109 156 104 37 133 60 80 84 81 160 9 16 96 164 1 
+95 112 4 86 163 116 98 103 55 31 8 56 37 36 127 32 9 89 103 31 100 161 85 106 
+119 89 154 43 115 162 137 108 128 38 42 155 103 9 62 65 102 122 10 138 160 125 
+47 158 43 91 69 123 132 35 121 4 110 89 130 69 29 139 69 53 70 83 29 163 67 41 
+9 108 34 45 76 87 2 144 164 98 33 160 79 78 48 89 9 38 134 93 146 79 54 122 80 
+38 112 55 55 101 70 8 129 44 70 59 98 149 24 136 124 138 63 25 166 83 51 34 91 
+45 30 118 59 28 87 72 44 116 28 36 103 101 113 10 114 62 111 71 65 126 53 19 
+114 86 42 85 36 57 137 57 159 95 88 78 72 20 23 14 65 10 22 129 68 1 68 74 75 
+108 7 7 147 109 13 35 51 104 158 164 122 126 2 50 4 132 127 59 52 13 81 20 47 
+107 74 148 115 46 106 46 82 115 68 144 142 60 104 15 90 136 102 100 134 42 15 
+141 100 40 49 49 73 166 13 156 82 166 37 82 96 137 130 166 134 20 139 45 122 56 
+107 98 79 124 17 32 130 120 165 77 23 130 96 67 68 47 37 12 29 18 38 158 19 160 
+55 147 39 118 83 121 96 43 137 33 66 86 112 147 155 149 140 5 19 17 148 161 10 
+44 159 146 57 16 26 102 49 3 104 61 59 74 56 10 165 31 54 25 142 157 37 58 165 
+128 154 73 50 149 94 137 ^
+330 1 61 51 65 132 23 169 116 122 14 66 7 98 131 72 69 127 72 163 125 68 69 51 
+47 159 31 164 71 118 50 83 113 81 127 153 45 137 134 121 68 163 26 43 65 127 
+166 138 98 144 18 53 137 139 148 76 158 4 62 78 167 102 144 94 55 141 63 29 97 
+91 24 115 166 80 69 132 99 1 120 23 88 64 87 118 37 137 152 94 60 168 71 47 52 
+110 37 155 125 63 42 43 52 11 12 151 31 12 44 110 32 128 117 68 87 24 39 164 76 
+145 58 101 91 100 140 151 143 130 32 21 3 111 1 31 75 123 153 116 135 130 27 
+164 165 116 23 12 62 83 24 133 139 49 74 154 80 158 80 64 105 91 6 142 27 75 24 
+128 112 41 79 29 84 145 40 128 99 95 95 19 17 160 89 15 17 84 64 11 93 10 66 78 
+73 127 148 18 129 139 143 49 150 9 84 82 154 85 15 88 82 60 87 19 12 133 58 20 
+39 65 51 141 134 27 70 167 120 117 86 60 16 44 16 57 132 18 142 85 104 59 47 
+141 58 2 66 96 46 119 153 40 110 126 103 90 144 13 26 106 144 80 145 134 103 95 
+24 44 21 84 140 13 97 104 140 99 6 147 54 83 42 106 131 54 96 135 67 118 121 81 
+109 10 53 132 112 117 81 33 155 49 61 38 119 1 13 102 131 148 94 131 143 67 123 
+148 89 104 135 72 145 152 76 87 6 66 2 71 123 77 114 108 59 123 166 62 96 140 
+94 149 116 169 ^
+349 0 125 17 93 82 80 110 156 147 156 99 154 4 29 90 163 120 84 113 56 8 157 29 
+61 169 141 113 78 48 50 13 138 11 50 61 99 106 2 107 6 117 81 114 34 49 112 52 
+130 82 73 108 20 22 110 60 11 98 22 62 58 48 146 149 23 88 142 139 121 91 16 
+163 2 88 171 133 100 62 51 46 10 24 150 49 131 60 114 63 84 91 64 165 138 40 44 
+172 111 141 58 74 115 96 129 145 164 153 170 126 24 169 16 115 41 125 46 87 61 
+92 145 39 155 92 78 70 35 27 21 48 21 151 159 40 15 5 132 170 23 18 107 160 150 
+56 133 23 66 109 123 102 102 172 166 145 116 151 34 1 151 130 5 36 34 97 114 15 
+82 128 112 119 99 29 138 165 42 36 159 95 19 63 36 89 101 40 92 1 33 93 104 113 
+126 2 136 96 52 108 90 57 89 31 5 113 30 39 37 96 4 147 127 105 43 165 35 75 23 
+143 105 24 25 10 94 12 160 102 95 170 71 20 70 112 23 95 144 61 73 137 55 1 81 
+95 26 65 172 41 147 79 103 80 40 121 36 12 64 98 169 93 111 115 48 127 9 39 107 
+131 115 118 162 161 10 142 14 123 54 141 36 41 99 77 140 128 167 82 25 106 57 
+70 64 21 19 15 34 126 149 167 53 163 127 86 35 8 54 23 40 140 3 169 45 150 152 
+96 81 143 28 28 124 87 13 90 9 87 109 53 67 164 28 131 89 149 42 55 126 79 132 
+74 19 133 30 68 72 75 148 9 10 72 152 144 83 106 153 74 163 98 152 ^
+375 1 94 28 13 8 20 28 18 118 5 140 89 67 171 64 152 85 61 101 80 154 149 34 
+115 135 128 108 110 20 33 128 103 35 38 57 95 10 111 151 98 29 149 7 82 69 96 
+114 26 103 171 101 53 121 24 2 121 51 35 70 83 29 154 67 5 167 63 16 27 58 60 2 
+99 128 71 33 160 70 51 3 44 149 2 89 84 101 43 18 113 71 38 94 55 46 74 52 139 
+102 35 43 50 80 122 6 100 88 129 36 25 148 47 24 7 55 36 30 82 32 19 78 63 26 
+71 28 167 85 56 167 95 159 78 26 66 35 65 90 44 159 105 59 15 67 57 137 21 132 
+50 70 78 36 169 5 172 56 1 22 129 68 168 23 74 30 99 138 174 120 91 153 8 42 68 
+158 155 104 99 133 5 135 96 82 59 52 144 36 20 38 62 29 112 106 46 106 19 73 70 
+41 135 133 42 95 15 45 136 93 100 98 173 6 132 55 4 4 31 64 130 162 156 64 157 
+19 46 96 92 103 139 134 2 94 18 86 38 89 62 61 79 157 14 112 111 156 32 14 85 
+78 31 59 20 1 161 169 149 29 122 150 133 37 102 30 109 65 85 51 174 110 164 66 
+77 76 111 119 131 95 5 1 166 103 134 141 17 158 123 137 48 165 175 102 13 3 86 
+43 23 47 56 150 165 4 36 174 115 157 168 13 147 119 109 55 41 140 67 27 31 27 
+53 126 17 163 116 122 160 60 7 92 113 66 45 109 60 151 125 62 39 39 17 153 13 
+152 53 94 50 53 89 57 127 153 45 119 104 121 56 145 172 19 41 103 166 108 68 
+126 12 53 131 127 148 52 134 168 50 48 155 72 132 82 37 129 63 175 160 ^
+366 1 73 15 79 139 71 51 132 81 135 111 166 61 37 60 118 37 92 134 94 60 150 53 
+47 25 110 19 137 107 27 176 43 16 145 146 142 165 12 17 92 166 110 117 41 69 6 
+12 164 76 109 40 101 82 82 131 134 115 143 112 32 164 146 93 162 31 66 123 144 
+80 135 94 137 156 107 157 173 62 65 176 124 112 4 65 127 44 131 53 19 105 91 
+149 106 27 57 158 92 85 14 79 20 84 127 174 128 72 68 59 171 17 124 80 167 8 57 
+28 172 66 144 48 42 37 109 121 18 120 103 116 13 132 39 73 145 76 158 43 82 33 
+51 153 164 97 13 2 3 20 24 114 98 9 25 131 102 99 86 42 16 26 159 39 105 161 
+133 49 59 41 20 105 31 136 30 87 10 119 135 13 83 99 58 45 99 156 26 61 135 143 
+80 118 107 76 77 24 44 12 66 95 147 61 86 140 99 167 138 54 47 42 97 122 18 60 
+90 40 73 85 63 82 1 35 96 94 81 54 15 128 40 52 2 101 1 165 93 113 130 85 95 98 
+58 105 112 53 68 108 72 100 152 49 87 140 39 154 62 114 77 105 63 50 87 157 26 
+78 122 67 140 71 170 119 5 93 64 50 104 144 129 138 75 130 4 178 60 139 120 54 
+113 32 2 133 17 43 163 129 89 72 149 155 30 38 7 138 5 44 61 69 76 175 107 6 93 
+81 114 28 25 82 22 118 58 73 96 175 177 92 36 11 98 171 38 28 42 146 125 178 88 
+136 139 103 67 10 151 151 70 153 115 94 32 51 34 177 173 132 49 119 54 96 45 78 
+73 64 159 120 22 20 154 111 117 58 56 109 72 143 ^
+372 1 136 146 144 170 90 15 169 180 88 41 89 10 60 52 92 145 21 155 47 42 61 26 
+18 176 48 21 124 141 40 179 178 114 143 14 164 71 142 132 11 124 23 39 82 114 
+84 57 163 130 127 89 133 16 138 151 130 160 34 70 78 161 64 92 112 110 72 175 
+102 138 179 173 159 59 19 27 18 53 92 22 65 156 170 57 104 86 126 148 118 155 
+78 43 63 90 48 80 168 142 68 12 39 174 69 168 147 118 96 34 129 35 75 5 107 60 
+170 180 147 85 3 133 75 95 152 71 175 43 94 178 50 144 16 46 101 46 165 45 68 
+163 38 172 5 138 61 85 62 177 76 36 167 19 53 151 66 66 97 3 100 164 12 98 131 
+70 109 162 161 156 142 14 105 27 141 9 178 81 50 113 110 131 37 16 79 12 34 37 
+167 173 10 152 7 81 140 158 26 136 82 50 172 154 45 160 31 122 167 142 9 150 
+125 51 54 125 174 10 124 51 177 81 173 69 109 8 22 155 19 86 62 149 33 37 108 
+34 96 29 174 133 167 50 54 66 130 9 1 36 134 108 65 97 126 56 163 71 83 88 10 1 
+8 178 22 6 112 169 116 89 43 153 40 146 85 31 89 74 154 137 28 115 117 122 108 
+98 8 27 110 103 176 17 20 27 77 10 93 145 80 17 143 165 76 69 78 102 20 91 171 
+95 29 115 176 166 109 39 23 70 83 29 148 67 163 161 33 4 15 46 42 2 69 104 53 
+33 160 64 33 155 14 131 160 59 78 71 19 176 107 65 38 82 55 40 56 40 115 84 29 
+25 44 68 104 176 76 64 123 18 25 136 23 6 171 31 30 30 58 14 13 72 57 14 41 177 
+^
+363 0 135 69 16 167 79 143 46 178 26 3 65 58 36 135 97 35 175 51 152 57 137 173 
+108 10 54 78 4 153 173 164 48 177 22 129 68 168 167 74 174 91 106 174 96 75 129 
+168 34 36 158 147 88 75 101 149 103 64 42 59 52 112 180 20 30 22 173 80 98 46 
+106 179 65 30 17 127 125 26 87 15 5 136 85 100 66 141 182 124 15 156 148 15 56 
+98 146 156 48 149 3 14 96 52 79 115 134 170 54 178 54 22 73 30 45 39 133 182 96 
+103 148 176 6 45 62 183 51 180 153 145 145 117 21 90 118 109 21 62 22 101 49 53 
+11 142 86 132 66 69 44 79 87 115 55 5 169 150 63 110 109 177 150 91 129 40 149 
+159 102 165 3 70 27 175 23 56 126 165 164 20 158 91 157 136 157 131 111 69 39 
+33 132 43 19 175 179 37 118 9 155 116 122 128 52 7 84 89 58 13 85 44 135 125 54 
+183 23 161 145 173 136 29 62 50 13 57 25 127 153 45 95 64 121 40 121 140 171 9 
+71 166 68 28 102 4 53 123 111 148 20 102 160 34 8 139 32 116 66 13 113 63 143 
+97 63 10 59 124 66 41 132 71 115 106 151 46 22 45 118 37 67 124 94 60 140 43 47 
+10 110 9 127 97 7 156 43 180 125 126 137 145 12 2 82 146 100 117 26 59 180 181 
+164 76 89 30 101 77 72 126 114 95 143 102 32 149 131 83 157 31 61 123 139 60 
+135 74 169 122 151 102 137 168 62 55 166 119 97 163 60 112 24 116 38 178 105 91 
+134 86 27 47 138 72 70 183 79 15 84 117 154 128 57 53 39 161 88 ^
+393 1 92 72 151 33 183 164 42 112 32 10 5 93 97 18 112 71 92 168 116 179 186 65 
+137 68 134 3 82 9 19 121 148 65 160 173 158 167 90 66 180 172 99 86 83 86 26 16 
+10 135 23 81 137 125 17 19 25 183 73 7 104 185 79 165 119 119 176 59 75 18 5 59 
+132 26 21 127 119 80 94 83 52 61 24 44 4 50 55 115 29 70 140 99 159 130 54 15 
+42 89 114 173 28 50 16 33 53 47 58 180 19 64 78 49 30 186 104 32 44 157 85 1 
+149 85 97 114 77 63 58 50 89 80 21 36 84 72 60 152 25 87 108 15 138 54 106 77 
+97 23 42 55 149 181 62 106 43 132 31 138 111 176 93 40 10 96 128 105 114 43 98 
+4 146 20 107 120 14 113 181 101 1 19 155 113 57 64 117 131 6 22 186 138 184 36 
+61 29 36 175 107 6 61 81 114 20 180 42 169 102 26 73 80 151 153 68 4 11 98 139 
+6 175 34 146 93 154 88 128 139 79 35 2 135 119 46 129 91 86 179 51 18 169 141 
+108 49 103 46 72 21 70 49 64 151 96 185 175 130 111 85 58 32 101 40 101 131 136 
+139 170 70 10 169 175 73 41 69 177 45 47 92 145 11 155 22 22 56 21 13 166 48 21 
+109 131 40 174 178 104 128 9 149 51 132 122 173 119 23 24 67 109 74 32 158 110 
+117 74 123 6 118 151 130 150 167 34 55 58 146 54 72 112 105 57 160 82 123 159 
+153 159 39 19 7 8 33 87 12 50 146 150 37 104 71 126 133 108 145 68 38 38 90 43 
+75 148 122 43 2 39 154 54 163 147 113 91 29 109 35 75 182 87 35 155 170 127 80 
+185 118 60 95 142 71 165 28 84 168 25 144 178 31 81 41 160 25 53 143 ^
+381 1 14 172 163 130 45 69 46 145 36 36 151 169 13 135 42 26 81 153 76 148 178 
+90 131 30 101 162 161 132 142 14 89 3 141 175 146 65 26 89 94 99 187 8 55 162 2 
+13 143 173 2 120 173 41 132 150 2 112 42 18 140 130 37 128 23 106 159 118 167 
+150 101 11 30 109 150 184 124 19 169 73 165 53 109 158 172 147 11 46 38 149 25 
+21 92 184 64 179 158 133 135 34 38 58 114 9 183 4 118 76 49 89 102 40 163 47 75 
+80 176 175 8 154 14 180 104 153 84 89 11 129 8 138 85 181 73 66 154 121 20 115 
+93 114 108 82 182 19 86 103 176 183 186 177 53 10 69 137 56 1 135 141 68 69 54 
+86 12 75 171 87 187 107 144 150 93 23 7 70 83 29 140 67 139 153 183 178 189 30 
+18 2 29 72 29 33 160 56 9 123 164 107 136 19 70 31 177 152 99 57 38 66 55 32 32 
+24 83 60 21 1 36 52 80 168 44 32 115 184 25 120 181 172 155 189 22 30 26 180 5 
+64 49 188 1 28 111 57 176 167 67 131 22 160 186 169 65 34 30 117 91 17 163 39 
+134 57 137 155 90 170 42 78 170 141 167 158 42 177 22 129 68 168 143 74 150 85 
+82 174 78 63 111 156 28 12 158 141 76 57 77 125 79 40 12 59 52 88 156 20 24 182 
+149 56 92 46 106 167 59 189 121 119 14 81 15 165 136 79 100 42 117 182 118 175 
+138 124 3 50 74 134 156 36 143 181 180 96 22 61 97 134 164 24 166 30 10 61 6 33 
+9 115 176 84 97 142 152 15 50 165 45 168 135 133 127 93 15 66 94 91 9 32 16 95 
+37 29 171 118 68 108 66 63 20 55 186 ^
+396 1 97 10 5 160 132 18 83 73 159 141 55 120 31 131 141 102 138 3 52 9 148 189 
+56 99 165 146 2 140 64 157 100 121 113 102 24 21 24 123 16 10 139 152 19 109 
+146 116 122 92 43 7 75 62 49 170 58 26 117 125 45 147 5 125 136 155 118 2 26 50 
+161 21 182 127 153 45 68 19 121 22 94 104 144 166 35 166 23 176 75 188 53 114 
+93 148 177 66 151 16 156 121 180 98 48 179 95 63 107 97 45 1 23 97 57 23 132 53 
+79 97 124 19 188 18 118 37 22 106 94 60 122 25 47 176 110 184 109 79 164 120 43 
+153 89 90 128 109 12 168 64 110 82 117 192 41 171 163 164 76 53 12 101 68 54 
+117 78 59 143 84 32 122 104 65 148 31 52 123 130 24 135 38 151 95 142 93 101 
+159 62 37 148 110 70 127 51 85 181 89 11 142 105 91 107 50 27 29 102 36 43 165 
+79 6 84 99 118 128 30 26 3 143 17 68 66 139 187 15 165 158 24 88 20 179 174 81 
+79 18 106 47 74 150 104 179 162 59 131 62 116 166 82 184 188 97 136 41 136 167 
+140 143 175 72 42 174 148 75 74 71 86 14 16 191 117 11 63 119 119 186 182 13 
+171 49 182 80 167 73 147 119 107 164 41 57 181 168 29 114 26 184 121 101 80 76 
+65 34 49 24 44 191 38 25 91 5 58 140 99 153 124 54 184 42 83 108 155 4 20 191 3 
+29 35 40 180 7 40 66 25 12 180 86 26 38 139 73 1 137 79 85 102 71 39 28 44 77 
+56 190 12 66 72 30 152 7 87 84 190 126 48 100 77 91 186 36 31 143 163 50 94 25 
+126 1 114 105 170 93 22 173 90 116 87 96 19 74 4 122 183 83 120 177 113 169 181 
+77 182 1 149 186 ^
+384 1 25 56 85 107 177 6 186 138 184 28 61 184 191 175 107 6 29 81 114 12 156 2 
+137 86 189 73 64 127 129 44 167 11 98 107 169 143 26 146 61 130 88 120 139 55 3 
+189 119 87 22 105 67 78 147 51 2 161 109 84 49 87 38 48 192 62 25 64 143 72 169 
+151 106 111 53 58 8 93 8 85 123 120 131 170 38 2 169 167 49 41 37 153 21 39 92 
+145 190 155 177 185 48 13 5 150 48 21 85 115 40 166 178 88 104 1 125 19 116 106 
+141 111 23 43 101 58 187 150 78 101 50 107 185 86 151 130 134 143 34 31 26 122 
+38 40 112 97 33 136 50 99 127 121 159 7 19 170 187 1 79 191 26 130 118 5 104 47 
+126 109 92 129 52 30 193 90 35 67 116 90 3 181 39 122 30 155 147 105 83 21 77 
+35 75 174 55 190 131 154 95 72 185 94 36 95 126 71 149 4 68 152 180 144 146 7 
+49 33 152 188 29 111 194 172 148 125 35 59 36 125 11 36 141 149 183 125 27 1 71 
+133 61 138 168 85 131 5 96 162 161 117 142 14 79 183 141 165 126 55 11 74 84 79 
+167 3 40 142 177 193 128 173 192 100 163 16 127 145 182 97 17 193 120 115 32 
+108 18 96 154 103 152 150 86 181 15 99 135 179 124 194 164 68 160 43 109 138 
+152 142 6 21 23 149 20 11 82 164 44 159 148 133 115 24 28 53 104 9 183 179 108 
+56 39 84 87 30 163 32 70 75 166 170 8 139 9 175 99 143 64 89 186 114 183 133 85 
+161 63 61 154 111 15 115 78 109 108 72 177 14 71 103 176 173 176 157 38 10 54 
+132 41 186 130 126 63 69 39 76 7 65 171 82 172 102 124 140 83 113 ^
+396 1 189 70 83 29 132 67 115 145 151 170 181 14 192 2 187 40 5 33 160 48 183 
+91 132 83 112 177 62 189 153 128 91 49 38 50 55 24 8 8 51 36 13 175 28 36 56 
+160 12 107 168 25 104 157 156 139 165 14 30 192 164 195 56 41 180 159 28 79 41 
+144 167 51 115 188 136 154 145 65 2 22 93 83 191 147 23 110 57 137 131 66 138 
+26 78 146 125 159 150 34 177 22 129 68 168 111 74 118 77 50 174 54 47 87 140 20 
+178 158 133 60 33 45 93 47 8 170 59 52 56 124 20 16 150 117 24 84 46 106 151 51 
+158 173 113 111 196 73 15 133 136 71 100 10 85 182 110 143 114 92 185 42 42 118 
+156 20 135 173 156 96 180 37 73 134 156 182 150 196 192 45 172 17 167 91 168 68 
+89 134 120 190 173 34 141 37 152 111 117 103 61 7 34 62 67 191 190 8 87 21 195 
+139 86 44 76 66 55 186 23 31 87 183 5 155 122 191 68 53 149 136 35 115 26 121 
+131 102 123 3 42 197 133 179 56 84 165 136 190 130 49 157 80 101 103 97 197 11 
+19 118 1 5 119 137 9 104 193 141 116 122 72 38 7 70 47 44 155 43 16 107 125 40 
+127 193 105 131 145 108 185 6 50 141 1 167 127 153 45 53 192 121 12 79 84 129 
+151 15 166 196 156 60 188 53 109 83 148 162 46 146 6 136 111 160 88 38 169 85 
+63 87 97 35 194 3 82 52 13 132 43 59 92 109 4 178 3 118 37 195 96 94 60 112 15 
+47 166 110 179 99 69 149 100 43 138 69 70 123 89 12 158 54 90 72 117 182 31 166 
+153 164 76 33 2 101 63 44 112 58 39 143 74 32 107 89 55 143 31 47 123 125 4 135 
+18 141 80 137 88 81 154 187 ^
+406 0 23 134 103 49 99 44 64 160 68 190 114 105 91 86 22 27 15 74 8 22 151 79 
+199 84 85 90 128 9 5 175 129 17 40 59 125 187 194 144 151 3 60 6 158 153 67 58 
+18 99 19 53 129 90 179 134 52 124 55 95 138 82 170 167 69 122 13 108 160 119 
+115 161 51 14 167 120 47 60 57 86 16 184 96 197 42 98 112 165 154 199 157 21 
+168 52 146 66 126 119 93 150 20 36 153 140 194 93 26 156 114 80 80 55 44 13 35 
+24 44 191 24 190 63 177 44 140 99 146 117 54 163 42 76 101 134 176 185 177 168 
+1 21 19 180 193 12 52 197 191 173 65 19 31 118 59 1 123 72 71 88 64 11 193 37 
+63 28 169 184 45 72 195 152 186 87 56 176 112 41 93 77 84 158 29 3 136 142 36 
+80 4 119 166 86 98 163 93 1 145 83 102 66 75 191 46 4 94 155 55 120 149 113 148 
+181 49 175 180 142 87 5 51 65 92 167 196 186 138 184 23 61 164 171 175 107 6 9 
+81 114 7 141 177 117 76 174 73 54 112 114 29 152 11 98 87 154 123 21 146 41 115 
+88 115 139 40 183 189 109 67 7 90 52 73 127 51 192 156 89 69 49 77 33 33 182 57 
+10 64 138 57 159 136 91 111 33 58 193 88 188 75 118 110 126 170 18 197 169 162 
+34 41 17 138 6 34 92 145 185 155 157 170 43 8 140 48 21 70 105 40 161 178 78 89 
+196 110 199 106 96 121 106 23 185 28 96 48 167 145 58 91 35 97 180 66 151 130 
+124 128 34 16 6 107 28 20 112 92 18 121 30 84 107 101 159 187 19 155 182 181 74 
+186 11 120 98 185 104 32 126 94 82 119 42 25 173 90 30 62 96 70 178 176 39 102 
+15 150 147 100 78 16 57 35 75 169 35 170 116 144 75 146 ^
+409 1 185 70 12 95 110 71 133 183 52 136 148 144 114 186 17 25 144 164 5 79 178 
+172 124 117 19 43 20 93 174 36 125 117 151 109 3 164 55 101 37 122 152 77 131 
+168 88 162 161 93 142 14 63 167 141 149 94 39 190 50 68 47 135 198 16 110 153 
+177 104 173 192 68 147 179 119 137 166 73 180 169 88 91 24 76 10 80 146 79 128 
+150 62 149 194 83 111 171 124 170 156 60 152 27 109 106 120 134 201 184 202 149 
+12 198 66 132 12 127 132 133 83 8 12 45 88 9 183 155 92 24 23 76 63 14 163 8 62 
+67 150 162 8 115 1 167 91 127 32 89 162 90 159 125 85 129 47 53 154 95 7 115 54 
+101 108 56 169 6 47 103 176 157 160 125 14 10 30 124 17 178 122 102 55 69 15 60 
+202 49 171 74 148 94 92 124 67 200 184 70 83 29 127 67 100 140 131 165 176 4 
+182 2 167 20 193 33 160 43 173 71 112 68 97 157 57 169 138 113 86 44 38 40 55 
+19 196 201 31 21 8 165 23 26 41 155 195 183 102 158 25 94 142 146 129 150 9 30 
+177 154 195 51 36 175 139 28 59 31 124 167 41 105 173 121 134 130 65 185 17 78 
+78 181 137 13 95 57 137 116 51 118 16 78 131 115 154 145 29 177 22 129 68 168 
+91 74 98 72 30 174 39 37 72 130 15 163 158 128 50 18 25 73 27 191 150 59 52 36 
+104 20 11 130 97 4 79 46 106 141 46 138 163 108 106 191 68 15 113 136 66 100 
+193 65 182 105 123 99 72 180 37 22 108 156 10 130 168 141 96 160 22 58 134 151 
+162 140 181 187 35 157 7 147 76 163 58 84 129 100 190 153 24 126 32 142 96 107 
+88 41 2 14 42 52 186 170 3 82 11 180 119 66 29 56 66 50 171 3 11 77 163 5 150 
+112 128 ^
+413 1 47 25 135 129 7 108 19 107 117 102 102 3 28 190 112 165 56 63 165 122 183 
+116 28 157 52 73 89 90 169 202 12 111 185 203 91 116 200 97 193 134 116 122 44 
+31 7 63 26 37 134 22 2 93 125 33 99 186 77 124 131 94 171 183 50 113 178 146 
+127 153 45 32 164 121 203 58 56 108 130 192 166 168 128 39 188 53 102 69 148 
+141 18 139 197 108 97 132 74 24 155 71 63 59 97 21 194 180 61 45 204 132 29 31 
+85 88 188 164 187 118 37 167 82 94 60 98 1 47 152 110 172 85 55 128 72 43 117 
+41 42 116 61 12 144 40 62 58 117 168 17 159 139 164 76 5 193 101 56 30 105 30 
+11 143 60 32 86 68 41 136 31 40 123 118 181 135 195 127 59 130 81 53 147 62 13 
+124 98 34 79 39 49 145 53 180 94 105 91 71 2 27 5 54 193 7 141 79 199 84 75 70 
+128 199 195 160 119 17 20 54 115 187 184 129 146 193 40 201 143 138 57 43 18 94 
+204 38 114 80 179 114 47 119 50 80 118 82 160 152 49 112 198 88 155 104 95 151 
+36 199 162 100 27 50 47 86 195 16 179 81 192 27 83 107 150 134 194 147 1 158 32 
+131 61 111 119 83 140 5 21 133 120 174 78 26 136 109 65 80 40 29 203 25 24 44 
+191 14 170 43 162 34 140 99 141 112 54 148 42 71 96 119 161 165 167 148 186 11 
+4 180 188 197 42 182 181 168 50 14 26 103 49 1 113 67 61 78 59 196 173 32 53 8 
+154 169 30 72 175 152 176 87 36 166 102 36 88 77 79 138 24 188 131 127 26 70 
+194 114 146 66 93 158 93 191 125 78 92 51 60 176 26 4 74 135 35 120 129 113 133 
+181 29 170 170 137 77 190 46 45 77 157 191 186 138 184 18 61 144 151 175 107 6 
+194 81 114 2 126 110 ^
+427 1 85 60 150 73 38 88 90 5 128 11 98 55 130 91 13 146 9 91 88 107 139 16 159 
+189 93 35 191 66 28 65 95 51 184 148 57 45 49 61 25 9 166 49 194 64 130 33 143 
+112 67 111 1 58 177 80 164 59 110 94 118 170 194 197 169 154 10 41 193 114 190 
+26 92 145 177 155 125 146 35 200 124 48 21 46 89 40 153 178 62 65 196 86 175 90 
+80 89 98 23 169 4 88 32 135 137 26 75 11 81 172 34 151 130 108 104 34 200 182 
+83 12 196 112 84 202 97 206 60 75 69 159 163 19 131 174 157 66 178 195 104 66 
+161 104 8 126 70 66 103 26 17 141 90 22 54 64 38 146 168 39 70 199 142 147 92 
+70 8 25 35 75 161 3 138 92 128 43 59 185 55 205 95 100 71 123 173 42 126 128 
+144 94 176 205 20 139 149 198 59 168 172 109 112 9 33 10 73 154 36 115 97 131 
+99 196 144 45 81 22 112 142 72 131 148 83 162 161 78 142 14 53 157 141 139 74 
+29 180 35 58 27 115 198 1 90 138 167 89 173 192 48 137 159 114 132 156 58 160 
+154 68 76 19 56 5 70 141 64 113 150 47 129 184 73 96 166 124 155 151 55 147 17 
+109 86 100 129 201 164 192 149 7 193 56 112 200 107 122 133 63 206 2 40 78 9 
+183 140 82 4 13 71 48 4 163 201 57 62 140 157 8 100 204 162 86 117 12 89 147 75 
+144 120 85 109 37 48 154 85 2 115 39 96 108 46 164 1 32 103 176 147 150 105 207 
+10 15 119 2 173 117 87 50 69 50 202 39 171 69 133 89 72 114 57 195 179 70 83 29 
+122 67 85 135 111 160 171 202 172 2 147 183 33 160 38 163 51 92 53 82 137 52 
+149 123 98 81 39 38 30 55 14 186 196 11 6 3 155 18 16 26 150 180 168 97 148 25 
+84 127 136 119 135 4 30 162 144 195 46 31 170 119 28 190 ^
+443 1 17 96 167 27 91 152 100 106 109 65 164 10 57 71 167 123 209 74 57 137 95 
+30 90 2 78 110 101 147 138 22 177 22 129 68 168 63 74 70 65 2 174 18 23 51 116 
+8 142 158 121 36 207 207 45 209 170 122 59 52 8 76 20 4 102 69 186 72 46 106 
+127 39 110 149 101 99 184 61 15 85 136 59 100 172 37 182 98 95 78 44 173 30 204 
+94 156 206 123 161 120 96 132 1 37 134 144 134 126 160 180 21 136 203 119 55 
+156 44 77 122 72 190 125 10 105 25 128 75 93 67 13 205 196 14 31 179 142 206 75 
+207 159 91 38 8 28 66 43 150 185 193 63 135 5 143 98 143 32 5 125 124 197 103 
+14 97 107 102 87 3 18 185 97 155 56 48 165 112 178 106 13 157 32 53 79 85 149 
+197 7 106 175 203 71 101 195 92 193 129 116 122 24 26 7 58 11 32 119 7 202 83 
+125 28 79 181 57 119 121 84 161 168 50 93 163 131 127 153 45 17 144 121 198 43 
+36 93 115 177 166 148 108 24 188 53 97 59 148 126 208 134 192 88 87 112 64 14 
+145 61 63 39 97 11 194 165 46 40 199 132 19 11 80 73 178 154 177 118 37 147 72 
+94 60 88 201 47 142 110 167 75 45 113 52 43 102 21 22 111 41 12 134 30 42 48 
+117 158 7 154 129 164 76 195 188 101 51 20 100 10 201 143 50 32 71 53 31 131 31 
+35 123 113 166 135 180 117 44 125 76 33 142 62 3 114 93 19 59 34 34 130 38 170 
+74 105 91 56 192 27 205 34 178 202 131 79 199 84 65 50 128 189 185 145 109 17 
+49 105 187 174 114 141 183 20 196 128 123 47 28 18 89 189 23 99 70 179 94 42 
+114 45 65 98 82 150 137 29 102 183 68 150 89 75 141 21 184 157 80 7 40 37 86 
+190 16 174 66 187 12 68 102 135 114 189 137 191 148 12 116 56 96 119 73 130 200 
+6 113 100 154 63 26 116 104 50 80 25 14 193 83 ^
+436 1 24 44 191 211 138 11 138 18 140 99 133 104 54 124 42 63 88 95 137 133 151 
+116 162 208 193 180 180 173 26 158 165 160 26 6 18 79 33 1 97 59 45 62 51 172 
+141 24 37 189 130 145 6 72 143 152 160 87 4 150 86 28 80 77 71 106 16 164 123 
+103 10 54 178 106 114 34 85 150 93 175 93 70 76 27 36 152 207 4 42 103 3 120 97 
+113 109 181 210 162 154 129 61 166 38 13 53 141 183 186 138 184 10 61 112 119 
+175 107 6 170 81 114 207 102 125 65 50 135 73 28 73 75 203 113 11 98 35 115 71 
+8 146 202 76 88 102 139 1 144 189 83 15 181 51 13 60 75 51 179 143 37 30 49 51 
+20 207 156 44 184 64 125 18 133 97 52 111 194 58 167 75 149 49 105 84 113 170 
+179 197 169 149 208 41 178 99 180 21 92 145 172 155 105 131 30 208 200 114 48 
+21 31 79 40 148 178 52 50 196 71 160 80 70 69 93 23 159 202 83 22 115 132 6 65 
+209 71 167 14 151 130 98 89 34 190 167 68 2 181 112 79 192 82 191 45 55 49 159 
+148 19 116 169 142 61 173 185 94 46 146 104 206 126 55 56 93 16 12 121 90 17 49 
+44 18 126 163 39 50 189 137 147 87 65 3 5 35 75 156 196 118 77 118 23 54 185 40 
+195 95 90 71 113 163 32 116 108 144 74 166 190 15 134 134 188 39 158 172 94 107 
+212 23 53 134 36 105 77 111 89 186 124 35 61 7 102 132 67 131 128 78 162 161 63 
+142 14 43 147 141 129 54 19 170 20 48 7 95 198 199 70 123 157 74 173 192 28 127 
+139 109 127 146 43 140 139 48 61 14 36 60 136 49 98 150 32 109 174 63 81 161 
+124 140 146 50 142 7 109 66 80 124 201 144 182 149 2 188 46 92 185 87 112 133 
+43 201 205 35 68 9 183 125 72 197 3 66 33 207 163 191 52 57 130 152 8 85 204 
+157 81 107 205 187 ^
+462 1 126 54 123 113 85 81 23 41 154 71 210 115 18 89 108 32 157 209 11 103 176 
+133 136 77 193 10 209 112 196 166 110 66 43 69 194 36 202 25 171 62 112 82 44 
+100 43 188 172 70 83 29 115 67 64 128 83 153 164 195 158 2 119 187 169 33 160 
+31 149 23 64 32 61 109 45 121 102 77 74 32 38 16 55 7 172 189 198 200 211 141 
+11 2 5 143 159 147 90 134 25 70 106 122 105 114 212 30 141 130 195 39 24 163 91 
+28 11 7 76 167 17 81 137 85 86 94 65 149 5 42 66 157 113 204 59 57 137 80 15 70 
+207 78 95 91 142 133 17 177 22 129 68 168 43 74 50 60 197 174 3 13 36 106 3 127 
+158 116 26 197 192 25 194 155 102 59 52 203 56 20 214 82 49 171 67 46 106 117 
+34 90 139 96 94 179 56 15 65 136 54 100 157 17 182 93 75 63 24 168 25 189 84 
+156 201 118 156 105 96 112 201 22 134 139 114 116 145 175 11 121 198 99 40 151 
+34 72 117 52 190 105 90 20 118 60 83 52 208 205 181 209 16 174 122 206 70 202 
+144 71 18 208 8 66 38 135 170 178 53 115 5 138 88 123 17 200 115 119 182 98 9 
+87 97 102 72 3 8 180 82 145 56 33 165 102 173 96 213 157 12 33 69 80 129 192 2 
+101 165 203 51 86 190 87 193 124 116 122 4 21 7 53 211 27 104 207 197 73 125 23 
+59 176 37 114 111 74 151 153 50 73 148 116 127 153 45 2 124 121 193 28 16 78 
+100 162 166 128 88 9 188 53 92 49 148 111 193 129 187 68 77 92 54 4 135 51 63 
+19 97 1 194 150 31 35 194 132 9 206 75 58 168 144 167 118 37 127 62 94 60 78 
+196 47 132 110 162 65 35 98 32 43 87 1 2 106 21 12 124 20 22 38 117 148 212 149 
+119 164 76 180 183 101 46 10 95 205 186 143 40 32 56 38 21 126 31 30 123 108 
+151 135 165 107 29 120 71 13 137 62 208 104 88 4 39 29 19 115 23 160 54 105 91 
+41 177 27 200 14 163 124 ^
+453 0 115 79 199 84 49 18 128 173 169 121 93 17 186 41 89 187 158 90 133 167 
+206 188 104 99 31 4 18 81 165 217 75 54 179 62 34 106 37 41 66 82 134 113 215 
+86 159 36 142 65 43 125 215 160 149 48 193 24 21 86 182 16 166 42 179 206 44 94 
+111 82 181 121 167 132 198 92 48 72 119 57 114 184 200 81 68 122 39 26 84 96 26 
+80 1 208 177 217 24 44 191 206 118 209 123 8 140 99 128 99 54 109 42 58 83 80 
+122 113 141 96 147 203 183 180 175 158 16 143 155 155 11 1 13 64 23 1 87 54 35 
+52 46 157 121 19 27 174 115 130 209 72 123 152 150 87 202 140 76 23 75 77 66 86 
+11 149 118 88 44 168 101 94 14 80 145 93 165 73 65 66 12 21 137 192 4 22 83 201 
+120 77 113 94 181 195 157 144 124 51 151 33 211 38 131 178 186 138 184 5 61 92 
+99 175 107 6 155 81 114 207 87 105 45 40 120 73 18 58 60 193 98 11 98 15 100 51 
+3 146 187 61 88 97 139 204 129 189 73 213 171 36 216 55 55 51 174 138 17 15 49 
+41 15 197 146 39 174 64 120 3 123 82 37 111 179 58 157 70 134 39 100 74 108 170 
+164 197 169 144 198 41 163 84 170 16 92 145 167 155 85 116 25 208 200 104 48 21 
+16 69 40 143 178 42 35 196 56 145 70 60 49 88 23 149 192 78 12 95 127 204 55 
+199 61 162 212 151 130 88 74 34 180 152 53 210 166 112 74 182 67 176 30 35 29 
+159 133 19 101 164 127 56 168 175 84 26 131 104 196 126 40 46 83 6 7 101 90 12 
+44 24 216 106 158 39 30 179 132 147 82 60 216 203 35 75 151 181 98 62 108 3 49 
+185 25 185 95 80 71 103 153 22 106 88 144 54 156 175 10 129 119 178 19 148 172 
+79 102 207 13 208 33 114 36 95 57 91 79 176 104 25 41 210 92 122 62 131 108 73 
+162 161 48 142 14 33 137 141 119 34 9 160 5 38 205 75 198 189 50 108 112 ^
+454 1 53 173 192 113 111 102 120 132 22 112 118 20 40 7 8 213 46 129 28 77 150 
+11 81 160 49 60 154 124 119 139 43 135 213 109 38 52 117 201 116 168 149 215 
+181 32 64 164 59 98 133 15 194 198 28 54 9 183 104 58 176 209 59 12 200 163 177 
+45 50 116 145 8 64 204 150 74 93 184 89 111 39 108 108 85 61 13 36 154 61 210 
+115 3 84 108 22 152 209 216 103 176 123 126 57 183 10 199 107 186 161 105 51 38 
+69 184 26 202 15 171 57 97 77 24 90 33 183 167 70 83 29 110 67 49 123 63 148 
+159 190 148 2 99 172 159 33 160 26 139 3 44 17 46 89 40 101 87 62 69 27 38 6 55 
+2 162 184 183 190 211 131 6 212 210 138 144 132 85 124 25 60 91 112 95 99 212 
+30 126 120 195 34 19 158 71 28 211 217 56 167 7 71 122 70 66 79 65 134 27 61 
+147 103 199 44 57 137 65 50 202 78 80 81 137 128 12 177 22 129 68 168 23 74 30 
+55 182 174 208 3 21 96 218 112 158 111 16 187 177 5 179 140 82 59 52 188 36 20 
+214 62 29 156 62 46 106 107 29 70 129 91 89 174 51 15 45 136 49 100 142 217 182 
+88 55 48 4 163 20 174 74 156 196 113 151 90 96 92 191 7 134 134 94 106 130 170 
+1 106 193 79 25 146 24 67 112 32 190 85 210 75 15 108 45 73 37 193 205 166 194 
+1 169 102 206 65 197 129 51 218 198 208 66 33 120 155 163 43 95 5 133 78 103 2 
+185 105 114 167 93 4 77 87 102 57 3 218 175 67 135 56 18 165 92 168 86 203 157 
+212 13 59 75 109 187 217 96 155 203 31 71 185 82 193 119 116 122 204 16 7 48 
+201 22 89 197 192 63 125 18 39 171 17 109 101 64 141 138 50 53 133 101 127 153 
+45 207 104 121 188 13 216 63 85 147 166 108 68 214 188 53 87 39 148 96 178 124 
+182 48 67 72 44 214 125 41 63 219 97 211 194 135 16 30 189 132 219 191 70 43 
+158 181 ^
+475 0 153 118 37 99 48 94 60 64 189 47 118 110 155 51 21 77 4 43 66 195 196 99 
+215 12 110 6 216 24 117 134 205 142 105 164 76 159 176 101 39 218 88 184 165 
+143 26 32 35 17 7 119 31 23 123 101 130 135 144 93 8 113 64 207 130 62 201 90 
+81 205 11 22 220 94 2 146 26 105 91 20 156 27 193 208 142 178 107 79 199 84 41 
+2 128 165 161 109 85 17 174 37 81 187 150 78 129 159 194 184 92 87 23 214 18 77 
+153 209 63 46 179 46 30 102 33 29 50 82 126 101 203 78 147 20 138 53 27 117 207 
+148 145 32 181 16 13 86 178 16 162 30 175 198 32 90 99 66 177 113 155 124 186 
+80 44 60 119 49 106 176 192 65 52 106 27 26 68 92 14 80 211 200 169 213 24 44 
+191 202 102 197 111 140 99 124 95 54 97 42 54 79 68 110 97 133 80 135 199 175 
+180 171 146 8 131 147 151 221 219 9 52 15 1 79 50 27 44 42 145 105 15 19 162 
+103 118 201 72 107 152 142 87 190 132 68 19 71 77 62 70 7 137 114 76 214 36 160 
+97 78 220 76 141 93 157 57 61 58 9 125 180 4 6 67 189 120 61 113 82 181 183 153 
+136 120 43 139 29 199 26 123 174 186 138 184 1 61 76 83 175 107 6 143 81 114 
+207 75 89 29 32 108 73 10 46 48 185 86 11 98 221 88 35 221 146 175 49 88 93 139 
+196 117 189 65 201 163 24 208 51 39 51 170 134 1 3 49 33 11 189 138 35 166 64 
+116 213 115 70 25 111 167 58 149 66 122 31 96 66 104 170 152 197 169 140 190 41 
+151 72 162 12 92 145 163 155 69 104 21 208 200 96 48 21 4 61 40 139 178 34 23 
+196 44 133 62 52 33 84 23 141 184 74 4 79 123 192 47 191 53 158 200 151 130 80 
+62 34 172 140 41 206 154 112 70 174 55 164 18 19 13 159 121 19 89 160 115 52 
+164 167 76 10 119 104 188 126 28 38 75 220 3 85 90 8 40 8 204 90 154 39 14 171 
+128 147 78 56 216 191 35 75 147 169 82 50 100 209 45 185 13 177 95 150 ^
+471 0 71 89 139 8 92 60 144 26 142 154 3 122 98 164 216 134 172 58 95 200 224 
+201 5 86 36 81 29 63 65 162 76 11 13 196 78 108 55 131 80 66 162 161 27 142 14 
+19 123 141 105 6 220 146 209 24 184 47 198 175 22 87 133 38 173 192 205 103 91 
+97 115 122 7 92 103 25 2 213 213 36 124 13 62 150 221 61 150 39 45 149 124 104 
+134 38 130 208 109 18 32 112 201 96 158 149 215 176 22 44 149 39 88 133 220 189 
+193 23 44 9 183 89 48 161 204 54 222 195 163 167 40 45 106 140 8 49 204 145 69 
+83 169 89 96 24 93 103 85 41 3 31 154 51 210 115 213 79 108 12 147 209 206 103 
+176 113 116 37 173 10 189 102 176 156 100 36 33 69 174 16 202 5 171 52 82 72 4 
+80 23 178 162 70 83 29 105 67 34 118 43 143 154 185 138 2 79 157 149 33 160 21 
+129 208 24 2 31 69 35 81 72 47 64 22 38 221 55 222 152 179 168 180 211 121 1 
+207 200 133 129 117 80 114 25 50 76 102 85 84 212 30 111 110 195 29 14 153 51 
+28 196 212 36 167 222 61 107 55 46 64 65 119 220 12 56 137 93 194 29 57 137 50 
+210 30 197 78 65 71 132 123 7 177 22 129 68 168 3 74 10 50 167 174 198 218 6 86 
+218 97 158 106 6 177 162 210 164 125 62 59 52 173 16 20 214 42 9 141 57 46 106 
+97 24 50 119 86 84 169 46 15 25 136 44 100 127 202 182 83 35 33 209 158 15 159 
+64 156 191 108 146 75 96 72 181 217 134 129 74 96 115 165 216 91 188 59 10 141 
+14 62 107 12 190 65 205 60 10 98 30 63 22 178 205 151 179 211 164 82 206 60 192 
+114 31 203 188 193 66 28 105 140 148 33 75 5 128 68 83 212 170 95 109 152 88 
+224 67 77 102 42 3 213 170 52 125 56 3 165 82 163 76 193 157 197 218 49 70 89 
+182 217 91 145 203 11 56 180 77 193 114 116 122 189 11 7 43 191 17 74 187 187 
+53 125 13 19 166 222 104 91 54 131 123 50 33 118 86 127 167 ^
+480 1 45 193 76 121 181 219 195 42 64 126 166 80 40 200 188 53 80 25 148 75 157 
+117 175 20 53 44 30 207 111 27 63 198 97 204 194 114 222 23 182 132 212 170 63 
+22 144 120 143 118 37 79 38 94 60 54 184 47 108 110 150 41 11 62 211 43 51 180 
+181 94 200 12 100 223 201 14 117 124 200 137 95 164 76 144 171 101 34 213 83 
+169 150 143 16 32 20 2 224 114 31 18 123 96 115 135 129 83 220 108 59 192 125 
+62 196 80 76 195 218 17 210 79 214 136 6 105 91 5 141 27 188 193 127 168 97 79 
+199 84 31 209 128 155 151 94 75 17 159 32 71 187 140 63 124 149 179 179 77 72 
+13 204 18 72 138 199 48 36 179 26 25 97 28 14 30 82 116 86 188 68 132 133 38 7 
+107 197 133 140 12 166 6 3 86 173 16 157 15 170 188 17 85 84 46 172 103 140 114 
+171 65 39 45 119 39 96 166 182 45 32 86 12 26 48 87 226 80 201 190 159 208 24 
+44 191 197 82 182 96 217 140 99 119 90 54 82 42 49 74 53 95 77 123 60 120 194 
+165 180 166 131 225 116 137 146 211 219 4 37 5 1 69 45 17 34 37 130 85 10 9 147 
+88 103 191 72 87 152 132 87 175 122 58 14 66 77 57 50 2 122 109 61 209 26 150 
+92 58 205 71 136 93 147 37 56 48 212 221 110 165 4 213 47 174 120 41 113 67 181 
+168 148 126 115 33 124 24 184 11 113 169 186 138 184 223 61 56 63 175 107 6 128 
+81 114 207 60 69 9 22 93 73 31 33 175 71 11 98 206 73 15 221 146 160 34 88 88 
+139 186 102 189 55 186 153 9 198 46 19 51 165 129 208 215 49 23 6 179 128 30 
+156 64 111 203 105 55 10 111 152 58 139 61 107 21 91 56 99 170 137 197 169 135 
+180 41 136 57 152 7 92 145 158 155 49 89 16 208 200 86 48 21 216 51 40 134 178 
+24 8 196 29 118 52 42 13 79 23 131 174 69 221 59 118 177 37 181 43 153 185 151 
+130 70 47 34 162 125 26 201 139 112 65 164 40 149 3 226 220 159 106 19 74 155 
+100 47 159 157 193 ^
+471 0 211 98 104 174 126 7 24 61 213 225 57 90 1 33 209 183 62 147 39 215 157 
+121 147 71 49 216 170 35 75 140 148 54 29 86 188 38 185 221 163 95 58 71 81 131 
+84 44 144 10 134 142 228 118 86 156 204 126 172 46 91 196 220 197 218 70 36 73 
+13 47 57 154 60 3 226 188 70 100 51 131 64 62 162 161 15 142 14 11 115 141 97 
+219 216 138 201 16 172 31 198 167 6 75 125 26 173 192 193 95 75 93 111 114 224 
+76 91 213 13 227 201 213 28 120 1 50 150 213 45 142 31 33 145 124 92 130 34 126 
+204 109 2 16 108 201 80 150 149 215 172 14 28 137 23 80 133 208 185 189 19 36 9 
+183 77 40 149 200 50 214 191 163 159 36 41 98 136 8 37 204 141 65 75 157 89 84 
+12 81 99 85 25 224 27 154 43 210 115 205 75 108 4 143 209 198 103 176 105 108 
+21 165 10 181 98 168 152 96 24 29 69 166 8 202 226 171 48 70 68 217 72 15 174 
+158 70 83 29 101 67 22 114 27 139 150 181 130 2 63 145 141 33 160 17 121 196 8 
+219 19 53 31 65 60 35 60 18 38 217 55 222 144 175 156 172 211 113 226 203 192 
+129 117 105 76 106 25 42 64 94 77 72 212 30 99 102 195 25 10 149 35 28 184 208 
+20 167 218 53 95 43 30 52 65 107 220 52 129 85 190 17 57 137 38 202 14 193 78 
+53 63 128 119 3 177 22 129 68 168 216 74 223 46 155 174 190 214 223 78 218 85 
+158 102 227 169 150 198 152 113 46 59 52 161 20 214 26 222 129 53 46 106 89 20 
+34 111 82 80 165 42 15 9 136 40 100 115 190 182 79 19 21 197 154 11 147 56 156 
+187 104 142 63 96 56 173 209 134 125 58 88 103 161 212 79 184 43 227 137 6 58 
+103 225 190 49 201 48 6 90 18 55 10 166 205 139 167 203 160 66 206 56 188 102 
+15 191 180 181 66 24 93 128 136 25 59 5 124 60 67 204 158 87 105 140 84 224 59 
+69 102 30 3 209 166 40 117 56 220 165 74 159 68 185 157 185 206 41 66 167 ^
+490 1 176 217 85 133 203 218 38 174 71 193 108 116 122 171 5 7 37 179 11 56 175 
+181 41 125 7 226 160 204 98 79 42 119 105 50 9 100 68 127 153 45 185 60 121 177 
+211 183 30 52 114 166 64 24 192 188 53 76 17 148 63 145 113 171 4 45 28 22 203 
+103 19 63 186 97 200 194 102 214 19 178 132 208 158 59 10 136 112 135 118 37 63 
+30 94 60 46 180 47 100 110 146 33 3 50 199 43 39 168 169 90 188 12 92 219 189 6 
+117 116 196 133 87 164 76 132 167 101 30 209 79 157 138 143 8 32 8 221 220 110 
+31 14 123 92 103 135 117 75 212 104 55 180 121 62 192 72 72 187 206 13 202 67 
+206 128 221 105 91 224 129 27 184 181 115 160 89 79 199 84 23 197 128 147 143 
+82 67 17 147 28 63 187 132 51 120 141 167 175 65 60 5 196 18 68 126 191 36 28 
+179 10 21 93 24 2 14 82 108 74 176 60 120 215 129 26 222 99 189 121 136 227 154 
+229 226 86 169 16 153 3 166 180 5 81 72 30 168 95 128 106 159 53 35 33 119 31 
+88 158 174 29 16 70 26 32 83 218 80 193 182 151 204 24 44 191 193 66 170 84 213 
+140 99 115 86 54 70 42 45 70 41 83 61 115 44 108 190 157 180 162 119 221 104 
+129 142 203 219 25 228 1 61 41 9 26 33 118 69 6 1 135 76 91 183 72 71 152 124 
+87 163 114 50 10 62 77 53 34 229 110 105 49 205 18 142 88 42 193 67 132 93 139 
+21 52 40 204 213 98 153 4 201 31 162 120 25 113 55 181 156 144 118 111 25 112 
+20 172 230 105 165 186 138 184 223 61 40 47 175 107 6 116 81 114 207 48 53 224 
+14 81 73 223 19 21 167 59 11 98 194 61 230 221 146 148 22 88 84 139 178 90 189 
+47 174 145 228 190 42 3 51 161 125 196 207 49 15 2 171 120 26 148 64 107 195 97 
+43 229 111 140 58 131 57 95 13 87 48 95 170 125 197 169 131 172 41 124 45 144 3 
+92 145 154 155 33 77 12 208 200 78 48 21 208 43 40 130 178 16 227 196 17 106 44 
+34 228 75 23 123 166 65 217 43 114 165 29 173 35 200 ^
+479 0 167 151 130 58 29 34 150 107 8 195 121 112 59 152 22 131 218 208 202 159 
+88 19 56 149 82 41 153 145 54 199 86 104 166 126 228 16 53 209 225 41 90 230 29 
+197 171 46 143 39 203 149 117 147 67 45 216 158 35 75 136 136 38 17 78 176 34 
+185 213 155 95 50 71 73 123 225 76 28 144 227 126 130 228 114 74 148 192 118 
+172 34 87 192 216 193 206 54 36 65 230 31 49 146 44 228 214 180 62 92 47 131 48 
+58 162 161 3 142 14 3 107 141 89 207 212 130 193 8 160 15 198 159 223 63 117 14 
+173 192 181 87 59 89 107 106 216 60 79 201 1 227 189 213 20 116 222 38 150 205 
+29 134 23 21 141 124 80 126 30 122 200 109 219 104 201 64 142 149 215 168 6 12 
+125 7 72 133 196 181 185 15 28 9 183 65 32 137 196 46 206 187 163 151 32 37 90 
+132 8 25 204 137 61 67 145 89 72 69 95 85 9 220 23 154 35 210 115 197 71 108 
+229 139 209 190 103 176 97 100 5 157 10 173 94 160 148 92 12 25 69 158 202 222 
+171 44 58 64 205 64 7 170 154 70 83 29 97 67 10 110 11 135 146 177 122 2 47 133 
+133 33 160 13 113 184 225 211 7 37 27 49 48 23 56 14 38 213 55 222 136 171 144 
+164 211 105 226 199 184 125 105 93 72 98 25 34 52 86 69 60 212 30 87 94 195 21 
+6 145 19 28 172 204 4 167 214 45 83 31 14 40 65 95 220 221 48 121 77 186 5 57 
+137 26 194 231 189 78 41 55 124 115 232 177 22 129 68 168 204 74 211 42 143 174 
+182 210 215 70 218 73 158 98 223 161 138 186 140 101 30 59 52 149 217 20 214 10 
+210 117 49 46 106 81 16 18 103 78 76 161 38 15 226 136 36 100 103 178 182 75 3 
+9 185 150 7 135 48 156 183 100 138 51 96 40 165 201 134 121 42 80 91 157 208 67 
+180 27 219 133 231 54 99 213 190 33 197 36 2 82 6 47 231 154 205 127 155 195 
+156 50 206 52 184 90 232 179 172 169 66 20 81 116 124 17 43 5 120 52 51 196 146 
+79 101 128 80 224 65 ^
+503 1 55 102 9 3 202 159 19 103 56 206 165 60 152 54 171 157 164 185 27 59 45 
+171 217 80 123 203 203 23 169 66 193 103 116 122 156 7 32 169 6 41 165 176 31 
+125 2 211 155 189 93 69 32 109 90 50 225 85 53 127 153 45 175 40 121 172 201 
+168 15 37 99 166 44 4 182 188 53 71 7 148 48 130 108 166 220 35 8 12 198 93 9 
+63 171 97 195 194 87 204 14 173 132 203 143 54 231 126 102 125 118 37 43 20 94 
+60 36 175 47 90 110 141 23 229 35 184 43 24 153 154 85 173 12 82 214 174 232 
+117 106 191 128 77 164 76 117 162 101 25 204 74 142 123 143 234 32 229 211 215 
+105 31 9 123 87 88 135 102 65 202 99 50 165 116 62 187 62 67 177 191 8 192 52 
+196 118 206 105 91 214 114 27 179 166 100 150 79 79 199 84 13 182 128 137 133 
+67 57 17 132 23 53 187 122 36 115 131 152 170 50 45 231 186 18 63 111 181 21 18 
+179 226 16 88 19 223 230 82 98 59 161 50 105 200 124 11 207 89 179 106 131 212 
+139 224 221 86 164 16 148 224 161 170 226 76 57 10 163 85 113 96 144 38 30 18 
+119 21 78 148 164 9 232 50 221 26 12 78 208 80 183 172 141 199 24 44 191 188 46 
+155 69 208 140 99 110 81 54 55 42 40 65 26 68 41 105 24 93 185 147 180 157 104 
+216 89 119 137 193 219 231 10 223 1 51 36 235 16 28 103 49 1 227 120 61 76 173 
+72 51 152 114 87 148 104 40 5 57 77 48 14 229 95 100 34 200 8 132 83 22 178 62 
+127 93 129 1 47 30 194 203 83 138 4 186 11 147 120 5 113 40 181 141 139 108 106 
+15 97 15 157 220 95 160 186 138 184 223 61 20 27 175 107 6 101 81 114 207 33 33 
+209 4 66 73 218 4 6 157 44 11 98 179 46 215 221 146 133 7 88 79 139 168 75 189 
+37 159 135 218 180 37 219 51 156 120 181 197 49 5 233 161 110 21 138 64 102 185 
+87 28 219 111 125 58 121 52 80 3 82 38 90 170 110 197 169 126 162 41 109 30 134 
+234 92 145 149 155 13 62 7 208 200 68 48 21 198 33 40 125 178 6 217 196 2 91 34 
+24 213 70 23 113 161 ^
+470 0 58 210 15 107 144 15 159 21 142 152 151 130 48 14 34 140 92 231 190 106 
+112 54 142 7 116 208 193 187 159 73 19 41 144 67 36 148 135 44 184 71 104 156 
+126 218 6 43 204 225 21 90 230 24 182 156 26 138 39 188 139 112 147 62 40 216 
+143 35 75 131 121 18 2 68 161 29 185 203 145 95 40 71 63 113 220 66 8 144 212 
+116 115 228 109 59 138 177 108 172 19 82 187 211 188 191 34 36 55 215 11 39 136 
+24 223 199 170 52 82 42 131 28 53 162 161 226 142 14 231 97 141 79 192 207 120 
+183 236 145 233 198 149 208 48 107 237 173 192 166 77 39 84 102 96 206 40 64 
+186 224 227 174 213 10 111 212 23 150 195 9 124 13 6 136 124 65 121 25 117 195 
+109 204 218 99 201 44 132 149 215 163 234 230 110 225 62 133 181 176 180 10 18 
+9 183 50 22 122 191 41 196 182 163 141 27 32 80 127 8 10 204 132 56 57 130 89 
+57 223 54 90 85 227 215 18 154 25 210 115 187 66 108 224 134 209 180 103 176 87 
+90 223 147 10 163 89 150 143 87 235 20 69 148 228 202 217 171 39 43 59 190 54 
+235 165 149 70 83 29 92 67 233 105 229 130 141 172 112 2 27 118 123 33 160 8 
+103 169 210 201 230 17 22 29 33 8 51 9 38 208 55 222 126 166 129 154 211 95 226 
+194 174 120 90 78 67 88 25 24 37 76 59 45 212 30 72 84 195 16 1 140 237 28 157 
+199 222 167 209 35 68 16 232 25 65 80 220 211 43 111 67 181 228 57 137 11 184 
+216 184 78 26 45 119 110 232 177 22 129 68 168 189 74 196 37 128 174 172 205 
+205 60 218 58 158 93 218 151 123 171 125 86 10 59 52 134 202 20 214 228 195 102 
+44 46 106 71 11 236 93 73 71 156 33 15 211 136 31 100 88 163 182 70 221 232 170 
+145 2 120 38 156 178 95 133 36 96 20 155 191 134 116 22 70 76 152 203 52 175 7 
+209 128 226 49 94 198 190 13 192 21 235 72 229 37 221 139 205 112 140 185 151 
+30 206 47 179 75 217 101 ^
+502 0 158 148 66 13 60 95 103 3 15 5 113 38 23 182 125 65 94 107 73 224 37 47 
+102 237 3 198 155 7 95 56 198 165 52 148 46 163 157 152 173 19 55 29 167 217 76 
+115 203 191 11 165 62 193 99 116 122 144 236 7 28 161 2 29 157 172 23 125 238 
+199 151 177 89 61 24 101 78 50 213 73 41 127 153 45 167 24 121 168 193 156 3 25 
+87 166 28 228 174 188 53 67 239 148 36 118 104 162 208 27 232 4 194 85 1 63 159 
+97 191 194 75 196 10 169 132 199 131 50 223 118 94 117 118 37 27 12 94 60 28 
+171 47 82 110 137 15 225 23 172 43 12 141 142 81 161 12 74 210 162 228 117 98 
+187 124 69 164 76 105 158 101 21 200 70 130 111 143 230 32 221 203 211 101 31 5 
+123 83 76 135 90 57 194 95 46 153 112 62 183 54 63 169 179 4 184 40 188 110 194 
+105 91 206 102 27 175 154 88 142 71 79 199 84 5 170 128 129 125 55 49 17 120 19 
+45 187 114 24 111 123 140 166 38 33 227 178 18 59 99 173 9 10 179 214 12 84 15 
+215 218 82 90 47 149 42 93 188 120 239 195 81 171 94 127 200 127 220 217 86 160 
+16 144 216 157 162 218 72 45 234 159 77 101 88 132 26 26 6 119 13 70 140 156 
+233 220 34 213 26 236 74 200 80 175 164 133 195 24 44 191 184 30 143 57 204 140 
+99 106 77 54 43 42 36 61 14 56 25 97 8 81 181 139 180 153 92 212 77 111 133 185 
+219 231 238 219 1 43 32 231 8 24 91 33 237 223 108 49 64 165 72 35 152 106 87 
+136 96 32 1 53 77 44 238 229 83 96 22 196 124 79 6 166 58 123 93 121 225 43 22 
+186 195 71 126 4 174 235 135 120 229 113 28 181 129 135 100 102 7 85 11 145 212 
+87 156 186 138 184 223 61 4 11 175 107 6 89 81 114 207 21 17 197 236 54 73 214 
+232 234 149 32 11 98 167 34 203 221 146 121 235 88 75 139 160 63 189 29 147 127 
+210 172 33 207 51 152 116 169 189 49 237 233 153 102 17 130 64 98 177 79 16 211 
+111 113 58 113 48 68 235 78 30 86 170 98 197 169 122 154 41 97 18 126 234 92 
+145 145 155 237 50 209 ^
+481 1 208 200 56 48 21 186 21 40 119 178 236 205 196 226 73 22 12 195 64 23 101 
+144 54 206 241 103 132 7 151 13 138 140 151 130 40 2 34 132 80 223 186 94 112 
+50 134 237 104 200 181 175 159 61 19 29 140 55 32 144 127 36 172 59 104 148 126 
+210 240 35 200 225 5 90 230 20 170 144 10 134 39 176 131 108 147 58 36 216 131 
+35 75 127 109 2 232 60 149 25 185 195 137 95 32 71 55 105 216 58 234 144 200 
+108 103 228 105 47 130 165 100 172 7 78 183 207 184 179 18 36 47 203 237 31 128 
+8 219 187 162 44 74 38 131 12 49 162 161 218 142 14 227 89 141 71 180 203 112 
+175 232 133 221 198 141 196 36 99 229 173 192 154 69 23 80 98 88 198 24 52 174 
+216 227 162 213 2 107 204 11 150 187 235 116 5 236 132 124 53 117 21 113 191 
+109 192 206 95 201 28 124 149 215 159 230 218 98 213 54 133 169 172 176 6 10 9 
+183 38 14 110 187 37 188 178 163 133 23 28 72 123 8 240 204 128 52 49 118 89 45 
+215 42 86 85 215 211 14 154 17 210 115 179 62 108 220 130 209 172 103 176 79 82 
+211 139 10 155 85 142 139 83 227 16 69 140 224 202 213 171 35 31 55 178 46 231 
+161 145 70 83 29 88 67 225 101 217 126 137 168 104 2 11 106 115 33 160 4 95 157 
+198 193 222 1 18 13 21 238 47 5 38 204 55 222 118 162 117 146 211 87 226 190 
+166 116 78 66 63 80 25 16 25 68 51 33 212 30 60 76 195 12 239 136 225 28 145 
+195 210 167 205 27 56 4 220 13 65 68 220 203 39 103 59 177 220 57 137 241 176 
+204 180 78 14 37 115 106 232 177 22 129 68 168 177 74 184 33 116 174 164 201 
+197 52 218 46 158 89 214 143 111 159 113 74 236 59 52 122 190 20 214 216 183 90 
+40 46 106 63 7 224 85 69 67 152 29 15 199 136 27 100 76 151 182 66 209 224 158 
+141 240 108 30 156 174 91 129 24 96 4 147 183 134 112 6 62 64 148 199 40 171 
+233 201 124 222 45 90 186 190 239 188 9 235 64 221 29 213 127 178 ^
+508 1 94 122 173 145 6 206 41 173 57 199 146 150 136 66 9 48 83 91 239 243 5 
+109 30 7 174 113 57 90 95 69 224 29 39 102 229 3 194 151 239 87 56 190 165 44 
+144 38 155 157 140 161 11 51 13 163 217 72 107 203 179 243 161 58 193 95 116 
+122 132 236 7 24 153 242 17 149 168 15 125 238 187 147 165 85 53 16 93 66 50 
+201 61 29 127 153 45 159 8 121 164 185 144 235 13 75 166 12 216 166 188 53 63 
+235 148 24 106 100 158 196 19 220 240 190 77 237 63 147 97 187 194 63 188 6 165 
+132 195 119 46 215 110 86 109 118 37 11 4 94 60 20 167 47 74 110 133 7 221 11 
+160 43 129 130 77 149 12 66 206 150 224 117 90 183 120 61 164 76 93 154 101 17 
+196 66 118 99 143 226 32 213 195 207 97 31 1 123 79 64 135 78 49 186 91 42 141 
+108 62 179 46 59 161 167 176 28 180 102 182 105 91 198 90 27 171 142 76 134 63 
+79 199 84 241 158 128 121 117 43 41 17 108 15 37 187 106 12 107 115 128 162 26 
+21 223 170 18 55 87 165 241 2 179 202 8 80 11 207 206 82 82 35 137 34 81 176 
+116 231 183 73 163 82 123 188 115 216 213 86 156 16 140 208 153 154 210 68 33 
+222 155 69 89 80 120 14 22 238 119 5 62 132 148 221 208 18 205 26 224 70 192 80 
+167 156 125 191 24 44 191 180 14 131 45 200 140 99 102 73 54 31 42 32 57 2 44 9 
+89 236 69 177 131 180 149 80 208 65 103 129 177 219 231 230 215 1 35 28 227 20 
+79 17 237 219 96 37 52 157 72 19 152 98 87 124 88 24 241 49 77 40 226 229 71 92 
+10 192 236 116 75 234 154 54 119 93 113 213 39 14 178 187 59 114 4 162 223 123 
+120 217 113 16 181 117 131 92 98 243 73 7 133 204 79 152 186 138 184 223 61 232 
+239 175 107 6 77 81 114 207 9 1 185 232 42 73 210 224 226 141 20 11 98 155 22 
+191 221 146 109 227 88 71 139 152 51 189 21 135 119 202 164 29 195 51 148 112 
+157 181 49 233 233 145 94 13 122 64 94 169 71 4 203 111 101 58 105 44 56 231 74 
+22 82 170 86 197 169 118 146 41 85 6 118 234 92 145 141 149 ^
+484 1 219 32 243 208 200 48 48 21 178 13 40 115 178 232 197 196 218 61 14 4 183 
+60 23 93 136 50 202 229 99 120 245 143 5 134 128 151 130 32 236 34 124 68 215 
+182 82 112 46 126 229 92 192 169 163 159 49 19 17 136 43 28 140 119 28 160 47 
+104 140 126 202 236 27 196 225 235 90 230 16 158 132 240 130 39 164 123 104 147 
+54 32 216 119 35 75 123 97 232 224 52 137 21 185 187 129 95 24 71 47 97 212 50 
+222 144 188 100 91 228 101 35 122 153 92 172 241 74 179 203 180 167 2 36 39 191 
+225 23 120 238 215 175 154 36 66 34 131 242 45 162 161 210 142 14 223 81 141 63 
+168 199 104 167 228 121 209 198 133 184 24 91 221 173 192 142 61 7 76 94 80 190 
+8 40 162 208 227 150 213 240 103 196 245 150 179 223 108 243 228 128 124 41 113 
+17 109 187 109 180 194 91 201 12 116 149 215 155 226 206 86 201 46 133 157 168 
+172 2 2 9 183 26 6 98 183 33 180 174 163 125 19 24 64 119 8 232 204 124 48 41 
+106 89 33 207 30 82 85 203 207 10 154 9 210 115 171 58 108 216 126 209 164 103 
+176 71 74 199 131 10 147 81 134 135 79 219 12 69 132 220 202 209 171 31 19 51 
+166 38 227 157 141 70 83 29 84 67 217 97 205 122 133 164 96 2 241 94 107 33 160 
+87 145 186 185 214 231 14 243 9 230 43 1 38 200 55 222 110 158 105 138 211 79 
+226 186 158 112 66 54 59 72 25 8 13 60 43 21 212 30 48 68 195 8 239 132 213 28 
+133 191 198 167 201 19 44 238 208 1 65 56 220 195 35 95 51 173 212 57 137 233 
+168 192 176 78 2 29 111 102 232 177 22 129 68 168 165 74 172 29 104 174 156 197 
+189 44 218 34 158 85 210 135 99 147 101 62 224 59 52 110 178 20 214 204 171 78 
+36 46 106 55 3 212 77 65 63 148 25 15 187 136 23 100 64 139 182 62 197 216 146 
+137 240 96 22 156 170 87 125 12 96 234 139 175 134 108 236 54 52 144 195 28 167 
+221 193 120 218 41 86 174 190 227 184 243 235 56 213 21 205 115 205 71 ^
+506 0 110 165 141 238 206 37 169 45 187 134 142 124 66 5 36 71 79 235 231 5 105 
+22 239 166 101 49 86 83 65 224 21 31 102 221 3 190 147 231 79 56 182 165 36 140 
+30 147 157 128 149 3 47 245 159 217 68 99 203 167 235 157 54 193 91 116 122 120 
+236 7 20 145 242 5 141 164 7 125 238 175 143 153 81 45 8 85 54 50 189 49 17 127 
+153 45 151 240 121 160 177 132 227 1 63 166 244 204 158 188 53 59 231 148 12 94 
+96 154 184 11 208 236 186 69 233 63 135 97 183 194 51 180 2 161 132 191 107 42 
+207 102 78 101 118 37 243 244 94 60 12 163 47 66 110 129 247 217 247 148 43 236 
+117 118 73 137 12 58 202 138 220 117 82 179 116 53 164 76 81 150 101 13 192 62 
+106 87 143 222 32 205 187 203 93 31 245 123 75 52 135 66 41 178 87 38 129 104 
+62 175 38 55 153 155 244 168 16 172 94 170 105 91 190 78 27 167 130 64 126 55 
+79 199 84 237 146 128 113 109 31 33 17 96 11 29 187 98 103 107 116 158 14 9 219 
+162 18 51 75 157 233 242 179 190 4 76 7 199 194 82 74 23 125 26 69 164 112 223 
+171 65 155 70 119 176 103 212 209 86 152 16 136 200 149 146 202 64 21 210 151 
+61 77 72 108 2 18 230 119 245 54 124 140 209 196 2 197 26 212 66 184 80 159 148 
+117 187 24 44 191 176 246 119 33 196 140 99 98 69 54 19 42 28 53 238 32 241 81 
+224 57 173 123 180 145 68 204 53 95 125 169 219 231 222 211 1 27 24 223 240 16 
+67 1 237 215 84 25 40 149 72 3 152 90 87 112 80 16 241 45 77 36 214 229 59 88 
+246 188 232 108 71 222 142 50 115 93 105 201 35 6 170 179 47 102 4 150 211 111 
+120 205 113 4 181 105 127 84 94 239 61 3 121 196 71 148 186 138 184 223 61 220 
+227 175 107 6 65 81 114 207 245 233 173 228 30 73 206 216 218 133 8 11 98 143 
+10 179 221 146 97 219 88 67 139 144 39 189 13 123 111 194 156 25 183 51 144 108 
+145 173 49 229 233 137 86 9 114 64 90 161 63 240 195 111 89 58 97 40 44 227 70 
+14 78 170 74 197 169 114 138 41 73 242 110 234 177 ^
+491 0 145 135 155 207 20 243 208 200 40 48 21 170 5 40 111 178 228 189 196 210 
+49 6 246 171 56 23 85 128 46 198 217 95 108 241 135 247 130 116 151 130 24 228 
+34 116 56 207 178 70 112 42 118 221 80 184 157 151 159 37 19 5 132 31 24 136 
+111 20 148 35 104 132 126 194 232 19 192 225 223 90 230 12 146 120 228 126 39 
+152 115 100 147 50 28 216 107 35 75 119 85 220 216 44 125 17 185 179 121 95 16 
+71 39 89 208 42 210 144 176 92 79 228 97 23 114 141 84 172 233 70 175 199 176 
+155 236 36 31 179 213 15 112 226 211 163 146 28 58 30 131 230 41 162 161 202 
+142 14 219 73 141 55 156 195 96 159 224 109 197 198 125 172 12 83 213 173 192 
+130 53 241 72 90 72 182 242 28 150 200 227 138 213 236 99 188 237 150 171 211 
+100 239 220 124 124 29 109 13 105 183 109 168 182 87 201 246 108 149 215 151 
+222 194 74 189 38 133 145 164 168 248 244 9 183 14 248 86 179 29 172 170 163 
+117 15 20 56 115 8 224 204 120 44 33 94 89 21 199 18 78 85 191 203 6 154 1 210 
+115 163 54 108 212 122 209 156 103 176 63 66 187 123 10 139 77 126 131 75 211 8 
+69 124 216 202 205 171 27 7 47 154 30 223 153 137 70 83 29 80 67 209 93 193 118 
+129 160 88 2 229 82 99 33 160 246 79 133 174 177 206 219 10 231 247 222 39 247 
+38 196 55 222 102 154 93 130 211 71 226 182 150 108 54 42 55 64 25 1 52 35 9 
+212 30 36 60 195 4 239 128 201 28 121 187 186 167 197 11 32 230 196 239 65 44 
+220 187 31 87 43 169 204 57 137 225 160 180 172 78 240 21 107 98 232 177 22 129 
+68 168 153 74 160 25 92 174 148 193 181 36 218 22 158 81 206 127 87 135 89 50 
+212 59 52 98 166 20 214 192 159 66 32 46 106 47 249 200 69 61 59 144 21 15 175 
+136 19 100 52 127 182 58 185 208 134 133 240 84 14 156 166 83 121 96 222 131 
+167 134 104 224 46 40 140 191 16 163 209 185 116 214 37 82 162 190 215 180 235 
+235 48 205 13 197 103 205 76 104 161 139 232 146 ^
+516 0 33 165 33 175 122 134 112 66 1 24 59 67 231 219 5 101 14 227 158 89 41 82 
+71 61 224 13 23 102 213 3 186 143 223 71 56 174 165 28 136 22 139 157 116 137 
+247 43 233 155 217 64 91 203 155 227 153 50 193 87 116 122 108 236 7 16 137 242 
+245 133 160 251 125 238 163 139 141 77 37 77 42 50 177 37 5 127 153 45 143 228 
+121 156 169 120 219 241 51 166 232 192 150 188 53 55 227 148 82 92 150 172 3 
+196 232 182 61 229 63 123 97 179 194 39 172 250 157 132 187 95 38 199 94 70 93 
+118 37 231 240 94 60 4 159 47 58 110 125 243 213 239 136 43 228 105 106 69 125 
+12 50 198 126 216 117 74 175 112 45 164 76 69 146 101 9 188 58 94 75 143 218 32 
+197 179 199 89 31 245 123 71 40 135 54 33 170 83 34 117 100 62 171 30 51 145 
+143 244 160 4 164 86 158 105 91 182 66 27 163 118 52 118 47 79 199 84 233 134 
+128 105 101 19 25 17 84 7 21 187 90 240 99 99 104 154 2 249 215 154 18 47 63 
+149 225 238 179 178 72 3 191 182 82 66 11 113 18 57 152 108 215 159 57 147 58 
+115 164 91 208 205 86 148 16 132 192 145 138 194 60 9 198 147 53 65 64 96 242 
+14 222 119 241 46 116 132 197 184 238 189 26 200 62 176 80 151 140 109 183 24 
+44 191 172 234 107 21 192 140 99 94 65 54 7 42 24 49 230 20 229 73 212 45 169 
+115 180 141 56 200 41 87 121 161 219 231 214 207 1 19 20 219 236 12 55 237 237 
+211 72 13 28 141 72 239 152 82 87 100 72 8 241 41 77 32 202 229 47 84 238 184 
+228 100 67 210 130 46 111 93 97 189 31 250 162 171 35 90 4 138 199 99 120 193 
+113 244 181 93 123 76 90 235 49 251 109 188 63 144 186 138 184 223 61 208 215 
+175 107 6 53 81 114 207 237 221 161 224 18 73 202 208 210 125 248 11 98 131 250 
+167 221 146 85 211 88 63 139 136 27 189 5 111 103 186 148 21 171 51 140 104 133 
+165 49 225 233 129 78 5 106 64 86 153 55 232 187 111 77 58 89 36 32 223 66 6 74 
+170 62 197 169 110 130 41 61 234 102 234 92 145 133 155 201 14 243 208 200 36 
+48 21 166 1 40 109 178 147 ^
+522 0 179 196 200 34 251 241 156 51 23 75 118 41 193 202 90 93 236 125 242 125 
+101 151 130 14 218 34 106 41 197 173 55 112 37 108 211 65 174 142 136 159 22 19 
+245 127 16 19 131 101 10 133 20 104 122 126 184 227 9 187 225 208 90 230 7 131 
+105 213 121 39 137 105 95 147 45 23 216 92 35 75 114 70 205 206 34 110 12 185 
+169 111 95 6 71 29 79 203 32 195 144 161 82 64 228 92 8 104 126 74 172 223 65 
+170 194 171 140 221 36 21 164 198 5 102 211 206 148 136 18 48 25 131 215 36 162 
+161 192 142 14 214 63 141 45 141 190 86 149 219 94 182 198 115 157 252 73 203 
+173 192 115 43 226 67 85 62 172 227 13 135 190 227 123 213 231 94 178 227 150 
+161 196 90 234 210 119 124 14 104 8 100 178 109 153 167 82 201 231 98 149 215 
+146 217 179 59 174 28 133 130 159 163 248 239 9 183 254 243 71 174 24 162 165 
+163 107 10 15 46 110 8 214 204 115 39 23 79 89 6 189 3 73 85 176 198 1 154 246 
+210 115 153 49 108 207 117 209 146 103 176 53 56 172 113 10 129 72 116 126 70 
+201 3 69 114 211 202 200 171 22 247 42 139 20 218 148 132 70 83 29 75 67 199 88 
+178 113 124 155 78 2 214 67 89 33 160 246 69 118 159 167 196 204 5 216 237 212 
+34 247 38 191 55 222 92 149 78 120 211 61 226 177 140 103 39 27 50 54 25 245 
+241 42 25 249 212 30 21 50 195 254 239 123 186 28 106 182 171 167 192 1 17 220 
+181 229 65 29 220 177 26 77 33 164 194 57 137 215 150 165 167 78 230 11 102 93 
+232 177 22 129 68 168 138 74 145 20 77 174 138 188 171 26 218 7 158 76 201 117 
+72 120 74 35 197 59 52 83 151 20 214 177 144 51 27 46 106 37 249 185 59 56 54 
+139 16 15 160 136 14 100 37 112 182 53 170 198 119 128 240 69 4 156 161 78 116 
+240 96 207 121 157 134 99 209 36 25 135 186 1 158 194 175 111 209 32 77 147 190 
+200 175 225 235 38 195 3 187 88 205 61 89 151 134 217 206 30 162 24 166 113 128 
+103 66 253 15 50 58 228 210 5 98 8 218 152 80 35 79 62 58 224 7 17 102 207 3 
+183 140 217 65 56 168 165 22 133 16 133 157 107 128 244 12 ^
+517 1 218 150 217 59 81 203 140 217 148 45 193 82 116 122 93 236 7 11 127 242 
+235 123 155 246 125 238 148 134 126 72 27 247 67 27 50 162 22 247 127 153 45 
+133 213 121 151 159 105 209 231 36 166 217 177 140 188 53 50 222 148 242 67 87 
+145 157 250 181 227 177 51 224 63 108 97 174 194 24 162 250 152 132 182 80 33 
+189 84 60 83 118 37 216 235 94 60 251 154 47 48 110 120 238 208 229 121 43 218 
+90 91 64 110 12 40 193 111 211 117 64 170 107 35 164 76 54 141 101 4 183 53 79 
+60 143 213 32 187 169 194 84 31 245 123 66 25 135 39 23 160 78 29 102 95 62 166 
+20 46 135 128 244 150 246 154 76 143 105 91 172 51 27 158 103 37 108 37 79 199 
+84 228 119 128 95 91 4 15 17 69 2 11 187 80 230 94 89 89 149 244 239 210 144 18 
+42 48 139 215 233 179 163 252 67 255 181 167 82 56 253 98 8 42 137 103 205 144 
+47 137 43 110 149 76 203 200 86 143 16 127 182 140 128 184 55 251 183 142 43 50 
+54 81 232 9 212 119 236 36 106 122 182 169 223 179 26 185 57 166 80 141 130 99 
+178 24 44 191 167 219 92 6 187 140 99 89 60 54 249 42 19 44 220 5 214 63 197 30 
+164 105 180 136 41 195 26 77 116 151 219 231 204 202 1 9 15 214 231 7 40 222 
+237 206 57 255 13 131 72 224 152 72 87 85 62 255 241 36 77 27 187 229 32 79 228 
+179 223 90 62 195 115 41 106 93 87 174 26 245 152 161 20 75 4 123 184 84 120 
+178 113 234 181 78 118 66 85 230 34 251 94 178 53 139 186 138 184 223 61 193 
+200 175 107 6 38 81 114 207 227 206 146 219 3 73 197 198 200 115 238 11 98 116 
+240 152 221 146 70 201 88 58 139 126 12 189 252 96 93 176 138 16 156 51 135 99 
+118 155 49 220 233 119 68 96 64 81 143 45 222 177 111 62 58 79 31 17 218 61 253 
+69 170 47 197 169 105 120 41 46 224 92 234 92 145 128 155 186 256 243 208 200 
+26 48 21 156 248 40 104 178 221 175 196 196 28 249 239 150 49 23 71 114 39 191 
+196 88 87 234 121 240 123 95 151 130 10 214 34 102 35 193 171 49 112 35 104 207 
+59 170 136 130 159 16 19 241 125 213 ^
+529 1 15 127 93 2 121 8 104 114 126 176 223 1 183 225 196 90 230 3 119 93 201 
+117 39 125 97 91 147 41 19 216 80 35 75 110 58 193 198 26 98 8 185 161 103 95 
+257 71 21 71 199 24 183 144 149 74 52 228 88 255 96 114 66 172 215 61 166 190 
+167 128 209 36 13 152 186 256 94 199 202 136 128 10 40 21 131 203 32 162 161 
+184 142 14 210 55 141 37 129 186 78 141 215 82 170 198 107 145 244 65 195 173 
+192 103 35 214 63 81 54 164 215 1 123 182 227 111 213 227 90 170 219 150 153 
+184 82 230 202 115 124 2 100 4 96 174 109 141 155 78 201 219 90 149 215 142 213 
+167 47 162 20 133 118 155 159 248 235 9 183 246 239 59 170 20 154 161 163 99 6 
+11 38 106 8 206 204 111 35 15 67 89 253 181 250 69 85 164 194 256 154 242 210 
+115 145 45 108 203 113 209 138 103 176 45 48 160 105 10 121 68 108 122 66 193 
+258 69 106 207 202 196 171 18 239 38 127 12 214 144 128 70 83 29 71 67 191 84 
+166 109 120 151 70 2 202 55 81 33 160 246 61 106 147 159 188 192 1 204 229 204 
+30 247 38 187 55 222 84 145 66 112 211 53 226 173 132 99 27 15 46 46 25 241 233 
+34 17 241 212 30 9 42 195 254 239 119 174 28 94 178 159 167 188 252 5 212 169 
+221 65 17 220 169 22 69 25 160 186 57 137 207 142 153 163 78 222 3 98 89 232 
+177 22 129 68 168 126 74 133 16 65 174 130 184 163 18 218 254 158 72 197 109 60 
+108 62 23 185 59 52 71 139 20 214 165 132 39 23 46 106 29 249 173 51 52 50 135 
+12 15 148 136 10 100 25 100 182 49 158 190 107 124 240 57 255 156 157 74 112 
+232 96 195 113 149 134 95 197 28 13 131 182 248 154 182 167 107 205 28 73 135 
+190 188 171 217 235 30 187 254 179 76 205 49 77 143 130 205 206 26 158 12 154 
+101 120 91 66 253 3 38 46 224 198 5 94 206 144 68 27 75 50 54 224 258 9 102 199 
+3 179 136 209 57 56 160 165 14 129 8 125 157 95 116 240 36 212 148 217 57 77 
+203 134 213 146 43 193 80 116 122 87 236 7 9 123 242 231 119 153 244 125 238 
+142 132 120 70 23 245 63 21 50 156 16 243 127 153 45 129 207 121 149 155 99 205 
+227 30 166 211 57 ^
+548 0 134 188 53 47 219 148 236 58 84 142 148 247 172 224 174 45 221 63 99 97 
+171 194 15 156 250 149 132 179 71 30 183 78 54 77 118 37 207 232 94 60 248 151 
+47 42 110 117 235 205 223 112 43 212 81 82 61 101 12 34 190 102 208 117 58 167 
+104 29 164 76 45 138 101 1 180 50 70 51 143 210 32 181 163 191 81 31 245 123 63 
+16 135 30 17 154 75 26 93 92 62 163 14 43 129 119 244 144 240 148 70 134 105 91 
+166 42 27 155 94 28 102 31 79 199 84 225 110 128 89 85 255 9 17 60 259 5 187 74 
+224 91 83 80 146 238 233 207 138 18 39 39 133 209 230 179 154 252 64 255 175 
+158 82 50 247 89 2 33 128 100 199 135 41 131 34 107 140 67 200 197 86 140 16 
+124 176 137 122 178 52 245 174 139 37 41 48 72 226 6 206 119 233 30 100 116 173 
+160 214 173 26 176 54 160 80 135 124 93 175 24 44 191 164 210 83 257 184 140 99 
+86 57 54 243 42 16 41 214 256 205 57 188 21 161 99 180 133 32 192 17 71 113 145 
+219 231 198 199 1 3 12 211 228 4 31 213 237 203 48 249 4 125 72 215 152 66 87 
+76 56 252 241 33 77 24 178 229 23 76 222 176 220 84 59 186 106 38 103 93 81 165 
+23 242 146 155 11 66 4 114 175 75 120 169 113 228 181 69 115 60 82 227 25 251 
+85 172 47 136 186 138 184 223 61 184 191 175 107 6 29 81 114 207 221 197 137 
+216 254 73 194 192 194 109 232 11 98 107 234 143 221 146 61 195 88 55 139 120 3 
+189 249 87 87 170 132 13 147 51 132 96 109 149 49 217 233 113 62 257 90 64 78 
+137 39 216 171 111 53 58 73 28 8 215 58 250 66 170 38 197 169 102 114 41 37 218 
+86 234 92 145 125 155 177 250 243 208 200 20 48 21 150 245 40 101 178 218 169 
+196 190 19 246 236 141 46 23 65 108 36 188 187 85 78 231 115 237 120 86 151 130 
+4 208 34 96 26 187 168 40 112 32 98 201 50 164 127 121 159 7 19 235 122 1 14 
+126 91 118 5 104 112 126 174 222 259 182 225 193 90 230 2 116 90 198 116 39 122 
+95 90 147 40 18 216 77 35 75 109 55 190 196 24 95 7 185 159 101 95 256 71 19 69 
+198 22 180 144 146 72 49 228 87 253 94 111 64 172 213 60 165 189 166 125 206 36 
+11 149 183 255 92 196 201 133 126 8 38 20 131 213 ^
+547 0 29 162 161 178 142 14 207 49 141 31 120 183 72 135 212 73 161 198 101 136 
+238 59 189 173 192 94 29 205 60 78 48 158 206 254 114 176 227 102 213 224 87 
+164 213 150 147 175 76 227 196 112 124 255 97 1 93 171 109 132 146 75 201 210 
+84 149 215 139 210 158 38 153 14 133 109 152 156 248 232 9 183 240 236 50 167 
+17 148 158 163 93 3 8 32 103 8 200 204 108 32 9 58 89 247 175 244 66 85 155 191 
+256 154 239 210 115 139 42 108 200 110 209 132 103 176 39 42 151 99 10 115 65 
+102 119 63 187 258 69 100 204 202 193 171 15 233 35 118 6 211 141 125 70 83 29 
+68 67 185 81 157 106 117 148 64 2 193 46 75 33 160 246 55 97 138 153 182 183 
+260 195 223 198 27 247 38 184 55 222 78 142 57 106 211 47 226 170 126 96 18 6 
+43 40 25 238 227 28 11 235 212 30 36 195 254 239 116 165 28 85 175 150 167 185 
+249 258 206 160 215 65 8 220 163 19 63 19 157 180 57 137 201 136 144 160 78 216 
+259 95 86 232 177 22 129 68 168 117 74 124 13 56 174 124 181 157 12 218 248 158 
+69 194 103 51 99 53 14 176 59 52 62 130 20 214 156 123 30 20 46 106 23 249 164 
+45 49 47 132 9 15 139 136 7 100 16 91 182 46 149 184 98 121 240 48 252 156 154 
+71 109 226 96 186 107 143 134 92 188 22 4 128 179 242 151 173 161 104 202 25 70 
+126 190 179 168 211 235 24 181 251 173 67 205 40 68 137 127 196 206 23 155 3 
+145 92 114 82 66 253 256 29 37 221 189 5 91 256 197 138 59 21 72 41 51 224 255 
+3 102 193 3 176 133 203 51 56 154 165 8 126 2 119 157 86 107 237 33 203 145 217 
+54 71 203 125 207 143 40 193 77 116 122 78 236 7 6 117 242 225 113 150 241 125 
+238 133 129 111 67 17 242 57 12 50 147 7 237 127 153 45 123 198 121 146 149 90 
+199 221 21 166 202 162 130 188 53 45 217 148 232 52 82 140 142 245 166 222 172 
+41 219 63 93 97 169 194 9 152 250 147 132 177 65 28 179 74 50 73 118 37 201 230 
+94 60 246 149 47 38 110 115 233 203 219 106 43 208 75 76 59 95 12 30 188 96 206 
+117 54 165 102 25 164 76 39 136 101 261 178 48 64 45 143 208 32 177 159 189 79 
+31 245 123 61 10 135 24 13 150 73 24 87 90 62 161 10 41 125 209 ^
+542 1 244 136 232 140 62 122 105 91 158 30 27 151 82 16 94 23 79 199 84 221 98 
+128 81 77 247 1 17 48 259 261 187 66 216 87 75 68 142 230 225 203 130 18 35 27 
+125 201 226 179 142 252 60 255 167 146 82 42 239 77 258 21 116 96 191 123 33 
+123 22 103 128 55 196 193 86 136 16 120 168 133 114 170 48 237 162 135 29 29 40 
+60 218 2 198 119 229 22 92 108 161 148 202 165 26 164 50 152 80 127 116 85 171 
+24 44 191 160 198 71 249 180 140 99 82 53 54 235 42 12 37 206 248 193 49 176 9 
+157 91 180 129 20 188 5 63 109 137 219 231 190 195 1 259 8 207 224 19 201 237 
+199 36 241 256 117 72 203 152 58 87 64 48 248 241 29 77 20 166 229 11 72 214 
+172 216 76 55 174 94 34 99 93 73 153 19 238 138 147 263 54 4 102 163 63 120 157 
+113 220 181 57 111 52 78 223 13 251 73 164 39 132 186 138 184 223 61 172 179 
+175 107 6 17 81 114 207 213 185 125 212 246 73 190 184 186 101 224 11 98 95 226 
+131 221 146 49 187 88 51 139 112 255 189 245 75 79 162 124 9 135 51 128 92 97 
+141 49 213 233 105 54 257 82 64 74 129 31 208 163 111 41 58 65 24 260 211 54 
+246 62 170 26 197 169 98 106 41 25 210 78 234 92 145 121 155 165 242 243 208 
+200 12 48 21 142 241 40 97 178 214 161 196 182 7 242 232 129 42 23 57 100 32 
+184 175 81 66 227 107 233 116 74 151 130 260 200 34 88 14 179 164 28 112 28 90 
+193 38 156 115 109 159 259 19 227 118 253 10 122 83 256 106 257 104 104 126 166 
+218 255 178 225 181 90 230 262 104 78 186 112 39 110 87 86 147 36 14 216 65 35 
+75 105 43 178 188 16 83 3 185 151 93 95 252 71 11 61 194 14 168 144 134 64 37 
+228 83 245 86 99 56 172 205 56 161 185 162 113 194 36 3 137 171 251 84 184 197 
+121 118 30 16 131 188 27 162 161 174 142 14 205 45 141 27 114 181 68 131 210 67 
+155 198 97 130 234 55 185 173 192 88 25 199 58 76 44 154 200 250 108 172 227 96 
+213 222 85 160 209 150 143 169 72 225 192 110 124 251 95 263 91 169 109 126 140 
+73 201 204 80 149 215 137 208 152 32 147 10 133 103 150 154 248 230 9 183 236 
+234 44 165 15 144 156 163 89 1 6 28 101 8 196 204 106 164 ^
+567 0 1 46 89 239 167 236 62 85 143 187 256 154 235 210 115 131 38 108 196 106 
+209 124 103 176 31 34 139 91 10 107 61 94 115 59 179 258 69 92 200 202 189 171 
+11 225 31 106 264 207 137 121 70 83 29 64 67 177 77 145 102 113 144 56 2 181 34 
+67 33 160 246 47 85 126 145 174 171 260 183 215 190 23 247 38 180 55 222 70 138 
+45 98 211 39 226 166 118 92 6 260 39 32 25 234 219 20 3 227 212 30 254 28 195 
+254 239 112 153 28 73 171 138 167 181 245 250 198 148 207 65 262 220 155 15 55 
+11 153 172 57 137 193 128 132 156 78 208 255 91 82 232 177 22 129 68 168 105 74 
+112 9 44 174 116 177 149 4 218 240 158 65 190 95 39 87 41 2 164 59 52 50 118 20 
+214 144 111 18 16 46 106 15 249 152 37 45 43 128 5 15 127 136 3 100 4 79 182 42 
+137 176 86 117 240 36 248 156 150 67 105 218 96 174 99 135 134 88 176 14 258 
+124 175 234 147 161 153 100 198 21 66 114 190 167 164 203 235 16 173 247 165 55 
+205 28 56 129 123 184 206 19 151 257 133 80 106 70 66 253 248 17 25 217 177 5 
+87 252 185 130 47 13 68 29 47 224 251 261 102 185 3 172 129 195 43 56 146 165 
+122 260 111 157 74 95 233 29 191 141 217 50 63 203 113 199 139 36 193 73 116 
+122 66 236 7 2 109 242 217 105 146 237 125 238 121 125 99 63 9 238 49 50 135 
+261 229 127 153 45 115 186 121 142 141 78 191 213 9 166 190 150 122 188 53 41 
+213 148 224 40 78 136 130 241 154 218 168 33 215 63 81 97 165 194 263 144 250 
+143 132 173 53 24 171 66 42 65 118 37 189 226 94 60 242 145 47 30 110 111 229 
+199 211 94 43 200 63 64 55 83 12 22 184 84 202 117 46 161 98 17 164 76 27 132 
+101 261 174 44 52 33 143 204 32 169 151 185 75 31 245 123 57 264 135 12 5 142 
+69 20 75 86 62 157 2 37 117 101 244 132 228 136 58 116 105 91 154 24 27 149 76 
+10 90 19 79 199 84 219 92 128 77 73 243 263 17 42 259 259 187 62 212 85 71 62 
+140 226 221 201 126 18 33 21 121 197 224 179 136 252 58 255 163 140 82 38 235 
+71 256 15 110 94 187 117 29 119 16 101 122 49 194 191 86 134 16 118 164 131 110 
+166 46 233 156 133 25 23 36 54 214 194 119 227 18 88 104 155 142 196 161 26 158 
+48 148 80 123 112 81 169 24 44 191 158 192 65 245 178 140 223 ^
+551 1 78 49 54 227 42 8 33 198 240 181 41 164 265 153 83 180 125 8 184 261 55 
+105 129 219 231 182 191 1 255 4 203 220 264 7 189 237 195 24 233 248 109 72 191 
+152 50 87 52 40 244 241 25 77 16 154 229 267 68 206 168 212 68 51 162 82 30 95 
+93 65 141 15 234 130 139 255 42 4 90 151 51 120 145 113 212 181 45 107 44 74 
+219 1 251 61 156 31 128 186 138 184 223 61 160 167 175 107 6 5 81 114 207 205 
+173 113 208 238 73 186 176 178 93 216 11 98 83 218 119 221 146 37 179 88 47 139 
+104 247 189 241 63 71 154 116 5 123 51 124 88 85 133 49 209 233 97 46 257 74 64 
+70 121 23 200 155 111 29 58 57 20 252 207 50 242 58 170 14 197 169 94 98 41 13 
+202 70 234 92 145 117 155 153 234 243 208 200 4 48 21 134 237 40 93 178 210 153 
+196 174 263 238 228 117 38 23 49 92 28 180 163 77 54 223 99 229 112 62 151 130 
+256 192 34 80 2 171 160 16 112 24 82 185 26 148 103 97 159 251 19 219 114 245 6 
+118 75 252 94 249 104 96 126 158 214 251 174 225 169 90 230 262 92 66 174 108 
+39 98 79 82 147 32 10 216 53 35 75 101 31 166 180 8 71 267 185 143 85 95 248 71 
+3 53 190 6 156 144 122 56 25 228 79 237 78 87 48 172 197 52 157 181 158 101 182 
+36 263 125 159 247 76 172 193 109 110 260 22 12 131 176 23 162 161 166 142 14 
+201 37 141 19 102 177 60 123 206 55 143 198 89 118 226 47 177 173 192 76 17 187 
+54 72 36 146 188 242 96 164 227 84 213 218 81 152 201 150 135 157 64 221 184 
+106 124 243 91 263 87 165 109 114 128 69 201 192 72 149 215 133 204 140 20 135 
+2 133 91 146 150 248 226 9 183 228 230 32 161 11 136 152 163 81 265 2 20 97 8 
+188 204 102 26 265 40 89 235 163 232 60 85 137 185 256 154 233 210 115 127 36 
+108 194 104 209 120 103 176 27 30 133 87 10 103 59 90 113 57 175 258 69 88 198 
+202 187 171 9 221 29 100 262 205 135 119 70 83 29 62 67 173 75 139 100 111 142 
+52 2 175 28 63 33 160 246 43 79 120 141 170 165 260 177 211 186 21 247 38 178 
+55 222 66 136 39 94 211 35 226 164 114 90 256 37 28 25 232 215 16 267 223 212 
+30 250 24 195 254 239 110 147 28 67 169 132 167 179 243 246 194 142 203 65 263 ^
+578 0 220 147 11 47 3 149 164 57 137 185 120 120 152 78 200 251 87 78 232 177 
+22 129 68 168 93 74 100 5 32 174 108 173 141 266 218 232 158 61 186 87 27 75 29 
+260 152 59 52 38 106 20 214 132 99 6 12 46 106 7 249 140 29 41 39 124 1 15 115 
+136 269 100 262 67 182 38 125 168 74 113 240 24 244 156 146 63 101 210 96 162 
+91 127 134 84 164 6 250 120 171 226 143 149 145 96 194 17 62 102 190 155 160 
+195 235 8 165 243 157 43 205 16 44 121 119 172 206 15 147 249 121 68 98 58 66 
+253 240 5 13 213 165 5 83 248 173 122 35 5 64 17 43 224 247 257 102 177 3 168 
+125 187 35 56 138 165 262 118 256 103 157 62 83 229 25 179 137 217 46 55 203 
+101 191 135 32 193 69 116 122 54 236 7 268 101 242 209 97 142 233 125 238 109 
+121 87 59 1 234 41 258 50 123 253 221 127 153 45 107 174 121 138 133 66 183 205 
+267 166 178 138 114 188 53 37 209 148 216 28 74 132 118 237 142 214 164 25 211 
+63 69 97 161 194 255 136 250 139 132 169 41 20 163 58 34 57 118 37 177 222 94 
+60 238 141 47 22 110 107 225 195 203 82 43 192 51 52 51 71 12 14 180 72 198 117 
+38 157 94 9 164 76 15 128 101 261 170 40 40 21 143 200 32 161 143 181 71 31 245 
+123 53 256 135 267 134 65 16 63 82 62 153 264 33 109 89 244 124 220 128 50 104 
+105 91 146 12 27 145 64 268 82 11 79 199 84 215 80 128 69 65 235 259 17 30 259 
+255 187 54 204 81 63 50 136 218 213 197 118 18 29 9 113 189 220 179 124 252 54 
+255 155 128 82 30 227 59 252 3 98 90 179 105 21 111 4 97 110 37 190 187 86 130 
+16 114 156 127 102 158 42 225 144 129 17 11 28 42 206 266 186 119 223 10 80 96 
+143 130 184 153 26 146 44 140 80 115 104 73 165 24 44 191 154 180 53 237 174 
+140 99 76 47 54 223 42 6 31 194 236 175 37 158 261 151 79 180 123 2 182 257 51 
+103 125 219 231 178 189 1 253 2 201 218 264 1 183 237 193 18 229 244 105 72 185 
+152 46 87 46 36 242 241 23 77 14 148 229 263 66 202 166 210 64 49 156 76 28 93 
+93 61 135 13 232 126 135 251 36 4 84 145 45 120 139 113 208 181 39 105 40 72 
+217 265 251 55 152 27 126 186 138 184 223 61 154 161 175 107 6 269 81 114 207 
+201 167 107 206 234 73 184 172 174 89 212 11 98 77 214 113 221 146 31 175 88 45 
+139 100 243 189 213 ^
+578 1 51 63 146 108 1 111 51 120 84 73 125 49 205 233 89 38 257 66 64 66 113 15 
+192 147 111 17 58 49 16 244 203 46 238 54 170 2 197 169 90 90 41 1 194 62 234 
+92 145 113 155 141 226 243 208 200 268 48 21 126 233 40 89 178 206 145 196 166 
+255 234 224 105 34 23 41 84 24 176 151 73 42 219 91 225 108 50 151 130 252 184 
+34 72 262 163 156 4 112 20 74 177 14 140 91 85 159 243 19 211 110 237 2 114 67 
+248 82 241 104 88 126 150 210 247 170 225 157 90 230 262 80 54 162 104 39 86 71 
+78 147 28 6 216 41 35 75 97 19 154 172 59 267 185 135 77 95 244 71 267 45 186 
+270 144 144 110 48 13 228 75 229 70 75 40 172 189 48 153 177 154 89 170 36 259 
+113 147 243 68 160 189 97 102 256 14 8 131 164 19 162 161 158 142 14 197 29 141 
+11 90 173 52 115 202 43 131 198 81 106 218 39 169 173 192 64 9 175 50 68 28 138 
+176 234 84 156 227 72 213 214 77 144 193 150 127 145 56 217 176 102 124 235 87 
+263 83 161 109 102 116 65 201 180 64 149 215 129 200 128 8 123 266 133 79 142 
+146 248 222 9 183 220 226 20 157 7 128 148 163 73 265 270 12 93 8 180 204 98 22 
+261 28 89 227 155 224 56 85 125 181 256 154 229 210 115 119 32 108 190 100 209 
+112 103 176 19 22 121 79 10 95 55 82 109 53 167 258 69 80 194 202 183 171 5 213 
+25 88 258 201 131 115 70 83 29 58 67 165 71 127 96 107 138 44 2 163 16 55 33 
+160 246 35 67 108 133 162 153 260 165 203 178 17 247 38 174 55 222 58 132 27 86 
+211 27 226 160 106 86 260 248 33 20 25 228 207 8 263 215 212 30 242 16 195 254 
+239 106 135 28 55 165 120 167 175 239 238 186 130 195 65 250 220 143 9 43 271 
+147 160 57 137 181 116 114 150 78 196 249 85 76 232 177 22 129 68 168 87 74 94 
+3 26 174 104 171 137 264 218 228 158 59 184 83 21 69 23 256 146 59 52 32 100 20 
+214 126 93 10 46 106 3 249 134 25 39 37 122 271 15 109 136 269 100 258 61 182 
+36 119 164 68 111 240 18 242 156 144 61 99 206 96 156 87 123 134 82 158 2 246 
+118 169 222 141 143 141 94 192 15 60 96 190 149 158 191 235 4 161 241 153 37 
+205 10 38 117 117 166 206 13 145 245 115 62 94 52 66 253 236 271 7 211 159 5 81 
+246 167 118 29 1 62 11 41 224 245 255 102 173 3 166 123 183 31 56 134 165 260 
+116 254 81 ^
+583 1 157 50 71 225 21 167 133 217 42 47 203 89 183 131 28 193 65 116 122 42 
+236 7 268 93 242 201 89 138 229 125 238 97 117 75 55 267 230 33 250 50 111 245 
+213 127 153 45 99 162 121 134 125 54 175 197 259 166 166 126 106 188 53 33 205 
+148 208 16 70 128 106 233 130 210 160 17 207 63 57 97 157 194 247 128 250 135 
+132 165 29 16 155 50 26 49 118 37 165 218 94 60 234 137 47 14 110 103 221 191 
+195 70 43 184 39 40 47 59 12 6 176 60 194 117 30 153 90 1 164 76 3 124 101 261 
+166 36 28 9 143 196 32 153 135 177 67 31 245 123 49 248 135 262 263 126 61 12 
+51 78 62 149 260 29 101 77 244 116 212 120 42 92 105 91 138 27 141 52 260 74 3 
+79 199 84 211 68 128 61 57 227 255 17 18 259 251 187 46 196 77 55 38 132 210 
+205 193 110 18 25 271 105 181 216 179 112 252 50 255 147 116 82 22 219 47 248 
+265 86 86 171 93 13 103 266 93 98 25 186 183 86 126 16 110 148 123 94 150 38 
+217 132 125 9 273 20 30 198 266 178 119 219 2 72 88 131 118 172 145 26 134 40 
+132 80 107 96 65 161 24 44 191 150 168 41 229 170 140 99 72 43 54 215 42 2 27 
+186 228 163 29 146 253 147 71 180 119 264 178 249 43 99 117 219 231 170 185 1 
+249 272 197 214 264 263 171 237 189 6 221 236 97 72 173 152 38 87 34 28 238 241 
+19 77 10 136 229 255 62 194 162 206 56 45 144 64 24 89 93 53 123 9 228 118 127 
+243 24 4 72 133 33 120 127 113 200 181 27 101 32 68 213 257 251 43 144 19 122 
+186 138 184 223 61 142 149 175 107 6 261 81 114 207 193 155 95 202 226 73 180 
+164 166 81 204 11 98 65 206 101 221 146 19 167 88 41 139 92 235 189 235 45 59 
+142 104 273 105 51 118 82 67 121 49 203 233 85 34 257 62 64 64 109 11 188 143 
+111 11 58 45 14 240 201 44 236 52 170 270 197 169 88 86 41 269 190 58 234 92 
+145 111 155 135 222 243 208 200 266 48 21 122 231 40 87 178 204 141 196 162 251 
+232 222 99 32 23 37 80 22 174 145 71 36 217 87 223 106 44 151 130 250 180 34 68 
+258 159 154 272 112 18 70 173 8 136 85 79 159 239 19 207 108 233 112 63 246 76 
+237 104 84 126 146 208 245 168 225 151 90 230 262 74 48 156 102 39 80 67 76 147 
+26 4 216 35 35 75 95 13 148 168 270 53 267 185 131 73 95 242 71 265 41 184 268 
+138 144 104 44 7 228 73 225 66 69 36 272 ^
+588 0 181 44 149 173 150 77 158 36 255 101 135 239 60 148 185 85 94 252 6 4 131 
+152 15 162 161 150 142 14 193 21 141 3 78 169 44 107 198 31 119 198 73 94 210 
+31 161 173 192 52 1 163 46 64 20 130 164 226 72 148 227 60 213 210 73 136 185 
+150 119 133 48 213 168 98 124 227 83 263 79 157 109 90 104 61 201 168 56 149 
+215 125 196 116 272 111 262 133 67 138 142 248 218 9 183 212 222 8 153 3 120 
+144 163 65 265 270 4 89 8 172 204 94 18 257 16 89 219 147 216 52 85 113 177 256 
+154 225 210 115 111 28 108 186 96 209 104 103 176 11 14 109 71 10 87 51 74 105 
+49 159 258 69 72 190 202 179 171 1 205 21 76 254 197 127 111 70 83 29 54 67 157 
+67 115 92 103 134 36 2 151 4 47 33 160 246 27 55 96 125 154 141 260 153 195 170 
+13 247 38 170 55 222 50 128 15 78 211 19 226 156 98 82 252 240 29 12 25 224 199 
+259 207 212 30 234 8 195 254 239 102 123 28 43 161 108 167 171 235 230 178 118 
+187 65 242 220 135 5 35 267 143 152 57 137 173 108 102 146 78 188 245 81 72 232 
+177 22 129 68 168 75 74 82 275 14 174 96 167 129 260 218 220 158 55 180 75 9 57 
+11 248 134 59 52 20 88 20 214 114 81 264 6 46 106 271 249 122 17 35 33 118 271 
+15 97 136 269 100 250 49 182 32 107 156 56 107 240 6 238 156 140 57 95 198 96 
+144 79 115 134 78 146 270 238 114 165 214 137 131 133 90 188 11 56 84 190 137 
+154 183 235 272 153 237 145 25 205 274 26 109 113 154 206 9 141 237 103 50 86 
+40 66 253 228 263 271 207 147 5 77 242 155 110 17 269 58 275 37 224 241 251 102 
+165 3 162 119 175 23 56 126 165 256 112 250 91 157 44 65 223 19 161 131 217 40 
+43 203 83 179 129 26 193 63 116 122 36 236 7 268 89 242 197 85 136 227 125 238 
+91 115 69 53 265 228 29 246 50 105 241 209 127 153 45 95 156 121 132 121 48 171 
+193 255 166 160 120 102 188 53 31 203 148 204 10 68 126 100 231 124 208 158 13 
+205 63 51 97 155 194 243 124 250 133 132 163 23 14 151 46 22 45 118 37 159 216 
+94 60 232 135 47 10 110 101 219 189 191 64 43 180 33 34 45 53 12 2 174 54 192 
+117 26 151 88 273 164 76 273 122 101 261 164 34 22 3 143 194 32 149 131 175 65 
+31 245 123 47 244 135 258 261 122 59 10 45 76 62 147 258 27 97 71 244 112 208 
+116 38 86 105 91 134 270 27 139 46 256 70 275 79 199 160 ^
+594 0 207 56 128 53 49 219 251 17 6 259 247 187 38 188 73 47 26 128 202 197 189 
+102 18 21 263 97 173 212 179 100 252 46 255 139 104 82 14 211 35 244 257 74 82 
+163 81 5 95 258 89 86 13 182 179 86 122 16 106 140 119 86 142 34 209 120 121 1 
+265 12 18 190 266 170 119 215 272 64 80 119 106 160 137 26 122 36 124 80 99 88 
+57 157 24 44 191 146 156 29 221 166 140 99 68 39 54 207 42 276 23 178 220 151 
+21 134 245 143 63 180 115 256 174 241 35 95 109 219 231 162 181 1 245 272 193 
+210 264 255 159 237 185 272 213 228 89 72 161 152 30 87 22 20 234 241 15 77 6 
+124 229 247 58 186 158 202 48 41 132 52 20 85 93 45 111 5 224 110 119 235 12 4 
+60 121 21 120 115 113 192 181 15 97 24 64 209 249 251 31 136 11 118 186 138 184 
+223 61 130 137 175 107 6 253 81 114 207 185 143 83 198 218 73 176 156 158 73 
+196 11 98 53 198 89 221 146 7 159 88 37 139 84 227 189 231 33 51 134 96 273 93 
+51 114 78 55 113 49 199 233 77 26 257 54 64 60 101 3 180 135 111 277 58 37 10 
+232 197 40 232 48 170 262 197 169 84 78 41 261 182 50 234 92 145 107 155 123 
+214 243 208 200 262 48 21 114 227 40 83 178 200 133 196 154 243 228 218 87 28 
+23 29 72 18 170 133 67 24 213 79 219 102 32 151 130 246 172 34 60 250 151 150 
+264 112 14 62 165 274 128 73 67 159 231 19 199 104 225 274 108 55 242 64 229 
+104 76 126 138 204 241 164 225 139 90 230 262 62 36 144 98 39 68 59 72 147 22 
+216 23 35 75 91 1 136 160 266 41 267 185 123 65 95 238 71 261 33 180 264 126 
+144 92 36 273 228 69 217 58 57 28 172 177 42 147 171 148 71 152 36 253 95 129 
+237 56 142 183 79 90 250 2 2 131 146 13 162 161 146 142 14 191 17 141 277 72 
+167 40 103 196 25 113 198 69 88 206 27 157 173 192 46 275 157 44 62 16 126 158 
+222 66 144 227 54 213 208 71 132 181 150 115 127 44 211 164 96 124 223 81 263 
+77 155 109 84 98 59 201 162 52 149 215 123 194 110 268 105 260 133 61 136 140 
+248 216 9 183 208 220 2 151 1 116 142 163 61 265 270 87 8 168 204 92 16 255 10 
+89 215 143 212 50 85 107 175 256 154 223 210 115 107 26 108 184 94 209 100 103 
+176 7 10 103 67 10 83 49 70 103 47 155 258 69 68 188 202 177 171 277 201 19 70 
+252 195 125 109 70 83 29 52 67 153 65 109 90 101 132 32 2 145 276 43 33 160 246 
+23 259 ^
+600 1 87 119 148 132 260 144 189 164 10 247 38 167 55 222 44 125 6 72 211 13 
+226 153 92 79 246 234 26 6 25 221 193 273 256 201 212 30 228 2 195 254 239 99 
+114 28 34 158 99 167 168 232 224 172 109 181 65 236 220 129 2 29 264 140 146 57 
+137 167 102 93 143 78 182 242 78 69 232 177 22 129 68 168 66 74 73 275 5 174 90 
+164 123 257 218 214 158 52 177 69 48 2 242 125 59 52 11 79 20 214 105 72 258 3 
+46 106 268 249 113 11 32 30 115 271 15 88 136 269 100 244 40 182 29 98 150 47 
+104 240 276 235 156 137 54 92 192 96 135 73 109 134 75 137 267 232 111 162 208 
+134 122 127 87 185 8 53 75 190 128 151 177 235 269 147 234 139 16 205 268 17 
+103 110 145 206 6 138 231 94 41 80 31 66 253 222 257 265 204 138 5 74 239 146 
+104 8 266 55 269 34 224 238 248 102 159 3 159 116 169 17 56 120 165 253 109 247 
+85 157 35 56 220 16 152 128 217 37 37 203 74 173 126 23 193 60 116 122 27 236 7 
+268 83 242 191 79 133 224 125 238 82 112 60 50 262 225 23 240 50 96 235 203 127 
+153 45 89 147 121 129 115 39 165 187 249 166 151 111 96 188 53 28 200 148 198 1 
+65 123 91 228 115 205 155 7 202 63 42 97 152 194 237 118 250 130 132 160 14 11 
+145 40 16 39 118 37 150 213 94 60 229 132 47 4 110 98 216 186 185 55 43 174 24 
+25 42 44 12 275 171 45 189 117 20 148 85 270 164 76 267 119 101 261 161 31 13 
+273 143 191 32 143 125 172 62 31 245 123 44 238 135 252 258 116 56 7 36 73 62 
+144 255 24 91 62 244 106 202 110 32 77 105 91 128 264 27 136 37 250 64 272 79 
+199 84 206 53 128 51 47 217 250 17 3 259 246 187 36 186 72 45 23 127 200 195 
+188 100 18 20 261 95 171 211 179 97 252 45 255 137 101 82 12 209 32 243 255 71 
+81 161 78 3 93 256 88 83 10 181 178 86 121 16 105 138 118 84 140 33 207 117 120 
+278 263 10 15 188 266 168 119 214 271 62 78 116 103 157 135 26 119 35 122 80 97 
+86 55 156 24 44 191 145 153 26 219 165 140 99 67 38 54 205 42 276 22 176 218 
+148 19 131 243 142 61 180 114 254 173 239 33 94 107 219 231 160 180 1 244 272 
+192 209 264 253 156 237 184 270 211 226 87 72 158 152 28 87 19 18 233 241 14 77 
+5 121 229 245 57 184 157 201 46 40 129 49 19 84 93 43 108 4 223 108 117 233 9 4 
+57 118 18 120 112 113 190 181 12 96 22 63 208 247 251 28 134 9 117 186 138 184 
+223 61 127 216 ^
+590 1 175 107 6 247 81 114 207 179 134 74 195 212 73 173 150 152 67 190 11 98 
+44 192 80 221 146 279 153 88 34 139 78 221 189 228 24 45 128 90 273 84 51 111 
+75 46 107 49 196 233 71 20 257 48 64 57 95 278 174 129 111 271 58 31 7 226 194 
+37 229 45 170 256 197 169 81 72 41 255 176 44 234 92 145 104 155 114 208 243 
+208 200 259 48 21 108 224 40 80 178 197 127 196 148 237 225 215 78 25 23 23 66 
+15 167 124 64 15 210 73 216 99 23 151 130 243 166 34 54 244 145 147 258 112 11 
+56 159 268 122 64 58 159 225 19 193 101 219 274 105 49 239 55 223 104 70 126 
+132 201 238 161 225 130 90 230 262 53 27 135 95 39 59 53 69 147 19 278 216 14 
+35 75 88 273 127 154 263 32 267 185 117 59 95 235 71 258 27 177 261 117 144 83 
+30 267 228 66 211 52 48 22 172 171 39 144 168 145 62 143 36 250 86 120 234 50 
+133 180 70 84 247 277 280 131 137 10 162 161 140 142 14 188 11 141 274 63 164 
+34 97 193 16 104 198 63 79 200 21 151 173 192 37 272 148 41 59 10 120 149 216 
+57 138 227 45 213 205 68 126 175 150 109 118 38 208 158 93 124 217 78 263 74 
+152 109 75 89 56 201 153 46 149 215 120 191 101 262 96 257 133 52 133 137 248 
+213 9 183 202 217 274 148 279 110 139 163 55 265 270 275 84 8 162 204 89 13 252 
+1 89 209 137 206 47 85 98 172 256 154 220 210 115 101 23 108 181 91 209 94 103 
+176 1 4 94 61 10 77 46 64 100 44 149 258 69 62 185 202 174 171 277 195 16 61 
+249 192 122 106 70 83 29 49 67 147 62 100 87 98 129 26 2 136 270 37 33 160 246 
+17 40 81 115 144 126 260 138 185 160 8 247 38 165 55 222 40 123 68 211 9 226 
+151 88 77 242 230 24 2 25 219 189 271 254 197 212 30 224 279 195 254 239 97 108 
+28 28 156 93 167 166 230 220 168 103 177 65 232 220 125 25 262 138 142 57 137 
+163 98 87 141 78 178 240 76 67 232 177 22 129 68 168 60 74 67 275 280 174 86 
+162 119 255 218 210 158 50 175 65 275 42 277 238 119 59 52 5 73 20 214 99 66 
+254 1 46 106 266 249 107 7 30 28 113 271 15 82 136 269 100 240 34 182 27 92 146 
+41 102 240 272 233 156 135 52 90 188 96 129 69 105 134 73 131 265 228 109 160 
+204 132 116 123 85 183 6 51 69 190 122 149 173 235 267 143 232 135 10 205 264 
+11 99 108 139 206 4 136 227 88 35 76 25 66 253 218 253 261 202 132 5 72 237 140 
+203 ^
+620 0 279 262 51 261 30 224 234 244 102 151 3 155 112 161 9 56 112 165 249 105 
+243 77 157 23 44 216 12 140 124 217 33 29 203 62 165 122 19 193 56 116 122 15 
+236 7 268 75 242 183 71 129 220 125 238 70 108 48 46 258 221 15 232 50 84 227 
+195 127 153 45 81 135 121 125 107 27 157 179 241 166 139 99 88 188 53 24 196 
+148 190 272 61 119 79 224 103 201 151 282 198 63 30 97 148 194 229 110 250 126 
+132 156 2 7 137 32 8 31 118 37 138 209 94 60 225 128 47 279 110 94 212 182 177 
+43 43 166 12 13 38 32 12 271 167 33 185 117 12 144 81 266 164 76 259 115 101 
+261 157 27 1 265 143 187 32 135 117 168 58 31 245 123 40 230 135 244 254 108 52 
+3 24 69 62 140 251 20 83 50 244 98 194 102 24 65 105 91 120 256 27 132 25 242 
+56 268 79 199 84 202 41 128 43 39 209 246 17 274 259 242 187 28 178 68 37 11 
+123 192 187 184 92 18 16 253 87 163 207 179 85 252 41 255 129 89 82 4 201 20 
+239 247 59 77 153 66 278 85 248 84 71 281 177 174 86 117 16 101 130 114 76 132 
+29 199 105 116 274 255 2 3 180 266 160 119 210 267 54 70 104 91 145 127 26 107 
+31 114 80 89 78 47 152 24 44 191 141 141 14 211 161 140 99 63 34 54 197 42 276 
+18 168 210 136 11 119 235 138 53 180 110 246 169 231 25 90 99 219 231 152 176 1 
+240 272 188 205 264 245 144 237 180 262 203 218 79 72 146 152 20 87 7 10 229 
+241 10 77 1 109 229 237 53 176 153 197 38 36 117 37 15 80 93 35 96 219 100 109 
+225 280 4 45 106 6 120 100 113 182 181 92 14 59 204 239 251 16 126 1 113 186 
+138 184 223 61 115 122 175 107 6 243 81 114 207 175 128 68 193 208 73 171 146 
+148 63 186 11 98 38 188 74 221 146 275 149 88 32 139 74 217 189 226 18 41 124 
+86 273 78 51 109 73 40 103 49 194 233 67 16 257 44 64 55 91 276 170 125 111 267 
+58 27 5 222 192 35 227 43 170 252 197 169 79 68 41 251 172 40 234 92 145 102 
+155 108 204 243 208 200 257 48 21 104 222 40 78 178 195 123 196 144 233 223 213 
+72 23 23 19 62 13 165 118 62 9 208 69 214 97 17 151 130 241 162 34 50 240 141 
+145 254 112 9 52 155 264 118 58 52 159 221 19 189 99 215 274 103 45 237 49 219 
+104 66 126 128 199 236 159 225 124 90 230 262 47 21 129 93 39 53 49 67 147 17 
+278 216 8 35 75 86 269 121 150 261 26 267 185 113 55 95 233 71 256 23 175 259 
+111 144 77 26 263 228 64 207 48 42 18 172 167 37 142 166 143 56 137 36 248 80 
+114 232 46 127 257 ^
+605 1 58 76 243 273 280 131 125 6 162 161 132 142 14 184 3 141 270 51 160 26 89 
+189 4 92 198 55 67 192 13 143 173 192 25 268 136 37 55 2 112 137 208 45 130 227 
+33 213 201 64 118 167 150 101 106 30 204 150 89 124 209 74 263 70 148 109 63 77 
+52 201 141 38 149 215 116 187 89 254 84 253 133 40 129 133 248 209 9 183 194 
+213 266 144 279 102 135 163 47 265 270 271 80 8 154 204 85 9 248 274 89 201 129 
+198 43 85 86 168 256 154 216 210 115 93 19 108 177 87 209 86 103 176 278 281 82 
+53 10 69 42 56 96 40 141 258 69 54 181 202 170 171 277 187 12 49 245 188 118 
+102 70 83 29 45 67 139 58 88 83 94 125 18 2 124 262 29 33 160 246 9 28 69 107 
+136 114 260 126 177 152 4 247 38 161 55 222 32 119 273 60 211 1 226 147 80 73 
+234 222 20 279 25 215 181 267 250 189 212 30 216 275 195 254 239 93 96 28 16 
+152 81 167 162 226 212 160 91 169 65 224 220 117 281 17 258 134 134 57 137 155 
+90 75 137 78 170 236 72 63 232 177 22 129 68 168 48 74 55 275 272 174 78 158 
+111 251 218 202 158 46 171 57 267 30 269 230 107 59 52 278 61 20 214 87 54 246 
+282 46 106 262 249 95 284 26 24 109 271 15 70 136 269 100 232 22 182 23 80 138 
+29 98 240 264 229 156 131 48 86 180 96 117 61 97 134 69 119 261 220 105 156 196 
+128 104 115 81 179 2 47 57 190 110 145 165 235 263 135 228 127 283 205 256 284 
+91 104 127 206 132 219 76 23 68 13 66 253 210 245 253 198 120 5 68 233 128 92 
+275 260 49 257 28 224 232 242 102 147 3 153 110 157 5 56 108 165 247 103 241 73 
+157 17 38 214 10 134 122 217 31 25 203 56 161 120 17 193 54 116 122 9 236 7 268 
+71 242 179 67 127 218 125 238 64 106 42 44 256 219 11 228 50 78 223 191 127 153 
+45 77 129 121 123 103 21 153 175 237 166 133 93 84 188 53 22 194 148 186 268 59 
+117 73 222 97 199 149 280 196 63 24 97 146 194 225 106 250 124 132 154 281 5 
+133 28 4 27 118 37 132 207 94 60 223 126 47 277 110 92 210 180 173 37 43 162 6 
+7 36 26 12 269 165 27 183 117 8 142 79 264 164 76 255 113 101 261 155 25 280 
+261 143 185 32 131 113 166 56 31 245 123 38 226 135 240 252 104 50 1 18 67 62 
+138 249 18 79 44 244 94 190 98 20 59 105 91 116 252 27 130 19 238 52 266 79 199 
+84 200 35 128 39 35 205 244 17 270 259 240 187 24 174 66 33 5 121 188 183 182 
+88 18 14 249 83 159 205 179 79 252 186 ^
+615 0 255 121 77 82 283 193 8 235 239 47 73 145 54 274 77 240 80 59 273 173 170 
+86 113 16 97 122 110 68 124 25 191 93 112 270 247 281 278 172 266 152 119 206 
+263 46 62 92 79 133 119 26 95 27 106 80 81 70 39 148 24 44 191 137 129 2 203 
+157 140 99 59 30 54 189 42 276 14 160 202 124 3 107 227 134 45 180 106 238 165 
+223 17 86 91 219 231 144 172 1 236 272 184 201 264 237 132 237 176 254 195 210 
+71 72 134 152 12 87 282 2 225 241 6 77 284 97 229 229 49 168 149 193 30 32 105 
+25 11 76 93 27 84 283 215 92 101 217 272 4 33 94 281 120 88 113 174 181 275 88 
+6 55 200 231 251 4 118 280 109 186 138 184 223 61 103 110 175 107 6 235 81 114 
+207 167 116 56 189 200 73 167 138 140 55 178 11 98 26 180 62 221 146 267 141 88 
+28 139 66 209 189 222 6 33 116 78 273 66 51 105 69 28 95 49 190 233 59 8 257 36 
+64 51 83 272 162 117 111 259 58 19 1 214 188 31 223 39 170 244 197 169 75 60 41 
+243 164 32 234 92 145 98 155 96 196 243 208 200 253 48 21 96 218 40 74 178 191 
+115 196 136 225 219 209 60 19 23 11 54 9 161 106 58 284 204 61 210 93 5 151 130 
+237 154 34 42 232 133 141 246 112 5 44 147 256 110 46 40 159 213 19 181 95 207 
+274 99 37 233 37 211 104 58 126 120 195 232 155 225 112 90 230 262 35 9 117 89 
+39 41 41 63 147 13 278 216 283 35 75 82 261 109 142 257 14 267 185 105 47 95 
+229 71 252 15 171 255 99 144 65 18 255 228 60 199 40 30 10 172 159 33 138 162 
+139 44 125 36 244 68 102 228 38 115 174 52 72 241 271 280 131 119 4 162 161 128 
+142 14 182 286 141 268 45 158 22 85 187 285 86 198 51 61 188 9 139 173 192 19 
+266 130 35 53 285 108 131 204 39 126 227 27 213 199 62 114 163 150 97 100 26 
+202 146 87 124 205 72 263 68 146 109 57 71 50 201 135 34 149 215 114 185 83 250 
+78 251 133 34 127 131 248 207 9 183 190 211 262 142 279 98 133 163 43 265 270 
+269 78 8 150 204 83 7 246 270 89 197 125 194 41 85 80 166 256 154 214 210 115 
+89 17 108 175 85 209 82 103 176 276 279 76 49 10 65 40 52 94 38 137 258 69 50 
+179 202 168 171 277 183 10 43 243 186 116 100 70 83 29 43 67 135 56 82 81 92 
+123 14 2 118 258 25 33 160 246 5 22 63 103 132 108 260 120 173 148 2 247 38 159 
+55 222 28 117 269 56 211 284 226 145 76 71 230 218 18 277 25 213 177 265 248 
+185 212 30 212 273 195 254 239 91 90 28 10 150 75 167 160 224 175 ^
+613 0 152 79 161 65 216 220 109 281 9 254 130 126 57 137 147 82 63 133 78 162 
+232 68 59 232 177 22 129 68 168 36 74 43 275 264 174 70 154 103 247 218 194 158 
+42 167 49 259 18 261 222 95 59 52 270 49 20 214 75 42 238 282 46 106 258 249 83 
+280 22 20 105 271 15 58 136 269 100 224 10 182 19 68 130 17 94 240 256 225 156 
+127 44 82 172 96 105 53 89 134 65 107 257 212 101 152 188 124 92 107 77 175 287 
+43 45 190 98 141 157 235 259 127 224 119 275 205 248 276 83 100 115 206 285 128 
+211 64 11 60 1 66 253 202 237 245 194 108 5 64 229 116 84 267 256 45 249 24 224 
+228 238 102 139 3 149 106 149 286 56 100 165 243 99 237 65 157 5 26 210 6 122 
+118 217 27 17 203 44 153 116 13 193 50 116 122 286 236 7 268 63 242 171 59 123 
+214 125 238 52 102 30 40 252 215 3 220 50 66 215 183 127 153 45 69 117 121 119 
+95 9 145 167 229 166 121 81 76 188 53 18 190 148 178 260 55 113 61 218 85 195 
+145 276 192 63 12 97 142 194 217 98 250 120 132 150 273 1 125 20 285 19 118 37 
+120 203 94 60 219 122 47 273 110 88 206 176 165 25 43 154 283 284 32 14 12 265 
+161 15 179 117 138 75 260 164 76 247 109 101 261 151 21 272 253 143 181 32 123 
+105 162 52 31 245 123 34 218 135 232 248 96 46 286 6 63 62 134 245 14 71 32 244 
+86 182 90 12 47 105 91 108 244 27 126 7 230 44 262 79 199 84 196 23 128 31 27 
+197 240 17 262 259 236 187 16 166 62 25 282 117 180 175 178 80 18 10 241 75 151 
+201 179 67 252 35 255 117 71 82 281 189 2 233 235 41 71 141 48 272 73 236 78 53 
+269 171 168 86 111 16 95 118 108 64 120 23 187 87 110 268 243 279 274 168 266 
+148 119 204 261 42 58 86 73 127 115 26 89 25 102 80 77 66 35 146 24 44 191 135 
+123 285 199 155 140 99 57 28 54 185 42 276 12 156 198 118 288 101 223 132 41 
+180 104 234 163 219 13 84 87 219 231 140 170 1 234 272 182 199 264 233 126 237 
+174 250 191 206 67 72 128 152 8 87 278 287 223 241 4 77 284 91 229 225 47 164 
+147 191 26 30 99 19 9 74 93 23 78 283 213 88 97 213 268 4 27 88 277 120 82 113 
+170 181 271 86 2 53 198 227 251 287 114 278 107 186 138 184 223 61 97 104 175 
+107 6 231 81 114 207 163 110 50 187 196 73 165 134 136 51 174 11 98 20 176 56 
+221 146 263 137 88 26 139 62 205 189 220 29 112 74 273 60 51 103 67 22 91 49 
+188 233 55 4 257 32 64 49 79 270 158 113 111 255 58 15 288 210 213 ^
+624 1 28 220 36 170 238 197 169 72 54 41 237 158 26 234 92 145 95 155 87 190 
+243 208 200 250 48 21 90 215 40 71 178 188 109 196 130 219 216 206 51 16 23 5 
+48 6 158 97 55 278 201 55 207 90 286 151 130 234 148 34 36 226 127 138 240 112 
+2 38 141 250 104 37 31 159 207 19 175 92 201 274 96 31 230 28 205 104 52 126 
+114 192 229 152 225 103 90 230 262 26 108 86 39 32 35 60 147 10 278 216 277 35 
+75 79 255 100 136 254 5 267 185 99 41 95 226 71 249 9 168 252 90 144 56 12 249 
+228 57 193 34 21 4 172 153 30 135 159 136 35 116 36 241 59 93 225 32 106 171 43 
+66 238 268 280 131 110 1 162 161 122 142 14 179 283 141 265 36 155 16 79 184 
+279 77 198 45 52 182 3 133 173 192 10 263 121 32 50 282 102 122 198 30 120 227 
+18 213 196 59 108 157 150 91 91 20 199 140 84 124 199 69 263 65 143 109 48 62 
+47 201 126 28 149 215 111 182 74 244 69 248 133 25 124 128 248 204 9 183 184 
+208 256 139 279 92 130 163 37 265 270 266 75 8 144 204 80 4 243 264 89 191 119 
+188 38 85 71 163 256 154 211 210 115 83 14 108 172 82 209 76 103 176 273 276 67 
+43 10 59 37 46 91 35 131 258 69 44 176 202 165 171 277 177 7 34 240 183 113 97 
+70 83 29 40 67 129 53 73 78 89 120 8 2 109 252 19 33 160 246 289 13 54 97 126 
+99 260 111 167 142 289 247 38 156 55 222 22 114 263 50 211 281 226 142 70 68 
+224 212 15 274 25 210 171 262 245 179 212 30 206 270 195 254 239 88 81 28 1 147 
+66 167 157 221 202 150 76 159 65 214 220 107 281 7 253 129 124 57 137 145 80 60 
+132 78 160 231 67 58 232 177 22 129 68 168 33 74 40 275 262 174 68 153 101 246 
+218 192 158 41 166 47 257 15 259 220 92 59 52 268 46 20 214 72 39 236 282 46 
+106 257 249 80 279 21 19 104 271 15 55 136 269 100 222 7 182 18 65 128 14 93 
+240 254 224 156 126 43 81 170 96 102 51 87 134 64 104 256 210 100 151 186 123 
+89 105 76 174 287 42 42 190 95 140 155 235 258 125 223 117 273 205 246 274 81 
+99 112 206 285 127 209 61 8 58 288 66 253 200 235 243 193 105 5 63 228 113 82 
+265 255 44 247 23 224 227 237 102 137 3 148 105 147 285 56 98 165 242 98 236 63 
+157 2 23 209 5 119 117 217 26 15 203 41 151 115 12 193 49 116 122 284 236 7 268 
+61 242 169 57 122 213 125 238 49 101 27 39 251 214 1 218 50 63 213 181 127 153 
+45 67 114 121 118 93 6 143 165 227 166 118 78 74 188 53 17 189 148 176 258 54 
+112 58 217 82 194 144 275 191 141 ^
+628 1 3 97 139 194 211 92 250 117 132 147 267 290 119 14 282 13 118 37 111 200 
+94 60 216 119 47 270 110 85 203 173 159 16 43 148 277 278 29 5 12 262 158 6 176 
+117 286 135 72 257 164 76 241 106 101 261 148 18 266 247 143 178 32 117 99 159 
+49 31 245 123 31 212 135 226 245 90 43 286 289 60 62 131 242 11 65 23 244 80 
+176 84 6 38 105 91 102 238 27 123 290 224 38 259 79 199 84 193 14 128 25 21 191 
+237 17 256 259 233 187 10 160 59 19 276 114 174 169 175 74 18 7 235 69 145 198 
+179 58 252 32 255 111 62 82 278 183 285 230 229 32 68 135 39 269 67 230 75 44 
+263 168 165 86 108 16 92 112 105 58 114 20 181 78 107 265 237 276 268 162 266 
+142 119 201 258 36 52 77 64 118 109 26 80 22 96 80 71 60 29 143 24 44 191 132 
+114 279 193 152 140 99 54 25 54 179 42 276 9 150 192 109 285 92 217 129 35 180 
+101 228 160 213 7 81 81 219 231 134 167 1 231 272 179 196 264 227 117 237 171 
+244 185 200 61 72 119 152 2 87 272 284 220 241 1 77 284 82 229 219 44 158 144 
+188 20 27 90 10 6 71 93 17 69 283 210 82 91 207 262 4 18 79 271 120 73 113 164 
+181 265 83 288 50 195 221 251 281 108 275 104 186 138 184 223 61 88 95 175 107 
+6 225 81 114 207 157 101 41 184 190 73 162 128 130 45 168 11 98 11 170 47 221 
+146 257 131 88 23 139 56 199 189 217 283 23 106 68 273 51 51 100 64 13 85 49 
+185 233 49 290 257 26 64 46 73 267 152 107 111 249 58 9 288 204 183 26 218 34 
+170 234 197 169 70 50 41 233 154 22 234 92 145 93 155 81 186 243 208 200 248 48 
+21 86 213 40 69 178 186 105 196 126 215 214 204 45 14 23 1 44 4 156 91 53 274 
+199 51 205 88 282 151 130 232 144 34 32 222 123 136 236 112 34 137 246 100 31 
+25 159 203 19 171 90 197 274 94 27 228 22 201 104 48 126 110 190 227 150 225 97 
+90 230 262 20 286 102 84 39 26 31 58 147 8 278 216 273 35 75 77 251 94 132 252 
+291 267 185 95 37 95 224 71 247 5 166 250 84 144 50 8 245 228 55 189 30 15 172 
+149 28 133 157 134 29 110 36 239 53 87 223 28 100 169 37 62 236 266 280 131 104 
+291 162 161 118 142 14 177 281 141 263 30 153 12 75 182 275 71 198 41 46 178 
+291 129 173 192 4 261 115 30 48 280 98 116 194 24 116 227 12 213 194 57 104 153 
+150 87 85 16 197 136 82 124 195 67 263 63 141 109 42 56 45 201 120 24 149 215 
+109 180 68 240 63 246 133 19 122 126 248 202 9 183 180 206 252 137 279 88 128 
+163 33 265 270 264 73 8 140 204 78 2 241 76 ^
+622 0 89 183 111 180 34 85 59 159 256 154 207 210 115 75 10 108 168 78 209 68 
+103 176 269 272 55 35 10 51 33 38 87 31 123 258 69 36 172 202 161 171 277 169 3 
+22 236 179 109 93 70 83 29 36 67 121 49 61 74 85 116 2 97 244 11 33 160 246 285 
+1 42 89 118 87 260 99 159 134 289 247 38 152 55 222 14 110 255 42 211 277 226 
+138 62 64 216 204 11 270 25 206 163 258 241 171 212 30 198 266 195 254 239 84 
+69 28 283 143 54 167 153 217 194 142 64 151 65 206 220 99 281 293 249 125 116 
+57 137 137 72 48 128 78 152 227 63 54 232 177 22 129 68 168 21 74 28 275 254 
+174 60 149 93 242 218 184 158 37 162 39 249 3 251 212 80 59 52 260 34 20 214 60 
+27 228 282 46 106 253 249 68 275 17 15 100 271 15 43 136 269 100 214 289 182 14 
+53 120 2 89 240 246 220 156 122 39 77 162 96 90 43 79 134 60 92 252 202 96 147 
+178 119 77 97 72 170 287 38 30 190 83 136 147 235 254 117 219 109 265 205 238 
+266 73 95 100 206 285 123 201 49 290 50 280 66 253 192 227 235 189 93 5 59 224 
+101 74 257 251 40 239 19 224 223 233 102 129 3 144 101 139 281 56 90 165 238 94 
+232 55 157 284 11 205 1 107 113 217 22 7 203 29 143 111 8 193 45 116 122 276 
+236 7 268 53 242 161 49 118 209 125 238 37 97 15 35 247 210 287 210 50 51 205 
+173 127 153 45 59 102 121 114 85 288 135 157 219 166 106 66 66 188 53 13 185 
+148 168 250 50 108 46 213 70 190 140 271 187 63 291 97 137 194 207 88 250 115 
+132 145 263 290 115 10 280 9 118 37 105 198 94 60 214 117 47 268 110 83 201 171 
+155 10 43 144 273 274 27 293 12 260 156 174 117 284 133 70 255 164 76 237 104 
+101 261 146 16 262 243 143 176 32 113 95 157 47 31 245 123 29 208 135 222 243 
+86 41 286 285 58 62 129 240 9 61 17 244 76 172 80 2 32 105 91 98 234 27 121 286 
+220 34 257 79 199 84 191 8 128 21 17 187 235 17 252 259 231 187 6 156 57 15 272 
+112 170 165 173 70 18 5 231 65 141 196 179 52 252 30 255 107 56 82 276 179 281 
+228 225 26 66 131 33 267 63 226 73 38 259 166 163 86 106 16 90 108 103 54 110 
+18 177 72 105 263 233 274 264 158 266 138 119 199 256 32 48 71 58 112 105 26 74 
+20 92 80 67 56 25 141 24 44 191 130 108 275 189 150 140 99 52 23 54 175 42 276 
+7 146 188 103 283 86 213 127 31 180 99 224 158 209 3 79 77 219 231 130 165 1 
+229 272 177 194 264 223 111 237 169 240 181 196 57 72 113 152 292 87 268 282 
+218 241 293 77 284 76 229 80 ^
+635 1 40 150 140 184 12 23 78 294 2 67 93 9 57 283 206 74 83 199 254 4 6 67 263 
+120 61 113 156 181 257 79 284 46 191 213 251 273 100 271 100 186 138 184 223 61 
+76 83 175 107 6 217 81 114 207 149 89 29 180 182 73 158 120 122 37 160 11 98 
+295 162 35 221 146 249 123 88 19 139 48 191 189 213 275 15 98 60 273 39 51 96 
+60 1 77 49 181 233 41 286 257 18 64 42 65 263 144 99 111 241 58 1 288 196 179 
+22 214 30 170 226 197 169 66 42 41 225 146 14 234 92 145 89 155 69 178 243 208 
+200 244 48 21 78 209 40 65 178 182 97 196 118 207 210 200 33 10 23 289 36 152 
+79 49 266 195 43 201 84 274 151 130 228 136 34 24 214 115 132 228 112 292 26 
+129 238 92 19 13 159 195 19 163 86 189 274 90 19 224 10 193 104 40 126 102 186 
+223 146 225 85 90 230 262 8 278 90 80 39 14 23 54 147 4 278 216 265 35 75 73 
+243 82 124 248 283 267 185 87 29 95 220 71 243 293 162 246 72 144 38 237 228 51 
+181 22 3 288 172 141 24 129 153 130 17 98 36 235 41 75 219 20 88 165 25 54 232 
+262 280 131 92 291 162 161 110 142 14 173 277 141 259 18 149 4 67 178 267 59 
+198 33 34 170 287 121 173 192 288 257 103 26 44 276 90 104 186 12 108 227 213 
+190 53 96 145 150 79 73 8 193 128 78 124 187 63 263 59 137 109 30 44 41 201 108 
+16 149 215 105 176 56 232 51 242 133 7 118 122 248 198 9 183 172 202 244 133 
+279 80 124 163 25 265 270 260 69 8 132 204 74 294 237 252 89 179 107 176 32 85 
+53 157 256 154 205 210 115 71 8 108 166 76 209 64 103 176 267 270 49 31 10 47 
+31 34 85 29 119 258 69 32 170 202 159 171 277 165 1 16 234 177 107 91 70 83 29 
+34 67 117 47 55 72 83 114 292 2 91 240 7 33 160 246 283 291 36 85 114 81 260 93 
+155 130 289 247 38 150 55 222 10 108 251 38 211 275 226 136 58 62 212 200 9 268 
+25 204 159 256 239 167 212 30 194 264 195 254 239 82 63 28 279 141 48 167 151 
+215 190 138 58 147 65 202 220 95 281 291 247 123 112 57 137 133 68 42 126 78 
+148 225 61 52 232 177 22 129 68 168 15 74 22 275 250 174 56 147 89 240 218 180 
+158 35 160 35 245 293 247 208 74 59 52 256 28 20 214 54 21 224 282 46 106 251 
+249 62 273 15 13 98 271 15 37 136 269 100 210 285 182 12 47 116 292 87 240 242 
+218 156 120 37 75 158 96 84 39 75 134 58 86 250 198 94 145 174 117 71 93 70 168 
+287 36 24 190 77 134 143 235 252 113 217 105 261 205 234 262 69 93 94 206 285 
+121 197 43 286 46 276 66 253 188 223 231 187 87 5 57 222 95 285 ^
+636 0 251 248 37 233 16 224 220 230 102 123 3 141 98 133 278 56 84 165 235 91 
+229 49 157 278 2 202 295 98 110 217 19 1 203 20 137 108 5 193 42 116 122 270 
+236 7 268 47 242 155 43 115 206 125 238 28 94 6 32 244 207 284 204 50 42 199 
+167 127 153 45 53 93 121 111 79 282 129 151 213 166 97 57 60 188 53 10 182 148 
+162 244 47 105 37 210 61 187 137 268 184 63 285 97 134 194 201 82 250 112 132 
+142 257 290 109 4 277 3 118 37 96 195 94 60 211 114 47 265 110 80 198 168 149 1 
+43 138 267 268 24 287 12 257 153 288 171 117 281 130 67 252 164 76 231 101 101 
+261 143 13 256 237 143 173 32 107 89 154 44 31 245 123 26 202 135 216 240 80 38 
+286 279 55 62 126 237 6 55 8 244 70 166 74 293 23 105 91 92 228 27 118 280 214 
+28 254 79 199 84 188 296 128 15 11 181 232 17 246 259 228 187 150 54 9 266 109 
+164 159 170 64 18 2 225 59 135 193 179 43 252 27 255 101 47 82 273 173 275 225 
+219 17 63 125 24 264 57 220 70 29 253 163 160 86 103 16 87 102 100 48 104 15 
+171 63 102 260 227 271 258 152 266 132 119 196 253 26 42 62 49 103 99 26 65 17 
+86 80 61 50 19 138 24 44 191 127 99 269 183 147 140 99 49 20 54 169 42 276 4 
+140 182 94 280 77 207 124 25 180 96 218 155 203 294 76 71 219 231 124 162 1 226 
+272 174 191 264 217 102 237 166 234 175 190 51 72 104 152 289 87 262 279 215 
+241 293 77 284 67 229 209 39 148 139 183 10 22 75 292 1 66 93 7 54 283 205 72 
+81 197 252 4 3 64 261 120 58 113 154 181 255 78 283 45 190 211 251 271 98 270 
+99 186 138 184 223 61 73 80 175 107 6 215 81 114 207 147 86 26 179 180 73 157 
+118 120 35 158 11 98 293 160 32 221 146 247 121 88 18 139 46 189 189 212 273 13 
+96 58 273 36 51 95 59 295 75 49 180 233 39 285 257 16 64 41 63 262 142 97 111 
+239 58 296 288 194 178 21 213 29 170 224 197 169 65 40 41 223 144 12 234 92 145 
+88 155 66 176 243 208 200 243 48 21 76 208 40 64 178 181 95 196 116 205 209 199 
+30 9 23 288 34 296 151 76 48 264 194 41 200 83 272 151 130 227 134 34 22 212 
+113 131 226 112 292 24 127 236 90 16 10 159 193 19 161 85 187 274 89 17 223 7 
+191 104 38 126 100 185 222 145 225 82 90 230 262 5 276 87 79 39 11 21 53 147 3 
+278 216 263 35 75 72 241 79 122 247 281 267 185 85 27 95 219 71 242 292 161 245 
+69 144 35 295 235 228 50 179 20 287 172 139 23 128 152 129 14 95 36 234 38 72 
+218 18 85 164 22 52 231 261 280 131 89 291 162 161 108 142 14 172 276 91 ^
+635 1 256 9 146 297 61 175 261 50 198 27 25 164 284 115 173 192 282 254 94 23 
+41 273 84 95 180 3 102 227 290 213 187 50 90 139 150 73 64 2 190 122 75 124 181 
+60 263 56 134 109 21 35 38 201 99 10 149 215 102 173 47 226 42 239 133 297 115 
+119 248 195 9 183 166 199 238 130 279 74 121 163 19 265 270 257 66 8 126 204 71 
+294 234 246 89 173 101 170 29 85 44 154 256 154 202 210 115 65 5 108 163 73 209 
+58 103 176 264 267 40 25 10 41 28 28 82 26 113 258 69 26 167 202 156 171 277 
+159 297 7 231 174 104 88 70 83 29 31 67 111 44 46 69 80 111 289 2 82 234 1 33 
+160 246 280 285 27 79 108 72 260 84 149 124 289 247 38 147 55 222 4 105 245 32 
+211 272 226 133 52 59 206 194 6 265 25 201 153 253 236 161 212 30 188 261 195 
+254 239 79 54 28 273 138 39 167 148 212 184 132 49 141 65 196 220 89 281 288 
+244 120 106 57 137 127 62 33 123 78 142 222 58 49 232 177 22 129 68 168 6 74 13 
+275 244 174 50 144 83 237 218 174 158 32 157 29 239 287 241 202 65 59 52 250 19 
+20 214 45 12 218 282 46 106 248 249 53 270 12 10 95 271 15 28 136 269 100 204 
+279 182 9 38 110 286 84 240 236 215 156 117 34 72 152 96 75 33 69 134 55 77 247 
+192 91 142 168 114 62 87 67 165 287 33 15 190 68 131 137 235 249 107 214 99 255 
+205 228 256 63 90 85 206 285 118 191 34 280 40 270 66 253 182 217 225 184 78 5 
+54 219 86 64 247 246 35 229 14 224 218 228 102 119 3 139 96 129 276 56 80 165 
+233 89 227 45 157 274 295 200 295 92 108 217 17 296 203 14 133 106 3 193 40 116 
+122 266 236 7 268 43 242 151 39 113 204 125 238 22 92 30 242 205 282 200 50 36 
+195 163 127 153 45 49 87 121 109 75 278 125 147 209 166 91 51 56 188 53 8 180 
+148 158 240 45 103 31 208 55 185 135 266 182 63 281 97 132 194 197 78 250 110 
+132 140 253 290 105 275 298 118 37 90 193 94 60 209 112 47 263 110 78 196 166 
+145 294 43 134 263 264 22 283 12 255 151 284 169 117 279 128 65 250 164 76 227 
+99 101 261 141 11 252 233 143 171 32 103 85 152 42 31 245 123 24 198 135 212 
+238 76 36 286 275 53 62 124 235 4 51 2 244 66 162 70 291 17 105 91 88 224 27 
+116 276 210 24 252 79 199 84 186 292 128 11 7 177 230 17 242 259 226 187 295 
+146 52 5 262 107 160 155 168 60 18 221 55 131 191 179 37 252 25 255 97 41 82 
+271 169 271 223 215 11 61 121 18 262 53 216 68 23 249 161 158 86 101 16 85 98 
+98 44 100 13 167 57 100 258 223 269 254 148 266 128 119 194 251 22 38 56 43 275 
+^
+642 0 91 26 53 13 78 80 53 42 11 134 24 44 191 123 87 261 175 143 140 99 45 16 
+54 161 42 276 132 174 82 276 65 199 120 17 180 92 210 151 195 290 72 63 219 231 
+116 158 1 222 272 170 187 264 209 90 237 162 226 167 182 43 72 92 152 285 87 
+254 275 211 241 293 77 284 55 229 201 35 140 135 179 2 18 63 284 298 62 93 300 
+42 283 201 64 73 189 244 4 292 52 253 120 46 113 146 181 247 74 279 41 186 203 
+251 263 90 266 95 186 138 184 223 61 61 68 175 107 6 207 81 114 207 139 74 14 
+175 172 73 153 110 112 27 150 11 98 285 152 20 221 146 239 113 88 14 139 38 181 
+189 208 265 5 88 50 273 24 51 91 55 287 67 49 176 233 31 281 257 8 64 37 55 258 
+134 89 111 231 58 292 288 186 174 17 209 25 170 216 197 169 61 32 41 215 136 4 
+234 92 145 84 155 54 168 243 208 200 239 48 21 68 204 40 60 178 177 87 196 108 
+197 205 195 18 5 23 284 26 296 147 64 44 256 190 33 196 79 264 151 130 223 126 
+34 14 204 105 127 218 112 292 16 119 228 82 4 299 159 185 19 153 81 179 274 85 
+9 219 296 183 104 30 126 92 181 218 141 225 70 90 230 262 294 268 75 75 39 300 
+13 49 147 300 278 216 255 35 75 68 233 67 114 243 273 267 185 77 19 95 215 71 
+238 288 157 241 57 144 23 291 227 228 46 171 12 289 283 172 131 19 124 148 125 
+2 83 36 230 26 60 214 10 73 160 10 44 227 257 280 131 77 291 162 161 100 142 14 
+168 272 141 254 3 144 295 57 173 257 44 198 23 19 160 282 111 173 192 278 252 
+88 21 39 271 80 89 176 298 98 227 286 213 185 48 86 135 150 69 58 299 188 118 
+73 124 177 58 263 54 132 109 15 29 36 201 93 6 149 215 100 171 41 222 36 237 
+133 293 113 117 248 193 9 183 162 197 234 128 279 70 119 163 15 265 270 255 64 
+8 122 204 69 294 232 242 89 169 97 166 27 85 38 152 256 154 200 210 115 61 3 
+108 161 71 209 54 103 176 262 265 34 21 10 37 26 24 80 24 109 258 69 22 165 202 
+154 171 277 155 297 1 229 172 102 86 70 83 29 29 67 107 42 40 67 78 109 287 2 
+76 230 298 33 160 246 278 281 21 75 104 66 260 78 145 120 289 247 38 145 55 222 
+103 241 28 211 270 226 131 48 57 202 190 4 263 25 199 149 251 234 157 212 30 
+184 259 195 254 239 77 48 28 269 136 33 167 146 210 180 128 43 137 65 192 220 
+85 281 286 242 118 102 57 137 123 58 27 121 78 138 220 56 47 232 177 22 129 68 
+168 74 7 275 240 174 46 142 79 235 218 170 158 30 155 25 235 283 237 198 59 59 
+52 246 13 20 214 39 6 214 282 46 106 246 249 47 268 10 8 93 271 15 22 136 269 
+100 200 275 42 ^
+644 0 6 29 104 280 81 240 230 212 156 114 31 69 146 96 66 27 63 134 52 68 244 
+186 88 139 162 111 53 81 64 162 287 30 6 190 59 128 131 235 246 101 211 93 249 
+205 222 250 57 87 76 206 285 115 185 25 274 34 264 66 253 176 211 219 181 69 5 
+51 216 77 58 241 243 32 223 11 224 215 225 102 113 3 136 93 123 273 56 74 165 
+230 86 224 39 157 268 289 197 295 83 105 217 14 293 203 5 127 103 193 37 116 
+122 260 236 7 268 37 242 145 33 110 201 125 238 13 89 293 27 239 202 279 194 50 
+27 189 157 127 153 45 43 78 121 106 69 272 119 141 203 166 82 42 50 188 53 5 
+177 148 152 234 42 100 22 205 46 182 132 263 179 63 275 97 129 194 191 72 250 
+107 132 137 247 290 99 296 272 295 118 37 81 190 94 60 206 109 47 260 110 75 
+193 163 139 288 43 128 257 258 19 277 12 252 148 278 166 117 276 125 62 247 164 
+76 221 96 101 261 138 8 246 227 143 168 32 97 79 149 39 31 245 123 21 192 135 
+206 235 70 33 286 269 50 62 121 232 1 45 295 244 60 156 64 288 8 105 91 82 218 
+27 113 270 204 18 249 79 199 84 183 286 128 5 1 171 227 17 236 259 223 187 292 
+140 49 301 256 104 154 149 165 54 18 299 215 49 125 188 179 28 252 22 255 91 32 
+82 268 163 265 220 209 2 58 115 9 259 47 210 65 14 243 158 155 86 98 16 82 92 
+95 38 94 10 161 48 97 255 217 266 248 142 266 122 119 191 248 16 32 47 34 88 89 
+26 50 12 76 80 51 40 9 133 24 44 191 122 84 259 173 142 140 99 44 15 54 159 42 
+276 301 130 172 79 275 62 197 119 15 180 91 208 150 193 289 71 61 219 231 114 
+157 1 221 272 169 186 264 207 87 237 161 224 165 180 41 72 89 152 284 87 252 
+274 210 241 293 77 284 52 229 199 34 138 134 178 17 60 282 298 61 93 299 39 283 
+200 62 71 187 242 4 290 49 251 120 43 113 144 181 245 73 278 40 185 201 251 261 
+88 265 94 186 138 184 223 61 58 65 175 107 6 205 81 114 207 137 71 11 174 170 
+73 152 108 110 25 148 11 98 283 150 17 221 146 237 111 88 13 139 36 179 189 207 
+263 3 86 48 273 21 51 90 54 285 65 49 175 233 29 280 257 6 64 36 53 257 132 87 
+111 229 58 291 288 184 173 16 208 24 170 214 197 169 60 30 41 213 134 2 234 92 
+145 83 155 51 166 243 208 200 238 48 21 66 203 40 59 178 176 85 196 106 195 204 
+194 15 4 23 283 24 296 146 61 43 254 189 31 195 78 262 151 130 222 124 34 12 
+202 103 126 216 112 292 14 117 226 80 1 297 159 183 19 151 80 177 274 84 7 218 
+294 181 104 28 126 90 180 217 140 225 67 90 230 262 292 266 72 74 39 298 11 48 
+147 300 278 216 253 265 ^
+638 1 75 65 227 58 108 240 267 267 185 71 13 95 212 71 235 285 154 238 48 144 
+14 288 221 228 43 165 6 283 280 172 125 16 121 145 122 297 74 36 227 17 51 211 
+4 64 157 1 38 224 254 280 131 68 291 162 161 94 142 14 165 269 141 251 298 141 
+292 51 170 251 35 198 17 10 154 279 105 173 192 272 249 79 18 36 268 74 80 170 
+292 92 227 280 213 182 45 80 129 150 63 49 296 185 112 70 124 171 55 263 51 129 
+109 6 20 33 201 84 149 215 97 168 32 216 27 234 133 287 110 114 248 190 9 183 
+156 194 228 125 279 64 116 163 9 265 270 252 61 8 116 204 66 294 229 236 89 163 
+91 160 24 85 29 149 256 154 197 210 115 55 108 158 68 209 48 103 176 259 262 25 
+15 10 31 23 18 77 21 103 258 69 16 162 202 151 171 277 149 297 296 226 169 99 
+83 70 83 29 26 67 101 39 31 64 75 106 284 2 67 224 295 33 160 246 275 275 12 69 
+98 57 260 69 139 114 289 247 38 142 55 222 298 100 235 22 211 267 226 128 42 54 
+196 184 1 260 25 196 143 248 231 151 212 30 178 256 195 254 239 74 39 28 263 
+133 24 167 143 207 174 122 34 131 65 186 220 79 281 283 239 115 96 57 137 117 
+52 18 118 78 132 217 53 44 232 177 22 129 68 168 295 74 302 275 234 174 40 139 
+73 232 218 164 158 27 152 19 229 277 231 192 50 59 52 240 4 20 214 30 301 208 
+282 46 106 243 249 38 265 7 5 90 271 15 13 136 269 100 194 269 182 4 23 100 276 
+79 240 226 210 156 112 29 67 142 96 60 23 59 134 50 62 242 182 86 137 158 109 
+47 77 62 160 287 28 190 53 126 127 235 244 97 209 89 245 205 218 246 53 85 70 
+206 285 113 181 19 270 30 260 66 253 172 207 215 179 63 5 49 214 71 54 237 241 
+30 219 9 224 213 223 102 109 3 134 91 119 271 56 70 165 228 84 222 35 157 264 
+285 195 295 77 103 217 12 291 203 303 123 101 302 193 35 116 122 256 236 7 268 
+33 242 141 29 108 199 125 238 7 87 289 25 237 200 277 190 50 21 185 153 127 153 
+45 39 72 121 104 65 268 115 137 199 166 76 36 46 188 53 3 175 148 148 230 40 98 
+16 203 40 180 130 261 177 63 271 97 127 194 187 68 250 105 132 135 243 290 95 
+294 270 293 118 37 75 188 94 60 204 107 47 258 110 73 191 161 135 284 43 124 
+253 254 17 273 12 250 146 274 164 117 274 123 60 245 164 76 217 94 101 261 136 
+6 242 223 143 166 32 93 75 147 37 31 245 123 19 188 135 202 233 66 31 286 265 
+48 62 119 230 303 41 291 244 56 152 60 286 2 105 91 78 214 27 111 266 200 14 
+247 79 199 84 181 282 128 1 301 167 225 17 232 259 221 187 290 136 47 299 252 
+102 150 145 163 157 ^
+653 0 18 299 207 41 117 184 179 16 252 18 255 83 20 82 264 155 257 216 201 296 
+54 107 303 255 39 202 61 2 235 154 151 86 94 16 78 84 91 30 86 6 153 36 93 251 
+209 262 240 134 266 114 119 187 244 8 24 35 22 76 81 26 38 8 68 80 43 32 1 129 
+24 44 191 118 72 251 165 138 140 99 40 11 54 151 42 276 301 122 164 67 271 50 
+189 115 7 180 87 200 146 185 285 67 53 219 231 106 153 1 217 272 165 182 264 
+199 75 237 157 216 157 172 33 72 77 152 280 87 244 270 206 241 293 77 284 40 
+229 191 30 130 130 174 298 13 48 274 298 57 93 295 27 283 196 54 63 179 234 4 
+282 37 243 120 31 113 136 181 237 69 274 36 181 193 251 253 80 261 90 186 138 
+184 223 61 46 53 175 107 6 197 81 114 207 129 59 305 170 162 73 148 100 102 17 
+140 11 98 275 142 5 221 146 229 103 88 9 139 28 171 189 203 255 301 78 40 273 9 
+51 86 50 277 57 49 171 233 21 276 257 304 64 32 45 253 124 79 111 221 58 287 
+288 176 169 12 204 20 170 206 197 169 56 22 41 205 126 300 234 92 145 79 155 39 
+158 243 208 200 234 48 21 58 199 40 55 178 172 77 196 98 187 200 190 3 23 279 
+16 296 142 49 39 246 185 23 191 74 254 151 130 218 116 34 4 194 95 122 208 112 
+292 6 109 218 72 295 289 159 175 19 143 76 169 274 80 305 214 286 173 104 20 
+126 82 176 213 136 225 55 90 230 262 284 258 60 70 39 290 3 44 147 300 278 216 
+245 35 75 63 223 52 104 238 263 267 185 67 9 95 210 71 233 283 152 236 42 144 8 
+286 217 228 41 161 2 279 278 172 121 14 119 143 120 293 68 36 225 11 45 209 58 
+155 301 34 222 252 280 131 62 291 162 161 90 142 14 163 267 141 249 294 139 290 
+47 168 247 29 198 13 4 150 277 101 173 192 268 247 73 16 34 266 70 74 166 288 
+88 227 276 213 180 43 76 125 150 59 43 294 183 108 68 124 167 53 263 49 127 109 
+14 31 201 78 302 149 215 95 166 26 212 21 232 133 283 108 112 248 188 9 183 152 
+192 224 123 279 60 114 163 5 265 270 250 59 8 112 204 64 294 227 232 89 159 87 
+156 22 85 23 147 256 154 195 210 115 51 304 108 156 66 209 44 103 176 257 260 
+19 11 10 27 21 14 75 19 99 258 69 12 160 202 149 171 277 145 297 292 224 167 97 
+81 70 83 29 24 67 97 37 25 62 73 104 282 2 61 220 293 33 160 246 273 271 6 65 
+94 51 260 63 135 110 289 247 38 140 55 222 296 98 231 18 211 265 226 126 38 52 
+192 180 305 258 25 194 139 246 229 147 212 30 174 254 195 254 239 72 33 28 259 
+131 18 167 141 205 170 118 28 127 65 182 220 75 281 281 237 113 92 57 137 113 
+48 12 116 78 128 215 51 42 232 177 22 129 68 168 291 161 ^
+653 0 296 275 228 174 34 136 67 229 218 158 158 24 149 13 223 271 225 186 41 59 
+52 234 302 20 214 21 295 202 282 46 106 240 249 29 262 4 2 87 271 15 4 136 269 
+100 188 263 182 1 14 94 270 76 240 220 207 156 109 26 64 136 96 51 17 53 134 47 
+53 239 176 83 134 152 106 38 71 59 157 287 25 298 190 44 123 121 235 241 91 206 
+83 239 205 212 240 47 82 61 206 285 110 175 10 264 24 254 66 253 166 201 209 
+176 54 5 46 211 62 48 231 238 27 213 6 224 210 220 102 103 3 131 88 113 268 56 
+64 165 225 81 219 29 157 258 279 192 295 68 100 217 9 288 203 297 117 98 302 
+193 32 116 122 250 236 7 268 27 242 135 23 105 196 125 238 305 84 283 22 234 
+197 274 184 50 12 179 147 127 153 45 33 63 121 101 59 262 109 131 193 166 67 27 
+40 188 53 172 148 142 224 37 95 7 200 31 177 127 258 174 63 265 97 124 194 181 
+62 250 102 132 132 237 290 89 291 267 290 118 37 66 185 94 60 201 104 47 255 
+110 70 188 158 129 278 43 118 247 248 14 267 12 247 143 268 161 117 271 120 57 
+242 164 76 211 91 101 261 133 3 236 217 143 163 32 87 69 144 34 31 245 123 16 
+182 135 196 230 60 28 286 259 45 62 116 227 303 35 285 244 50 146 54 283 300 
+105 91 72 208 27 108 260 194 8 244 79 199 84 178 276 128 302 298 161 222 17 226 
+259 218 187 287 130 44 296 246 99 144 139 160 44 18 299 205 39 115 183 179 13 
+252 17 255 81 17 82 263 153 255 215 199 294 53 105 301 254 37 200 60 306 233 
+153 150 86 93 16 77 82 90 28 84 5 151 33 92 250 207 261 238 132 266 112 119 186 
+243 6 22 32 19 73 79 26 35 7 66 80 41 30 306 128 24 44 191 117 69 249 163 137 
+140 99 39 10 54 149 42 276 301 120 162 64 270 47 187 114 5 180 86 198 145 183 
+284 66 51 219 231 104 152 1 216 272 164 181 264 197 72 237 156 214 155 170 31 
+72 74 152 279 87 242 269 205 241 293 77 284 37 229 189 29 128 129 173 297 12 45 
+272 298 56 93 294 24 283 195 52 61 177 232 4 280 34 241 120 28 113 134 181 235 
+68 273 35 180 191 251 251 78 260 89 186 138 184 223 61 43 50 175 107 6 195 81 
+114 207 127 56 303 169 160 73 147 98 100 15 138 11 98 273 140 2 221 146 227 101 
+88 8 139 26 169 189 202 253 300 76 38 273 6 51 85 49 275 55 49 170 233 19 275 
+257 303 64 31 43 252 122 77 111 219 58 286 288 174 168 11 203 19 170 204 197 
+169 55 20 41 203 124 299 234 92 145 78 155 36 156 243 208 200 233 48 21 56 198 
+40 54 178 171 75 196 96 185 199 189 306 23 278 14 296 141 46 38 244 184 21 190 
+73 252 151 130 217 114 34 2 192 93 121 206 112 292 4 107 216 70 293 112 ^
+646 1 159 169 19 137 73 163 274 77 302 211 280 167 104 14 126 76 173 210 133 
+225 46 90 230 262 278 252 51 67 39 284 306 41 147 300 278 216 239 35 75 60 217 
+43 98 235 257 267 185 61 3 95 207 71 230 280 149 233 33 144 308 283 211 228 38 
+155 305 273 275 172 115 11 116 140 117 287 59 36 222 2 36 206 303 49 152 295 28 
+219 249 280 131 53 291 162 161 84 142 14 160 264 141 246 288 136 287 41 165 241 
+20 198 7 304 144 274 95 173 192 262 244 64 13 31 263 64 65 160 282 82 227 270 
+213 177 40 70 119 150 53 34 291 180 102 65 124 161 50 263 46 124 109 300 5 28 
+201 69 299 149 215 92 163 17 206 12 229 133 277 105 109 248 185 9 183 146 189 
+218 120 279 54 111 163 308 265 270 247 56 8 106 204 61 294 224 226 89 153 81 
+150 19 85 14 144 256 154 192 210 115 45 304 108 153 63 209 38 103 176 254 257 
+10 5 10 21 18 8 72 16 93 258 69 6 157 202 146 171 277 139 297 286 221 164 94 78 
+70 83 29 21 67 91 34 16 59 70 101 279 2 52 214 290 33 160 246 270 265 306 59 88 
+42 260 54 129 104 289 247 38 137 55 222 293 95 225 12 211 262 226 123 32 49 186 
+174 305 255 25 191 133 243 226 141 212 30 168 251 195 254 239 69 24 28 253 128 
+9 167 138 202 164 112 19 121 65 176 220 69 281 278 234 110 86 57 137 107 42 3 
+113 78 122 212 48 39 232 177 22 129 68 168 285 74 292 275 224 174 30 134 63 227 
+218 154 158 22 147 9 219 267 221 182 35 59 52 230 298 20 214 15 291 198 282 46 
+106 238 249 23 260 2 85 271 15 307 136 269 100 184 259 182 308 8 90 266 74 240 
+216 205 156 107 24 62 132 96 45 13 49 134 45 47 237 172 81 132 148 104 32 67 57 
+155 287 23 294 190 38 121 117 235 239 87 204 79 235 205 208 236 43 80 55 206 
+285 108 171 4 260 20 250 66 253 162 197 205 174 48 5 44 209 56 44 227 236 25 
+209 4 224 208 218 102 99 3 129 86 109 266 56 60 165 223 79 217 25 157 254 275 
+190 295 62 98 217 7 286 203 293 113 96 302 193 30 116 122 246 236 7 268 23 242 
+131 19 103 194 125 238 301 82 279 20 232 195 272 180 50 6 175 143 127 153 45 29 
+57 121 99 55 258 105 127 189 166 61 21 36 188 53 307 170 148 138 220 35 93 1 
+198 25 175 125 256 172 63 261 97 122 194 177 58 250 100 132 130 233 290 85 289 
+265 288 118 37 60 183 94 60 199 102 47 253 110 68 186 156 125 274 43 114 243 
+244 12 263 12 245 141 264 159 117 269 118 55 240 164 76 207 89 101 261 131 1 
+232 213 143 161 32 83 65 142 32 31 245 123 14 178 135 192 228 56 26 286 255 43 
+62 114 225 303 31 281 244 46 142 50 281 296 105 91 238 ^
+647 0 200 27 104 252 186 240 79 199 84 174 268 128 298 294 153 218 17 218 259 
+214 187 283 122 40 292 238 95 136 131 156 36 18 299 197 31 107 179 179 1 252 13 
+255 73 5 82 259 145 247 211 191 286 49 97 293 250 29 192 56 298 225 149 146 86 
+89 16 73 74 86 20 76 1 143 21 88 246 199 257 230 124 266 104 119 182 239 309 14 
+20 7 61 71 26 23 3 58 80 33 22 302 124 24 44 191 113 57 241 155 133 140 99 35 6 
+54 141 42 276 301 112 154 52 266 35 179 110 308 180 82 190 141 175 280 62 43 
+219 231 96 148 1 212 272 160 177 264 189 60 237 152 206 147 162 23 72 62 152 
+275 87 234 265 201 241 293 77 284 25 229 181 25 120 125 169 293 8 33 264 298 52 
+93 290 12 283 191 44 53 169 224 4 272 22 233 120 16 113 126 181 227 64 269 31 
+176 183 251 243 70 256 85 186 138 184 223 61 31 38 175 107 6 187 81 114 207 119 
+44 295 165 152 73 143 90 92 7 130 11 98 265 132 301 221 146 219 93 88 4 139 18 
+161 189 198 245 296 68 30 273 305 51 81 45 267 47 49 166 233 11 271 257 299 64 
+27 35 248 114 69 111 211 58 282 288 166 164 7 199 15 170 196 197 169 51 12 41 
+195 116 295 234 92 145 74 155 24 148 243 208 200 229 48 21 48 194 40 50 178 167 
+67 196 88 177 195 185 299 306 23 274 6 296 137 34 34 236 180 13 186 69 244 151 
+130 213 106 34 305 184 85 117 198 112 292 307 99 208 62 285 279 159 165 19 133 
+71 159 274 75 300 209 276 163 104 10 126 72 171 208 131 225 40 90 230 262 274 
+248 45 65 39 280 304 39 147 300 278 216 235 35 75 58 213 37 94 233 253 267 185 
+57 310 95 205 71 228 278 147 231 27 144 304 281 207 228 36 151 303 269 273 172 
+111 9 114 138 115 283 53 36 220 307 30 204 301 43 150 291 24 217 247 280 131 47 
+291 162 161 80 142 14 158 262 141 244 284 134 285 37 163 237 14 198 3 300 140 
+272 91 173 192 258 242 58 11 29 261 60 59 156 278 78 227 266 213 175 38 66 115 
+150 49 28 289 178 98 63 124 157 48 263 44 122 109 296 310 26 201 63 297 149 215 
+90 161 11 202 6 227 133 273 103 107 248 183 9 183 142 187 214 118 279 50 109 
+163 306 265 270 245 54 8 102 204 59 294 222 222 89 149 77 146 17 85 8 142 256 
+154 190 210 115 41 304 108 151 61 209 34 103 176 252 255 4 1 10 17 16 4 70 14 
+89 258 69 2 155 202 144 171 277 135 297 282 219 162 92 76 70 83 29 19 67 87 32 
+10 57 68 99 277 2 46 210 288 33 160 246 268 261 302 55 84 36 260 48 125 100 289 
+247 38 135 55 222 291 93 221 8 211 260 226 121 28 47 182 170 305 253 25 189 129 
+241 224 137 212 30 164 249 195 254 239 86 ^
+665 0 15 28 247 125 167 135 199 158 106 10 115 65 170 220 63 281 275 231 107 80 
+57 137 101 36 306 110 78 116 209 45 36 232 177 22 129 68 168 279 74 286 275 218 
+174 24 131 57 224 218 148 158 19 144 3 213 261 215 176 26 59 52 224 292 20 214 
+6 285 192 282 46 106 235 249 14 257 311 309 82 271 15 301 136 269 100 178 253 
+182 308 311 84 260 71 240 210 202 156 104 21 59 126 96 36 7 43 134 42 38 234 
+166 78 129 142 101 23 61 54 152 287 20 288 190 29 118 111 235 236 81 201 73 229 
+205 202 230 37 77 46 206 285 105 165 307 254 14 244 66 253 156 191 199 171 39 5 
+41 206 47 38 221 233 22 203 1 224 205 215 102 93 3 126 83 103 263 56 54 165 220 
+76 214 19 157 248 269 187 295 53 95 217 4 283 203 287 107 93 302 193 27 116 122 
+240 236 7 268 17 242 125 13 100 191 125 238 295 79 273 17 229 192 269 174 50 
+309 169 137 127 153 45 23 48 121 96 49 252 99 121 183 166 52 12 30 188 53 307 
+167 148 132 214 32 90 304 195 16 172 122 253 169 63 255 97 119 194 171 52 250 
+97 132 127 227 290 79 286 262 285 118 37 51 180 94 60 196 99 47 250 110 65 183 
+153 119 268 43 108 237 238 9 257 12 242 138 258 156 117 266 115 52 237 164 76 
+201 86 101 261 128 310 226 207 143 158 32 77 59 139 29 31 245 123 11 172 135 
+186 225 50 23 286 249 40 62 111 222 303 25 275 244 40 136 44 278 290 105 91 62 
+198 27 103 250 184 310 239 79 199 84 173 266 128 297 293 151 217 17 216 259 213 
+187 282 120 39 291 236 94 134 129 155 34 18 299 195 29 105 178 179 310 252 12 
+255 71 2 82 258 143 245 210 189 284 48 95 291 249 27 190 55 296 223 148 145 86 
+88 16 72 72 85 18 74 141 18 87 245 197 256 228 122 266 102 119 181 238 308 12 
+17 4 58 69 26 20 2 56 80 31 20 301 123 24 44 191 112 54 239 153 132 140 99 34 5 
+54 139 42 276 301 110 152 49 265 32 177 109 307 180 81 188 140 173 279 61 41 
+219 231 94 147 1 211 272 159 176 264 187 57 237 151 204 145 160 21 72 59 152 
+274 87 232 264 200 241 293 77 284 22 229 179 24 118 124 168 292 7 30 262 298 51 
+93 289 9 283 190 42 51 167 222 4 270 19 231 120 13 113 124 181 225 63 268 30 
+175 181 251 241 68 255 84 186 138 184 223 61 28 35 175 107 6 185 81 114 207 117 
+41 293 164 150 73 142 88 90 5 128 11 98 263 130 299 221 146 217 91 88 3 139 16 
+159 189 197 243 295 66 28 273 303 51 80 44 265 45 49 165 233 9 270 257 298 64 
+26 33 247 112 67 111 209 58 281 288 164 163 6 198 14 170 194 197 169 50 10 41 
+193 114 294 234 92 145 73 155 21 146 243 208 200 228 48 21 46 193 40 49 178 166 
+65 196 86 175 194 184 297 306 23 273 206 ^
+641 0 296 134 25 31 230 177 7 183 66 238 151 130 210 100 34 302 178 79 114 192 
+112 292 304 93 202 56 279 273 159 159 19 127 68 153 274 72 297 206 270 157 104 
+4 126 66 168 205 128 225 31 90 230 262 268 242 36 62 39 274 301 36 147 300 278 
+216 229 35 75 55 207 28 88 230 247 267 185 51 307 95 202 71 225 275 144 228 18 
+144 298 278 201 228 33 145 300 263 270 172 105 6 111 135 112 277 44 36 217 301 
+21 201 298 34 147 285 18 214 244 280 131 38 291 162 161 74 142 14 155 259 141 
+241 278 131 282 31 160 231 5 198 311 294 134 269 85 173 192 252 239 49 8 26 258 
+54 50 150 272 72 227 260 213 172 35 60 109 150 43 19 286 175 92 60 124 151 45 
+263 41 119 109 290 304 23 201 54 294 149 215 87 158 2 196 311 224 133 267 100 
+104 248 180 9 183 136 184 208 115 279 44 106 163 303 265 270 242 51 8 96 204 56 
+294 219 216 89 143 71 140 14 85 313 139 256 154 187 210 115 35 304 108 148 58 
+209 28 103 176 249 252 309 309 10 11 13 312 67 11 83 258 69 310 152 202 141 171 
+277 129 297 276 216 159 89 73 70 83 29 16 67 81 29 1 54 65 96 274 2 37 204 285 
+33 160 246 265 255 296 49 78 27 260 39 119 94 289 247 38 132 55 222 288 90 215 
+2 211 257 226 118 22 44 176 164 305 250 25 186 123 238 221 131 212 30 158 246 
+195 254 239 64 9 28 243 123 308 167 133 197 154 102 4 111 65 166 220 59 281 273 
+229 105 76 57 137 97 32 302 108 78 112 207 43 34 232 177 22 129 68 168 275 74 
+282 275 214 174 20 129 53 222 218 144 158 17 142 313 209 257 211 172 20 59 52 
+220 288 20 214 281 188 282 46 106 233 249 8 255 311 309 80 271 15 297 136 269 
+100 174 249 182 308 307 80 256 69 240 206 200 156 102 19 57 122 96 30 3 39 134 
+40 32 232 162 76 127 138 99 17 57 52 150 287 18 284 190 23 116 107 235 234 77 
+199 69 225 205 198 226 33 75 40 206 285 103 161 303 250 10 240 66 253 152 187 
+195 169 33 5 39 204 41 34 217 231 20 199 313 224 203 213 102 89 3 124 81 99 261 
+56 50 165 218 74 212 15 157 244 265 185 295 47 93 217 2 281 203 283 103 91 302 
+193 25 116 122 236 236 7 268 13 242 121 9 98 189 125 238 291 77 269 15 227 190 
+267 170 50 305 165 133 127 153 45 19 42 121 94 45 248 95 117 179 166 46 6 26 
+188 53 307 165 148 128 210 30 88 300 193 10 170 120 251 167 63 251 97 117 194 
+167 48 250 95 132 125 223 290 75 284 260 283 118 37 45 178 94 60 194 97 47 248 
+110 63 181 151 115 264 43 104 233 234 7 253 12 240 136 254 154 117 264 113 50 
+235 164 76 197 84 101 261 126 310 222 203 143 276 ^
+656 0 32 69 51 135 25 31 245 123 7 164 135 178 221 42 19 286 241 36 62 107 218 
+303 17 267 244 32 128 36 274 282 105 91 54 190 27 99 242 176 306 235 79 199 84 
+169 258 128 293 289 143 213 17 208 259 209 187 278 112 35 287 228 90 126 121 
+151 26 18 299 187 21 97 174 179 302 252 8 255 63 306 82 254 135 237 206 181 276 
+44 87 283 245 19 182 51 288 215 144 141 86 84 16 68 64 81 10 66 312 133 6 83 
+241 189 252 220 114 266 94 119 177 234 304 4 5 308 46 61 26 8 314 48 80 23 12 
+297 119 24 44 191 108 42 231 145 128 140 99 30 1 54 131 42 276 301 102 144 37 
+261 20 169 105 303 180 77 180 136 165 275 57 33 219 231 86 143 1 207 272 155 
+172 264 179 45 237 147 196 137 152 13 72 47 152 270 87 224 260 196 241 293 77 
+284 10 229 171 20 110 120 164 288 3 18 254 298 47 93 285 313 283 186 34 43 159 
+214 4 262 7 223 120 1 113 116 181 217 59 264 26 171 173 251 233 60 251 80 186 
+138 184 223 61 16 23 175 107 6 177 81 114 207 109 29 285 160 142 73 138 80 82 
+313 120 11 98 255 122 291 221 146 209 83 88 315 139 8 151 189 193 235 291 58 20 
+273 295 51 76 40 257 37 49 161 233 1 266 257 294 64 22 25 243 104 59 111 201 58 
+277 288 156 159 2 194 10 170 186 197 169 46 2 41 185 106 290 234 92 145 69 155 
+9 138 243 208 200 224 48 21 38 189 40 45 178 162 57 196 78 167 190 180 289 306 
+23 269 312 296 132 19 29 226 175 3 181 64 234 151 130 208 96 34 300 174 75 112 
+188 112 292 302 89 198 52 275 269 159 155 19 123 66 149 274 70 295 204 266 153 
+104 126 62 166 203 126 225 25 90 230 262 264 238 30 60 39 270 299 34 147 300 
+278 216 225 35 75 53 203 22 84 228 243 267 185 47 305 95 200 71 223 273 142 226 
+12 144 294 276 197 228 31 141 298 259 268 172 101 4 109 133 110 273 38 36 215 
+297 15 199 296 28 145 281 14 212 242 280 131 32 291 162 161 70 142 14 153 257 
+141 239 274 129 280 27 158 227 315 198 309 290 130 267 81 173 192 248 237 43 6 
+24 256 50 44 146 268 68 227 256 213 170 33 56 105 150 39 13 284 173 88 58 124 
+147 43 263 39 117 109 286 300 21 201 48 292 149 215 85 156 312 192 307 222 133 
+263 98 102 248 178 9 183 132 182 204 113 279 40 104 163 301 265 270 240 49 8 92 
+204 54 294 217 212 89 139 67 136 12 85 309 137 256 154 185 210 115 31 304 108 
+146 56 209 24 103 176 247 250 305 307 10 7 11 310 65 9 79 258 69 308 150 202 
+139 171 277 125 297 272 214 157 87 71 70 83 29 14 67 77 27 311 52 63 94 272 2 
+31 200 283 33 160 246 263 251 292 45 74 21 260 33 115 90 289 247 38 130 55 222 
+286 88 211 227 ^
+668 0 211 254 226 115 16 41 170 158 305 247 25 183 117 235 218 125 212 30 152 
+243 195 254 239 61 28 237 120 302 167 130 194 148 96 312 105 65 160 220 53 281 
+270 226 102 70 57 137 91 26 296 105 78 106 204 40 31 232 177 22 129 68 168 269 
+74 276 275 208 174 14 126 47 219 218 138 158 14 139 310 203 251 205 166 11 59 
+52 214 282 20 214 308 275 182 282 46 106 230 249 316 252 311 309 77 271 15 291 
+136 269 100 168 243 182 308 301 74 250 66 240 200 197 156 99 16 54 116 96 21 
+314 33 134 37 23 229 156 73 124 132 96 8 51 49 147 287 15 278 190 14 113 101 
+235 231 71 196 63 219 205 192 220 27 72 31 206 285 100 155 297 244 4 234 66 253 
+146 181 189 166 24 5 36 201 32 28 211 228 17 193 313 224 200 210 102 83 3 121 
+78 93 258 56 44 165 215 71 209 9 157 238 259 182 295 38 90 217 316 278 203 277 
+97 88 302 193 22 116 122 230 236 7 268 7 242 115 3 95 186 125 238 285 74 263 12 
+224 187 264 164 50 299 159 127 127 153 45 13 33 121 91 39 242 89 111 173 166 37 
+314 20 188 53 307 162 148 122 204 27 85 294 190 1 167 117 248 164 63 245 97 114 
+194 161 42 250 92 132 122 217 290 69 281 257 280 118 37 36 175 94 60 191 94 47 
+245 110 60 178 148 109 258 43 98 227 228 4 247 12 237 133 248 151 117 261 110 
+47 232 164 76 191 81 101 261 123 310 216 197 143 153 32 67 49 134 24 31 245 123 
+6 162 135 176 220 40 18 286 239 35 62 106 217 303 15 265 244 30 126 34 273 280 
+105 91 52 188 27 98 240 174 305 234 79 199 84 168 256 128 292 288 141 212 17 
+206 259 208 187 277 110 34 286 226 89 124 119 150 24 18 299 185 19 95 173 179 
+300 252 7 255 61 304 82 253 133 235 205 179 274 43 85 281 244 17 180 50 286 213 
+143 140 86 83 16 67 62 80 8 64 312 131 3 82 240 187 251 218 112 266 92 119 176 
+233 303 2 2 306 43 59 26 5 314 46 80 21 10 296 118 24 44 191 107 39 229 143 127 
+140 99 29 54 129 42 276 301 100 142 34 260 17 167 104 302 180 76 178 135 163 
+274 56 31 219 231 84 142 1 206 272 154 171 264 177 42 237 146 194 135 150 11 72 
+44 152 269 87 222 259 195 241 293 77 284 7 229 169 19 108 119 163 287 2 15 252 
+298 46 93 284 311 283 185 32 41 157 212 4 260 4 221 120 315 113 114 181 215 58 
+263 25 170 171 251 231 58 250 79 186 138 184 223 61 13 20 175 107 6 175 81 114 
+207 107 26 283 159 140 73 137 78 80 312 118 11 98 253 120 289 221 146 207 81 88 
+315 139 6 149 189 192 233 290 56 18 273 293 51 75 39 255 35 49 160 233 316 265 
+257 293 64 21 23 242 102 57 111 199 58 276 288 154 158 1 193 9 170 184 197 169 
+45 41 183 104 289 234 92 145 68 155 6 136 243 208 203 ^
+656 0 221 48 21 32 186 40 42 178 159 51 196 72 161 187 177 283 306 23 266 309 
+296 129 10 26 220 172 316 178 61 228 151 130 205 90 34 297 168 69 109 182 112 
+292 299 83 192 46 269 263 159 149 19 117 63 143 274 67 292 201 260 147 104 313 
+126 56 163 200 123 225 16 90 230 262 258 232 21 57 39 264 296 31 147 300 278 
+216 219 35 75 50 197 13 78 225 237 267 185 41 302 95 197 71 220 270 139 223 3 
+144 288 273 191 228 28 135 295 253 265 172 95 1 106 130 107 267 29 36 212 291 6 
+196 293 19 142 275 8 209 239 280 131 23 291 162 161 64 142 14 150 254 141 236 
+268 126 277 21 155 221 309 198 306 284 124 264 75 173 192 242 234 34 3 21 253 
+44 35 140 262 62 227 250 213 167 30 50 99 150 33 4 281 170 82 55 124 141 40 263 
+36 114 109 280 294 18 201 39 289 149 215 82 153 306 186 301 219 133 257 95 99 
+248 175 9 183 126 179 198 110 279 34 101 163 298 265 270 237 46 8 86 204 51 294 
+214 206 89 133 61 130 9 85 303 134 256 154 182 210 115 25 304 108 143 53 209 18 
+103 176 244 247 299 304 10 1 8 307 62 6 73 258 69 305 147 202 136 171 277 119 
+297 266 211 154 84 68 70 83 29 11 67 71 24 305 49 60 91 269 2 22 194 280 33 160 
+246 260 245 286 39 68 12 260 24 109 84 289 247 38 127 55 222 283 85 205 311 211 
+252 226 113 12 39 166 154 305 245 25 181 113 233 216 121 212 30 148 241 195 254 
+239 59 313 28 233 118 298 167 128 192 144 92 308 101 65 156 220 49 281 268 224 
+100 66 57 137 87 22 292 103 78 102 202 38 29 232 177 22 129 68 168 265 74 272 
+275 204 174 10 124 43 217 218 134 158 12 137 308 199 247 201 162 5 59 52 210 
+278 20 214 304 271 178 282 46 106 228 249 312 250 311 309 75 271 15 287 136 269 
+100 164 239 182 308 297 70 246 64 240 196 195 156 97 14 52 112 96 15 312 29 134 
+35 17 227 152 71 122 128 94 2 47 47 145 287 13 274 190 8 111 97 235 229 67 194 
+59 215 205 188 216 23 70 25 206 285 98 151 293 240 230 66 253 142 177 185 164 
+18 5 34 199 26 24 207 226 15 189 313 224 198 208 102 79 3 119 76 89 256 56 40 
+165 213 69 207 5 157 234 255 180 295 32 88 217 316 276 203 273 93 86 302 193 20 
+116 122 226 236 7 268 3 242 111 318 93 184 125 238 281 72 259 10 222 185 262 
+160 50 295 155 123 127 153 45 9 27 121 89 35 238 85 107 169 166 31 310 16 188 
+53 307 160 148 118 200 25 83 290 188 314 165 115 246 162 63 241 97 112 194 157 
+38 250 90 132 120 213 290 65 279 255 278 118 37 30 173 94 60 189 92 47 243 110 
+58 176 146 105 254 43 94 223 224 2 243 12 235 131 244 149 117 259 108 45 230 
+164 76 187 79 101 261 109 ^
+656 0 310 208 189 143 149 32 59 41 130 20 31 245 123 2 154 135 168 216 32 14 
+286 231 31 62 102 213 303 7 257 244 22 118 26 269 272 105 91 44 180 27 94 232 
+166 301 230 79 199 84 164 248 128 288 284 133 208 17 198 259 204 187 273 102 30 
+282 218 85 116 111 146 16 18 299 177 11 87 169 179 292 252 3 255 53 296 82 249 
+125 227 201 171 266 39 77 273 240 9 172 46 278 205 139 136 86 79 16 63 54 76 56 
+312 123 312 78 236 179 247 210 104 266 84 119 172 229 299 315 311 298 31 51 26 
+314 314 38 80 13 2 292 114 24 44 191 103 27 221 135 123 140 99 25 317 54 121 42 
+276 301 92 134 22 256 5 159 100 298 180 72 170 131 155 270 52 23 219 231 76 138 
+1 202 272 150 167 264 169 30 237 142 186 127 142 3 72 32 152 265 87 214 255 191 
+241 293 77 284 316 229 161 15 100 115 159 283 319 3 244 298 42 93 280 303 283 
+181 24 33 149 204 4 252 313 213 120 307 113 106 181 207 54 259 21 166 163 251 
+223 50 246 75 186 138 184 223 61 1 8 175 107 6 167 81 114 207 99 14 275 155 132 
+73 133 70 72 308 110 11 98 245 112 281 221 146 199 73 88 315 139 319 141 189 
+188 225 286 48 10 273 285 51 71 35 247 27 49 156 233 312 261 257 289 64 17 15 
+238 94 49 111 191 58 272 288 146 154 318 189 5 170 176 197 169 41 313 41 175 96 
+285 234 92 145 64 155 315 128 243 208 200 219 48 21 28 184 40 40 178 157 47 196 
+68 157 185 175 279 306 23 264 307 296 127 4 24 216 170 314 176 59 224 151 130 
+203 86 34 295 164 65 107 178 112 292 297 79 188 42 265 259 159 145 19 113 61 
+139 274 65 290 199 256 143 104 311 126 52 161 198 121 225 10 90 230 262 254 228 
+15 55 39 260 294 29 147 300 278 216 215 35 75 48 193 7 74 223 233 267 185 37 
+300 95 195 71 218 268 137 221 318 144 284 271 187 228 26 131 293 249 263 172 91 
+320 104 128 105 263 23 36 210 287 194 291 13 140 271 4 207 237 280 131 17 291 
+162 161 60 142 14 148 252 141 234 264 124 275 17 153 217 305 198 304 280 120 
+262 71 173 192 238 232 28 1 19 251 40 29 136 258 58 227 246 213 165 28 46 95 
+150 29 319 279 168 78 53 124 137 38 263 34 112 109 276 290 16 201 33 287 149 
+215 80 151 302 182 297 217 133 253 93 97 248 173 9 183 122 177 194 108 279 30 
+99 163 296 265 270 235 44 8 82 204 49 294 212 202 89 129 57 126 7 85 299 132 
+256 154 180 210 115 21 304 108 141 51 209 14 103 176 242 245 295 302 10 318 6 
+305 60 4 69 258 69 303 145 202 134 171 277 115 297 262 209 152 82 66 70 83 29 9 
+67 67 22 301 47 58 89 267 2 16 190 278 33 160 246 258 241 282 35 64 6 260 18 
+105 80 289 247 38 125 55 292 ^
+<D
+
+H>SHS Type 3 Strings<H
+D>
+45 0 14 5 3 1 4 16 12 20 1 6 15 11 18 4 17 16 6 10 3 2 9 9 14 6 2 8 6 7 10 17 
+12 20 6 7 5 16 1 4 2 17 10 15 8 20 1 ^
+<D
diff --git a/src/lib/libssl/src/fips/sha1/standalone.sha1 b/src/lib/libssl/src/fips/sha1/standalone.sha1
new file mode 100644
index 0000000000..7279c82541
--- /dev/null
+++ b/src/lib/libssl/src/fips/sha1/standalone.sha1
@@ -0,0 +1,6 @@
+HMAC-SHA1(fips_sha1dgst.c)= 10575600a9540eb15188a7d3b0b031e60aedbc18
+HMAC-SHA1(fips_sha1_selftest.c)= 98910a0c85eff1688bd7adb23e738dc75b39546e
+HMAC-SHA1(asm/sx86-elf.s)= ae66fb23ab8e1a2287e87a0a2dd30a4b9039fe63
+HMAC-SHA1(fips_standalone_sha1.c)= 93203c569097189b47a0085bc9fc55193867d4ce
+HMAC-SHA1(fips_sha_locl.h)= c1b4c82eec5f0ee119658456690f3ea9d77ed1c5
+HMAC-SHA1(fips_md32_common.h)= 08a057a7b94acf5df4301ea6c894ce14082e1ec4
diff --git a/src/lib/libssl/src/makevms.com b/src/lib/libssl/src/makevms.com
index a739625302..d892fe9f0d 100644
--- a/src/lib/libssl/src/makevms.com
+++ b/src/lib/libssl/src/makevms.com
@@ -480,18 +480,16 @@ $!
 $ EXHEADER := ssl.h,ssl2.h,ssl3.h,ssl23.h,tls1.h,kssl.h
 $ COPY SYS$DISK:[.SSL]'EXHEADER' SYS$DISK:[.INCLUDE.OPENSSL]
 $!
-$! Copy All The ".H" Files From The [.FIPS-1_0] Directories.
+$! Copy All The ".H" Files From The [.FIPS] Directories.
 $!
-$ FDIRS := ,SHA,RAND,DES,AES,DSA,RSA,DH,HMAC
+$ FDIRS := ,SHA1,RAND,DES,AES,DSA,RSA
 $ EXHEADER_ := fips.h
-$ EXHEADER_SHA := fips_sha.h
+$ EXHEADER_SHA1 :=
 $ EXHEADER_RAND := fips_rand.h
 $ EXHEADER_DES :=
 $ EXHEADER_AES :=
 $ EXHEADER_DSA :=
 $ EXHEADER_RSA :=
-$ EXHEADER_DH :=
-$ EXHEADER_HMAC :=
 $
 $ I = 0
 $ LOOP_FDIRS: 
@@ -502,9 +500,9 @@ $ tmp = EXHEADER_'D'
 $ IF tmp .EQS. "" THEN GOTO LOOP_FDIRS
 $ IF D .EQS. ""
 $ THEN
-$   COPY [.FIPS-1_0]'tmp' SYS$DISK:[.INCLUDE.OPENSSL] !/LOG
+$   COPY [.FIPS]'tmp' SYS$DISK:[.INCLUDE.OPENSSL] !/LOG
 $ ELSE
-$   COPY [.FIPS-1_0.'D']'tmp' SYS$DISK:[.INCLUDE.OPENSSL] !/LOG
+$   COPY [.FIPS.'D']'tmp' SYS$DISK:[.INCLUDE.OPENSSL] !/LOG
 $ ENDIF
 $ GOTO LOOP_FDIRS
 $ LOOP_FDIRS_END:
@@ -538,9 +536,9 @@ $! Go Back To The Main Directory.
 $!
 $ SET DEFAULT [-]
 $!
-$! Go To The [.FIPS-1_0] Directory.
+$! Go To The [.FIPS] Directory.
 $!
-$ SET DEFAULT SYS$DISK:[.FIPS-1_0]
+$ SET DEFAULT SYS$DISK:[.FIPS]
 $!
 $! Build The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library.
 $!  
diff --git a/src/lib/libssl/src/ms/.rnd b/src/lib/libssl/src/ms/.rnd
deleted file mode 100644
index 0566b46dfe..0000000000
--- a/src/lib/libssl/src/ms/.rnd
+++ /dev/null
diff --git a/src/lib/libssl/src/ms/do_masm.bat b/src/lib/libssl/src/ms/do_masm.bat
index ce22a44305..61c52562f7 100644
--- a/src/lib/libssl/src/ms/do_masm.bat
+++ b/src/lib/libssl/src/ms/do_masm.bat
@@ -1,3 +1,4 @@
+rem use "fips" as the first argument to make a proper FIPS build.

 

 @echo off

 echo Generating x86 for MASM assember

@@ -59,7 +60,7 @@ echo on
 perl util\mkfiles.pl >MINFO

 rem perl util\mk1mf.pl no-sock %1 VC-MSDOS >ms\msdos.mak

 rem perl util\mk1mf.pl %1 VC-W31-32 >ms\w31.mak

-rem perl util\mk1mf.pl dll %1 VC-W31-32 >ms\w31dll.mak

+perl util\mk1mf.pl dll %1 VC-W31-32 >ms\w31dll.mak

 perl util\mk1mf.pl %1 VC-WIN32 >ms\nt.mak

 perl util\mk1mf.pl dll %1 VC-WIN32 >ms\ntdll.mak

 

diff --git a/src/lib/libssl/src/ms/do_ms.bat b/src/lib/libssl/src/ms/do_ms.bat
index 4a76921298..72179708bf 100644
--- a/src/lib/libssl/src/ms/do_ms.bat
+++ b/src/lib/libssl/src/ms/do_ms.bat
@@ -2,7 +2,7 @@
 perl util\mkfiles.pl >MINFO

 rem perl util\mk1mf.pl no-sock %1 VC-MSDOS >ms\msdos.mak

 rem perl util\mk1mf.pl %1 VC-W31-32 >ms\w31.mak

-rem perl util\mk1mf.pl dll %1 VC-W31-32 >ms\w31dll.mak

+perl util\mk1mf.pl dll %1 VC-W31-32 >ms\w31dll.mak

 perl util\mk1mf.pl no-asm %1 VC-WIN32 >ms\nt.mak

 perl util\mk1mf.pl dll no-asm %1 VC-WIN32 >ms\ntdll.mak

 perl util\mk1mf.pl no-asm %1 VC-CE >ms\ce.mak

diff --git a/src/lib/libssl/src/openssl.spec b/src/lib/libssl/src/openssl.spec
index 3dad37d49b..98ef153e3b 100644
--- a/src/lib/libssl/src/openssl.spec
+++ b/src/lib/libssl/src/openssl.spec
@@ -1,8 +1,8 @@
 %define libmaj 0
 %define libmin 9
 %define librel 7
-%define librev j
-Release: 2
+%define librev g
+Release: 1
 
 %define openssldir /var/ssl
 
@@ -121,6 +121,7 @@ rm -rf $RPM_BUILD_ROOT
 
 %config %attr(0644,root,root) %{openssldir}/openssl.cnf 
 %dir %attr(0755,root,root) %{openssldir}/certs
+%dir %attr(0755,root,root) %{openssldir}/lib
 %dir %attr(0755,root,root) %{openssldir}/misc
 %dir %attr(0750,root,root) %{openssldir}/private
 
@@ -145,8 +146,6 @@ ldconfig
 ldconfig
 
 %changelog
-* Sun Jun  6 2005 Richard Levitte <richard@levitte.org>
-- Remove the incorrect installation of '%{openssldir}/lib'.
 * Wed May  7 2003 Richard Levitte <richard@levitte.org>
 - Add /usr/lib/pkgconfig/openssl.pc to the development section.
 * Thu Mar 22 2001 Richard Levitte <richard@levitte.org>
diff --git a/src/lib/libssl/src/ssl/Makefile.ssl b/src/lib/libssl/src/ssl/Makefile.ssl
new file mode 100644
index 0000000000..3ae3561ac1
--- /dev/null
+++ b/src/lib/libssl/src/ssl/Makefile.ssl
@@ -0,0 +1,1019 @@
+#
+# SSLeay/ssl/Makefile
+#
+
+DIR=    ssl
+TOP=    ..
+CC=     cc
+INCLUDES= -I../crypto -I$(TOP) -I../include $(KRB5_INCLUDES)
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+# KRB5 stuff
+KRB5_INCLUDES=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README ssl-lib.com install.com
+TEST=ssltest.c
+APPS=
+
+LIB=$(TOP)/libssl.a
+SHARED_LIB= libssl$(SHLIB_EXT)
+LIBSRC= \
+        s2_meth.c   s2_srvr.c s2_clnt.c  s2_lib.c  s2_enc.c s2_pkt.c \
+        s3_meth.c   s3_srvr.c s3_clnt.c  s3_lib.c  s3_enc.c s3_pkt.c s3_both.c \
+        s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c          s23_pkt.c \
+        t1_meth.c   t1_srvr.c t1_clnt.c  t1_lib.c  t1_enc.c \
+        ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \
+        ssl_ciph.c ssl_stat.c ssl_rsa.c \
+        ssl_asn1.c ssl_txt.c ssl_algs.c \
+        bio_ssl.c ssl_err.c kssl.c
+LIBOBJ= \
+        s2_meth.o  s2_srvr.o  s2_clnt.o  s2_lib.o  s2_enc.o s2_pkt.o \
+        s3_meth.o  s3_srvr.o  s3_clnt.o  s3_lib.o  s3_enc.o s3_pkt.o s3_both.o \
+        s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o          s23_pkt.o \
+        t1_meth.o   t1_srvr.o t1_clnt.o  t1_lib.o  t1_enc.o \
+        ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \
+        ssl_ciph.o ssl_stat.o ssl_rsa.o \
+        ssl_asn1.o ssl_txt.o ssl_algs.o \
+        bio_ssl.o ssl_err.o kssl.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h tls1.h kssl.h
+HEADER= $(EXHEADER) ssl_locl.h kssl_lcl.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ..; $(MAKE) DIRS=$(DIR) all)
+
+all:    shared
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+shared: lib
+        if [ -n "$(SHARED_LIBS)" ]; then \
+                (cd ..; $(MAKE) $(SHARED_LIB)); \
+        fi
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
+
+install:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bio_ssl.o: ../include/openssl/aes.h ../include/openssl/asn1.h
+bio_ssl.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+bio_ssl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+bio_ssl.o: ../include/openssl/cast.h ../include/openssl/comp.h
+bio_ssl.o: ../include/openssl/crypto.h ../include/openssl/des.h
+bio_ssl.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+bio_ssl.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+bio_ssl.o: ../include/openssl/err.h ../include/openssl/evp.h
+bio_ssl.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+bio_ssl.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+bio_ssl.o: ../include/openssl/md4.h ../include/openssl/md5.h
+bio_ssl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+bio_ssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+bio_ssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+bio_ssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+bio_ssl.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+bio_ssl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+bio_ssl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+bio_ssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+bio_ssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+bio_ssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+bio_ssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+bio_ssl.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+bio_ssl.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+bio_ssl.o: ../include/openssl/x509_vfy.h bio_ssl.c
+kssl.o: ../include/openssl/aes.h ../include/openssl/asn1.h
+kssl.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+kssl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+kssl.o: ../include/openssl/cast.h ../include/openssl/comp.h
+kssl.o: ../include/openssl/crypto.h ../include/openssl/des.h
+kssl.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+kssl.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+kssl.o: ../include/openssl/evp.h ../include/openssl/idea.h
+kssl.o: ../include/openssl/krb5_asn.h ../include/openssl/kssl.h
+kssl.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+kssl.o: ../include/openssl/md4.h ../include/openssl/md5.h
+kssl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+kssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+kssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+kssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+kssl.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+kssl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+kssl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+kssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+kssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+kssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+kssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+kssl.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+kssl.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+kssl.o: ../include/openssl/x509_vfy.h kssl.c
+s23_clnt.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s23_clnt.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s23_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s23_clnt.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s23_clnt.o: ../include/openssl/crypto.h ../include/openssl/des.h
+s23_clnt.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+s23_clnt.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+s23_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h
+s23_clnt.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s23_clnt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s23_clnt.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s23_clnt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s23_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s23_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s23_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s23_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+s23_clnt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+s23_clnt.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+s23_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s23_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s23_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s23_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s23_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s23_clnt.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+s23_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_clnt.c
+s23_clnt.o: ssl_locl.h
+s23_lib.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s23_lib.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s23_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s23_lib.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s23_lib.o: ../include/openssl/crypto.h ../include/openssl/des.h
+s23_lib.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+s23_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+s23_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
+s23_lib.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s23_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s23_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s23_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s23_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s23_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s23_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s23_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+s23_lib.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+s23_lib.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+s23_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s23_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s23_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s23_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s23_lib.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+s23_lib.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+s23_lib.o: ../include/openssl/x509_vfy.h s23_lib.c ssl_locl.h
+s23_meth.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s23_meth.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s23_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s23_meth.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s23_meth.o: ../include/openssl/crypto.h ../include/openssl/des.h
+s23_meth.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+s23_meth.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+s23_meth.o: ../include/openssl/err.h ../include/openssl/evp.h
+s23_meth.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s23_meth.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s23_meth.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s23_meth.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s23_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s23_meth.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s23_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s23_meth.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+s23_meth.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+s23_meth.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+s23_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s23_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s23_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s23_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s23_meth.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+s23_meth.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+s23_meth.o: ../include/openssl/x509_vfy.h s23_meth.c ssl_locl.h
+s23_pkt.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s23_pkt.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s23_pkt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s23_pkt.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s23_pkt.o: ../include/openssl/crypto.h ../include/openssl/des.h
+s23_pkt.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+s23_pkt.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+s23_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h
+s23_pkt.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s23_pkt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s23_pkt.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s23_pkt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s23_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s23_pkt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s23_pkt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s23_pkt.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+s23_pkt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+s23_pkt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+s23_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s23_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s23_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s23_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s23_pkt.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+s23_pkt.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+s23_pkt.o: ../include/openssl/x509_vfy.h s23_pkt.c ssl_locl.h
+s23_srvr.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s23_srvr.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s23_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s23_srvr.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s23_srvr.o: ../include/openssl/crypto.h ../include/openssl/des.h
+s23_srvr.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+s23_srvr.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+s23_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h
+s23_srvr.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s23_srvr.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s23_srvr.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s23_srvr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s23_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s23_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s23_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s23_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+s23_srvr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+s23_srvr.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+s23_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s23_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s23_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s23_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s23_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s23_srvr.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+s23_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_srvr.c
+s23_srvr.o: ssl_locl.h
+s2_clnt.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s2_clnt.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s2_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s2_clnt.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s2_clnt.o: ../include/openssl/crypto.h ../include/openssl/des.h
+s2_clnt.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+s2_clnt.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+s2_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h
+s2_clnt.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s2_clnt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s2_clnt.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s2_clnt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s2_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s2_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s2_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s2_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+s2_clnt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+s2_clnt.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+s2_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s2_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s2_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_clnt.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+s2_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_clnt.c
+s2_clnt.o: ssl_locl.h
+s2_enc.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s2_enc.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s2_enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s2_enc.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s2_enc.o: ../include/openssl/crypto.h ../include/openssl/des.h
+s2_enc.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+s2_enc.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+s2_enc.o: ../include/openssl/err.h ../include/openssl/evp.h
+s2_enc.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s2_enc.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s2_enc.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s2_enc.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s2_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s2_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s2_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s2_enc.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+s2_enc.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+s2_enc.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+s2_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s2_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s2_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s2_enc.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+s2_enc.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+s2_enc.o: ../include/openssl/x509_vfy.h s2_enc.c ssl_locl.h
+s2_lib.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s2_lib.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s2_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s2_lib.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s2_lib.o: ../include/openssl/crypto.h ../include/openssl/des.h
+s2_lib.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+s2_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+s2_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
+s2_lib.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s2_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s2_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s2_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s2_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s2_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s2_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s2_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+s2_lib.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+s2_lib.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+s2_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s2_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s2_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s2_lib.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+s2_lib.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+s2_lib.o: ../include/openssl/x509_vfy.h s2_lib.c ssl_locl.h
+s2_meth.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s2_meth.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s2_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s2_meth.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s2_meth.o: ../include/openssl/crypto.h ../include/openssl/des.h
+s2_meth.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+s2_meth.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+s2_meth.o: ../include/openssl/err.h ../include/openssl/evp.h
+s2_meth.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s2_meth.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s2_meth.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s2_meth.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s2_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s2_meth.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s2_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s2_meth.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+s2_meth.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+s2_meth.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+s2_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s2_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s2_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s2_meth.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+s2_meth.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+s2_meth.o: ../include/openssl/x509_vfy.h s2_meth.c ssl_locl.h
+s2_pkt.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s2_pkt.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s2_pkt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s2_pkt.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s2_pkt.o: ../include/openssl/crypto.h ../include/openssl/des.h
+s2_pkt.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+s2_pkt.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+s2_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h
+s2_pkt.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s2_pkt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s2_pkt.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s2_pkt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s2_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s2_pkt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s2_pkt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s2_pkt.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+s2_pkt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+s2_pkt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+s2_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s2_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s2_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s2_pkt.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+s2_pkt.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+s2_pkt.o: ../include/openssl/x509_vfy.h s2_pkt.c ssl_locl.h
+s2_srvr.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s2_srvr.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s2_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s2_srvr.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s2_srvr.o: ../include/openssl/crypto.h ../include/openssl/des.h
+s2_srvr.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+s2_srvr.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+s2_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h
+s2_srvr.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s2_srvr.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s2_srvr.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s2_srvr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s2_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s2_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s2_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s2_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+s2_srvr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+s2_srvr.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+s2_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s2_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s2_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_srvr.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+s2_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_srvr.c
+s2_srvr.o: ssl_locl.h
+s3_both.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s3_both.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s3_both.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s3_both.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s3_both.o: ../include/openssl/crypto.h ../include/openssl/des.h
+s3_both.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+s3_both.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+s3_both.o: ../include/openssl/err.h ../include/openssl/evp.h
+s3_both.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s3_both.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s3_both.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s3_both.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s3_both.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s3_both.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s3_both.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s3_both.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+s3_both.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+s3_both.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+s3_both.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_both.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s3_both.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_both.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_both.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_both.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+s3_both.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_both.c
+s3_both.o: ssl_locl.h
+s3_clnt.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s3_clnt.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s3_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s3_clnt.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s3_clnt.o: ../include/openssl/crypto.h ../include/openssl/des.h
+s3_clnt.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+s3_clnt.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+s3_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h
+s3_clnt.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s3_clnt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s3_clnt.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s3_clnt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s3_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s3_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s3_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s3_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+s3_clnt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+s3_clnt.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+s3_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s3_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_clnt.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+s3_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
+s3_clnt.o: s3_clnt.c ssl_locl.h
+s3_enc.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s3_enc.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s3_enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s3_enc.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s3_enc.o: ../include/openssl/crypto.h ../include/openssl/des.h
+s3_enc.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+s3_enc.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+s3_enc.o: ../include/openssl/err.h ../include/openssl/evp.h
+s3_enc.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s3_enc.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s3_enc.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s3_enc.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s3_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s3_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s3_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s3_enc.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+s3_enc.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+s3_enc.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+s3_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_enc.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+s3_enc.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+s3_enc.o: ../include/openssl/x509_vfy.h s3_enc.c ssl_locl.h
+s3_lib.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s3_lib.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s3_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s3_lib.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s3_lib.o: ../include/openssl/crypto.h ../include/openssl/des.h
+s3_lib.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+s3_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+s3_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
+s3_lib.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s3_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s3_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s3_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s3_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s3_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s3_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s3_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+s3_lib.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+s3_lib.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+s3_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_lib.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+s3_lib.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+s3_lib.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_lib.c ssl_locl.h
+s3_meth.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s3_meth.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s3_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s3_meth.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s3_meth.o: ../include/openssl/crypto.h ../include/openssl/des.h
+s3_meth.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+s3_meth.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+s3_meth.o: ../include/openssl/err.h ../include/openssl/evp.h
+s3_meth.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s3_meth.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s3_meth.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s3_meth.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s3_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s3_meth.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s3_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s3_meth.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+s3_meth.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+s3_meth.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+s3_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_meth.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+s3_meth.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+s3_meth.o: ../include/openssl/x509_vfy.h s3_meth.c ssl_locl.h
+s3_pkt.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s3_pkt.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s3_pkt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s3_pkt.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s3_pkt.o: ../include/openssl/crypto.h ../include/openssl/des.h
+s3_pkt.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+s3_pkt.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+s3_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h
+s3_pkt.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s3_pkt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s3_pkt.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s3_pkt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s3_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s3_pkt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s3_pkt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s3_pkt.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+s3_pkt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+s3_pkt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+s3_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_pkt.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+s3_pkt.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+s3_pkt.o: ../include/openssl/x509_vfy.h s3_pkt.c ssl_locl.h
+s3_srvr.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+s3_srvr.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+s3_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s3_srvr.o: ../include/openssl/cast.h ../include/openssl/comp.h
+s3_srvr.o: ../include/openssl/crypto.h ../include/openssl/des.h
+s3_srvr.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+s3_srvr.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+s3_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h
+s3_srvr.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+s3_srvr.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+s3_srvr.o: ../include/openssl/md4.h ../include/openssl/md5.h
+s3_srvr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+s3_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s3_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s3_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s3_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+s3_srvr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+s3_srvr.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+s3_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s3_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_srvr.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+s3_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
+s3_srvr.o: s3_srvr.c ssl_locl.h
+ssl_algs.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+ssl_algs.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+ssl_algs.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ssl_algs.o: ../include/openssl/cast.h ../include/openssl/comp.h
+ssl_algs.o: ../include/openssl/crypto.h ../include/openssl/des.h
+ssl_algs.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+ssl_algs.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+ssl_algs.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_algs.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+ssl_algs.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+ssl_algs.o: ../include/openssl/md4.h ../include/openssl/md5.h
+ssl_algs.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+ssl_algs.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_algs.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_algs.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_algs.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+ssl_algs.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+ssl_algs.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+ssl_algs.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_algs.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssl_algs.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssl_algs.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssl_algs.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+ssl_algs.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+ssl_algs.o: ../include/openssl/x509_vfy.h ssl_algs.c ssl_locl.h
+ssl_asn1.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+ssl_asn1.o: ../include/openssl/asn1_mac.h ../include/openssl/bio.h
+ssl_asn1.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
+ssl_asn1.o: ../include/openssl/buffer.h ../include/openssl/cast.h
+ssl_asn1.o: ../include/openssl/comp.h ../include/openssl/crypto.h
+ssl_asn1.o: ../include/openssl/des.h ../include/openssl/des_old.h
+ssl_asn1.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+ssl_asn1.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_asn1.o: ../include/openssl/evp.h ../include/openssl/idea.h
+ssl_asn1.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_asn1.o: ../include/openssl/md2.h ../include/openssl/md4.h
+ssl_asn1.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+ssl_asn1.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_asn1.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_asn1.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_asn1.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_asn1.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+ssl_asn1.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+ssl_asn1.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+ssl_asn1.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+ssl_asn1.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_asn1.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_asn1.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_asn1.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+ssl_asn1.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_asn1.c
+ssl_asn1.o: ssl_locl.h
+ssl_cert.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+ssl_cert.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+ssl_cert.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ssl_cert.o: ../include/openssl/cast.h ../include/openssl/comp.h
+ssl_cert.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+ssl_cert.o: ../include/openssl/des.h ../include/openssl/des_old.h
+ssl_cert.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+ssl_cert.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_cert.o: ../include/openssl/evp.h ../include/openssl/idea.h
+ssl_cert.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_cert.o: ../include/openssl/md2.h ../include/openssl/md4.h
+ssl_cert.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+ssl_cert.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_cert.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_cert.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_cert.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_cert.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+ssl_cert.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+ssl_cert.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+ssl_cert.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+ssl_cert.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_cert.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_cert.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_cert.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+ssl_cert.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ssl_cert.o: ../include/openssl/x509v3.h ssl_cert.c ssl_locl.h
+ssl_ciph.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+ssl_ciph.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+ssl_ciph.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ssl_ciph.o: ../include/openssl/cast.h ../include/openssl/comp.h
+ssl_ciph.o: ../include/openssl/crypto.h ../include/openssl/des.h
+ssl_ciph.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+ssl_ciph.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+ssl_ciph.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_ciph.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+ssl_ciph.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+ssl_ciph.o: ../include/openssl/md4.h ../include/openssl/md5.h
+ssl_ciph.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+ssl_ciph.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_ciph.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_ciph.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_ciph.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+ssl_ciph.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+ssl_ciph.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+ssl_ciph.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_ciph.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssl_ciph.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssl_ciph.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssl_ciph.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+ssl_ciph.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+ssl_ciph.o: ../include/openssl/x509_vfy.h ssl_ciph.c ssl_locl.h
+ssl_err.o: ../include/openssl/aes.h ../include/openssl/asn1.h
+ssl_err.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+ssl_err.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ssl_err.o: ../include/openssl/cast.h ../include/openssl/comp.h
+ssl_err.o: ../include/openssl/crypto.h ../include/openssl/des.h
+ssl_err.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+ssl_err.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+ssl_err.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_err.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+ssl_err.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+ssl_err.o: ../include/openssl/md4.h ../include/openssl/md5.h
+ssl_err.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+ssl_err.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_err.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_err.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_err.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+ssl_err.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+ssl_err.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+ssl_err.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_err.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssl_err.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssl_err.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssl_err.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+ssl_err.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+ssl_err.o: ../include/openssl/x509_vfy.h ssl_err.c
+ssl_err2.o: ../include/openssl/aes.h ../include/openssl/asn1.h
+ssl_err2.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+ssl_err2.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ssl_err2.o: ../include/openssl/cast.h ../include/openssl/comp.h
+ssl_err2.o: ../include/openssl/crypto.h ../include/openssl/des.h
+ssl_err2.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+ssl_err2.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+ssl_err2.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_err2.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+ssl_err2.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+ssl_err2.o: ../include/openssl/md4.h ../include/openssl/md5.h
+ssl_err2.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+ssl_err2.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_err2.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_err2.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_err2.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+ssl_err2.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+ssl_err2.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+ssl_err2.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_err2.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssl_err2.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssl_err2.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssl_err2.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+ssl_err2.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+ssl_err2.o: ../include/openssl/x509_vfy.h ssl_err2.c
+ssl_lib.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+ssl_lib.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+ssl_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ssl_lib.o: ../include/openssl/cast.h ../include/openssl/comp.h
+ssl_lib.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+ssl_lib.o: ../include/openssl/des.h ../include/openssl/des_old.h
+ssl_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+ssl_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_lib.o: ../include/openssl/evp.h ../include/openssl/idea.h
+ssl_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_lib.o: ../include/openssl/md2.h ../include/openssl/md4.h
+ssl_lib.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+ssl_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_lib.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+ssl_lib.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+ssl_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+ssl_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+ssl_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_lib.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+ssl_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ssl_lib.o: ../include/openssl/x509v3.h kssl_lcl.h ssl_lib.c ssl_locl.h
+ssl_rsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+ssl_rsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+ssl_rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ssl_rsa.o: ../include/openssl/cast.h ../include/openssl/comp.h
+ssl_rsa.o: ../include/openssl/crypto.h ../include/openssl/des.h
+ssl_rsa.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+ssl_rsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+ssl_rsa.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_rsa.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+ssl_rsa.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+ssl_rsa.o: ../include/openssl/md4.h ../include/openssl/md5.h
+ssl_rsa.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+ssl_rsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_rsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_rsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_rsa.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+ssl_rsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+ssl_rsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+ssl_rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_rsa.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssl_rsa.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssl_rsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssl_rsa.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+ssl_rsa.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+ssl_rsa.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_rsa.c
+ssl_sess.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+ssl_sess.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+ssl_sess.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ssl_sess.o: ../include/openssl/cast.h ../include/openssl/comp.h
+ssl_sess.o: ../include/openssl/crypto.h ../include/openssl/des.h
+ssl_sess.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+ssl_sess.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+ssl_sess.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_sess.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+ssl_sess.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+ssl_sess.o: ../include/openssl/md4.h ../include/openssl/md5.h
+ssl_sess.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+ssl_sess.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_sess.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_sess.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_sess.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+ssl_sess.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+ssl_sess.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+ssl_sess.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+ssl_sess.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+ssl_sess.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_sess.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_sess.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_sess.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+ssl_sess.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_sess.o: ssl_sess.c
+ssl_stat.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+ssl_stat.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+ssl_stat.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ssl_stat.o: ../include/openssl/cast.h ../include/openssl/comp.h
+ssl_stat.o: ../include/openssl/crypto.h ../include/openssl/des.h
+ssl_stat.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+ssl_stat.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+ssl_stat.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_stat.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+ssl_stat.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+ssl_stat.o: ../include/openssl/md4.h ../include/openssl/md5.h
+ssl_stat.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+ssl_stat.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_stat.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_stat.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_stat.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+ssl_stat.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+ssl_stat.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+ssl_stat.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_stat.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssl_stat.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssl_stat.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssl_stat.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+ssl_stat.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+ssl_stat.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_stat.c
+ssl_txt.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+ssl_txt.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+ssl_txt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ssl_txt.o: ../include/openssl/cast.h ../include/openssl/comp.h
+ssl_txt.o: ../include/openssl/crypto.h ../include/openssl/des.h
+ssl_txt.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+ssl_txt.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+ssl_txt.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_txt.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+ssl_txt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+ssl_txt.o: ../include/openssl/md4.h ../include/openssl/md5.h
+ssl_txt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+ssl_txt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_txt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_txt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_txt.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+ssl_txt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+ssl_txt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+ssl_txt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_txt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssl_txt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssl_txt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssl_txt.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+ssl_txt.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+ssl_txt.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_txt.c
+t1_clnt.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+t1_clnt.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+t1_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+t1_clnt.o: ../include/openssl/cast.h ../include/openssl/comp.h
+t1_clnt.o: ../include/openssl/crypto.h ../include/openssl/des.h
+t1_clnt.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+t1_clnt.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+t1_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h
+t1_clnt.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+t1_clnt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+t1_clnt.o: ../include/openssl/md4.h ../include/openssl/md5.h
+t1_clnt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+t1_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+t1_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+t1_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+t1_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+t1_clnt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+t1_clnt.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+t1_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+t1_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+t1_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_clnt.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+t1_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_clnt.o: t1_clnt.c
+t1_enc.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+t1_enc.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+t1_enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+t1_enc.o: ../include/openssl/cast.h ../include/openssl/comp.h
+t1_enc.o: ../include/openssl/crypto.h ../include/openssl/des.h
+t1_enc.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+t1_enc.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+t1_enc.o: ../include/openssl/err.h ../include/openssl/evp.h
+t1_enc.o: ../include/openssl/hmac.h ../include/openssl/idea.h
+t1_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_enc.o: ../include/openssl/md2.h ../include/openssl/md4.h
+t1_enc.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+t1_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_enc.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+t1_enc.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+t1_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+t1_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+t1_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_enc.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+t1_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_enc.o: t1_enc.c
+t1_lib.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+t1_lib.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+t1_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+t1_lib.o: ../include/openssl/cast.h ../include/openssl/comp.h
+t1_lib.o: ../include/openssl/crypto.h ../include/openssl/des.h
+t1_lib.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+t1_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+t1_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
+t1_lib.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+t1_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+t1_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h
+t1_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+t1_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+t1_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+t1_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+t1_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+t1_lib.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+t1_lib.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+t1_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+t1_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+t1_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+t1_lib.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+t1_lib.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+t1_lib.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_lib.c
+t1_meth.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+t1_meth.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+t1_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+t1_meth.o: ../include/openssl/cast.h ../include/openssl/comp.h
+t1_meth.o: ../include/openssl/crypto.h ../include/openssl/des.h
+t1_meth.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+t1_meth.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+t1_meth.o: ../include/openssl/err.h ../include/openssl/evp.h
+t1_meth.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+t1_meth.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+t1_meth.o: ../include/openssl/md4.h ../include/openssl/md5.h
+t1_meth.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+t1_meth.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+t1_meth.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+t1_meth.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+t1_meth.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+t1_meth.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+t1_meth.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+t1_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+t1_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+t1_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+t1_meth.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+t1_meth.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+t1_meth.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_meth.c
+t1_srvr.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+t1_srvr.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+t1_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+t1_srvr.o: ../include/openssl/cast.h ../include/openssl/comp.h
+t1_srvr.o: ../include/openssl/crypto.h ../include/openssl/des.h
+t1_srvr.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+t1_srvr.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+t1_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h
+t1_srvr.o: ../include/openssl/idea.h ../include/openssl/kssl.h
+t1_srvr.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+t1_srvr.o: ../include/openssl/md4.h ../include/openssl/md5.h
+t1_srvr.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+t1_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+t1_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+t1_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+t1_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+t1_srvr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+t1_srvr.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+t1_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+t1_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+t1_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_srvr.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
+t1_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_srvr.o: t1_srvr.c
diff --git a/src/lib/libssl/src/ssl/kssl.c b/src/lib/libssl/src/ssl/kssl.c
index 9a41769e75..3afa95f3fa 100644
--- a/src/lib/libssl/src/ssl/kssl.c
+++ b/src/lib/libssl/src/ssl/kssl.c
@@ -68,11 +68,9 @@
 
 #include <openssl/opensslconf.h>
 
-#define _XOPEN_SOURCE 500 /* glibc2 needs this to declare strptime() */
+#define _XOPEN_SOURCE /* glibc2 needs this to declare strptime() */
 #include <time.h>
-#if 0 /* Experimental */
 #undef _XOPEN_SOURCE /* To avoid clashes with anything else... */
-#endif
 #include <string.h>
 
 #define KRB5_PRIVATE    1
@@ -297,7 +295,7 @@ load_krb5_dll(void)
         HANDLE hKRB5_32;
     
         krb5_loaded++;
-        hKRB5_32 = LoadLibrary(TEXT("KRB5_32"));
+        hKRB5_32 = LoadLibrary("KRB5_32");
         if (!hKRB5_32)
                 return;
 
diff --git a/src/lib/libssl/src/ssl/s23_clnt.c b/src/lib/libssl/src/ssl/s23_clnt.c
index 86356731ea..779e94a35c 100644
--- a/src/lib/libssl/src/ssl/s23_clnt.c
+++ b/src/lib/libssl/src/ssl/s23_clnt.c
@@ -106,7 +106,7 @@ SSL_METHOD *SSLv23_client_method(void)
 int ssl23_connect(SSL *s)
         {
         BUF_MEM *buf=NULL;
-        unsigned long Time=(unsigned long)time(NULL);
+        unsigned long Time=time(NULL);
         void (*cb)(const SSL *ssl,int type,int val)=NULL;
         int ret= -1;
         int new_state,state;
@@ -220,28 +220,9 @@ static int ssl23_client_hello(SSL *s)
         {
         unsigned char *buf;
         unsigned char *p,*d;
-        int i,j,ch_len;
-        unsigned long Time,l;
-        int ssl2_compat;
-        int version = 0, version_major, version_minor;
-        SSL_COMP *comp;
+        int i,ch_len;
         int ret;
 
-        ssl2_compat = (s->options & SSL_OP_NO_SSLv2) ? 0 : 1;
-
-        if (!(s->options & SSL_OP_NO_TLSv1))
-                {
-                version = TLS1_VERSION;
-                }
-        else if (!(s->options & SSL_OP_NO_SSLv3))
-                {
-                version = SSL3_VERSION;
-                }
-        else if (!(s->options & SSL_OP_NO_SSLv2))
-                {
-                version = SSL2_VERSION;
-                }
-
         buf=(unsigned char *)s->init_buf->data;
         if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
                 {
@@ -254,15 +235,19 @@ static int ssl23_client_hello(SSL *s)
 #endif
 
                 p=s->s3->client_random;
-                Time=(unsigned long)time(NULL);                 /* Time */
-                l2n(Time,p);
-                if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
-                        return -1;
+                if(RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE) <= 0)
+                    return -1;
 
-                if (version == TLS1_VERSION)
+                /* Do the message type and length last */
+                d= &(buf[2]);
+                p=d+9;
+
+                *(d++)=SSL2_MT_CLIENT_HELLO;
+                if (!(s->options & SSL_OP_NO_TLSv1))
                         {
-                        version_major = TLS1_VERSION_MAJOR;
-                        version_minor = TLS1_VERSION_MINOR;
+                        *(d++)=TLS1_VERSION_MAJOR;
+                        *(d++)=TLS1_VERSION_MINOR;
+                        s->client_version=TLS1_VERSION;
                         }
 #ifdef OPENSSL_FIPS
                 else if(FIPS_mode())
@@ -272,15 +257,17 @@ static int ssl23_client_hello(SSL *s)
                         return -1;
                         }
 #endif
-                else if (version == SSL3_VERSION)
+                else if (!(s->options & SSL_OP_NO_SSLv3))
                         {
-                        version_major = SSL3_VERSION_MAJOR;
-                        version_minor = SSL3_VERSION_MINOR;
+                        *(d++)=SSL3_VERSION_MAJOR;
+                        *(d++)=SSL3_VERSION_MINOR;
+                        s->client_version=SSL3_VERSION;
                         }
-                else if (version == SSL2_VERSION)
+                else if (!(s->options & SSL_OP_NO_SSLv2))
                         {
-                        version_major = SSL2_VERSION_MAJOR;
-                        version_minor = SSL2_VERSION_MINOR;
+                        *(d++)=SSL2_VERSION_MAJOR;
+                        *(d++)=SSL2_VERSION_MINOR;
+                        s->client_version=SSL2_VERSION;
                         }
                 else
                         {
@@ -288,153 +275,59 @@ static int ssl23_client_hello(SSL *s)
                         return(-1);
                         }
 
-                s->client_version = version;
-
-                if (ssl2_compat)
+                /* Ciphers supported */
+                i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p);
+                if (i == 0)
                         {
-                        /* create SSL 2.0 compatible Client Hello */
-
-                        /* two byte record header will be written last */
-                        d = &(buf[2]);
-                        p = d + 9; /* leave space for message type, version, individual length fields */
+                        /* no ciphers */
+                        SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
+                        return(-1);
+                        }
+                s2n(i,d);
+                p+=i;
 
-                        *(d++) = SSL2_MT_CLIENT_HELLO;
-                        *(d++) = version_major;
-                        *(d++) = version_minor;
-                        
-                        /* Ciphers supported */
-                        i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p,0);
-                        if (i == 0)
-                                {
-                                /* no ciphers */
-                                SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
-                                return -1;
-                                }
-                        s2n(i,d);
-                        p+=i;
-                        
-                        /* put in the session-id length (zero since there is no reuse) */
+                /* put in the session-id, zero since there is no
+                 * reuse. */
 #if 0
-                        s->session->session_id_length=0;
+                s->session->session_id_length=0;
 #endif
-                        s2n(0,d);
-
-                        if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
-                                ch_len=SSL2_CHALLENGE_LENGTH;
-                        else
-                                ch_len=SSL2_MAX_CHALLENGE_LENGTH;
-
-                        /* write out sslv2 challenge */
-                        if (SSL3_RANDOM_SIZE < ch_len)
-                                i=SSL3_RANDOM_SIZE;
-                        else
-                                i=ch_len;
-                        s2n(i,d);
-                        memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
-                        if (RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i) <= 0)
-                                return -1;
-
-                        memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
-                        p+=i;
-
-                        i= p- &(buf[2]);
-                        buf[0]=((i>>8)&0xff)|0x80;
-                        buf[1]=(i&0xff);
-
-                        /* number of bytes to write */
-                        s->init_num=i+2;
-                        s->init_off=0;
-
-                        ssl3_finish_mac(s,&(buf[2]),i);
-                        }
-                else
-                        {
-                        /* create Client Hello in SSL 3.0/TLS 1.0 format */
-
-                        /* do the record header (5 bytes) and handshake message header (4 bytes) last */
-                        d = p = &(buf[9]);
-                        
-                        *(p++) = version_major;
-                        *(p++) = version_minor;
-
-                        /* Random stuff */
-                        memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
-                        p += SSL3_RANDOM_SIZE;
+                s2n(0,d);
 
-                        /* Session ID (zero since there is no reuse) */
-                        *(p++) = 0;
-
-                        /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */
-                        i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]),ssl3_put_cipher_by_char);
-                        if (i == 0)
-                                {
-                                SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
-                                return -1;
-                                }
-                        s2n(i,p);
-                        p+=i;
-
-                        /* COMPRESSION */
-                        if (s->ctx->comp_methods == NULL)
-                                j=0;
-                        else
-                                j=sk_SSL_COMP_num(s->ctx->comp_methods);
-                        *(p++)=1+j;
-                        for (i=0; i<j; i++)
-                                {
-                                comp=sk_SSL_COMP_value(s->ctx->comp_methods,i);
-                                *(p++)=comp->id;
-                                }
-                        *(p++)=0; /* Add the NULL method */
-                        
-                        l = p-d;
-                        *p = 42;
+                if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
+                        ch_len=SSL2_CHALLENGE_LENGTH;
+                else
+                        ch_len=SSL2_MAX_CHALLENGE_LENGTH;
 
-                        /* fill in 4-byte handshake header */
-                        d=&(buf[5]);
-                        *(d++)=SSL3_MT_CLIENT_HELLO;
-                        l2n3(l,d);
+                /* write out sslv2 challenge */
+                if (SSL3_RANDOM_SIZE < ch_len)
+                        i=SSL3_RANDOM_SIZE;
+                else
+                        i=ch_len;
+                s2n(i,d);
+                memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
+                if(RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i) <= 0)
+                        return -1;
 
-                        l += 4;
+                memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
+                p+=i;
 
-                        if (l > SSL3_RT_MAX_PLAIN_LENGTH)
-                                {
-                                SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
-                                return -1;
-                                }
-                        
-                        /* fill in 5-byte record header */
-                        d=buf;
-                        *(d++) = SSL3_RT_HANDSHAKE;
-                        *(d++) = version_major;
-                        *(d++) = version_minor; /* arguably we should send the *lowest* suported version here
-                                                 * (indicating, e.g., TLS 1.0 in "SSL 3.0 format") */
-                        s2n((int)l,d);
-
-                        /* number of bytes to write */
-                        s->init_num=p-buf;
-                        s->init_off=0;
-
-                        ssl3_finish_mac(s,&(buf[5]), s->init_num - 5);
-                        }
+                i= p- &(buf[2]);
+                buf[0]=((i>>8)&0xff)|0x80;
+                buf[1]=(i&0xff);
 
                 s->state=SSL23_ST_CW_CLNT_HELLO_B;
+                /* number of bytes to write */
+                s->init_num=i+2;
                 s->init_off=0;
+
+                ssl3_finish_mac(s,&(buf[2]),i);
                 }
 
         /* SSL3_ST_CW_CLNT_HELLO_B */
         ret = ssl23_write_bytes(s);
-
-        if ((ret >= 2) && s->msg_callback)
-                {
-                /* Client Hello has been sent; tell msg_callback */
-
-                if (ssl2_compat)
-                        s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg);
-                else
-                        s->msg_callback(1, version, SSL3_RT_HANDSHAKE, s->init_buf->data+5, ret-5, s, s->msg_callback_arg);
-                }
-
+        if (ret >= 2)
+                if (s->msg_callback)
+                        s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
         return ret;
         }
 
diff --git a/src/lib/libssl/src/ssl/s23_srvr.c b/src/lib/libssl/src/ssl/s23_srvr.c
index b73abc448f..e9edc34328 100644
--- a/src/lib/libssl/src/ssl/s23_srvr.c
+++ b/src/lib/libssl/src/ssl/s23_srvr.c
@@ -158,7 +158,7 @@ SSL_METHOD *SSLv23_server_method(void)
 int ssl23_accept(SSL *s)
         {
         BUF_MEM *buf;
-        unsigned long Time=(unsigned long)time(NULL);
+        unsigned long Time=time(NULL);
         void (*cb)(const SSL *ssl,int type,int val)=NULL;
         int ret= -1;
         int new_state,state;
@@ -268,6 +268,9 @@ int ssl23_get_client_hello(SSL *s)
         int n=0,j;
         int type=0;
         int v[2];
+#ifndef OPENSSL_NO_RSA
+        int use_sslv2_strong=0;
+#endif
 
         if (s->state == SSL23_ST_SR_CLNT_HELLO_A)
                 {
diff --git a/src/lib/libssl/src/ssl/s2_clnt.c b/src/lib/libssl/src/ssl/s2_clnt.c
index eba04c715b..c67829f495 100644
--- a/src/lib/libssl/src/ssl/s2_clnt.c
+++ b/src/lib/libssl/src/ssl/s2_clnt.c
@@ -162,7 +162,7 @@ SSL_METHOD *SSLv2_client_method(void)
 
 int ssl2_connect(SSL *s)
         {
-        unsigned long l=(unsigned long)time(NULL);
+        unsigned long l=time(NULL);
         BUF_MEM *buf=NULL;
         int ret= -1;
         void (*cb)(const SSL *ssl,int type,int val)=NULL;
@@ -584,7 +584,7 @@ static int client_hello(SSL *s)
                 s2n(SSL2_VERSION,p);                    /* version */
                 n=j=0;
 
-                n=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),d,0);
+                n=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),d);
                 d+=n;
 
                 if (n == 0)
diff --git a/src/lib/libssl/src/ssl/s2_srvr.c b/src/lib/libssl/src/ssl/s2_srvr.c
index 7a4992b7aa..853871f28c 100644
--- a/src/lib/libssl/src/ssl/s2_srvr.c
+++ b/src/lib/libssl/src/ssl/s2_srvr.c
@@ -162,7 +162,7 @@ SSL_METHOD *SSLv2_server_method(void)
 
 int ssl2_accept(SSL *s)
         {
-        unsigned long l=(unsigned long)time(NULL);
+        unsigned long l=time(NULL);
         BUF_MEM *buf=NULL;
         int ret= -1;
         long num1;
@@ -797,7 +797,7 @@ static int server_hello(SSL *s)
                         /* lets send out the ciphers we like in the
                          * prefered order */
                         sk= s->session->ciphers;
-                        n=ssl_cipher_list_to_bytes(s,s->session->ciphers,d,0);
+                        n=ssl_cipher_list_to_bytes(s,s->session->ciphers,d);
                         d+=n;
                         s2n(n,p);               /* add cipher length */
                         }
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c
index 05194fdb31..ebf83b0322 100644
--- a/src/lib/libssl/src/ssl/s3_clnt.c
+++ b/src/lib/libssl/src/ssl/s3_clnt.c
@@ -165,11 +165,11 @@ SSL_METHOD *SSLv3_client_method(void)
 int ssl3_connect(SSL *s)
         {
         BUF_MEM *buf=NULL;
-        unsigned long Time=(unsigned long)time(NULL),l;
+        unsigned long Time=time(NULL),l;
         long num1;
         void (*cb)(const SSL *ssl,int type,int val)=NULL;
         int ret= -1;
-        int new_state,state,skip=0;;
+        int new_state,state,skip=0;
 
         RAND_add(&Time,sizeof(Time),0);
         ERR_clear_error();
@@ -533,7 +533,7 @@ static int ssl3_client_hello(SSL *s)
                 /* else use the pre-loaded session */
 
                 p=s->s3->client_random;
-                Time=(unsigned long)time(NULL);                 /* Time */
+                Time=time(NULL);                        /* Time */
                 l2n(Time,p);
                 if(RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
                     goto err;
@@ -567,7 +567,7 @@ static int ssl3_client_hello(SSL *s)
                         }
                 
                 /* Ciphers supported */
-                i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]),0);
+                i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]));
                 if (i == 0)
                         {
                         SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c
index a77588e725..9bf1dbec06 100644
--- a/src/lib/libssl/src/ssl/s3_lib.c
+++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -835,7 +835,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
             TLS1_TXT_RSA_WITH_AES_128_SHA,
             TLS1_CK_RSA_WITH_AES_128_SHA,
             SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
-            SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+            SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS,
             0,
             128,
             128,
@@ -848,7 +848,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
             TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
             TLS1_CK_DH_DSS_WITH_AES_128_SHA,
             SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+            SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS,
             0,
             128,
             128,
@@ -861,7 +861,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
             TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
             TLS1_CK_DH_RSA_WITH_AES_128_SHA,
             SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+            SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS,
             0,
             128,
             128,
@@ -874,7 +874,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
             TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
             TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
             SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+            SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS,
             0,
             128,
             128,
@@ -887,7 +887,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
             TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
             TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
             SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+            SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS,
             0,
             128,
             128,
@@ -900,7 +900,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
             TLS1_TXT_ADH_WITH_AES_128_SHA,
             TLS1_CK_ADH_WITH_AES_128_SHA,
             SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+            SSL_NOT_EXP|SSL_MEDIUM|SSL_FIPS,
             0,
             128,
             128,
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c
index 36fc39d7f8..c4a1a71523 100644
--- a/src/lib/libssl/src/ssl/s3_srvr.c
+++ b/src/lib/libssl/src/ssl/s3_srvr.c
@@ -173,7 +173,7 @@ SSL_METHOD *SSLv3_server_method(void)
 int ssl3_accept(SSL *s)
         {
         BUF_MEM *buf;
-        unsigned long l,Time=(unsigned long)time(NULL);
+        unsigned long l,Time=time(NULL);
         void (*cb)(const SSL *ssl,int type,int val)=NULL;
         long num1;
         int ret= -1;
@@ -954,7 +954,7 @@ static int ssl3_send_server_hello(SSL *s)
                 {
                 buf=(unsigned char *)s->init_buf->data;
                 p=s->s3->server_random;
-                Time=(unsigned long)time(NULL);                 /* Time */
+                Time=time(NULL);                        /* Time */
                 l2n(Time,p);
                 if(RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
                         return -1;
diff --git a/src/lib/libssl/src/ssl/ssl-lib.com b/src/lib/libssl/src/ssl/ssl-lib.com
index f0665c6b86..163ade9f7a 100644
--- a/src/lib/libssl/src/ssl/ssl-lib.com
+++ b/src/lib/libssl/src/ssl/ssl-lib.com
@@ -749,7 +749,7 @@ $ CCDEFS = "TCPIP_TYPE_''P4'"
 $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
 $ CCEXTRAFLAGS = ""
 $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
-$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
+$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX"
 $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
         CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
 $!
diff --git a/src/lib/libssl/src/ssl/ssl.h b/src/lib/libssl/src/ssl/ssl.h
index 99e188086b..3161f532cf 100644
--- a/src/lib/libssl/src/ssl/ssl.h
+++ b/src/lib/libssl/src/ssl/ssl.h
@@ -467,7 +467,7 @@ typedef struct ssl_session_st
 #define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG         0x00000008L
 #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG              0x00000010L
 #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER               0x00000020L
-#define SSL_OP_MSIE_SSLV2_RSA_PADDING                   0x00000040L /* no effect since 0.9.7h and 0.9.8b */
+#define SSL_OP_MSIE_SSLV2_RSA_PADDING                   0x00000040L
 #define SSL_OP_SSLEAY_080_CLIENT_DH_BUG                 0x00000080L
 #define SSL_OP_TLS_D5_BUG                               0x00000100L
 #define SSL_OP_TLS_BLOCK_PADDING_BUG                    0x00000200L
@@ -1567,7 +1567,6 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_SSL_CTRL                                   232
 #define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY                  168
 #define SSL_F_SSL_CTX_NEW                                169
-#define SSL_F_SSL_CTX_SET_CIPHER_LIST                    269
 #define SSL_F_SSL_CTX_SET_PURPOSE                        226
 #define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT             219
 #define SSL_F_SSL_CTX_SET_SSL_VERSION                    170
@@ -1597,7 +1596,6 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_SSL_SESSION_PRINT_FP                       190
 #define SSL_F_SSL_SESS_CERT_NEW                          225
 #define SSL_F_SSL_SET_CERT                               191
-#define SSL_F_SSL_SET_CIPHER_LIST                        271
 #define SSL_F_SSL_SET_FD                                 192
 #define SSL_F_SSL_SET_PKEY                               193
 #define SSL_F_SSL_SET_PURPOSE                            227
@@ -1676,39 +1674,40 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED              145
 #define SSL_R_DATA_LENGTH_TOO_LONG                       146
 #define SSL_R_DECRYPTION_FAILED                          147
-#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC        281
+#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC        1109
 #define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG            148
 #define SSL_R_DIGEST_CHECK_FAILED                        149
 #define SSL_R_ENCRYPTED_LENGTH_TOO_LONG                  150
-#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY               282
+#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY               1092
 #define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST              151
 #define SSL_R_EXCESSIVE_MESSAGE_SIZE                     152
 #define SSL_R_EXTRA_DATA_IN_MESSAGE                      153
 #define SSL_R_GOT_A_FIN_BEFORE_A_CCS                     154
 #define SSL_R_HTTPS_PROXY_REQUEST                        155
 #define SSL_R_HTTP_REQUEST                               156
-#define SSL_R_ILLEGAL_PADDING                            283
+#define SSL_R_ILLEGAL_PADDING                            1110
 #define SSL_R_INVALID_CHALLENGE_LENGTH                   158
 #define SSL_R_INVALID_COMMAND                            280
 #define SSL_R_INVALID_PURPOSE                            278
 #define SSL_R_INVALID_TRUST                              279
-#define SSL_R_KEY_ARG_TOO_LONG                           284
-#define SSL_R_KRB5                                       285
-#define SSL_R_KRB5_C_CC_PRINC                            286
-#define SSL_R_KRB5_C_GET_CRED                            287
-#define SSL_R_KRB5_C_INIT                                288
-#define SSL_R_KRB5_C_MK_REQ                              289
-#define SSL_R_KRB5_S_BAD_TICKET                          290
-#define SSL_R_KRB5_S_INIT                                291
-#define SSL_R_KRB5_S_RD_REQ                              292
-#define SSL_R_KRB5_S_TKT_EXPIRED                         293
-#define SSL_R_KRB5_S_TKT_NYV                             294
-#define SSL_R_KRB5_S_TKT_SKEW                            295
+#define SSL_R_KEY_ARG_TOO_LONG                           1112
+#define SSL_R_KRB5                                       1104
+#define SSL_R_KRB5_C_CC_PRINC                            1094
+#define SSL_R_KRB5_C_GET_CRED                            1095
+#define SSL_R_KRB5_C_INIT                                1096
+#define SSL_R_KRB5_C_MK_REQ                              1097
+#define SSL_R_KRB5_S_BAD_TICKET                          1098
+#define SSL_R_KRB5_S_INIT                                1099
+#define SSL_R_KRB5_S_RD_REQ                              1108
+#define SSL_R_KRB5_S_TKT_EXPIRED                         1105
+#define SSL_R_KRB5_S_TKT_NYV                             1106
+#define SSL_R_KRB5_S_TKT_SKEW                            1107
 #define SSL_R_LENGTH_MISMATCH                            159
 #define SSL_R_LENGTH_TOO_SHORT                           160
 #define SSL_R_LIBRARY_BUG                                274
 #define SSL_R_LIBRARY_HAS_NO_CIPHERS                     161
-#define SSL_R_MESSAGE_TOO_LONG                           296
+#define SSL_R_MASTER_KEY_TOO_LONG                        1112
+#define SSL_R_MESSAGE_TOO_LONG                           1111
 #define SSL_R_MISSING_DH_DSA_CERT                        162
 #define SSL_R_MISSING_DH_KEY                             163
 #define SSL_R_MISSING_DH_RSA_CERT                        164
@@ -1745,7 +1744,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_NULL_SSL_CTX                               195
 #define SSL_R_NULL_SSL_METHOD_PASSED                     196
 #define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED            197
-#define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE              297
+#define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE              1115
 #define SSL_R_PACKET_LENGTH_TOO_LONG                     198
 #define SSL_R_PATH_TOO_LONG                              270
 #define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE          199
@@ -1764,7 +1763,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_READ_WRONG_PACKET_TYPE                     212
 #define SSL_R_RECORD_LENGTH_MISMATCH                     213
 #define SSL_R_RECORD_TOO_LARGE                           214
-#define SSL_R_RECORD_TOO_SMALL                           298
+#define SSL_R_RECORD_TOO_SMALL                           1093
 #define SSL_R_REQUIRED_CIPHER_MISSING                    215
 #define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO                 216
 #define SSL_R_REUSE_CERT_TYPE_NOT_ZERO                   217
@@ -1773,8 +1772,8 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_SHORT_READ                                 219
 #define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE      220
 #define SSL_R_SSL23_DOING_SESSION_ID_REUSE               221
-#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG                299
-#define SSL_R_SSL3_SESSION_ID_TOO_LONG                   300
+#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG                1114
+#define SSL_R_SSL3_SESSION_ID_TOO_LONG                   1113
 #define SSL_R_SSL3_SESSION_ID_TOO_SHORT                  222
 #define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE                1042
 #define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC                 1020
@@ -1785,15 +1784,20 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE              1040
 #define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER              1047
 #define SSL_R_SSLV3_ALERT_NO_CERTIFICATE                 1041
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE         223
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE      224
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER           225
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 226
 #define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE             1010
+#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE      227
 #define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE        1043
 #define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION         228
 #define SSL_R_SSL_HANDSHAKE_FAILURE                      229
 #define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS                 230
-#define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED             301
-#define SSL_R_SSL_SESSION_ID_CONFLICT                    302
+#define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED             1102
+#define SSL_R_SSL_SESSION_ID_CONFLICT                    1103
 #define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG            273
-#define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH              303
+#define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH              1101
 #define SSL_R_SSL_SESSION_ID_IS_DIFFERENT                231
 #define SSL_R_TLSV1_ALERT_ACCESS_DENIED                  1049
 #define SSL_R_TLSV1_ALERT_DECODE_ERROR                   1050
@@ -1834,6 +1838,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_UNKNOWN_STATE                              255
 #define SSL_R_UNSUPPORTED_CIPHER                         256
 #define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM          257
+#define SSL_R_UNSUPPORTED_OPTION                         1091
 #define SSL_R_UNSUPPORTED_PROTOCOL                       258
 #define SSL_R_UNSUPPORTED_SSL_VERSION                    259
 #define SSL_R_WRITE_BIO_NOT_SET                          260
diff --git a/src/lib/libssl/src/ssl/ssl_asn1.c b/src/lib/libssl/src/ssl/ssl_asn1.c
index fc5fcce108..4d5900ad2f 100644
--- a/src/lib/libssl/src/ssl/ssl_asn1.c
+++ b/src/lib/libssl/src/ssl/ssl_asn1.c
@@ -344,7 +344,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char * const *pp,
                 OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
                 }
         else
-                ret->time=(unsigned long)time(NULL);
+                ret->time=time(NULL);
 
         ai.length=0;
         M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,2);
diff --git a/src/lib/libssl/src/ssl/ssl_cert.c b/src/lib/libssl/src/ssl/ssl_cert.c
index b779e6bb4d..b8b9bc2390 100644
--- a/src/lib/libssl/src/ssl/ssl_cert.c
+++ b/src/lib/libssl/src/ssl/ssl_cert.c
@@ -616,13 +616,14 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file)
         BIO *in;
         X509 *x=NULL;
         X509_NAME *xn=NULL;
-        STACK_OF(X509_NAME) *ret = NULL,*sk;
+        STACK_OF(X509_NAME) *ret,*sk;
 
+        ret=sk_X509_NAME_new_null();
         sk=sk_X509_NAME_new(xname_cmp);
 
         in=BIO_new(BIO_s_file_internal());
 
-        if ((sk == NULL) || (in == NULL))
+        if ((ret == NULL) || (sk == NULL) || (in == NULL))
                 {
                 SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE);
                 goto err;
@@ -635,15 +636,6 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file)
                 {
                 if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL)
                         break;
-                if (ret == NULL)
-                        {
-                        ret = sk_X509_NAME_new_null();
-                        if (ret == NULL)
-                                {
-                                SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE);
-                                goto err;
-                                }
-                        }
                 if ((xn=X509_get_subject_name(x)) == NULL) goto err;
                 /* check for duplicates */
                 xn=X509_NAME_dup(xn);
@@ -666,8 +658,6 @@ err:
         if (sk != NULL) sk_X509_NAME_free(sk);
         if (in != NULL) BIO_free(in);
         if (x != NULL) X509_free(x);
-        if (ret != NULL)
-                ERR_clear_error();
         return(ret);
         }
 #endif
diff --git a/src/lib/libssl/src/ssl/ssl_ciph.c b/src/lib/libssl/src/ssl/ssl_ciph.c
index 3df5e2fa80..a7ccefa30c 100644
--- a/src/lib/libssl/src/ssl/ssl_ciph.c
+++ b/src/lib/libssl/src/ssl/ssl_ciph.c
@@ -74,7 +74,7 @@
 #define SSL_ENC_NUM_IDX         9
 
 static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
-        NULL,NULL,NULL,NULL,NULL,NULL,
+        NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL
         };
 
 static STACK_OF(SSL_COMP) *ssl_comp_methods=NULL;
@@ -253,7 +253,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
                 break;
                 }
 
-        if ((i < 0) || (i > SSL_ENC_NUM_IDX))
+        if ((i < 0) || (i >= SSL_ENC_NUM_IDX))
                 *enc=NULL;
         else
                 {
@@ -275,7 +275,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
                 i= -1;
                 break;
                 }
-        if ((i < 0) || (i > SSL_MD_NUM_IDX))
+        if ((i < 0) || (i >= SSL_MD_NUM_IDX))
                 *md=NULL;
         else
                 *md=ssl_digest_methods[i];
@@ -700,18 +700,9 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
                         if (!found)
                                 break;  /* ignore this entry */
 
-                        /* New algorithms:
-                         *  1 - any old restrictions apply outside new mask
-                         *  2 - any new restrictions apply outside old mask
-                         *  3 - enforce old & new where masks intersect
-                         */
-                        algorithms = (algorithms & ~ca_list[j]->mask) |         /* 1 */
-                                     (ca_list[j]->algorithms & ~mask) |         /* 2 */
-                                     (algorithms & ca_list[j]->algorithms);     /* 3 */
+                        algorithms |= ca_list[j]->algorithms;
                         mask |= ca_list[j]->mask;
-                        algo_strength = (algo_strength & ~ca_list[j]->mask_strength) |
-                                        (ca_list[j]->algo_strength & ~mask_strength) |
-                                        (algo_strength & ca_list[j]->algo_strength);
+                        algo_strength |= ca_list[j]->algo_strength;
                         mask_strength |= ca_list[j]->mask_strength;
 
                         if (!multi) break;
@@ -765,7 +756,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
         {
         int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
         unsigned long disabled_mask;
-        STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list;
+        STACK_OF(SSL_CIPHER) *cipherstack;
         const char *rule_p;
         CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
         SSL_CIPHER **ca_list = NULL;
@@ -773,8 +764,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
         /*
          * Return with error if nothing to do.
          */
-        if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
-                return NULL;
+        if (rule_str == NULL) return(NULL);
 
         if (init_ciphers)
                 {
@@ -885,18 +875,46 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
                 }
         OPENSSL_free(co_list);  /* Not needed any longer */
 
-        tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack);
-        if (tmp_cipher_list == NULL)
+        /*
+         * The following passage is a little bit odd. If pointer variables
+         * were supplied to hold STACK_OF(SSL_CIPHER) return information,
+         * the old memory pointed to is free()ed. Then, however, the
+         * cipher_list entry will be assigned just a copy of the returned
+         * cipher stack. For cipher_list_by_id a copy of the cipher stack
+         * will be created. See next comment...
+         */
+        if (cipher_list != NULL)
+                {
+                if (*cipher_list != NULL)
+                        sk_SSL_CIPHER_free(*cipher_list);
+                *cipher_list = cipherstack;
+                }
+
+        if (cipher_list_by_id != NULL)
+                {
+                if (*cipher_list_by_id != NULL)
+                        sk_SSL_CIPHER_free(*cipher_list_by_id);
+                *cipher_list_by_id = sk_SSL_CIPHER_dup(cipherstack);
+                }
+
+        /*
+         * Now it is getting really strange. If something failed during
+         * the previous pointer assignment or if one of the pointers was
+         * not requested, the error condition is met. That might be
+         * discussable. The strange thing is however that in this case
+         * the memory "ret" pointed to is "free()ed" and hence the pointer
+         * cipher_list becomes wild. The memory reserved for
+         * cipher_list_by_id however is not "free()ed" and stays intact.
+         */
+        if (    (cipher_list_by_id == NULL) ||
+                (*cipher_list_by_id == NULL) ||
+                (cipher_list == NULL) ||
+                (*cipher_list == NULL))
                 {
                 sk_SSL_CIPHER_free(cipherstack);
-                return NULL;
+                return(NULL);
                 }
-        if (*cipher_list != NULL)
-                sk_SSL_CIPHER_free(*cipher_list);
-        *cipher_list = cipherstack;
-        if (*cipher_list_by_id != NULL)
-                sk_SSL_CIPHER_free(*cipher_list_by_id);
-        *cipher_list_by_id = tmp_cipher_list;
+
         sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp);
 
         return(cipherstack);
diff --git a/src/lib/libssl/src/ssl/ssl_err.c b/src/lib/libssl/src/ssl/ssl_err.c
index 4bcf591298..29b8ff4788 100644
--- a/src/lib/libssl/src/ssl/ssl_err.c
+++ b/src/lib/libssl/src/ssl/ssl_err.c
@@ -64,383 +64,384 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_SSL,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_SSL,0,reason)
-
 static ERR_STRING_DATA SSL_str_functs[]=
         {
-{ERR_FUNC(SSL_F_CLIENT_CERTIFICATE),    "CLIENT_CERTIFICATE"},
-{ERR_FUNC(SSL_F_CLIENT_FINISHED),       "CLIENT_FINISHED"},
-{ERR_FUNC(SSL_F_CLIENT_HELLO),  "CLIENT_HELLO"},
-{ERR_FUNC(SSL_F_CLIENT_MASTER_KEY),     "CLIENT_MASTER_KEY"},
-{ERR_FUNC(SSL_F_D2I_SSL_SESSION),       "d2i_SSL_SESSION"},
-{ERR_FUNC(SSL_F_DO_SSL3_WRITE), "DO_SSL3_WRITE"},
-{ERR_FUNC(SSL_F_GET_CLIENT_FINISHED),   "GET_CLIENT_FINISHED"},
-{ERR_FUNC(SSL_F_GET_CLIENT_HELLO),      "GET_CLIENT_HELLO"},
-{ERR_FUNC(SSL_F_GET_CLIENT_MASTER_KEY), "GET_CLIENT_MASTER_KEY"},
-{ERR_FUNC(SSL_F_GET_SERVER_FINISHED),   "GET_SERVER_FINISHED"},
-{ERR_FUNC(SSL_F_GET_SERVER_HELLO),      "GET_SERVER_HELLO"},
-{ERR_FUNC(SSL_F_GET_SERVER_VERIFY),     "GET_SERVER_VERIFY"},
-{ERR_FUNC(SSL_F_I2D_SSL_SESSION),       "i2d_SSL_SESSION"},
-{ERR_FUNC(SSL_F_READ_N),        "READ_N"},
-{ERR_FUNC(SSL_F_REQUEST_CERTIFICATE),   "REQUEST_CERTIFICATE"},
-{ERR_FUNC(SSL_F_SERVER_FINISH), "SERVER_FINISH"},
-{ERR_FUNC(SSL_F_SERVER_HELLO),  "SERVER_HELLO"},
-{ERR_FUNC(SSL_F_SERVER_VERIFY), "SERVER_VERIFY"},
-{ERR_FUNC(SSL_F_SSL23_ACCEPT),  "SSL23_ACCEPT"},
-{ERR_FUNC(SSL_F_SSL23_CLIENT_HELLO),    "SSL23_CLIENT_HELLO"},
-{ERR_FUNC(SSL_F_SSL23_CONNECT), "SSL23_CONNECT"},
-{ERR_FUNC(SSL_F_SSL23_GET_CLIENT_HELLO),        "SSL23_GET_CLIENT_HELLO"},
-{ERR_FUNC(SSL_F_SSL23_GET_SERVER_HELLO),        "SSL23_GET_SERVER_HELLO"},
-{ERR_FUNC(SSL_F_SSL23_PEEK),    "SSL23_PEEK"},
-{ERR_FUNC(SSL_F_SSL23_READ),    "SSL23_READ"},
-{ERR_FUNC(SSL_F_SSL23_WRITE),   "SSL23_WRITE"},
-{ERR_FUNC(SSL_F_SSL2_ACCEPT),   "SSL2_ACCEPT"},
-{ERR_FUNC(SSL_F_SSL2_CONNECT),  "SSL2_CONNECT"},
-{ERR_FUNC(SSL_F_SSL2_ENC_INIT), "SSL2_ENC_INIT"},
-{ERR_FUNC(SSL_F_SSL2_GENERATE_KEY_MATERIAL),    "SSL2_GENERATE_KEY_MATERIAL"},
-{ERR_FUNC(SSL_F_SSL2_PEEK),     "SSL2_PEEK"},
-{ERR_FUNC(SSL_F_SSL2_READ),     "SSL2_READ"},
-{ERR_FUNC(SSL_F_SSL2_READ_INTERNAL),    "SSL2_READ_INTERNAL"},
-{ERR_FUNC(SSL_F_SSL2_SET_CERTIFICATE),  "SSL2_SET_CERTIFICATE"},
-{ERR_FUNC(SSL_F_SSL2_WRITE),    "SSL2_WRITE"},
-{ERR_FUNC(SSL_F_SSL3_ACCEPT),   "SSL3_ACCEPT"},
-{ERR_FUNC(SSL_F_SSL3_CALLBACK_CTRL),    "SSL3_CALLBACK_CTRL"},
-{ERR_FUNC(SSL_F_SSL3_CHANGE_CIPHER_STATE),      "SSL3_CHANGE_CIPHER_STATE"},
-{ERR_FUNC(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM), "SSL3_CHECK_CERT_AND_ALGORITHM"},
-{ERR_FUNC(SSL_F_SSL3_CLIENT_HELLO),     "SSL3_CLIENT_HELLO"},
-{ERR_FUNC(SSL_F_SSL3_CONNECT),  "SSL3_CONNECT"},
-{ERR_FUNC(SSL_F_SSL3_CTRL),     "SSL3_CTRL"},
-{ERR_FUNC(SSL_F_SSL3_CTX_CTRL), "SSL3_CTX_CTRL"},
-{ERR_FUNC(SSL_F_SSL3_ENC),      "SSL3_ENC"},
-{ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK),       "SSL3_GENERATE_KEY_BLOCK"},
-{ERR_FUNC(SSL_F_SSL3_GET_CERTIFICATE_REQUEST),  "SSL3_GET_CERTIFICATE_REQUEST"},
-{ERR_FUNC(SSL_F_SSL3_GET_CERT_VERIFY),  "SSL3_GET_CERT_VERIFY"},
-{ERR_FUNC(SSL_F_SSL3_GET_CLIENT_CERTIFICATE),   "SSL3_GET_CLIENT_CERTIFICATE"},
-{ERR_FUNC(SSL_F_SSL3_GET_CLIENT_HELLO), "SSL3_GET_CLIENT_HELLO"},
-{ERR_FUNC(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE),  "SSL3_GET_CLIENT_KEY_EXCHANGE"},
-{ERR_FUNC(SSL_F_SSL3_GET_FINISHED),     "SSL3_GET_FINISHED"},
-{ERR_FUNC(SSL_F_SSL3_GET_KEY_EXCHANGE), "SSL3_GET_KEY_EXCHANGE"},
-{ERR_FUNC(SSL_F_SSL3_GET_MESSAGE),      "SSL3_GET_MESSAGE"},
-{ERR_FUNC(SSL_F_SSL3_GET_RECORD),       "SSL3_GET_RECORD"},
-{ERR_FUNC(SSL_F_SSL3_GET_SERVER_CERTIFICATE),   "SSL3_GET_SERVER_CERTIFICATE"},
-{ERR_FUNC(SSL_F_SSL3_GET_SERVER_DONE),  "SSL3_GET_SERVER_DONE"},
-{ERR_FUNC(SSL_F_SSL3_GET_SERVER_HELLO), "SSL3_GET_SERVER_HELLO"},
-{ERR_FUNC(SSL_F_SSL3_OUTPUT_CERT_CHAIN),        "SSL3_OUTPUT_CERT_CHAIN"},
-{ERR_FUNC(SSL_F_SSL3_PEEK),     "SSL3_PEEK"},
-{ERR_FUNC(SSL_F_SSL3_READ_BYTES),       "SSL3_READ_BYTES"},
-{ERR_FUNC(SSL_F_SSL3_READ_N),   "SSL3_READ_N"},
-{ERR_FUNC(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST), "SSL3_SEND_CERTIFICATE_REQUEST"},
-{ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE),  "SSL3_SEND_CLIENT_CERTIFICATE"},
-{ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE), "SSL3_SEND_CLIENT_KEY_EXCHANGE"},
-{ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_VERIFY),       "SSL3_SEND_CLIENT_VERIFY"},
-{ERR_FUNC(SSL_F_SSL3_SEND_SERVER_CERTIFICATE),  "SSL3_SEND_SERVER_CERTIFICATE"},
-{ERR_FUNC(SSL_F_SSL3_SEND_SERVER_HELLO),        "SSL3_SEND_SERVER_HELLO"},
-{ERR_FUNC(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE), "SSL3_SEND_SERVER_KEY_EXCHANGE"},
-{ERR_FUNC(SSL_F_SSL3_SETUP_BUFFERS),    "SSL3_SETUP_BUFFERS"},
-{ERR_FUNC(SSL_F_SSL3_SETUP_KEY_BLOCK),  "SSL3_SETUP_KEY_BLOCK"},
-{ERR_FUNC(SSL_F_SSL3_WRITE_BYTES),      "SSL3_WRITE_BYTES"},
-{ERR_FUNC(SSL_F_SSL3_WRITE_PENDING),    "SSL3_WRITE_PENDING"},
-{ERR_FUNC(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK),    "SSL_add_dir_cert_subjects_to_stack"},
-{ERR_FUNC(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK),   "SSL_add_file_cert_subjects_to_stack"},
-{ERR_FUNC(SSL_F_SSL_BAD_METHOD),        "SSL_BAD_METHOD"},
-{ERR_FUNC(SSL_F_SSL_BYTES_TO_CIPHER_LIST),      "SSL_BYTES_TO_CIPHER_LIST"},
-{ERR_FUNC(SSL_F_SSL_CERT_DUP),  "SSL_CERT_DUP"},
-{ERR_FUNC(SSL_F_SSL_CERT_INST), "SSL_CERT_INST"},
-{ERR_FUNC(SSL_F_SSL_CERT_INSTANTIATE),  "SSL_CERT_INSTANTIATE"},
-{ERR_FUNC(SSL_F_SSL_CERT_NEW),  "SSL_CERT_NEW"},
-{ERR_FUNC(SSL_F_SSL_CHECK_PRIVATE_KEY), "SSL_check_private_key"},
-{ERR_FUNC(SSL_F_SSL_CIPHER_PROCESS_RULESTR),    "SSL_CIPHER_PROCESS_RULESTR"},
-{ERR_FUNC(SSL_F_SSL_CIPHER_STRENGTH_SORT),      "SSL_CIPHER_STRENGTH_SORT"},
-{ERR_FUNC(SSL_F_SSL_CLEAR),     "SSL_clear"},
-{ERR_FUNC(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD),       "SSL_COMP_add_compression_method"},
-{ERR_FUNC(SSL_F_SSL_CREATE_CIPHER_LIST),        "SSL_CREATE_CIPHER_LIST"},
-{ERR_FUNC(SSL_F_SSL_CTRL),      "SSL_ctrl"},
-{ERR_FUNC(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY),     "SSL_CTX_check_private_key"},
-{ERR_FUNC(SSL_F_SSL_CTX_NEW),   "SSL_CTX_new"},
-{ERR_FUNC(SSL_F_SSL_CTX_SET_CIPHER_LIST),       "SSL_CTX_set_cipher_list"},
-{ERR_FUNC(SSL_F_SSL_CTX_SET_PURPOSE),   "SSL_CTX_set_purpose"},
-{ERR_FUNC(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT),        "SSL_CTX_set_session_id_context"},
-{ERR_FUNC(SSL_F_SSL_CTX_SET_SSL_VERSION),       "SSL_CTX_set_ssl_version"},
-{ERR_FUNC(SSL_F_SSL_CTX_SET_TRUST),     "SSL_CTX_set_trust"},
-{ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE),       "SSL_CTX_use_certificate"},
-{ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1),  "SSL_CTX_use_certificate_ASN1"},
-{ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE),    "SSL_CTX_use_certificate_chain_file"},
-{ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE),  "SSL_CTX_use_certificate_file"},
-{ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY),        "SSL_CTX_use_PrivateKey"},
-{ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1),   "SSL_CTX_use_PrivateKey_ASN1"},
-{ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE),   "SSL_CTX_use_PrivateKey_file"},
-{ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY),     "SSL_CTX_use_RSAPrivateKey"},
-{ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1),        "SSL_CTX_use_RSAPrivateKey_ASN1"},
-{ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE),        "SSL_CTX_use_RSAPrivateKey_file"},
-{ERR_FUNC(SSL_F_SSL_DO_HANDSHAKE),      "SSL_do_handshake"},
-{ERR_FUNC(SSL_F_SSL_GET_NEW_SESSION),   "SSL_GET_NEW_SESSION"},
-{ERR_FUNC(SSL_F_SSL_GET_PREV_SESSION),  "SSL_GET_PREV_SESSION"},
-{ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_CERT),      "SSL_GET_SERVER_SEND_CERT"},
-{ERR_FUNC(SSL_F_SSL_GET_SIGN_PKEY),     "SSL_GET_SIGN_PKEY"},
-{ERR_FUNC(SSL_F_SSL_INIT_WBIO_BUFFER),  "SSL_INIT_WBIO_BUFFER"},
-{ERR_FUNC(SSL_F_SSL_LOAD_CLIENT_CA_FILE),       "SSL_load_client_CA_file"},
-{ERR_FUNC(SSL_F_SSL_NEW),       "SSL_new"},
-{ERR_FUNC(SSL_F_SSL_READ),      "SSL_read"},
-{ERR_FUNC(SSL_F_SSL_RSA_PRIVATE_DECRYPT),       "SSL_RSA_PRIVATE_DECRYPT"},
-{ERR_FUNC(SSL_F_SSL_RSA_PUBLIC_ENCRYPT),        "SSL_RSA_PUBLIC_ENCRYPT"},
-{ERR_FUNC(SSL_F_SSL_SESSION_NEW),       "SSL_SESSION_new"},
-{ERR_FUNC(SSL_F_SSL_SESSION_PRINT_FP),  "SSL_SESSION_print_fp"},
-{ERR_FUNC(SSL_F_SSL_SESS_CERT_NEW),     "SSL_SESS_CERT_NEW"},
-{ERR_FUNC(SSL_F_SSL_SET_CERT),  "SSL_SET_CERT"},
-{ERR_FUNC(SSL_F_SSL_SET_CIPHER_LIST),   "SSL_set_cipher_list"},
-{ERR_FUNC(SSL_F_SSL_SET_FD),    "SSL_set_fd"},
-{ERR_FUNC(SSL_F_SSL_SET_PKEY),  "SSL_SET_PKEY"},
-{ERR_FUNC(SSL_F_SSL_SET_PURPOSE),       "SSL_set_purpose"},
-{ERR_FUNC(SSL_F_SSL_SET_RFD),   "SSL_set_rfd"},
-{ERR_FUNC(SSL_F_SSL_SET_SESSION),       "SSL_set_session"},
-{ERR_FUNC(SSL_F_SSL_SET_SESSION_ID_CONTEXT),    "SSL_set_session_id_context"},
-{ERR_FUNC(SSL_F_SSL_SET_TRUST), "SSL_set_trust"},
-{ERR_FUNC(SSL_F_SSL_SET_WFD),   "SSL_set_wfd"},
-{ERR_FUNC(SSL_F_SSL_SHUTDOWN),  "SSL_shutdown"},
-{ERR_FUNC(SSL_F_SSL_UNDEFINED_CONST_FUNCTION),  "SSL_UNDEFINED_CONST_FUNCTION"},
-{ERR_FUNC(SSL_F_SSL_UNDEFINED_FUNCTION),        "SSL_UNDEFINED_FUNCTION"},
-{ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE),   "SSL_use_certificate"},
-{ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_ASN1),      "SSL_use_certificate_ASN1"},
-{ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_FILE),      "SSL_use_certificate_file"},
-{ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY),    "SSL_use_PrivateKey"},
-{ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_ASN1),       "SSL_use_PrivateKey_ASN1"},
-{ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_FILE),       "SSL_use_PrivateKey_file"},
-{ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY), "SSL_use_RSAPrivateKey"},
-{ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1),    "SSL_use_RSAPrivateKey_ASN1"},
-{ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE),    "SSL_use_RSAPrivateKey_file"},
-{ERR_FUNC(SSL_F_SSL_VERIFY_CERT_CHAIN), "SSL_VERIFY_CERT_CHAIN"},
-{ERR_FUNC(SSL_F_SSL_WRITE),     "SSL_write"},
-{ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE),      "TLS1_CHANGE_CIPHER_STATE"},
-{ERR_FUNC(SSL_F_TLS1_ENC),      "TLS1_ENC"},
-{ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK),  "TLS1_SETUP_KEY_BLOCK"},
-{ERR_FUNC(SSL_F_WRITE_PENDING), "WRITE_PENDING"},
+{ERR_PACK(0,SSL_F_CLIENT_CERTIFICATE,0),        "CLIENT_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_CLIENT_FINISHED,0),   "CLIENT_FINISHED"},
+{ERR_PACK(0,SSL_F_CLIENT_HELLO,0),      "CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_CLIENT_MASTER_KEY,0), "CLIENT_MASTER_KEY"},
+{ERR_PACK(0,SSL_F_D2I_SSL_SESSION,0),   "d2i_SSL_SESSION"},
+{ERR_PACK(0,SSL_F_DO_SSL3_WRITE,0),     "DO_SSL3_WRITE"},
+{ERR_PACK(0,SSL_F_GET_CLIENT_FINISHED,0),       "GET_CLIENT_FINISHED"},
+{ERR_PACK(0,SSL_F_GET_CLIENT_HELLO,0),  "GET_CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_GET_CLIENT_MASTER_KEY,0),     "GET_CLIENT_MASTER_KEY"},
+{ERR_PACK(0,SSL_F_GET_SERVER_FINISHED,0),       "GET_SERVER_FINISHED"},
+{ERR_PACK(0,SSL_F_GET_SERVER_HELLO,0),  "GET_SERVER_HELLO"},
+{ERR_PACK(0,SSL_F_GET_SERVER_VERIFY,0), "GET_SERVER_VERIFY"},
+{ERR_PACK(0,SSL_F_I2D_SSL_SESSION,0),   "i2d_SSL_SESSION"},
+{ERR_PACK(0,SSL_F_READ_N,0),    "READ_N"},
+{ERR_PACK(0,SSL_F_REQUEST_CERTIFICATE,0),       "REQUEST_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SERVER_FINISH,0),     "SERVER_FINISH"},
+{ERR_PACK(0,SSL_F_SERVER_HELLO,0),      "SERVER_HELLO"},
+{ERR_PACK(0,SSL_F_SERVER_VERIFY,0),     "SERVER_VERIFY"},
+{ERR_PACK(0,SSL_F_SSL23_ACCEPT,0),      "SSL23_ACCEPT"},
+{ERR_PACK(0,SSL_F_SSL23_CLIENT_HELLO,0),        "SSL23_CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_SSL23_CONNECT,0),     "SSL23_CONNECT"},
+{ERR_PACK(0,SSL_F_SSL23_GET_CLIENT_HELLO,0),    "SSL23_GET_CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_SSL23_GET_SERVER_HELLO,0),    "SSL23_GET_SERVER_HELLO"},
+{ERR_PACK(0,SSL_F_SSL23_PEEK,0),        "SSL23_PEEK"},
+{ERR_PACK(0,SSL_F_SSL23_READ,0),        "SSL23_READ"},
+{ERR_PACK(0,SSL_F_SSL23_WRITE,0),       "SSL23_WRITE"},
+{ERR_PACK(0,SSL_F_SSL2_ACCEPT,0),       "SSL2_ACCEPT"},
+{ERR_PACK(0,SSL_F_SSL2_CONNECT,0),      "SSL2_CONNECT"},
+{ERR_PACK(0,SSL_F_SSL2_ENC_INIT,0),     "SSL2_ENC_INIT"},
+{ERR_PACK(0,SSL_F_SSL2_GENERATE_KEY_MATERIAL,0),        "SSL2_GENERATE_KEY_MATERIAL"},
+{ERR_PACK(0,SSL_F_SSL2_PEEK,0), "SSL2_PEEK"},
+{ERR_PACK(0,SSL_F_SSL2_READ,0), "SSL2_READ"},
+{ERR_PACK(0,SSL_F_SSL2_READ_INTERNAL,0),        "SSL2_READ_INTERNAL"},
+{ERR_PACK(0,SSL_F_SSL2_SET_CERTIFICATE,0),      "SSL2_SET_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SSL2_WRITE,0),        "SSL2_WRITE"},
+{ERR_PACK(0,SSL_F_SSL3_ACCEPT,0),       "SSL3_ACCEPT"},
+{ERR_PACK(0,SSL_F_SSL3_CALLBACK_CTRL,0),        "SSL3_CALLBACK_CTRL"},
+{ERR_PACK(0,SSL_F_SSL3_CHANGE_CIPHER_STATE,0),  "SSL3_CHANGE_CIPHER_STATE"},
+{ERR_PACK(0,SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,0),     "SSL3_CHECK_CERT_AND_ALGORITHM"},
+{ERR_PACK(0,SSL_F_SSL3_CLIENT_HELLO,0), "SSL3_CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_SSL3_CONNECT,0),      "SSL3_CONNECT"},
+{ERR_PACK(0,SSL_F_SSL3_CTRL,0), "SSL3_CTRL"},
+{ERR_PACK(0,SSL_F_SSL3_CTX_CTRL,0),     "SSL3_CTX_CTRL"},
+{ERR_PACK(0,SSL_F_SSL3_ENC,0),  "SSL3_ENC"},
+{ERR_PACK(0,SSL_F_SSL3_GENERATE_KEY_BLOCK,0),   "SSL3_GENERATE_KEY_BLOCK"},
+{ERR_PACK(0,SSL_F_SSL3_GET_CERTIFICATE_REQUEST,0),      "SSL3_GET_CERTIFICATE_REQUEST"},
+{ERR_PACK(0,SSL_F_SSL3_GET_CERT_VERIFY,0),      "SSL3_GET_CERT_VERIFY"},
+{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_CERTIFICATE,0),       "SSL3_GET_CLIENT_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_HELLO,0),     "SSL3_GET_CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,0),      "SSL3_GET_CLIENT_KEY_EXCHANGE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_FINISHED,0), "SSL3_GET_FINISHED"},
+{ERR_PACK(0,SSL_F_SSL3_GET_KEY_EXCHANGE,0),     "SSL3_GET_KEY_EXCHANGE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_MESSAGE,0),  "SSL3_GET_MESSAGE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_RECORD,0),   "SSL3_GET_RECORD"},
+{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_CERTIFICATE,0),       "SSL3_GET_SERVER_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_DONE,0),      "SSL3_GET_SERVER_DONE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_HELLO,0),     "SSL3_GET_SERVER_HELLO"},
+{ERR_PACK(0,SSL_F_SSL3_OUTPUT_CERT_CHAIN,0),    "SSL3_OUTPUT_CERT_CHAIN"},
+{ERR_PACK(0,SSL_F_SSL3_PEEK,0), "SSL3_PEEK"},
+{ERR_PACK(0,SSL_F_SSL3_READ_BYTES,0),   "SSL3_READ_BYTES"},
+{ERR_PACK(0,SSL_F_SSL3_READ_N,0),       "SSL3_READ_N"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,0),     "SSL3_SEND_CERTIFICATE_REQUEST"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,0),      "SSL3_SEND_CLIENT_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,0),     "SSL3_SEND_CLIENT_KEY_EXCHANGE"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_VERIFY,0),   "SSL3_SEND_CLIENT_VERIFY"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_CERTIFICATE,0),      "SSL3_SEND_SERVER_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_HELLO,0),    "SSL3_SEND_SERVER_HELLO"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,0),     "SSL3_SEND_SERVER_KEY_EXCHANGE"},
+{ERR_PACK(0,SSL_F_SSL3_SETUP_BUFFERS,0),        "SSL3_SETUP_BUFFERS"},
+{ERR_PACK(0,SSL_F_SSL3_SETUP_KEY_BLOCK,0),      "SSL3_SETUP_KEY_BLOCK"},
+{ERR_PACK(0,SSL_F_SSL3_WRITE_BYTES,0),  "SSL3_WRITE_BYTES"},
+{ERR_PACK(0,SSL_F_SSL3_WRITE_PENDING,0),        "SSL3_WRITE_PENDING"},
+{ERR_PACK(0,SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,0),        "SSL_add_dir_cert_subjects_to_stack"},
+{ERR_PACK(0,SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,0),       "SSL_add_file_cert_subjects_to_stack"},
+{ERR_PACK(0,SSL_F_SSL_BAD_METHOD,0),    "SSL_BAD_METHOD"},
+{ERR_PACK(0,SSL_F_SSL_BYTES_TO_CIPHER_LIST,0),  "SSL_BYTES_TO_CIPHER_LIST"},
+{ERR_PACK(0,SSL_F_SSL_CERT_DUP,0),      "SSL_CERT_DUP"},
+{ERR_PACK(0,SSL_F_SSL_CERT_INST,0),     "SSL_CERT_INST"},
+{ERR_PACK(0,SSL_F_SSL_CERT_INSTANTIATE,0),      "SSL_CERT_INSTANTIATE"},
+{ERR_PACK(0,SSL_F_SSL_CERT_NEW,0),      "SSL_CERT_NEW"},
+{ERR_PACK(0,SSL_F_SSL_CHECK_PRIVATE_KEY,0),     "SSL_check_private_key"},
+{ERR_PACK(0,SSL_F_SSL_CIPHER_PROCESS_RULESTR,0),        "SSL_CIPHER_PROCESS_RULESTR"},
+{ERR_PACK(0,SSL_F_SSL_CIPHER_STRENGTH_SORT,0),  "SSL_CIPHER_STRENGTH_SORT"},
+{ERR_PACK(0,SSL_F_SSL_CLEAR,0), "SSL_clear"},
+{ERR_PACK(0,SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,0),   "SSL_COMP_add_compression_method"},
+{ERR_PACK(0,SSL_F_SSL_CREATE_CIPHER_LIST,0),    "SSL_CREATE_CIPHER_LIST"},
+{ERR_PACK(0,SSL_F_SSL_CTRL,0),  "SSL_ctrl"},
+{ERR_PACK(0,SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,0), "SSL_CTX_check_private_key"},
+{ERR_PACK(0,SSL_F_SSL_CTX_NEW,0),       "SSL_CTX_new"},
+{ERR_PACK(0,SSL_F_SSL_CTX_SET_PURPOSE,0),       "SSL_CTX_set_purpose"},
+{ERR_PACK(0,SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,0),    "SSL_CTX_set_session_id_context"},
+{ERR_PACK(0,SSL_F_SSL_CTX_SET_SSL_VERSION,0),   "SSL_CTX_set_ssl_version"},
+{ERR_PACK(0,SSL_F_SSL_CTX_SET_TRUST,0), "SSL_CTX_set_trust"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE,0),   "SSL_CTX_use_certificate"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,0),      "SSL_CTX_use_certificate_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,0),        "SSL_CTX_use_certificate_chain_file"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,0),      "SSL_CTX_use_certificate_file"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY,0),    "SSL_CTX_use_PrivateKey"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,0),       "SSL_CTX_use_PrivateKey_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,0),       "SSL_CTX_use_PrivateKey_file"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,0), "SSL_CTX_use_RSAPrivateKey"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,0),    "SSL_CTX_use_RSAPrivateKey_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,0),    "SSL_CTX_use_RSAPrivateKey_file"},
+{ERR_PACK(0,SSL_F_SSL_DO_HANDSHAKE,0),  "SSL_do_handshake"},
+{ERR_PACK(0,SSL_F_SSL_GET_NEW_SESSION,0),       "SSL_GET_NEW_SESSION"},
+{ERR_PACK(0,SSL_F_SSL_GET_PREV_SESSION,0),      "SSL_GET_PREV_SESSION"},
+{ERR_PACK(0,SSL_F_SSL_GET_SERVER_SEND_CERT,0),  "SSL_GET_SERVER_SEND_CERT"},
+{ERR_PACK(0,SSL_F_SSL_GET_SIGN_PKEY,0), "SSL_GET_SIGN_PKEY"},
+{ERR_PACK(0,SSL_F_SSL_INIT_WBIO_BUFFER,0),      "SSL_INIT_WBIO_BUFFER"},
+{ERR_PACK(0,SSL_F_SSL_LOAD_CLIENT_CA_FILE,0),   "SSL_load_client_CA_file"},
+{ERR_PACK(0,SSL_F_SSL_NEW,0),   "SSL_new"},
+{ERR_PACK(0,SSL_F_SSL_READ,0),  "SSL_read"},
+{ERR_PACK(0,SSL_F_SSL_RSA_PRIVATE_DECRYPT,0),   "SSL_RSA_PRIVATE_DECRYPT"},
+{ERR_PACK(0,SSL_F_SSL_RSA_PUBLIC_ENCRYPT,0),    "SSL_RSA_PUBLIC_ENCRYPT"},
+{ERR_PACK(0,SSL_F_SSL_SESSION_NEW,0),   "SSL_SESSION_new"},
+{ERR_PACK(0,SSL_F_SSL_SESSION_PRINT_FP,0),      "SSL_SESSION_print_fp"},
+{ERR_PACK(0,SSL_F_SSL_SESS_CERT_NEW,0), "SSL_SESS_CERT_NEW"},
+{ERR_PACK(0,SSL_F_SSL_SET_CERT,0),      "SSL_SET_CERT"},
+{ERR_PACK(0,SSL_F_SSL_SET_FD,0),        "SSL_set_fd"},
+{ERR_PACK(0,SSL_F_SSL_SET_PKEY,0),      "SSL_SET_PKEY"},
+{ERR_PACK(0,SSL_F_SSL_SET_PURPOSE,0),   "SSL_set_purpose"},
+{ERR_PACK(0,SSL_F_SSL_SET_RFD,0),       "SSL_set_rfd"},
+{ERR_PACK(0,SSL_F_SSL_SET_SESSION,0),   "SSL_set_session"},
+{ERR_PACK(0,SSL_F_SSL_SET_SESSION_ID_CONTEXT,0),        "SSL_set_session_id_context"},
+{ERR_PACK(0,SSL_F_SSL_SET_TRUST,0),     "SSL_set_trust"},
+{ERR_PACK(0,SSL_F_SSL_SET_WFD,0),       "SSL_set_wfd"},
+{ERR_PACK(0,SSL_F_SSL_SHUTDOWN,0),      "SSL_shutdown"},
+{ERR_PACK(0,SSL_F_SSL_UNDEFINED_CONST_FUNCTION,0),      "SSL_UNDEFINED_CONST_FUNCTION"},
+{ERR_PACK(0,SSL_F_SSL_UNDEFINED_FUNCTION,0),    "SSL_UNDEFINED_FUNCTION"},
+{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE,0),       "SSL_use_certificate"},
+{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_ASN1,0),  "SSL_use_certificate_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_FILE,0),  "SSL_use_certificate_file"},
+{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY,0),        "SSL_use_PrivateKey"},
+{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_ASN1,0),   "SSL_use_PrivateKey_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_FILE,0),   "SSL_use_PrivateKey_file"},
+{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY,0),     "SSL_use_RSAPrivateKey"},
+{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,0),        "SSL_use_RSAPrivateKey_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,0),        "SSL_use_RSAPrivateKey_file"},
+{ERR_PACK(0,SSL_F_SSL_VERIFY_CERT_CHAIN,0),     "SSL_VERIFY_CERT_CHAIN"},
+{ERR_PACK(0,SSL_F_SSL_WRITE,0), "SSL_write"},
+{ERR_PACK(0,SSL_F_TLS1_CHANGE_CIPHER_STATE,0),  "TLS1_CHANGE_CIPHER_STATE"},
+{ERR_PACK(0,SSL_F_TLS1_ENC,0),  "TLS1_ENC"},
+{ERR_PACK(0,SSL_F_TLS1_SETUP_KEY_BLOCK,0),      "TLS1_SETUP_KEY_BLOCK"},
+{ERR_PACK(0,SSL_F_WRITE_PENDING,0),     "WRITE_PENDING"},
 {0,NULL}
         };
 
 static ERR_STRING_DATA SSL_str_reasons[]=
         {
-{ERR_REASON(SSL_R_APP_DATA_IN_HANDSHAKE) ,"app data in handshake"},
-{ERR_REASON(SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT),"attempt to reuse session in different context"},
-{ERR_REASON(SSL_R_BAD_ALERT_RECORD)      ,"bad alert record"},
-{ERR_REASON(SSL_R_BAD_AUTHENTICATION_TYPE),"bad authentication type"},
-{ERR_REASON(SSL_R_BAD_CHANGE_CIPHER_SPEC),"bad change cipher spec"},
-{ERR_REASON(SSL_R_BAD_CHECKSUM)          ,"bad checksum"},
-{ERR_REASON(SSL_R_BAD_DATA_RETURNED_BY_CALLBACK),"bad data returned by callback"},
-{ERR_REASON(SSL_R_BAD_DECOMPRESSION)     ,"bad decompression"},
-{ERR_REASON(SSL_R_BAD_DH_G_LENGTH)       ,"bad dh g length"},
-{ERR_REASON(SSL_R_BAD_DH_PUB_KEY_LENGTH) ,"bad dh pub key length"},
-{ERR_REASON(SSL_R_BAD_DH_P_LENGTH)       ,"bad dh p length"},
-{ERR_REASON(SSL_R_BAD_DIGEST_LENGTH)     ,"bad digest length"},
-{ERR_REASON(SSL_R_BAD_DSA_SIGNATURE)     ,"bad dsa signature"},
-{ERR_REASON(SSL_R_BAD_HELLO_REQUEST)     ,"bad hello request"},
-{ERR_REASON(SSL_R_BAD_LENGTH)            ,"bad length"},
-{ERR_REASON(SSL_R_BAD_MAC_DECODE)        ,"bad mac decode"},
-{ERR_REASON(SSL_R_BAD_MESSAGE_TYPE)      ,"bad message type"},
-{ERR_REASON(SSL_R_BAD_PACKET_LENGTH)     ,"bad packet length"},
-{ERR_REASON(SSL_R_BAD_PROTOCOL_VERSION_NUMBER),"bad protocol version number"},
-{ERR_REASON(SSL_R_BAD_RESPONSE_ARGUMENT) ,"bad response argument"},
-{ERR_REASON(SSL_R_BAD_RSA_DECRYPT)       ,"bad rsa decrypt"},
-{ERR_REASON(SSL_R_BAD_RSA_ENCRYPT)       ,"bad rsa encrypt"},
-{ERR_REASON(SSL_R_BAD_RSA_E_LENGTH)      ,"bad rsa e length"},
-{ERR_REASON(SSL_R_BAD_RSA_MODULUS_LENGTH),"bad rsa modulus length"},
-{ERR_REASON(SSL_R_BAD_RSA_SIGNATURE)     ,"bad rsa signature"},
-{ERR_REASON(SSL_R_BAD_SIGNATURE)         ,"bad signature"},
-{ERR_REASON(SSL_R_BAD_SSL_FILETYPE)      ,"bad ssl filetype"},
-{ERR_REASON(SSL_R_BAD_SSL_SESSION_ID_LENGTH),"bad ssl session id length"},
-{ERR_REASON(SSL_R_BAD_STATE)             ,"bad state"},
-{ERR_REASON(SSL_R_BAD_WRITE_RETRY)       ,"bad write retry"},
-{ERR_REASON(SSL_R_BIO_NOT_SET)           ,"bio not set"},
-{ERR_REASON(SSL_R_BLOCK_CIPHER_PAD_IS_WRONG),"block cipher pad is wrong"},
-{ERR_REASON(SSL_R_BN_LIB)                ,"bn lib"},
-{ERR_REASON(SSL_R_CA_DN_LENGTH_MISMATCH) ,"ca dn length mismatch"},
-{ERR_REASON(SSL_R_CA_DN_TOO_LONG)        ,"ca dn too long"},
-{ERR_REASON(SSL_R_CCS_RECEIVED_EARLY)    ,"ccs received early"},
-{ERR_REASON(SSL_R_CERTIFICATE_VERIFY_FAILED),"certificate verify failed"},
-{ERR_REASON(SSL_R_CERT_LENGTH_MISMATCH)  ,"cert length mismatch"},
-{ERR_REASON(SSL_R_CHALLENGE_IS_DIFFERENT),"challenge is different"},
-{ERR_REASON(SSL_R_CIPHER_CODE_WRONG_LENGTH),"cipher code wrong length"},
-{ERR_REASON(SSL_R_CIPHER_OR_HASH_UNAVAILABLE),"cipher or hash unavailable"},
-{ERR_REASON(SSL_R_CIPHER_TABLE_SRC_ERROR),"cipher table src error"},
-{ERR_REASON(SSL_R_COMPRESSED_LENGTH_TOO_LONG),"compressed length too long"},
-{ERR_REASON(SSL_R_COMPRESSION_FAILURE)   ,"compression failure"},
-{ERR_REASON(SSL_R_COMPRESSION_LIBRARY_ERROR),"compression library error"},
-{ERR_REASON(SSL_R_CONNECTION_ID_IS_DIFFERENT),"connection id is different"},
-{ERR_REASON(SSL_R_CONNECTION_TYPE_NOT_SET),"connection type not set"},
-{ERR_REASON(SSL_R_DATA_BETWEEN_CCS_AND_FINISHED),"data between ccs and finished"},
-{ERR_REASON(SSL_R_DATA_LENGTH_TOO_LONG)  ,"data length too long"},
-{ERR_REASON(SSL_R_DECRYPTION_FAILED)     ,"decryption failed"},
-{ERR_REASON(SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC),"decryption failed or bad record mac"},
-{ERR_REASON(SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG),"dh public value length is wrong"},
-{ERR_REASON(SSL_R_DIGEST_CHECK_FAILED)   ,"digest check failed"},
-{ERR_REASON(SSL_R_ENCRYPTED_LENGTH_TOO_LONG),"encrypted length too long"},
-{ERR_REASON(SSL_R_ERROR_GENERATING_TMP_RSA_KEY),"error generating tmp rsa key"},
-{ERR_REASON(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST),"error in received cipher list"},
-{ERR_REASON(SSL_R_EXCESSIVE_MESSAGE_SIZE),"excessive message size"},
-{ERR_REASON(SSL_R_EXTRA_DATA_IN_MESSAGE) ,"extra data in message"},
-{ERR_REASON(SSL_R_GOT_A_FIN_BEFORE_A_CCS),"got a fin before a ccs"},
-{ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST)   ,"https proxy request"},
-{ERR_REASON(SSL_R_HTTP_REQUEST)          ,"http request"},
-{ERR_REASON(SSL_R_ILLEGAL_PADDING)       ,"illegal padding"},
-{ERR_REASON(SSL_R_INVALID_CHALLENGE_LENGTH),"invalid challenge length"},
-{ERR_REASON(SSL_R_INVALID_COMMAND)       ,"invalid command"},
-{ERR_REASON(SSL_R_INVALID_PURPOSE)       ,"invalid purpose"},
-{ERR_REASON(SSL_R_INVALID_TRUST)         ,"invalid trust"},
-{ERR_REASON(SSL_R_KEY_ARG_TOO_LONG)      ,"key arg too long"},
-{ERR_REASON(SSL_R_KRB5)                  ,"krb5"},
-{ERR_REASON(SSL_R_KRB5_C_CC_PRINC)       ,"krb5 client cc principal (no tkt?)"},
-{ERR_REASON(SSL_R_KRB5_C_GET_CRED)       ,"krb5 client get cred"},
-{ERR_REASON(SSL_R_KRB5_C_INIT)           ,"krb5 client init"},
-{ERR_REASON(SSL_R_KRB5_C_MK_REQ)         ,"krb5 client mk_req (expired tkt?)"},
-{ERR_REASON(SSL_R_KRB5_S_BAD_TICKET)     ,"krb5 server bad ticket"},
-{ERR_REASON(SSL_R_KRB5_S_INIT)           ,"krb5 server init"},
-{ERR_REASON(SSL_R_KRB5_S_RD_REQ)         ,"krb5 server rd_req (keytab perms?)"},
-{ERR_REASON(SSL_R_KRB5_S_TKT_EXPIRED)    ,"krb5 server tkt expired"},
-{ERR_REASON(SSL_R_KRB5_S_TKT_NYV)        ,"krb5 server tkt not yet valid"},
-{ERR_REASON(SSL_R_KRB5_S_TKT_SKEW)       ,"krb5 server tkt skew"},
-{ERR_REASON(SSL_R_LENGTH_MISMATCH)       ,"length mismatch"},
-{ERR_REASON(SSL_R_LENGTH_TOO_SHORT)      ,"length too short"},
-{ERR_REASON(SSL_R_LIBRARY_BUG)           ,"library bug"},
-{ERR_REASON(SSL_R_LIBRARY_HAS_NO_CIPHERS),"library has no ciphers"},
-{ERR_REASON(SSL_R_MESSAGE_TOO_LONG)      ,"message too long"},
-{ERR_REASON(SSL_R_MISSING_DH_DSA_CERT)   ,"missing dh dsa cert"},
-{ERR_REASON(SSL_R_MISSING_DH_KEY)        ,"missing dh key"},
-{ERR_REASON(SSL_R_MISSING_DH_RSA_CERT)   ,"missing dh rsa cert"},
-{ERR_REASON(SSL_R_MISSING_DSA_SIGNING_CERT),"missing dsa signing cert"},
-{ERR_REASON(SSL_R_MISSING_EXPORT_TMP_DH_KEY),"missing export tmp dh key"},
-{ERR_REASON(SSL_R_MISSING_EXPORT_TMP_RSA_KEY),"missing export tmp rsa key"},
-{ERR_REASON(SSL_R_MISSING_RSA_CERTIFICATE),"missing rsa certificate"},
-{ERR_REASON(SSL_R_MISSING_RSA_ENCRYPTING_CERT),"missing rsa encrypting cert"},
-{ERR_REASON(SSL_R_MISSING_RSA_SIGNING_CERT),"missing rsa signing cert"},
-{ERR_REASON(SSL_R_MISSING_TMP_DH_KEY)    ,"missing tmp dh key"},
-{ERR_REASON(SSL_R_MISSING_TMP_RSA_KEY)   ,"missing tmp rsa key"},
-{ERR_REASON(SSL_R_MISSING_TMP_RSA_PKEY)  ,"missing tmp rsa pkey"},
-{ERR_REASON(SSL_R_MISSING_VERIFY_MESSAGE),"missing verify message"},
-{ERR_REASON(SSL_R_NON_SSLV2_INITIAL_PACKET),"non sslv2 initial packet"},
-{ERR_REASON(SSL_R_NO_CERTIFICATES_RETURNED),"no certificates returned"},
-{ERR_REASON(SSL_R_NO_CERTIFICATE_ASSIGNED),"no certificate assigned"},
-{ERR_REASON(SSL_R_NO_CERTIFICATE_RETURNED),"no certificate returned"},
-{ERR_REASON(SSL_R_NO_CERTIFICATE_SET)    ,"no certificate set"},
-{ERR_REASON(SSL_R_NO_CERTIFICATE_SPECIFIED),"no certificate specified"},
-{ERR_REASON(SSL_R_NO_CIPHERS_AVAILABLE)  ,"no ciphers available"},
-{ERR_REASON(SSL_R_NO_CIPHERS_PASSED)     ,"no ciphers passed"},
-{ERR_REASON(SSL_R_NO_CIPHERS_SPECIFIED)  ,"no ciphers specified"},
-{ERR_REASON(SSL_R_NO_CIPHER_LIST)        ,"no cipher list"},
-{ERR_REASON(SSL_R_NO_CIPHER_MATCH)       ,"no cipher match"},
-{ERR_REASON(SSL_R_NO_CLIENT_CERT_RECEIVED),"no client cert received"},
-{ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED),"no compression specified"},
-{ERR_REASON(SSL_R_NO_METHOD_SPECIFIED)   ,"no method specified"},
-{ERR_REASON(SSL_R_NO_PRIVATEKEY)         ,"no privatekey"},
-{ERR_REASON(SSL_R_NO_PRIVATE_KEY_ASSIGNED),"no private key assigned"},
-{ERR_REASON(SSL_R_NO_PROTOCOLS_AVAILABLE),"no protocols available"},
-{ERR_REASON(SSL_R_NO_PUBLICKEY)          ,"no publickey"},
-{ERR_REASON(SSL_R_NO_SHARED_CIPHER)      ,"no shared cipher"},
-{ERR_REASON(SSL_R_NO_VERIFY_CALLBACK)    ,"no verify callback"},
-{ERR_REASON(SSL_R_NULL_SSL_CTX)          ,"null ssl ctx"},
-{ERR_REASON(SSL_R_NULL_SSL_METHOD_PASSED),"null ssl method passed"},
-{ERR_REASON(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED),"old session cipher not returned"},
-{ERR_REASON(SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE),"only tls allowed in fips mode"},
-{ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG),"packet length too long"},
-{ERR_REASON(SSL_R_PATH_TOO_LONG)         ,"path too long"},
-{ERR_REASON(SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE),"peer did not return a certificate"},
-{ERR_REASON(SSL_R_PEER_ERROR)            ,"peer error"},
-{ERR_REASON(SSL_R_PEER_ERROR_CERTIFICATE),"peer error certificate"},
-{ERR_REASON(SSL_R_PEER_ERROR_NO_CERTIFICATE),"peer error no certificate"},
-{ERR_REASON(SSL_R_PEER_ERROR_NO_CIPHER)  ,"peer error no cipher"},
-{ERR_REASON(SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE),"peer error unsupported certificate type"},
-{ERR_REASON(SSL_R_PRE_MAC_LENGTH_TOO_LONG),"pre mac length too long"},
-{ERR_REASON(SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS),"problems mapping cipher functions"},
-{ERR_REASON(SSL_R_PROTOCOL_IS_SHUTDOWN)  ,"protocol is shutdown"},
-{ERR_REASON(SSL_R_PUBLIC_KEY_ENCRYPT_ERROR),"public key encrypt error"},
-{ERR_REASON(SSL_R_PUBLIC_KEY_IS_NOT_RSA) ,"public key is not rsa"},
-{ERR_REASON(SSL_R_PUBLIC_KEY_NOT_RSA)    ,"public key not rsa"},
-{ERR_REASON(SSL_R_READ_BIO_NOT_SET)      ,"read bio not set"},
-{ERR_REASON(SSL_R_READ_WRONG_PACKET_TYPE),"read wrong packet type"},
-{ERR_REASON(SSL_R_RECORD_LENGTH_MISMATCH),"record length mismatch"},
-{ERR_REASON(SSL_R_RECORD_TOO_LARGE)      ,"record too large"},
-{ERR_REASON(SSL_R_RECORD_TOO_SMALL)      ,"record too small"},
-{ERR_REASON(SSL_R_REQUIRED_CIPHER_MISSING),"required cipher missing"},
-{ERR_REASON(SSL_R_REUSE_CERT_LENGTH_NOT_ZERO),"reuse cert length not zero"},
-{ERR_REASON(SSL_R_REUSE_CERT_TYPE_NOT_ZERO),"reuse cert type not zero"},
-{ERR_REASON(SSL_R_REUSE_CIPHER_LIST_NOT_ZERO),"reuse cipher list not zero"},
-{ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED),"session id context uninitialized"},
-{ERR_REASON(SSL_R_SHORT_READ)            ,"short read"},
-{ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE),"signature for non signing certificate"},
-{ERR_REASON(SSL_R_SSL23_DOING_SESSION_ID_REUSE),"ssl23 doing session id reuse"},
-{ERR_REASON(SSL_R_SSL2_CONNECTION_ID_TOO_LONG),"ssl2 connection id too long"},
-{ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_LONG),"ssl3 session id too long"},
-{ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_SHORT),"ssl3 session id too short"},
-{ERR_REASON(SSL_R_SSLV3_ALERT_BAD_CERTIFICATE),"sslv3 alert bad certificate"},
-{ERR_REASON(SSL_R_SSLV3_ALERT_BAD_RECORD_MAC),"sslv3 alert bad record mac"},
-{ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED),"sslv3 alert certificate expired"},
-{ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED),"sslv3 alert certificate revoked"},
-{ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN),"sslv3 alert certificate unknown"},
-{ERR_REASON(SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE),"sslv3 alert decompression failure"},
-{ERR_REASON(SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE),"sslv3 alert handshake failure"},
-{ERR_REASON(SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER),"sslv3 alert illegal parameter"},
-{ERR_REASON(SSL_R_SSLV3_ALERT_NO_CERTIFICATE),"sslv3 alert no certificate"},
-{ERR_REASON(SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE),"sslv3 alert unexpected message"},
-{ERR_REASON(SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE),"sslv3 alert unsupported certificate"},
-{ERR_REASON(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION),"ssl ctx has no default ssl version"},
-{ERR_REASON(SSL_R_SSL_HANDSHAKE_FAILURE) ,"ssl handshake failure"},
-{ERR_REASON(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS),"ssl library has no ciphers"},
-{ERR_REASON(SSL_R_SSL_SESSION_ID_CALLBACK_FAILED),"ssl session id callback failed"},
-{ERR_REASON(SSL_R_SSL_SESSION_ID_CONFLICT),"ssl session id conflict"},
-{ERR_REASON(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG),"ssl session id context too long"},
-{ERR_REASON(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH),"ssl session id has bad length"},
-{ERR_REASON(SSL_R_SSL_SESSION_ID_IS_DIFFERENT),"ssl session id is different"},
-{ERR_REASON(SSL_R_TLSV1_ALERT_ACCESS_DENIED),"tlsv1 alert access denied"},
-{ERR_REASON(SSL_R_TLSV1_ALERT_DECODE_ERROR),"tlsv1 alert decode error"},
-{ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPTION_FAILED),"tlsv1 alert decryption failed"},
-{ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPT_ERROR),"tlsv1 alert decrypt error"},
-{ERR_REASON(SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION),"tlsv1 alert export restriction"},
-{ERR_REASON(SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY),"tlsv1 alert insufficient security"},
-{ERR_REASON(SSL_R_TLSV1_ALERT_INTERNAL_ERROR),"tlsv1 alert internal error"},
-{ERR_REASON(SSL_R_TLSV1_ALERT_NO_RENEGOTIATION),"tlsv1 alert no renegotiation"},
-{ERR_REASON(SSL_R_TLSV1_ALERT_PROTOCOL_VERSION),"tlsv1 alert protocol version"},
-{ERR_REASON(SSL_R_TLSV1_ALERT_RECORD_OVERFLOW),"tlsv1 alert record overflow"},
-{ERR_REASON(SSL_R_TLSV1_ALERT_UNKNOWN_CA),"tlsv1 alert unknown ca"},
-{ERR_REASON(SSL_R_TLSV1_ALERT_USER_CANCELLED),"tlsv1 alert user cancelled"},
-{ERR_REASON(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER),"tls client cert req with anon cipher"},
-{ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST),"tls peer did not respond with certificate list"},
-{ERR_REASON(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG),"tls rsa encrypted value length is wrong"},
-{ERR_REASON(SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER),"tried to use unsupported cipher"},
-{ERR_REASON(SSL_R_UNABLE_TO_DECODE_DH_CERTS),"unable to decode dh certs"},
-{ERR_REASON(SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY),"unable to extract public key"},
-{ERR_REASON(SSL_R_UNABLE_TO_FIND_DH_PARAMETERS),"unable to find dh parameters"},
-{ERR_REASON(SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS),"unable to find public key parameters"},
-{ERR_REASON(SSL_R_UNABLE_TO_FIND_SSL_METHOD),"unable to find ssl method"},
-{ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES),"unable to load ssl2 md5 routines"},
-{ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES),"unable to load ssl3 md5 routines"},
-{ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES),"unable to load ssl3 sha1 routines"},
-{ERR_REASON(SSL_R_UNEXPECTED_MESSAGE)    ,"unexpected message"},
-{ERR_REASON(SSL_R_UNEXPECTED_RECORD)     ,"unexpected record"},
-{ERR_REASON(SSL_R_UNINITIALIZED)         ,"uninitialized"},
-{ERR_REASON(SSL_R_UNKNOWN_ALERT_TYPE)    ,"unknown alert type"},
-{ERR_REASON(SSL_R_UNKNOWN_CERTIFICATE_TYPE),"unknown certificate type"},
-{ERR_REASON(SSL_R_UNKNOWN_CIPHER_RETURNED),"unknown cipher returned"},
-{ERR_REASON(SSL_R_UNKNOWN_CIPHER_TYPE)   ,"unknown cipher type"},
-{ERR_REASON(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE),"unknown key exchange type"},
-{ERR_REASON(SSL_R_UNKNOWN_PKEY_TYPE)     ,"unknown pkey type"},
-{ERR_REASON(SSL_R_UNKNOWN_PROTOCOL)      ,"unknown protocol"},
-{ERR_REASON(SSL_R_UNKNOWN_REMOTE_ERROR_TYPE),"unknown remote error type"},
-{ERR_REASON(SSL_R_UNKNOWN_SSL_VERSION)   ,"unknown ssl version"},
-{ERR_REASON(SSL_R_UNKNOWN_STATE)         ,"unknown state"},
-{ERR_REASON(SSL_R_UNSUPPORTED_CIPHER)    ,"unsupported cipher"},
-{ERR_REASON(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM),"unsupported compression algorithm"},
-{ERR_REASON(SSL_R_UNSUPPORTED_PROTOCOL)  ,"unsupported protocol"},
-{ERR_REASON(SSL_R_UNSUPPORTED_SSL_VERSION),"unsupported ssl version"},
-{ERR_REASON(SSL_R_WRITE_BIO_NOT_SET)     ,"write bio not set"},
-{ERR_REASON(SSL_R_WRONG_CIPHER_RETURNED) ,"wrong cipher returned"},
-{ERR_REASON(SSL_R_WRONG_MESSAGE_TYPE)    ,"wrong message type"},
-{ERR_REASON(SSL_R_WRONG_NUMBER_OF_KEY_BITS),"wrong number of key bits"},
-{ERR_REASON(SSL_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"},
-{ERR_REASON(SSL_R_WRONG_SIGNATURE_SIZE)  ,"wrong signature size"},
-{ERR_REASON(SSL_R_WRONG_SSL_VERSION)     ,"wrong ssl version"},
-{ERR_REASON(SSL_R_WRONG_VERSION_NUMBER)  ,"wrong version number"},
-{ERR_REASON(SSL_R_X509_LIB)              ,"x509 lib"},
-{ERR_REASON(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS),"x509 verification setup problems"},
+{SSL_R_APP_DATA_IN_HANDSHAKE             ,"app data in handshake"},
+{SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT,"attempt to reuse session in different context"},
+{SSL_R_BAD_ALERT_RECORD                  ,"bad alert record"},
+{SSL_R_BAD_AUTHENTICATION_TYPE           ,"bad authentication type"},
+{SSL_R_BAD_CHANGE_CIPHER_SPEC            ,"bad change cipher spec"},
+{SSL_R_BAD_CHECKSUM                      ,"bad checksum"},
+{SSL_R_BAD_DATA_RETURNED_BY_CALLBACK     ,"bad data returned by callback"},
+{SSL_R_BAD_DECOMPRESSION                 ,"bad decompression"},
+{SSL_R_BAD_DH_G_LENGTH                   ,"bad dh g length"},
+{SSL_R_BAD_DH_PUB_KEY_LENGTH             ,"bad dh pub key length"},
+{SSL_R_BAD_DH_P_LENGTH                   ,"bad dh p length"},
+{SSL_R_BAD_DIGEST_LENGTH                 ,"bad digest length"},
+{SSL_R_BAD_DSA_SIGNATURE                 ,"bad dsa signature"},
+{SSL_R_BAD_HELLO_REQUEST                 ,"bad hello request"},
+{SSL_R_BAD_LENGTH                        ,"bad length"},
+{SSL_R_BAD_MAC_DECODE                    ,"bad mac decode"},
+{SSL_R_BAD_MESSAGE_TYPE                  ,"bad message type"},
+{SSL_R_BAD_PACKET_LENGTH                 ,"bad packet length"},
+{SSL_R_BAD_PROTOCOL_VERSION_NUMBER       ,"bad protocol version number"},
+{SSL_R_BAD_RESPONSE_ARGUMENT             ,"bad response argument"},
+{SSL_R_BAD_RSA_DECRYPT                   ,"bad rsa decrypt"},
+{SSL_R_BAD_RSA_ENCRYPT                   ,"bad rsa encrypt"},
+{SSL_R_BAD_RSA_E_LENGTH                  ,"bad rsa e length"},
+{SSL_R_BAD_RSA_MODULUS_LENGTH            ,"bad rsa modulus length"},
+{SSL_R_BAD_RSA_SIGNATURE                 ,"bad rsa signature"},
+{SSL_R_BAD_SIGNATURE                     ,"bad signature"},
+{SSL_R_BAD_SSL_FILETYPE                  ,"bad ssl filetype"},
+{SSL_R_BAD_SSL_SESSION_ID_LENGTH         ,"bad ssl session id length"},
+{SSL_R_BAD_STATE                         ,"bad state"},
+{SSL_R_BAD_WRITE_RETRY                   ,"bad write retry"},
+{SSL_R_BIO_NOT_SET                       ,"bio not set"},
+{SSL_R_BLOCK_CIPHER_PAD_IS_WRONG         ,"block cipher pad is wrong"},
+{SSL_R_BN_LIB                            ,"bn lib"},
+{SSL_R_CA_DN_LENGTH_MISMATCH             ,"ca dn length mismatch"},
+{SSL_R_CA_DN_TOO_LONG                    ,"ca dn too long"},
+{SSL_R_CCS_RECEIVED_EARLY                ,"ccs received early"},
+{SSL_R_CERTIFICATE_VERIFY_FAILED         ,"certificate verify failed"},
+{SSL_R_CERT_LENGTH_MISMATCH              ,"cert length mismatch"},
+{SSL_R_CHALLENGE_IS_DIFFERENT            ,"challenge is different"},
+{SSL_R_CIPHER_CODE_WRONG_LENGTH          ,"cipher code wrong length"},
+{SSL_R_CIPHER_OR_HASH_UNAVAILABLE        ,"cipher or hash unavailable"},
+{SSL_R_CIPHER_TABLE_SRC_ERROR            ,"cipher table src error"},
+{SSL_R_COMPRESSED_LENGTH_TOO_LONG        ,"compressed length too long"},
+{SSL_R_COMPRESSION_FAILURE               ,"compression failure"},
+{SSL_R_COMPRESSION_LIBRARY_ERROR         ,"compression library error"},
+{SSL_R_CONNECTION_ID_IS_DIFFERENT        ,"connection id is different"},
+{SSL_R_CONNECTION_TYPE_NOT_SET           ,"connection type not set"},
+{SSL_R_DATA_BETWEEN_CCS_AND_FINISHED     ,"data between ccs and finished"},
+{SSL_R_DATA_LENGTH_TOO_LONG              ,"data length too long"},
+{SSL_R_DECRYPTION_FAILED                 ,"decryption failed"},
+{SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC,"decryption failed or bad record mac"},
+{SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG   ,"dh public value length is wrong"},
+{SSL_R_DIGEST_CHECK_FAILED               ,"digest check failed"},
+{SSL_R_ENCRYPTED_LENGTH_TOO_LONG         ,"encrypted length too long"},
+{SSL_R_ERROR_GENERATING_TMP_RSA_KEY      ,"error generating tmp rsa key"},
+{SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST     ,"error in received cipher list"},
+{SSL_R_EXCESSIVE_MESSAGE_SIZE            ,"excessive message size"},
+{SSL_R_EXTRA_DATA_IN_MESSAGE             ,"extra data in message"},
+{SSL_R_GOT_A_FIN_BEFORE_A_CCS            ,"got a fin before a ccs"},
+{SSL_R_HTTPS_PROXY_REQUEST               ,"https proxy request"},
+{SSL_R_HTTP_REQUEST                      ,"http request"},
+{SSL_R_ILLEGAL_PADDING                   ,"illegal padding"},
+{SSL_R_INVALID_CHALLENGE_LENGTH          ,"invalid challenge length"},
+{SSL_R_INVALID_COMMAND                   ,"invalid command"},
+{SSL_R_INVALID_PURPOSE                   ,"invalid purpose"},
+{SSL_R_INVALID_TRUST                     ,"invalid trust"},
+{SSL_R_KEY_ARG_TOO_LONG                  ,"key arg too long"},
+{SSL_R_KRB5                              ,"krb5"},
+{SSL_R_KRB5_C_CC_PRINC                   ,"krb5 client cc principal (no tkt?)"},
+{SSL_R_KRB5_C_GET_CRED                   ,"krb5 client get cred"},
+{SSL_R_KRB5_C_INIT                       ,"krb5 client init"},
+{SSL_R_KRB5_C_MK_REQ                     ,"krb5 client mk_req (expired tkt?)"},
+{SSL_R_KRB5_S_BAD_TICKET                 ,"krb5 server bad ticket"},
+{SSL_R_KRB5_S_INIT                       ,"krb5 server init"},
+{SSL_R_KRB5_S_RD_REQ                     ,"krb5 server rd_req (keytab perms?)"},
+{SSL_R_KRB5_S_TKT_EXPIRED                ,"krb5 server tkt expired"},
+{SSL_R_KRB5_S_TKT_NYV                    ,"krb5 server tkt not yet valid"},
+{SSL_R_KRB5_S_TKT_SKEW                   ,"krb5 server tkt skew"},
+{SSL_R_LENGTH_MISMATCH                   ,"length mismatch"},
+{SSL_R_LENGTH_TOO_SHORT                  ,"length too short"},
+{SSL_R_LIBRARY_BUG                       ,"library bug"},
+{SSL_R_LIBRARY_HAS_NO_CIPHERS            ,"library has no ciphers"},
+{SSL_R_MASTER_KEY_TOO_LONG               ,"master key too long"},
+{SSL_R_MESSAGE_TOO_LONG                  ,"message too long"},
+{SSL_R_MISSING_DH_DSA_CERT               ,"missing dh dsa cert"},
+{SSL_R_MISSING_DH_KEY                    ,"missing dh key"},
+{SSL_R_MISSING_DH_RSA_CERT               ,"missing dh rsa cert"},
+{SSL_R_MISSING_DSA_SIGNING_CERT          ,"missing dsa signing cert"},
+{SSL_R_MISSING_EXPORT_TMP_DH_KEY         ,"missing export tmp dh key"},
+{SSL_R_MISSING_EXPORT_TMP_RSA_KEY        ,"missing export tmp rsa key"},
+{SSL_R_MISSING_RSA_CERTIFICATE           ,"missing rsa certificate"},
+{SSL_R_MISSING_RSA_ENCRYPTING_CERT       ,"missing rsa encrypting cert"},
+{SSL_R_MISSING_RSA_SIGNING_CERT          ,"missing rsa signing cert"},
+{SSL_R_MISSING_TMP_DH_KEY                ,"missing tmp dh key"},
+{SSL_R_MISSING_TMP_RSA_KEY               ,"missing tmp rsa key"},
+{SSL_R_MISSING_TMP_RSA_PKEY              ,"missing tmp rsa pkey"},
+{SSL_R_MISSING_VERIFY_MESSAGE            ,"missing verify message"},
+{SSL_R_NON_SSLV2_INITIAL_PACKET          ,"non sslv2 initial packet"},
+{SSL_R_NO_CERTIFICATES_RETURNED          ,"no certificates returned"},
+{SSL_R_NO_CERTIFICATE_ASSIGNED           ,"no certificate assigned"},
+{SSL_R_NO_CERTIFICATE_RETURNED           ,"no certificate returned"},
+{SSL_R_NO_CERTIFICATE_SET                ,"no certificate set"},
+{SSL_R_NO_CERTIFICATE_SPECIFIED          ,"no certificate specified"},
+{SSL_R_NO_CIPHERS_AVAILABLE              ,"no ciphers available"},
+{SSL_R_NO_CIPHERS_PASSED                 ,"no ciphers passed"},
+{SSL_R_NO_CIPHERS_SPECIFIED              ,"no ciphers specified"},
+{SSL_R_NO_CIPHER_LIST                    ,"no cipher list"},
+{SSL_R_NO_CIPHER_MATCH                   ,"no cipher match"},
+{SSL_R_NO_CLIENT_CERT_RECEIVED           ,"no client cert received"},
+{SSL_R_NO_COMPRESSION_SPECIFIED          ,"no compression specified"},
+{SSL_R_NO_METHOD_SPECIFIED               ,"no method specified"},
+{SSL_R_NO_PRIVATEKEY                     ,"no privatekey"},
+{SSL_R_NO_PRIVATE_KEY_ASSIGNED           ,"no private key assigned"},
+{SSL_R_NO_PROTOCOLS_AVAILABLE            ,"no protocols available"},
+{SSL_R_NO_PUBLICKEY                      ,"no publickey"},
+{SSL_R_NO_SHARED_CIPHER                  ,"no shared cipher"},
+{SSL_R_NO_VERIFY_CALLBACK                ,"no verify callback"},
+{SSL_R_NULL_SSL_CTX                      ,"null ssl ctx"},
+{SSL_R_NULL_SSL_METHOD_PASSED            ,"null ssl method passed"},
+{SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED   ,"old session cipher not returned"},
+{SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE     ,"only tls allowed in fips mode"},
+{SSL_R_PACKET_LENGTH_TOO_LONG            ,"packet length too long"},
+{SSL_R_PATH_TOO_LONG                     ,"path too long"},
+{SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE ,"peer did not return a certificate"},
+{SSL_R_PEER_ERROR                        ,"peer error"},
+{SSL_R_PEER_ERROR_CERTIFICATE            ,"peer error certificate"},
+{SSL_R_PEER_ERROR_NO_CERTIFICATE         ,"peer error no certificate"},
+{SSL_R_PEER_ERROR_NO_CIPHER              ,"peer error no cipher"},
+{SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"peer error unsupported certificate type"},
+{SSL_R_PRE_MAC_LENGTH_TOO_LONG           ,"pre mac length too long"},
+{SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS ,"problems mapping cipher functions"},
+{SSL_R_PROTOCOL_IS_SHUTDOWN              ,"protocol is shutdown"},
+{SSL_R_PUBLIC_KEY_ENCRYPT_ERROR          ,"public key encrypt error"},
+{SSL_R_PUBLIC_KEY_IS_NOT_RSA             ,"public key is not rsa"},
+{SSL_R_PUBLIC_KEY_NOT_RSA                ,"public key not rsa"},
+{SSL_R_READ_BIO_NOT_SET                  ,"read bio not set"},
+{SSL_R_READ_WRONG_PACKET_TYPE            ,"read wrong packet type"},
+{SSL_R_RECORD_LENGTH_MISMATCH            ,"record length mismatch"},
+{SSL_R_RECORD_TOO_LARGE                  ,"record too large"},
+{SSL_R_RECORD_TOO_SMALL                  ,"record too small"},
+{SSL_R_REQUIRED_CIPHER_MISSING           ,"required cipher missing"},
+{SSL_R_REUSE_CERT_LENGTH_NOT_ZERO        ,"reuse cert length not zero"},
+{SSL_R_REUSE_CERT_TYPE_NOT_ZERO          ,"reuse cert type not zero"},
+{SSL_R_REUSE_CIPHER_LIST_NOT_ZERO        ,"reuse cipher list not zero"},
+{SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED  ,"session id context uninitialized"},
+{SSL_R_SHORT_READ                        ,"short read"},
+{SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"},
+{SSL_R_SSL23_DOING_SESSION_ID_REUSE      ,"ssl23 doing session id reuse"},
+{SSL_R_SSL2_CONNECTION_ID_TOO_LONG       ,"ssl2 connection id too long"},
+{SSL_R_SSL3_SESSION_ID_TOO_LONG          ,"ssl3 session id too long"},
+{SSL_R_SSL3_SESSION_ID_TOO_SHORT         ,"ssl3 session id too short"},
+{SSL_R_SSLV3_ALERT_BAD_CERTIFICATE       ,"sslv3 alert bad certificate"},
+{SSL_R_SSLV3_ALERT_BAD_RECORD_MAC        ,"sslv3 alert bad record mac"},
+{SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED   ,"sslv3 alert certificate expired"},
+{SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED   ,"sslv3 alert certificate revoked"},
+{SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN   ,"sslv3 alert certificate unknown"},
+{SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE ,"sslv3 alert decompression failure"},
+{SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE     ,"sslv3 alert handshake failure"},
+{SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER     ,"sslv3 alert illegal parameter"},
+{SSL_R_SSLV3_ALERT_NO_CERTIFICATE        ,"sslv3 alert no certificate"},
+{SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE,"sslv3 alert peer error certificate"},
+{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE,"sslv3 alert peer error no certificate"},
+{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER  ,"sslv3 alert peer error no cipher"},
+{SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"sslv3 alert peer error unsupported certificate type"},
+{SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE    ,"sslv3 alert unexpected message"},
+{SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE,"sslv3 alert unknown remote error type"},
+{SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE,"sslv3 alert unsupported certificate"},
+{SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION,"ssl ctx has no default ssl version"},
+{SSL_R_SSL_HANDSHAKE_FAILURE             ,"ssl handshake failure"},
+{SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS        ,"ssl library has no ciphers"},
+{SSL_R_SSL_SESSION_ID_CALLBACK_FAILED    ,"ssl session id callback failed"},
+{SSL_R_SSL_SESSION_ID_CONFLICT           ,"ssl session id conflict"},
+{SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG   ,"ssl session id context too long"},
+{SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH     ,"ssl session id has bad length"},
+{SSL_R_SSL_SESSION_ID_IS_DIFFERENT       ,"ssl session id is different"},
+{SSL_R_TLSV1_ALERT_ACCESS_DENIED         ,"tlsv1 alert access denied"},
+{SSL_R_TLSV1_ALERT_DECODE_ERROR          ,"tlsv1 alert decode error"},
+{SSL_R_TLSV1_ALERT_DECRYPTION_FAILED     ,"tlsv1 alert decryption failed"},
+{SSL_R_TLSV1_ALERT_DECRYPT_ERROR         ,"tlsv1 alert decrypt error"},
+{SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION    ,"tlsv1 alert export restriction"},
+{SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY ,"tlsv1 alert insufficient security"},
+{SSL_R_TLSV1_ALERT_INTERNAL_ERROR        ,"tlsv1 alert internal error"},
+{SSL_R_TLSV1_ALERT_NO_RENEGOTIATION      ,"tlsv1 alert no renegotiation"},
+{SSL_R_TLSV1_ALERT_PROTOCOL_VERSION      ,"tlsv1 alert protocol version"},
+{SSL_R_TLSV1_ALERT_RECORD_OVERFLOW       ,"tlsv1 alert record overflow"},
+{SSL_R_TLSV1_ALERT_UNKNOWN_CA            ,"tlsv1 alert unknown ca"},
+{SSL_R_TLSV1_ALERT_USER_CANCELLED        ,"tlsv1 alert user cancelled"},
+{SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER,"tls client cert req with anon cipher"},
+{SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST,"tls peer did not respond with certificate list"},
+{SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG,"tls rsa encrypted value length is wrong"},
+{SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER   ,"tried to use unsupported cipher"},
+{SSL_R_UNABLE_TO_DECODE_DH_CERTS         ,"unable to decode dh certs"},
+{SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY      ,"unable to extract public key"},
+{SSL_R_UNABLE_TO_FIND_DH_PARAMETERS      ,"unable to find dh parameters"},
+{SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS,"unable to find public key parameters"},
+{SSL_R_UNABLE_TO_FIND_SSL_METHOD         ,"unable to find ssl method"},
+{SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES  ,"unable to load ssl2 md5 routines"},
+{SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES  ,"unable to load ssl3 md5 routines"},
+{SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES ,"unable to load ssl3 sha1 routines"},
+{SSL_R_UNEXPECTED_MESSAGE                ,"unexpected message"},
+{SSL_R_UNEXPECTED_RECORD                 ,"unexpected record"},
+{SSL_R_UNINITIALIZED                     ,"uninitialized"},
+{SSL_R_UNKNOWN_ALERT_TYPE                ,"unknown alert type"},
+{SSL_R_UNKNOWN_CERTIFICATE_TYPE          ,"unknown certificate type"},
+{SSL_R_UNKNOWN_CIPHER_RETURNED           ,"unknown cipher returned"},
+{SSL_R_UNKNOWN_CIPHER_TYPE               ,"unknown cipher type"},
+{SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE         ,"unknown key exchange type"},
+{SSL_R_UNKNOWN_PKEY_TYPE                 ,"unknown pkey type"},
+{SSL_R_UNKNOWN_PROTOCOL                  ,"unknown protocol"},
+{SSL_R_UNKNOWN_REMOTE_ERROR_TYPE         ,"unknown remote error type"},
+{SSL_R_UNKNOWN_SSL_VERSION               ,"unknown ssl version"},
+{SSL_R_UNKNOWN_STATE                     ,"unknown state"},
+{SSL_R_UNSUPPORTED_CIPHER                ,"unsupported cipher"},
+{SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM ,"unsupported compression algorithm"},
+{SSL_R_UNSUPPORTED_OPTION                ,"unsupported option"},
+{SSL_R_UNSUPPORTED_PROTOCOL              ,"unsupported protocol"},
+{SSL_R_UNSUPPORTED_SSL_VERSION           ,"unsupported ssl version"},
+{SSL_R_WRITE_BIO_NOT_SET                 ,"write bio not set"},
+{SSL_R_WRONG_CIPHER_RETURNED             ,"wrong cipher returned"},
+{SSL_R_WRONG_MESSAGE_TYPE                ,"wrong message type"},
+{SSL_R_WRONG_NUMBER_OF_KEY_BITS          ,"wrong number of key bits"},
+{SSL_R_WRONG_SIGNATURE_LENGTH            ,"wrong signature length"},
+{SSL_R_WRONG_SIGNATURE_SIZE              ,"wrong signature size"},
+{SSL_R_WRONG_SSL_VERSION                 ,"wrong ssl version"},
+{SSL_R_WRONG_VERSION_NUMBER              ,"wrong version number"},
+{SSL_R_X509_LIB                          ,"x509 lib"},
+{SSL_R_X509_VERIFICATION_SETUP_PROBLEMS  ,"x509 verification setup problems"},
 {0,NULL}
         };
 
@@ -454,8 +455,8 @@ void ERR_load_SSL_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(0,SSL_str_functs);
-                ERR_load_strings(0,SSL_str_reasons);
+                ERR_load_strings(ERR_LIB_SSL,SSL_str_functs);
+                ERR_load_strings(ERR_LIB_SSL,SSL_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c
index 2bd9a5af86..631229558f 100644
--- a/src/lib/libssl/src/ssl/ssl_lib.c
+++ b/src/lib/libssl/src/ssl/ssl_lib.c
@@ -125,7 +125,7 @@
 
 const char *SSL_version_str=OPENSSL_VERSION_TEXT;
 
-SSL3_ENC_METHOD ssl3_undef_enc_method={
+OPENSSL_GLOBAL SSL3_ENC_METHOD ssl3_undef_enc_method={
         /* evil casts, but these functions are only called if there's a library bug */
         (int (*)(SSL *,int))ssl_undefined_function,
         (int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
@@ -1130,21 +1130,8 @@ int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
         
         sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list,
                 &ctx->cipher_list_by_id,str);
-        /* ssl_create_cipher_list may return an empty stack if it
-         * was unable to find a cipher matching the given rule string
-         * (for example if the rule string specifies a cipher which
-         * has been disabled). This is not an error as far as 
-         * ssl_create_cipher_list is concerned, and hence 
-         * ctx->cipher_list and ctx->cipher_list_by_id has been
-         * updated. */
-        if (sk == NULL)
-                return 0;
-        else if (sk_SSL_CIPHER_num(sk) == 0)
-                {
-                SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
-                return 0;
-                }
-        return 1;
+/* XXXX */
+        return((sk == NULL)?0:1);
         }
 
 /** specify the ciphers to be used by the SSL */
@@ -1154,15 +1141,8 @@ int SSL_set_cipher_list(SSL *s,const char *str)
         
         sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list,
                 &s->cipher_list_by_id,str);
-        /* see comment in SSL_CTX_set_cipher_list */
-        if (sk == NULL)
-                return 0;
-        else if (sk_SSL_CIPHER_num(sk) == 0)
-                {
-                SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
-                return 0;
-                }
-        return 1;
+/* XXXX */
+        return((sk == NULL)?0:1);
         }
 
 /* works well for SSLv2, not so good for SSLv3 */
@@ -1201,8 +1181,7 @@ char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
         return(buf);
         }
 
-int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
-                             int (*put_cb)(const SSL_CIPHER *, unsigned char *))
+int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p)
         {
         int i,j=0;
         SSL_CIPHER *c;
@@ -1221,8 +1200,7 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
                 if ((c->algorithms & SSL_KRB5) && nokrb5)
                     continue;
 #endif /* OPENSSL_NO_KRB5 */                    
-
-                j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p);
+                j=ssl_put_cipher_by_char(s,c,p);
                 p+=j;
                 }
         return(p-q);
@@ -1716,7 +1694,7 @@ void ssl_update_cache(SSL *s,int mode)
                         ?s->ctx->stats.sess_connect_good
                         :s->ctx->stats.sess_accept_good) & 0xff) == 0xff)
                         {
-                        SSL_CTX_flush_sessions(s->ctx,(unsigned long)time(NULL));
+                        SSL_CTX_flush_sessions(s->ctx,time(NULL));
                         }
                 }
         }
diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h
index 6a0b7595f4..25a144a0d0 100644
--- a/src/lib/libssl/src/ssl/ssl_locl.h
+++ b/src/lib/libssl/src/ssl/ssl_locl.h
@@ -462,7 +462,7 @@ typedef struct ssl3_comp_st
         COMP_METHOD *method; /* The method :-) */
         } SSL3_COMP;
 
-extern SSL3_ENC_METHOD ssl3_undef_enc_method;
+OPENSSL_EXTERN SSL3_ENC_METHOD ssl3_undef_enc_method;
 OPENSSL_EXTERN SSL_CIPHER ssl2_ciphers[];
 OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[];
 
@@ -493,8 +493,7 @@ int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
                         const SSL_CIPHER * const *bp);
 STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
                                                STACK_OF(SSL_CIPHER) **skp);
-int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
-                             int (*put_cb)(const SSL_CIPHER *, unsigned char *));
+int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p);
 STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
                                              STACK_OF(SSL_CIPHER) **pref,
                                              STACK_OF(SSL_CIPHER) **sorted,
diff --git a/src/lib/libssl/src/ssl/ssl_sess.c b/src/lib/libssl/src/ssl/ssl_sess.c
index 2ba8b9612e..5f12aa361c 100644
--- a/src/lib/libssl/src/ssl/ssl_sess.c
+++ b/src/lib/libssl/src/ssl/ssl_sess.c
@@ -118,7 +118,7 @@ SSL_SESSION *SSL_SESSION_new(void)
         ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
         ss->references=1;
         ss->timeout=60*5+4; /* 5 minute timeout by default */
-        ss->time=(unsigned long)time(NULL);
+        ss->time=time(NULL);
         ss->prev=NULL;
         ss->next=NULL;
         ss->compress_meth=0;
@@ -377,7 +377,7 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
         CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
 #endif
 
-        if (ret->timeout < (long)(time(NULL) - ret->time)) /* timeout */
+        if ((long)(ret->time+ret->timeout) < (long)time(NULL)) /* timeout */
                 {
                 s->ctx->stats.sess_timeout++;
                 /* remove it from the cache */
diff --git a/src/lib/libssl/src/ssl/ssltest.c b/src/lib/libssl/src/ssl/ssltest.c
index 9845ef99ed..3a0db0cb51 100644
--- a/src/lib/libssl/src/ssl/ssltest.c
+++ b/src/lib/libssl/src/ssl/ssltest.c
@@ -119,14 +119,12 @@
 #include <stdlib.h>
 #include <string.h>
 #include <time.h>
+#include <inttypes.h>
+#include <ctype.h>
 
 #define USE_SOCKETS
 #include "e_os.h"
 
-#define _XOPEN_SOURCE 500       /* Or isascii won't be declared properly on
-                                   VMS (at least with DECompHP C).  */
-#include <ctype.h>
-
 #include <openssl/bio.h>
 #include <openssl/crypto.h>
 #include <openssl/evp.h>
@@ -391,6 +389,7 @@ int main(int argc, char *argv[])
         COMP_METHOD *cm = NULL;
 #ifdef OPENSSL_FIPS
         int fips_mode=0;
+        const char *path=argv[0];
 #endif
 
         verbose = 0;
@@ -593,7 +592,7 @@ bad:
 #ifdef OPENSSL_FIPS
         if(fips_mode)
                 {
-                if(!FIPS_mode_set(1))
+                if(!FIPS_mode_set(1,path))
                         {
                         ERR_load_crypto_strings();
                         ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
@@ -1928,8 +1927,8 @@ static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
 
                 fprintf(stderr, "In app_verify_callback, allowing cert. ");
                 fprintf(stderr, "Arg is: %s\n", cb_arg->string);
-                fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
-                        (void *)ctx, (void *)ctx->cert);
+                fprintf(stderr, "Finished printing do we have a context? 0x%x a cert? 0x%x\n",
+                        (unsigned int)ctx, (unsigned int)ctx->cert);
                 if (ctx->cert)
                         s=X509_NAME_oneline(X509_get_subject_name(ctx->cert),buf,256);
                 if (s != NULL)
@@ -1977,7 +1976,15 @@ static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
                 }
 
 #ifndef OPENSSL_NO_X509_VERIFY
+# ifdef OPENSSL_FIPS
+        if(s->version == TLS1_VERSION)
+                FIPS_allow_md5(1);
+# endif
         ok = X509_verify_cert(ctx);
+# ifdef OPENSSL_FIPS
+        if(s->version == TLS1_VERSION)
+                FIPS_allow_md5(0);
+# endif
 #endif
 
         if (cb_arg->proxy_auth)
diff --git a/src/lib/libssl/src/test/Makefile.ssl b/src/lib/libssl/src/test/Makefile.ssl
new file mode 100644
index 0000000000..373f17a929
--- /dev/null
+++ b/src/lib/libssl/src/test/Makefile.ssl
@@ -0,0 +1,796 @@
+#
+# test/Makefile.ssl
+#
+
+DIR=            test
+TOP=            ..
+CC=             cc
+INCLUDES=       -I$(TOP) -I../include $(KRB5_INCLUDES)
+CFLAG=          -g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=     /usr/local/ssl
+MAKEFILE=       Makefile.ssl
+MAKE=           make -f $(MAKEFILE)
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+PERL=           perl
+# KRB5 stuff
+KRB5_INCLUDES=
+LIBKRB5=
+
+PEX_LIBS=
+EX_LIBS= #-lnsl -lsocket
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile.ssl maketests.com \
+        tests.com testenc.com tx509.com trsa.com tcrl.com tsid.com treq.com \
+        tpkcs7.com tpkcs7d.com tverify.com testgen.com testss.com testssl.com \
+        testca.com VMSca-response.1 VMSca-response.2
+
+DLIBCRYPTO= ../libcrypto.a
+DLIBSSL= ../libssl.a
+LIBCRYPTO= -L.. -lcrypto
+LIBSSL= -L.. -lssl
+
+BNTEST=         bntest
+ECTEST=         ectest
+EXPTEST=        exptest
+IDEATEST=       ideatest
+SHATEST=        shatest
+SHA1TEST=       sha1test
+MDC2TEST=       mdc2test
+RMDTEST=        rmdtest
+MD2TEST=        md2test
+MD4TEST=        md4test
+MD5TEST=        md5test
+HMACTEST=       hmactest
+RC2TEST=        rc2test
+RC4TEST=        rc4test
+RC5TEST=        rc5test
+BFTEST=         bftest
+CASTTEST=       casttest
+DESTEST=        destest
+RANDTEST=       randtest
+DHTEST=         dhtest
+DSATEST=        dsatest
+METHTEST=       methtest
+SSLTEST=        ssltest
+RSATEST=        rsa_test
+ENGINETEST=     enginetest
+EVPTEST=        evp_test
+
+TESTS=          alltests
+
+EXE=    $(BNTEST) $(ECTEST) $(IDEATEST) $(MD2TEST)  $(MD4TEST) $(MD5TEST) $(HMACTEST) \
+        $(RC2TEST) $(RC4TEST) $(RC5TEST) \
+        $(DESTEST) $(SHATEST) $(SHA1TEST) $(MDC2TEST) $(RMDTEST) \
+        $(RANDTEST) $(DHTEST) $(ENGINETEST) \
+        $(BFTEST) $(CASTTEST) $(SSLTEST) $(EXPTEST) $(DSATEST) $(RSATEST) \
+        $(EVPTEST)
+
+# $(METHTEST)
+
+OBJ=    $(BNTEST).o $(ECTEST).o $(IDEATEST).o $(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \
+        $(HMACTEST).o \
+        $(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
+        $(DESTEST).o $(SHATEST).o $(SHA1TEST).o $(MDC2TEST).o $(RMDTEST).o \
+        $(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \
+        $(BFTEST).o  $(SSLTEST).o  $(DSATEST).o  $(EXPTEST).o $(RSATEST).o \
+        $(EVPTEST).o
+SRC=    $(BNTEST).c $(ECTEST).c $(IDEATEST).c $(MD2TEST).c  $(MD4TEST).c $(MD5TEST).c \
+        $(HMACTEST).c \
+        $(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \
+        $(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
+        $(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \
+        $(BFTEST).c  $(SSLTEST).c $(DSATEST).c   $(EXPTEST).c $(RSATEST).c \
+        $(EVPTEST).c
+
+EXHEADER= 
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ..; $(MAKE) DIRS=$(DIR) TESTS=$(TESTS) all)
+
+all:    exe
+
+exe:    $(EXE) dummytest
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+
+generate: $(SRC)
+$(SRC):
+        @sh $(TOP)/util/point.sh dummytest.c $@
+
+errors:
+
+install:
+
+tags:
+        ctags $(SRC)
+
+tests:  exe apps $(TESTS)
+
+apps:
+        @(cd ..; $(MAKE) DIRS=apps all)
+
+SET_SO_PATHS=OSSL_LIBPATH="`cd ..; pwd`"; \
+                LD_LIBRARY_PATH="$$OSSL_LIBPATH:$$LD_LIBRARY_PATH"; \
+                DYLD_LIBRARY_PATH="$$OSSL_LIBPATH:$$DYLD_LIBRARY_PATH"; \
+                SHLIB_PATH="$$OSSL_LIBPATH:$$SHLIB_PATH"; \
+                LIBPATH="$$OSSL_LIBPATH:$$LIBPATH"; \
+                if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="$${LIBPATH}:$$PATH"; fi; \
+                export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH
+
+alltests: \
+        test_des test_idea test_sha test_md4 test_md5 test_hmac \
+        test_md2 test_mdc2 \
+        test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_aes \
+        test_rand test_bn test_ec test_enc test_x509 test_rsa test_crl test_sid \
+        test_gen test_req test_pkcs7 test_verify test_dh test_dsa \
+        test_ss test_ca test_engine test_evp test_ssl
+
+test_evp:
+        $(SET_SO_PATHS); ./$(EVPTEST) evptests.txt
+
+test_des:
+        $(SET_SO_PATHS); ./$(DESTEST)
+
+test_idea:
+        $(SET_SO_PATHS); ./$(IDEATEST)
+
+test_sha:
+        $(SET_SO_PATHS); ./$(SHATEST)
+        $(SET_SO_PATHS); ./$(SHA1TEST)
+
+test_mdc2:
+        $(SET_SO_PATHS); ./$(MDC2TEST)
+
+test_md5:
+        $(SET_SO_PATHS); ./$(MD5TEST)
+
+test_md4:
+        $(SET_SO_PATHS); ./$(MD4TEST)
+
+test_hmac:
+        $(SET_SO_PATHS); ./$(HMACTEST)
+
+test_md2:
+        $(SET_SO_PATHS); ./$(MD2TEST)
+
+test_rmd:
+        $(SET_SO_PATHS); ./$(RMDTEST)
+
+test_bf:
+        $(SET_SO_PATHS); ./$(BFTEST)
+
+test_cast:
+        $(SET_SO_PATHS); ./$(CASTTEST)
+
+test_rc2:
+        $(SET_SO_PATHS); ./$(RC2TEST)
+
+test_rc4:
+        $(SET_SO_PATHS); ./$(RC4TEST)
+
+test_rc5:
+        $(SET_SO_PATHS); ./$(RC5TEST)
+
+test_rand:
+        $(SET_SO_PATHS); ./$(RANDTEST)
+
+test_enc:
+        @$(SET_SO_PATHS); sh ./testenc
+
+test_x509:
+        echo test normal x509v1 certificate
+        $(SET_SO_PATHS); sh ./tx509 2>/dev/null
+        echo test first x509v3 certificate
+        $(SET_SO_PATHS); sh ./tx509 v3-cert1.pem 2>/dev/null
+        echo test second x509v3 certificate
+        $(SET_SO_PATHS); sh ./tx509 v3-cert2.pem 2>/dev/null
+
+test_rsa:
+        @$(SET_SO_PATHS); sh ./trsa 2>/dev/null
+        $(SET_SO_PATHS); ./$(RSATEST)
+
+test_crl:
+        @$(SET_SO_PATHS); sh ./tcrl 2>/dev/null
+
+test_sid:
+        @$(SET_SO_PATHS); sh ./tsid 2>/dev/null
+
+test_req:
+        @$(SET_SO_PATHS); sh ./treq 2>/dev/null
+        @$(SET_SO_PATHS); sh ./treq testreq2.pem 2>/dev/null
+
+test_pkcs7:
+        @$(SET_SO_PATHS); sh ./tpkcs7 2>/dev/null
+        @$(SET_SO_PATHS); sh ./tpkcs7d 2>/dev/null
+
+test_bn:
+        @echo starting big number library test, could take a while...
+        @$(SET_SO_PATHS); ./$(BNTEST) >tmp.bntest
+        @echo quit >>tmp.bntest
+        @echo "running bc"
+        @<tmp.bntest sh -c "`sh ./bctest ignore`" | $(PERL) -e '$$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $$1";} elsif (!/^0$$/) {die "\nFailed! bc: $$_";} else {print STDERR "."; $$i++;}} print STDERR "\n$$i tests passed\n"'
+        @echo 'test a^b%c implementations'
+        $(SET_SO_PATHS); ./$(EXPTEST)
+
+test_ec:
+        @echo 'test elliptic curves'
+        $(SET_SO_PATHS); ./$(ECTEST)
+
+test_verify:
+        @echo "The following command should have some OK's and some failures"
+        @echo "There are definitly a few expired certificates"
+        -$(SET_SO_PATHS); ../apps/openssl verify -CApath ../certs ../certs/*.pem
+
+test_dh:
+        @echo "Generate a set of DH parameters"
+        $(SET_SO_PATHS); ./$(DHTEST)
+
+test_dsa:
+        @echo "Generate a set of DSA parameters"
+        $(SET_SO_PATHS); ./$(DSATEST)
+        $(SET_SO_PATHS); ./$(DSATEST) -app2_1
+
+test_gen:
+        @echo "Generate and verify a certificate request"
+        @$(SET_SO_PATHS); sh ./testgen
+
+test_ss keyU.ss certU.ss certCA.ss: testss
+        @echo "Generate and certify a test certificate"
+        @$(SET_SO_PATHS); sh ./testss
+
+test_engine: 
+        @echo "Manipulate the ENGINE structures"
+        $(SET_SO_PATHS); ./$(ENGINETEST)
+
+test_ssl: keyU.ss certU.ss certCA.ss
+        @echo "test SSL protocol"
+        @$(SET_SO_PATHS); sh ./testssl keyU.ss certU.ss certCA.ss
+
+test_ca:
+        @$(SET_SO_PATHS); if ../apps/openssl no-rsa; then \
+          echo "skipping CA.sh test -- requires RSA"; \
+        else \
+          echo "Generate and certify a test certificate via the 'ca' program"; \
+          sh ./testca; \
+        fi
+
+test_aes: #$(AESTEST)
+#       @echo "test Rijndael"
+#       $(SET_SO_PATHS); ./$(AESTEST)
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f .rnd tmp.bntest tmp.bctest *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log
+
+$(DLIBSSL):
+        (cd ..; $(MAKE) DIRS=ssl all)
+
+$(DLIBCRYPTO):
+        (cd ..; $(MAKE) DIRS=crypto all)
+
+$(RSATEST): $(RSATEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(RSATEST) $(CFLAGS) $(RSATEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(RSATEST) $(CFLAGS) $(RSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(BNTEST): $(BNTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(BNTEST) $(CFLAGS) $(BNTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(BNTEST) $(CFLAGS) $(BNTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(ECTEST): $(ECTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(ECTEST) $(CFLAGS) $(ECTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(ECTEST) $(CFLAGS) $(ECTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(EXPTEST): $(EXPTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(EXPTEST) $(CFLAGS) $(EXPTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(EXPTEST) $(CFLAGS) $(EXPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(IDEATEST): $(IDEATEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(IDEATEST) $(CFLAGS) $(IDEATEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(IDEATEST) $(CFLAGS) $(IDEATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(MD2TEST): $(MD2TEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(MD2TEST) $(CFLAGS) $(MD2TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(MD2TEST) $(CFLAGS) $(MD2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(SHATEST): $(SHATEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(SHATEST) $(CFLAGS) $(SHATEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(SHATEST) $(CFLAGS) $(SHATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(SHA1TEST): $(SHA1TEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(SHA1TEST) $(CFLAGS) $(SHA1TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(SHA1TEST) $(CFLAGS) $(SHA1TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(RMDTEST): $(RMDTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(RMDTEST) $(CFLAGS) $(RMDTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(RMDTEST) $(CFLAGS) $(RMDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(MDC2TEST): $(MDC2TEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(MDC2TEST) $(CFLAGS) $(MDC2TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(MDC2TEST) $(CFLAGS) $(MDC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(MD4TEST): $(MD4TEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(MD4TEST) $(CFLAGS) $(MD4TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(MD4TEST) $(CFLAGS) $(MD4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(MD5TEST): $(MD5TEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(MD5TEST) $(CFLAGS) $(MD5TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(MD5TEST) $(CFLAGS) $(MD5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(HMACTEST): $(HMACTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(HMACTEST) $(CFLAGS) $(HMACTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(HMACTEST) $(CFLAGS) $(HMACTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(RC2TEST): $(RC2TEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(RC2TEST) $(CFLAGS) $(RC2TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(RC2TEST) $(CFLAGS) $(RC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(BFTEST): $(BFTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(BFTEST) $(CFLAGS) $(BFTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(BFTEST) $(CFLAGS) $(BFTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(CASTTEST): $(CASTTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(CASTTEST) $(CFLAGS) $(CASTTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(CASTTEST) $(CFLAGS) $(CASTTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(RC4TEST): $(RC4TEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(RC4TEST) $(CFLAGS) $(RC4TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(RC4TEST) $(CFLAGS) $(RC4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(RC5TEST): $(RC5TEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(RC5TEST) $(CFLAGS) $(RC5TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(RC5TEST) $(CFLAGS) $(RC5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(DESTEST): $(DESTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(DESTEST) $(CFLAGS) $(DESTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(DESTEST) $(CFLAGS) $(DESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(RANDTEST): $(RANDTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(RANDTEST) $(CFLAGS) $(RANDTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(RANDTEST) $(CFLAGS) $(RANDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(DHTEST): $(DHTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(DHTEST) $(CFLAGS) $(DHTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(DHTEST) $(CFLAGS) $(DHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(DSATEST): $(DSATEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(DSATEST) $(CFLAGS) $(DSATEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(DSATEST) $(CFLAGS) $(DSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(METHTEST): $(METHTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(METHTEST) $(CFLAGS) $(METHTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(METHTEST) $(CFLAGS) $(METHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(SSLTEST): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(SSLTEST) $(CFLAGS) $(SSLTEST).o $(PEX_LIBS) $(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(SSLTEST) $(CFLAGS) $(SSLTEST).o $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(ENGINETEST): $(ENGINETEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(ENGINETEST) $(CFLAGS) $(ENGINETEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(ENGINETEST) $(CFLAGS) $(ENGINETEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(EVPTEST): $(EVPTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(EVPTEST) $(CFLAGS) $(EVPTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(EVPTEST) $(CFLAGS) $(EVPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+        
+#$(AESTEST).o: $(AESTEST).c
+#       $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
+
+#$(AESTEST): $(AESTEST).o $(DLIBCRYPTO)
+#       if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+#         $(CC) -o $(AESTEST) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+#       else \
+#         LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+#         $(CC) -o $(AESTEST) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+#       fi
+
+dummytest: dummytest.o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o dummytest $(CFLAGS) dummytest.o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o dummytest $(CFLAGS) dummytest.o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bftest.o: ../e_os.h ../include/openssl/blowfish.h ../include/openssl/e_os2.h
+bftest.o: ../include/openssl/opensslconf.h bftest.c
+bntest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+bntest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+bntest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+bntest.o: ../include/openssl/cast.h ../include/openssl/crypto.h
+bntest.o: ../include/openssl/des.h ../include/openssl/des_old.h
+bntest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+bntest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+bntest.o: ../include/openssl/evp.h ../include/openssl/idea.h
+bntest.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+bntest.o: ../include/openssl/md4.h ../include/openssl/md5.h
+bntest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+bntest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+bntest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+bntest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+bntest.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+bntest.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+bntest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+bntest.o: ../include/openssl/sha.h ../include/openssl/stack.h
+bntest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
+bntest.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+bntest.o: ../include/openssl/x509_vfy.h bntest.c
+casttest.o: ../e_os.h ../include/openssl/cast.h ../include/openssl/e_os2.h
+casttest.o: ../include/openssl/opensslconf.h casttest.c
+destest.o: ../include/openssl/crypto.h ../include/openssl/des.h
+destest.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
+destest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+destest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+destest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
+destest.o: ../include/openssl/ui_compat.h destest.c
+dhtest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
+dhtest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+dhtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+dhtest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+dhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+dhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+dhtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dhtest.c
+dsatest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
+dsatest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+dsatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+dsatest.o: ../include/openssl/err.h ../include/openssl/lhash.h
+dsatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+dsatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
+dsatest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+dsatest.o: ../include/openssl/symhacks.h dsatest.c
+ectest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ectest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+ectest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+ectest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+ectest.o: ../include/openssl/engine.h ../include/openssl/err.h
+ectest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+ectest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ectest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+ectest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+ectest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h ectest.c
+enginetest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+enginetest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+enginetest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+enginetest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+enginetest.o: ../include/openssl/engine.h ../include/openssl/err.h
+enginetest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+enginetest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+enginetest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+enginetest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+enginetest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
+enginetest.o: enginetest.c
+evp_test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+evp_test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+evp_test.o: ../include/openssl/bn.h ../include/openssl/cast.h
+evp_test.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+evp_test.o: ../include/openssl/des.h ../include/openssl/des_old.h
+evp_test.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+evp_test.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+evp_test.o: ../include/openssl/err.h ../include/openssl/evp.h
+evp_test.o: ../include/openssl/idea.h ../include/openssl/lhash.h
+evp_test.o: ../include/openssl/md2.h ../include/openssl/md4.h
+evp_test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+evp_test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+evp_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+evp_test.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
+evp_test.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+evp_test.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+evp_test.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+evp_test.o: ../include/openssl/sha.h ../include/openssl/stack.h
+evp_test.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
+evp_test.o: ../include/openssl/ui_compat.h evp_test.c
+exptest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
+exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+exptest.o: ../include/openssl/err.h ../include/openssl/lhash.h
+exptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
+exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+exptest.o: ../include/openssl/symhacks.h exptest.c
+hmactest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+hmactest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+hmactest.o: ../include/openssl/bn.h ../include/openssl/cast.h
+hmactest.o: ../include/openssl/crypto.h ../include/openssl/des.h
+hmactest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+hmactest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+hmactest.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+hmactest.o: ../include/openssl/idea.h ../include/openssl/md2.h
+hmactest.o: ../include/openssl/md4.h ../include/openssl/md5.h
+hmactest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+hmactest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+hmactest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+hmactest.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+hmactest.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+hmactest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+hmactest.o: ../include/openssl/sha.h ../include/openssl/stack.h
+hmactest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
+hmactest.o: ../include/openssl/ui_compat.h hmactest.c
+ideatest.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/idea.h
+ideatest.o: ../include/openssl/opensslconf.h ideatest.c
+md2test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+md2test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+md2test.o: ../include/openssl/bn.h ../include/openssl/cast.h
+md2test.o: ../include/openssl/crypto.h ../include/openssl/des.h
+md2test.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+md2test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+md2test.o: ../include/openssl/evp.h ../include/openssl/idea.h
+md2test.o: ../include/openssl/md2.h ../include/openssl/md4.h
+md2test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+md2test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+md2test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+md2test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
+md2test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+md2test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+md2test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+md2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+md2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md2test.c
+md4test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+md4test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+md4test.o: ../include/openssl/bn.h ../include/openssl/cast.h
+md4test.o: ../include/openssl/crypto.h ../include/openssl/des.h
+md4test.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+md4test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+md4test.o: ../include/openssl/evp.h ../include/openssl/idea.h
+md4test.o: ../include/openssl/md2.h ../include/openssl/md4.h
+md4test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+md4test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+md4test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+md4test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
+md4test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+md4test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+md4test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+md4test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+md4test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md4test.c
+md5test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+md5test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+md5test.o: ../include/openssl/bn.h ../include/openssl/cast.h
+md5test.o: ../include/openssl/crypto.h ../include/openssl/des.h
+md5test.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+md5test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+md5test.o: ../include/openssl/evp.h ../include/openssl/idea.h
+md5test.o: ../include/openssl/md2.h ../include/openssl/md4.h
+md5test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+md5test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+md5test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+md5test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
+md5test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+md5test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+md5test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+md5test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+md5test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md5test.c
+mdc2test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+mdc2test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+mdc2test.o: ../include/openssl/bn.h ../include/openssl/cast.h
+mdc2test.o: ../include/openssl/crypto.h ../include/openssl/des.h
+mdc2test.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+mdc2test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+mdc2test.o: ../include/openssl/evp.h ../include/openssl/idea.h
+mdc2test.o: ../include/openssl/md2.h ../include/openssl/md4.h
+mdc2test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+mdc2test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+mdc2test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+mdc2test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
+mdc2test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+mdc2test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+mdc2test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+mdc2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+mdc2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h mdc2test.c
+randtest.o: ../e_os.h ../include/openssl/e_os2.h
+randtest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h
+randtest.o: ../include/openssl/rand.h randtest.c
+rc2test.o: ../e_os.h ../include/openssl/e_os2.h
+rc2test.o: ../include/openssl/opensslconf.h ../include/openssl/rc2.h rc2test.c
+rc4test.o: ../e_os.h ../include/openssl/e_os2.h
+rc4test.o: ../include/openssl/opensslconf.h ../include/openssl/rc4.h rc4test.c
+rc5test.o: ../e_os.h ../include/openssl/e_os2.h
+rc5test.o: ../include/openssl/opensslconf.h ../include/openssl/rc5.h rc5test.c
+rmdtest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+rmdtest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+rmdtest.o: ../include/openssl/bn.h ../include/openssl/cast.h
+rmdtest.o: ../include/openssl/crypto.h ../include/openssl/des.h
+rmdtest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+rmdtest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+rmdtest.o: ../include/openssl/evp.h ../include/openssl/idea.h
+rmdtest.o: ../include/openssl/md2.h ../include/openssl/md4.h
+rmdtest.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+rmdtest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+rmdtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+rmdtest.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
+rmdtest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+rmdtest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+rmdtest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+rmdtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+rmdtest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h rmdtest.c
+rsa_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+rsa_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+rsa_test.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+rsa_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+rsa_test.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+rsa_test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+rsa_test.o: ../include/openssl/symhacks.h rsa_test.c
+sha1test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+sha1test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+sha1test.o: ../include/openssl/bn.h ../include/openssl/cast.h
+sha1test.o: ../include/openssl/crypto.h ../include/openssl/des.h
+sha1test.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+sha1test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+sha1test.o: ../include/openssl/evp.h ../include/openssl/idea.h
+sha1test.o: ../include/openssl/md2.h ../include/openssl/md4.h
+sha1test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+sha1test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+sha1test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+sha1test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
+sha1test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+sha1test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+sha1test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+sha1test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+sha1test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h sha1test.c
+shatest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+shatest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+shatest.o: ../include/openssl/bn.h ../include/openssl/cast.h
+shatest.o: ../include/openssl/crypto.h ../include/openssl/des.h
+shatest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+shatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+shatest.o: ../include/openssl/evp.h ../include/openssl/idea.h
+shatest.o: ../include/openssl/md2.h ../include/openssl/md4.h
+shatest.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+shatest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+shatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+shatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
+shatest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+shatest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+shatest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+shatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+shatest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h shatest.c
+ssltest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+ssltest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+ssltest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ssltest.o: ../include/openssl/cast.h ../include/openssl/comp.h
+ssltest.o: ../include/openssl/crypto.h ../include/openssl/des.h
+ssltest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+ssltest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+ssltest.o: ../include/openssl/engine.h ../include/openssl/err.h
+ssltest.o: ../include/openssl/evp.h ../include/openssl/idea.h
+ssltest.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssltest.o: ../include/openssl/md2.h ../include/openssl/md4.h
+ssltest.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+ssltest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssltest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssltest.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssltest.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssltest.o: ../include/openssl/rand.h ../include/openssl/rc2.h
+ssltest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+ssltest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+ssltest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssltest.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssltest.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssltest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssltest.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+ssltest.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+ssltest.o: ../include/openssl/x509_vfy.h ssltest.c
diff --git a/src/lib/libssl/src/test/enginetest.c b/src/lib/libssl/src/test/enginetest.c
new file mode 100644
index 0000000000..87fa8c57b7
--- /dev/null
+++ b/src/lib/libssl/src/test/enginetest.c
@@ -0,0 +1,274 @@
+/* crypto/engine/enginetest.c */
+/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/e_os2.h>
+#include <stdio.h>
+#include <string.h>
+#include <openssl/buffer.h>
+#include <openssl/crypto.h>
+#include <openssl/engine.h>
+#include <openssl/err.h>
+
+static void display_engine_list()
+        {
+        ENGINE *h;
+        int loop;
+
+        h = ENGINE_get_first();
+        loop = 0;
+        printf("listing available engine types\n");
+        while(h)
+                {
+                printf("engine %i, id = \"%s\", name = \"%s\"\n",
+                        loop++, ENGINE_get_id(h), ENGINE_get_name(h));
+                h = ENGINE_get_next(h);
+                }
+        printf("end of list\n");
+        /* ENGINE_get_first() increases the struct_ref counter, so we 
+           must call ENGINE_free() to decrease it again */
+        ENGINE_free(h);
+        }
+
+int main(int argc, char *argv[])
+        {
+        ENGINE *block[512];
+        char buf[256];
+        const char *id, *name;
+        ENGINE *ptr;
+        int loop;
+        int to_return = 1;
+        ENGINE *new_h1 = NULL;
+        ENGINE *new_h2 = NULL;
+        ENGINE *new_h3 = NULL;
+        ENGINE *new_h4 = NULL;
+
+        /* enable memory leak checking unless explicitly disabled */
+        if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
+                {
+                CRYPTO_malloc_debug_init();
+                CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+                }
+        else
+                {
+                /* OPENSSL_DEBUG_MEMORY=off */
+                CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
+                }
+        CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+        ERR_load_crypto_strings();
+
+        memset(block, 0, 512 * sizeof(ENGINE *));
+        if(((new_h1 = ENGINE_new()) == NULL) ||
+                        !ENGINE_set_id(new_h1, "test_id0") ||
+                        !ENGINE_set_name(new_h1, "First test item") ||
+                        ((new_h2 = ENGINE_new()) == NULL) ||
+                        !ENGINE_set_id(new_h2, "test_id1") ||
+                        !ENGINE_set_name(new_h2, "Second test item") ||
+                        ((new_h3 = ENGINE_new()) == NULL) ||
+                        !ENGINE_set_id(new_h3, "test_id2") ||
+                        !ENGINE_set_name(new_h3, "Third test item") ||
+                        ((new_h4 = ENGINE_new()) == NULL) ||
+                        !ENGINE_set_id(new_h4, "test_id3") ||
+                        !ENGINE_set_name(new_h4, "Fourth test item"))
+                {
+                printf("Couldn't set up test ENGINE structures\n");
+                goto end;
+                }
+        printf("\nenginetest beginning\n\n");
+        display_engine_list();
+        if(!ENGINE_add(new_h1))
+                {
+                printf("Add failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        ptr = ENGINE_get_first();
+        if(!ENGINE_remove(ptr))
+                {
+                printf("Remove failed!\n");
+                goto end;
+                }
+        if (ptr)
+                ENGINE_free(ptr);
+        display_engine_list();
+        if(!ENGINE_add(new_h3) || !ENGINE_add(new_h2))
+                {
+                printf("Add failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        if(!ENGINE_remove(new_h2))
+                {
+                printf("Remove failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        if(!ENGINE_add(new_h4))
+                {
+                printf("Add failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        if(ENGINE_add(new_h3))
+                {
+                printf("Add *should* have failed but didn't!\n");
+                goto end;
+                }
+        else
+                printf("Add that should fail did.\n");
+        ERR_clear_error();
+        if(ENGINE_remove(new_h2))
+                {
+                printf("Remove *should* have failed but didn't!\n");
+                goto end;
+                }
+        else
+                printf("Remove that should fail did.\n");
+        ERR_clear_error();
+        if(!ENGINE_remove(new_h3))
+                {
+                printf("Remove failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        if(!ENGINE_remove(new_h4))
+                {
+                printf("Remove failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        /* Depending on whether there's any hardware support compiled
+         * in, this remove may be destined to fail. */
+        ptr = ENGINE_get_first();
+        if(ptr)
+                if(!ENGINE_remove(ptr))
+                        printf("Remove failed!i - probably no hardware "
+                                "support present.\n");
+        if (ptr)
+                ENGINE_free(ptr);
+        display_engine_list();
+        if(!ENGINE_add(new_h1) || !ENGINE_remove(new_h1))
+                {
+                printf("Couldn't add and remove to an empty list!\n");
+                goto end;
+                }
+        else
+                printf("Successfully added and removed to an empty list!\n");
+        printf("About to beef up the engine-type list\n");
+        for(loop = 0; loop < 512; loop++)
+                {
+                sprintf(buf, "id%i", loop);
+                id = BUF_strdup(buf);
+                sprintf(buf, "Fake engine type %i", loop);
+                name = BUF_strdup(buf);
+                if(((block[loop] = ENGINE_new()) == NULL) ||
+                                !ENGINE_set_id(block[loop], id) ||
+                                !ENGINE_set_name(block[loop], name))
+                        {
+                        printf("Couldn't create block of ENGINE structures.\n"
+                                "I'll probably also core-dump now, damn.\n");
+                        goto end;
+                        }
+                }
+        for(loop = 0; loop < 512; loop++)
+                {
+                if(!ENGINE_add(block[loop]))
+                        {
+                        printf("\nAdding stopped at %i, (%s,%s)\n",
+                                loop, ENGINE_get_id(block[loop]),
+                                ENGINE_get_name(block[loop]));
+                        goto cleanup_loop;
+                        }
+                else
+                        printf("."); fflush(stdout);
+                }
+cleanup_loop:
+        printf("\nAbout to empty the engine-type list\n");
+        while((ptr = ENGINE_get_first()) != NULL)
+                {
+                if(!ENGINE_remove(ptr))
+                        {
+                        printf("\nRemove failed!\n");
+                        goto end;
+                        }
+                ENGINE_free(ptr);
+                printf("."); fflush(stdout);
+                }
+        for(loop = 0; loop < 512; loop++)
+                {
+                OPENSSL_free((void *)ENGINE_get_id(block[loop]));
+                OPENSSL_free((void *)ENGINE_get_name(block[loop]));
+                }
+        printf("\nTests completed happily\n");
+        to_return = 0;
+end:
+        if(to_return)
+                ERR_print_errors_fp(stderr);
+        if(new_h1) ENGINE_free(new_h1);
+        if(new_h2) ENGINE_free(new_h2);
+        if(new_h3) ENGINE_free(new_h3);
+        if(new_h4) ENGINE_free(new_h4);
+        for(loop = 0; loop < 512; loop++)
+                if(block[loop])
+                        ENGINE_free(block[loop]);
+        ENGINE_cleanup();
+        CRYPTO_cleanup_all_ex_data();
+        ERR_free_strings();
+        ERR_remove_state(0);
+        CRYPTO_mem_leaks_fp(stderr);
+        return to_return;
+        }
diff --git a/src/lib/libssl/src/test/maketests.com b/src/lib/libssl/src/test/maketests.com
index 94621a655b..dfbfef7b1b 100644
--- a/src/lib/libssl/src/test/maketests.com
+++ b/src/lib/libssl/src/test/maketests.com
@@ -586,7 +586,7 @@ $ CCDEFS = "TCPIP_TYPE_''P3'"
 $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
 $ CCEXTRAFLAGS = ""
 $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
-$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
+$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX"
 $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
         CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
 $!
diff --git a/src/lib/libssl/src/test/md4test.c b/src/lib/libssl/src/test/md4test.c
new file mode 100644
index 0000000000..e0fdc42282
--- /dev/null
+++ b/src/lib/libssl/src/test/md4test.c
@@ -0,0 +1,134 @@
+/* crypto/md4/md4test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#ifdef OPENSSL_NO_MD4
+int main(int argc, char *argv[])
+{
+    printf("No MD4 support\n");
+    return(0);
+}
+#else
+#include <openssl/evp.h>
+#include <openssl/md4.h>
+
+static char *test[]={
+        "",
+        "a",
+        "abc",
+        "message digest",
+        "abcdefghijklmnopqrstuvwxyz",
+        "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+        "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+        NULL,
+        };
+
+static char *ret[]={
+"31d6cfe0d16ae931b73c59d7e0c089c0",
+"bde52cb31de33e46245e05fbdbd6fb24",
+"a448017aaf21d8525fc10ae87aa6729d",
+"d9130a8164549fe818874806e1c7014b",
+"d79e1c308aa5bbcdeea8ed63df412da9",
+"043f8582f241db351ce627e153e7f0e4",
+"e33b4ddc9c38f2199c3e7b164fcc0536",
+};
+
+static char *pt(unsigned char *md);
+int main(int argc, char *argv[])
+        {
+        int i,err=0;
+        unsigned char **P,**R;
+        char *p;
+        unsigned char md[MD4_DIGEST_LENGTH];
+
+        P=(unsigned char **)test;
+        R=(unsigned char **)ret;
+        i=1;
+        while (*P != NULL)
+                {
+                EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md4(), NULL);
+                p=pt(md);
+                if (strcmp(p,(char *)*R) != 0)
+                        {
+                        printf("error calculating MD4 on '%s'\n",*P);
+                        printf("got %s instead of %s\n",p,*R);
+                        err++;
+                        }
+                else
+                        printf("test %d ok\n",i);
+                i++;
+                R++;
+                P++;
+                }
+        exit(err);
+        return(0);
+        }
+
+static char *pt(unsigned char *md)
+        {
+        int i;
+        static char buf[80];
+
+        for (i=0; i<MD4_DIGEST_LENGTH; i++)
+                sprintf(&(buf[i*2]),"%02x",md[i]);
+        return(buf);
+        }
+#endif
diff --git a/src/lib/libssl/src/test/rsa_test.c b/src/lib/libssl/src/test/rsa_test.c
new file mode 100644
index 0000000000..b8b462d33b
--- /dev/null
+++ b/src/lib/libssl/src/test/rsa_test.c
@@ -0,0 +1,318 @@
+/* test vectors from p1ovect1.txt */
+
+#include <stdio.h>
+#include <string.h>
+
+#include "e_os.h"
+
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/rand.h>
+#ifdef OPENSSL_NO_RSA
+int main(int argc, char *argv[])
+{
+    printf("No RSA support\n");
+    return(0);
+}
+#else
+#include <openssl/rsa.h>
+#include <openssl/engine.h>
+
+#define SetKey \
+  key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \
+  key->e = BN_bin2bn(e, sizeof(e)-1, key->e); \
+  key->d = BN_bin2bn(d, sizeof(d)-1, key->d); \
+  key->p = BN_bin2bn(p, sizeof(p)-1, key->p); \
+  key->q = BN_bin2bn(q, sizeof(q)-1, key->q); \
+  key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1)-1, key->dmp1); \
+  key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1)-1, key->dmq1); \
+  key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp)-1, key->iqmp); \
+  memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \
+  return (sizeof(ctext_ex) - 1);
+
+static int key1(RSA *key, unsigned char *c)
+    {
+    static unsigned char n[] =
+"\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F"
+"\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5"
+"\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93"
+"\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1"
+"\xF5";
+
+    static unsigned char e[] = "\x11";
+
+    static unsigned char d[] =
+"\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44"
+"\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64"
+"\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9"
+"\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51";
+
+    static unsigned char p[] =
+"\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
+"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12"
+"\x0D";
+    
+    static unsigned char q[] =
+"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
+"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
+"\x89";
+
+    static unsigned char dmp1[] =
+"\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF"
+"\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05";
+
+    static unsigned char dmq1[] =
+"\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99"
+"\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D"
+"\x51";
+
+    static unsigned char iqmp[] =
+"\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8"
+"\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26";
+
+    static unsigned char ctext_ex[] =
+"\x1b\x8f\x05\xf9\xca\x1a\x79\x52\x6e\x53\xf3\xcc\x51\x4f\xdb\x89"
+"\x2b\xfb\x91\x93\x23\x1e\x78\xb9\x92\xe6\x8d\x50\xa4\x80\xcb\x52"
+"\x33\x89\x5c\x74\x95\x8d\x5d\x02\xab\x8c\x0f\xd0\x40\xeb\x58\x44"
+"\xb0\x05\xc3\x9e\xd8\x27\x4a\x9d\xbf\xa8\x06\x71\x40\x94\x39\xd2";
+
+    SetKey;
+    }
+
+static int key2(RSA *key, unsigned char *c)
+    {
+    static unsigned char n[] =
+"\x00\xA3\x07\x9A\x90\xDF\x0D\xFD\x72\xAC\x09\x0C\xCC\x2A\x78\xB8"
+"\x74\x13\x13\x3E\x40\x75\x9C\x98\xFA\xF8\x20\x4F\x35\x8A\x0B\x26"
+"\x3C\x67\x70\xE7\x83\xA9\x3B\x69\x71\xB7\x37\x79\xD2\x71\x7B\xE8"
+"\x34\x77\xCF";
+
+    static unsigned char e[] = "\x3";
+
+    static unsigned char d[] =
+"\x6C\xAF\xBC\x60\x94\xB3\xFE\x4C\x72\xB0\xB3\x32\xC6\xFB\x25\xA2"
+"\xB7\x62\x29\x80\x4E\x68\x65\xFC\xA4\x5A\x74\xDF\x0F\x8F\xB8\x41"
+"\x3B\x52\xC0\xD0\xE5\x3D\x9B\x59\x0F\xF1\x9B\xE7\x9F\x49\xDD\x21"
+"\xE5\xEB";
+
+    static unsigned char p[] =
+"\x00\xCF\x20\x35\x02\x8B\x9D\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92"
+"\xEA\x0D\xA3\xB4\x32\x04\xB5\xCF\xCE\x91";
+
+    static unsigned char q[] =
+"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
+"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5F";
+    
+    static unsigned char dmp1[] =
+"\x00\x8A\x15\x78\xAC\x5D\x13\xAF\x10\x2B\x22\xB9\x99\xCD\x74\x61"
+"\xF1\x5E\x6D\x22\xCC\x03\x23\xDF\xDF\x0B";
+
+    static unsigned char dmq1[] =
+"\x00\x86\x55\x21\x4A\xC5\x4D\x8D\x4E\xCD\x61\x77\xF1\xC7\x36\x90"
+"\xCE\x2A\x48\x2C\x8B\x05\x99\xCB\xE0\x3F";
+
+    static unsigned char iqmp[] =
+"\x00\x83\xEF\xEF\xB8\xA9\xA4\x0D\x1D\xB6\xED\x98\xAD\x84\xED\x13"
+"\x35\xDC\xC1\x08\xF3\x22\xD0\x57\xCF\x8D";
+
+    static unsigned char ctext_ex[] =
+"\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a"
+"\x8b\x40\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4"
+"\x17\x53\x03\x29\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52"
+"\x62\x51";
+
+    SetKey;
+    }
+
+static int key3(RSA *key, unsigned char *c)
+    {
+    static unsigned char n[] =
+"\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71"
+"\xF7\x36\x8D\x07\xEE\xD4\x10\x43\xA4\x40\xD6\xB6\xF0\x74\x54\xF5"
+"\x1F\xB8\xDF\xBA\xAF\x03\x5C\x02\xAB\x61\xEA\x48\xCE\xEB\x6F\xCD"
+"\x48\x76\xED\x52\x0D\x60\xE1\xEC\x46\x19\x71\x9D\x8A\x5B\x8B\x80"
+"\x7F\xAF\xB8\xE0\xA3\xDF\xC7\x37\x72\x3E\xE6\xB4\xB7\xD9\x3A\x25"
+"\x84\xEE\x6A\x64\x9D\x06\x09\x53\x74\x88\x34\xB2\x45\x45\x98\x39"
+"\x4E\xE0\xAA\xB1\x2D\x7B\x61\xA5\x1F\x52\x7A\x9A\x41\xF6\xC1\x68"
+"\x7F\xE2\x53\x72\x98\xCA\x2A\x8F\x59\x46\xF8\xE5\xFD\x09\x1D\xBD"
+"\xCB";
+
+    static unsigned char e[] = "\x11";
+
+    static unsigned char d[] =
+"\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD"
+"\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41"
+"\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69"
+"\xD6\x87\x0D\xA2\xC0\x82\xA9\x39\xE3\x7F\xDC\xB8\x2E\xC9\x3E\xDA"
+"\xC9\x7F\xF3\xAD\x59\x50\xAC\xCF\xBC\x11\x1C\x76\xF1\xA9\x52\x94"
+"\x44\xE5\x6A\xAF\x68\xC5\x6C\x09\x2C\xD3\x8D\xC3\xBE\xF5\xD2\x0A"
+"\x93\x99\x26\xED\x4F\x74\xA1\x3E\xDD\xFB\xE1\xA1\xCE\xCC\x48\x94"
+"\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3"
+"\xC1";
+
+    static unsigned char p[] =
+"\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60"
+"\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6"
+"\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A"
+"\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65"
+"\x99";
+
+    static unsigned char q[] =
+"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
+"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
+"\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
+"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15"
+"\x03";
+
+    static unsigned char dmp1[] =
+"\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A"
+"\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E"
+"\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E"
+"\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81";
+
+    static unsigned char dmq1[] =
+"\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9"
+"\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7"
+"\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D"
+"\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D";
+    
+    static unsigned char iqmp[] =
+"\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23"
+"\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11"
+"\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E"
+"\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39"
+"\xF7";
+
+    static unsigned char ctext_ex[] =
+"\xb8\x24\x6b\x56\xa6\xed\x58\x81\xae\xb5\x85\xd9\xa2\x5b\x2a\xd7"
+"\x90\xc4\x17\xe0\x80\x68\x1b\xf1\xac\x2b\xc3\xde\xb6\x9d\x8b\xce"
+"\xf0\xc4\x36\x6f\xec\x40\x0a\xf0\x52\xa7\x2e\x9b\x0e\xff\xb5\xb3"
+"\xf2\xf1\x92\xdb\xea\xca\x03\xc1\x27\x40\x05\x71\x13\xbf\x1f\x06"
+"\x69\xac\x22\xe9\xf3\xa7\x85\x2e\x3c\x15\xd9\x13\xca\xb0\xb8\x86"
+"\x3a\x95\xc9\x92\x94\xce\x86\x74\x21\x49\x54\x61\x03\x46\xf4\xd4"
+"\x74\xb2\x6f\x7c\x48\xb4\x2e\xe6\x8e\x1f\x57\x2a\x1f\xc4\x02\x6a"
+"\xc4\x56\xb4\xf5\x9f\x7b\x62\x1e\xa1\xb9\xd8\x8f\x64\x20\x2f\xb1";
+
+    SetKey;
+    }
+
+static int pad_unknown(void)
+{
+    unsigned long l;
+    while ((l = ERR_get_error()) != 0)
+      if (ERR_GET_REASON(l) == RSA_R_UNKNOWN_PADDING_TYPE)
+        return(1);
+    return(0);
+}
+
+static const char rnd_seed[] = "string to make the random number generator think it has entropy";
+
+int main(int argc, char *argv[])
+    {
+    int err=0;
+    int v;
+    RSA *key;
+    unsigned char ptext[256];
+    unsigned char ctext[256];
+    static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
+    unsigned char ctext_ex[256];
+    int plen;
+    int clen = 0;
+    int num;
+
+    CRYPTO_malloc_debug_init();
+    CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+    RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
+
+    plen = sizeof(ptext_ex) - 1;
+
+    for (v = 0; v < 3; v++)
+        {
+        key = RSA_new();
+        switch (v) {
+    case 0:
+        clen = key1(key, ctext_ex);
+        break;
+    case 1:
+        clen = key2(key, ctext_ex);
+        break;
+    case 2:
+        clen = key3(key, ctext_ex);
+        break;
+        }
+
+        num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
+                                 RSA_PKCS1_PADDING);
+        if (num != clen)
+            {
+            printf("PKCS#1 v1.5 encryption failed!\n");
+            err=1;
+            goto oaep;
+            }
+  
+        num = RSA_private_decrypt(num, ctext, ptext, key,
+                                  RSA_PKCS1_PADDING);
+        if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
+            {
+            printf("PKCS#1 v1.5 decryption failed!\n");
+            err=1;
+            }
+        else
+            printf("PKCS #1 v1.5 encryption/decryption ok\n");
+
+    oaep:
+        ERR_clear_error();
+        num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
+                                 RSA_PKCS1_OAEP_PADDING);
+        if (num == -1 && pad_unknown())
+            {
+            printf("No OAEP support\n");
+            goto next;
+            }
+        if (num != clen)
+            {
+            printf("OAEP encryption failed!\n");
+            err=1;
+            goto next;
+            }
+  
+        num = RSA_private_decrypt(num, ctext, ptext, key,
+                                  RSA_PKCS1_OAEP_PADDING);
+        if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
+            {
+            printf("OAEP decryption (encrypted data) failed!\n");
+            err=1;
+            }
+        else if (memcmp(ctext, ctext_ex, num) == 0)
+            {
+            printf("OAEP test vector %d passed!\n", v);
+            goto next;
+            }
+    
+        /* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT).
+           Try decrypting ctext_ex */
+
+        num = RSA_private_decrypt(clen, ctext_ex, ptext, key,
+                                  RSA_PKCS1_OAEP_PADDING);
+
+        if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
+            {
+            printf("OAEP decryption (test vector data) failed!\n");
+            err=1;
+            }
+        else
+            printf("OAEP encryption/decryption ok\n");
+    next:
+        RSA_free(key);
+        }
+
+    CRYPTO_cleanup_all_ex_data();
+    ERR_remove_state(0);
+
+    CRYPTO_mem_leaks_fp(stderr);
+
+    return err;
+    }
+#endif
diff --git a/src/lib/libssl/src/test/sha1hashes.txt b/src/lib/libssl/src/test/sha1hashes.txt
new file mode 100644
index 0000000000..4adfa197e9
--- /dev/null
+++ b/src/lib/libssl/src/test/sha1hashes.txt
@@ -0,0 +1,342 @@
+#  Configuration information for "SHA-1 Test"
+#  SHA tests are configured for BYTE oriented implementations
+H>SHS Type 1 Hashes<H
+D>
+DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 ^
+3CDF2936DA2FC556BFA533AB1EB59CE710AC80E5 ^
+19C1E2048FA7393CFBF2D310AD8209EC11D996E5 ^
+CA775D8C80FAA6F87FA62BECA6CA6089D63B56E5 ^
+71AC973D0E4B50AE9E5043FF4D615381120A25A0 ^
+A6B5B9F854CFB76701C3BDDBF374B3094EA49CBA ^
+D87A0EE74E4B9AD72E6847C87BDEEB3D07844380 ^
+1976B8DD509FE66BF09C9A8D33534D4EF4F63BFD ^
+5A78F439B6DB845BB8A558E4CEB106CD7B7FF783 ^
+F871BCE62436C1E280357416695EE2EF9B83695C ^
+62B243D1B780E1D31CF1BA2DE3F01C72AEEA0E47 ^
+1698994A273404848E56E7FDA4457B5900DE1342 ^
+056F4CDC02791DA7ED1EB2303314F7667518DEEF ^
+9FE2DA967BD8441EEA1C32DF68DDAA9DC1FC8E4B ^
+73A31777B4ACE9384EFA8BBEAD45C51A71ABA6DD ^
+3F9D7C4E2384EDDABFF5DD8A31E23DE3D03F42AC ^
+4814908F72B93FFD011135BEE347DE9A08DA838F ^
+0978374B67A412A3102C5AA0B10E1A6596FC68EB ^
+44AD6CB618BD935460D46D3F921D87B99AB91C1E ^
+02DC989AF265B09CF8485640842128DCF95E9F39 ^
+67507B8D497B35D6E99FC01976D73F54AECA75CF ^
+1EAE0373C1317CB60C36A42A867B716039D441F5 ^
+9C3834589E5BFFAC9F50950E0199B3EC2620BEC8 ^
+209F7ABC7F3B878EE46CDF3A1FBB9C21C3474F32 ^
+05FC054B00D97753A9B3E2DA8FBBA3EE808CEF22 ^
+0C4980EA3A46C757DFBFC5BAA38AC6C8E72DDCE7 ^
+96A460D2972D276928B69864445BEA353BDCFFD2 ^
+F3EF04D8FA8C6FA9850F394A4554C080956FA64B ^
+F2A31D875D1D7B30874D416C4D2EA6BAF0FFBAFE ^
+F4942D3B9E9588DCFDC6312A84DF75D05F111C20 ^
+310207DF35B014E4676D30806FA34424813734DD ^
+4DA1955B2FA7C7E74E3F47D7360CE530BBF57CA3 ^
+74C4BC5B26FB4A08602D40CCEC6C6161B6C11478 ^
+0B103CE297338DFC7395F7715EE47539B556DDB6 ^
+EFC72D99E3D2311CE14190C0B726BDC68F4B0821 ^
+660EDAC0A8F4CE33DA0D8DBAE597650E97687250 ^
+FE0A55A988B3B93946A63EB36B23785A5E6EFC3E ^
+0CBDF2A5781C59F907513147A0DE3CC774B54BF3 ^
+663E40FEE5A44BFCB1C99EA5935A6B5BC9F583B0 ^
+00162134256952DD9AE6B51EFB159B35C3C138C7 ^
+CEB88E4736E354416E2010FC1061B3B53B81664B ^
+A6A2C4B6BCC41DDC67278F3DF4D8D0B9DD7784EF ^
+C23D083CD8820B57800A869F5F261D45E02DC55D ^
+E8AC31927B78DDEC41A31CA7A44EB7177165E7AB ^
+E864EC5DBAB0F9FF6984AB6AD43A8C9B81CC9F9C ^
+CFED6269069417A84D6DE2347220F4B858BCD530 ^
+D9217BFB46C96348722C3783D29D4B1A3FEDA38C ^
+DEC24E5554F79697218D317315FA986229CE3350 ^
+83A099DF7071437BA5495A5B0BFBFEFE1C0EF7F3 ^
+AA3198E30891A83E33CE3BFA0587D86A197D4F80 ^
+9B6ACBEB4989CBEE7015C7D515A75672FFDE3442 ^
+B021EB08A436B02658EAA7BA3C88D49F1219C035 ^
+CAE36DAB8AEA29F62E0855D9CB3CD8E7D39094B1 ^
+02DE8BA699F3C1B0CB5AD89A01F2346E630459D7 ^
+88021458847DD39B4495368F7254941859FAD44B ^
+91A165295C666FE85C2ADBC5A10329DAF0CB81A0 ^
+4B31312EAF8B506811151A9DBD162961F7548C4B ^
+3FE70971B20558F7E9BAC303ED2BC14BDE659A62 ^
+93FB769D5BF49D6C563685954E2AECC024DC02D6 ^
+BC8827C3E614D515E83DEA503989DEA4FDA6EA13 ^
+E83868DBE4A389AB48E61CFC4ED894F32AE112AC ^
+55C95459CDE4B33791B4B2BCAAF840930AF3F3BD ^
+36BB0E2BA438A3E03214D9ED2B28A4D5C578FCAA ^
+3ACBF874199763EBA20F3789DFC59572ACA4CF33 ^
+86BE037C4D509C9202020767D860DAB039CADACE ^
+51B57D7080A87394EEC3EB2E0B242E553F2827C9 ^
+1EFBFA78866315CE6A71E457F3A750A38FACAB41 ^
+57D6CB41AEEC20236F365B3A490C61D0CFA39611 ^
+C532CB64B4BA826372BCCF2B4B5793D5B88BB715 ^
+15833B5631032663E783686A209C6A2B47A1080E ^
+D04F2043C96E10CD83B574B1E1C217052CD4A6B2 ^
+E8882627C64DB743F7DB8B4413DD033FC63BEB20 ^
+CD2D32286B8867BC124A0AF2236FC74BE3622199 ^
+019B70D745375091ED5C7B218445EC986D0F5A82 ^
+E5FF5FEC1DADBAED02BF2DAD4026BE6A96B3F2AF ^
+6F4E23B3F2E2C068D13921FE4E5E053FFED4E146 ^
+25E179602A575C915067566FBA6DA930E97F8678 ^
+67DED0E68E235C8A523E051E86108EEB757EFBFD ^
+AF78536EA83C822796745556D62A3EE82C7BE098 ^
+64D7AC52E47834BE72455F6C64325F9C358B610D ^
+9D4866BAA3639C13E541F250FFA3D8BC157A491F ^
+2E258811961D3EB876F30E7019241A01F9517BEC ^
+8E0EBC487146F83BC9077A1630E0FB3AB3C89E63 ^
+CE8953741FFF3425D2311FBBF4AB481B669DEF70 ^
+789D1D2DAB52086BD90C0E137E2515ED9C6B59B5 ^
+B76CE7472700DD68D6328B7AA8437FB051D15745 ^
+F218669B596C5FFB0B1C14BD03C467FC873230A0 ^
+1FF3BDBE0D504CB0CDFAB17E6C37ABA6B3CFFDED ^
+2F3CBACBB14405A4652ED52793C1814FD8C4FCE0 ^
+982C8AB6CE164F481915AF59AAED9FFF2A391752 ^
+5CD92012D488A07ECE0E47901D0E083B6BD93E3F ^
+69603FEC02920851D4B3B8782E07B92BB2963009 ^
+3E90F76437B1EA44CF98A08D83EA24CECF6E6191 ^
+34C09F107C42D990EB4881D4BF2DDDCAB01563AE ^
+474BE0E5892EB2382109BFC5E3C8249A9283B03D ^
+A04B4F75051786682483252438F6A75BF4705EC6 ^
+BE88A6716083EB50ED9416719D6A247661299383 ^
+C67E38717FEE1A5F65EC6C7C7C42AFC00CD37F04 ^
+959AC4082388E19E9BE5DE571C047EF10C174A8D ^
+BAA7AA7B7753FA0ABDC4A541842B5D238D949F0A ^
+351394DCEBC08155D100FCD488578E6AE71D0E9C ^
+AB8BE94C5AF60D9477EF1252D604E58E27B2A9EE ^
+3429EC74A695FDD3228F152564952308AFE0680A ^
+907FA46C029BC67EAA8E4F46E3C2A232F85BD122 ^
+2644C87D1FBBBC0FC8D65F64BCA2492DA15BAAE4 ^
+110A3EEB408756E2E81ABAF4C5DCD4D4C6AFCF6D ^
+CD4FDC35FAC7E1ADB5DE40F47F256EF74D584959 ^
+8E6E273208AC256F9ECCF296F3F5A37BC8A0F9F7 ^
+FE0606100BDBC268DB39B503E0FDFE3766185828 ^
+6C63C3E58047BCDB35A17F74EEBA4E9B14420809 ^
+BCC2BD305F0BCDA8CF2D478EF9FE080486CB265F ^
+CE5223FD3DD920A3B666481D5625B16457DCB5E8 ^
+948886776E42E4F5FAE1B2D0C906AC3759E3F8B0 ^
+4C12A51FCFE242F832E3D7329304B11B75161EFB ^
+C54BDD2050504D92F551D378AD5FC72C9ED03932 ^
+8F53E8FA79EA09FD1B682AF5ED1515ECA965604C ^
+2D7E17F6294524CE78B33EAB72CDD08E5FF6E313 ^
+64582B4B57F782C9302BFE7D07F74AA176627A3A ^
+6D88795B71D3E386BBD1EB830FB9F161BA98869F ^
+86AD34A6463F12CEE6DE9596ABA72F0DF1397FD1 ^
+7EB46685A57C0D466152DC339C8122548C757ED1 ^
+E7A98FB0692684054407CC221ABC60C199D6F52A ^
+34DF1306662206FD0A5FC2969A4BEEC4EB0197F7 ^
+56CF7EBF08D10F0CB9FE7EE3B63A5C3A02BCB450 ^
+3BAE5CB8226642088DA760A6F78B0CF8EDDEA9F1 ^
+6475DF681E061FA506672C27CBABFA9AA6DDFF62 ^
+79D81991FA4E4957C8062753439DBFD47BBB277D ^
+BAE224477B20302E881F5249F52EC6C34DA8ECEF ^
+EDE4DEB4293CFE4138C2C056B7C46FF821CC0ACC ^
+<D
+
+H>SHS Type 2 Hashes<H
+D>
+A771FA5C812BD0C9596D869EC99E4F4AC988B13F ^
+E99D566212BBBCEEE903946F6100C9C96039A8F4 ^
+B48CE6B1D13903E3925AE0C88CB931388C013F9C ^
+E647D5BAF670D4BF3AFC0A6B72A2424B0C64F194 ^
+65C1CD932A06B05CD0B43AFB3BC7891F6BCEF45C ^
+70FFAE353A5CD0F8A65A8B2746D0F16281B25EC7 ^
+CC8221F2B829B8CF39646BF46888317C3EB378EA ^
+26ACCC2D6D51FF7BF3E5895588907765111BB69B ^
+01072915B8E868D9B28E759CF2BC1AEA4BB92165 ^
+3016115711D74236ADF0C371E47992F87A428598 ^
+BF30417999C1368F008C1F19FECA4D18A5E1C3C9 ^
+62BA49087185F2742C26E1C1F4844112178BF673 ^
+E1F6B9536F384DD3098285BBFD495A474140DC5A ^
+B522DAE1D67726EBA7C4136D4E2F6D6D645AC43E ^
+E9A021C3EB0B9F2C710554D4BF21B19F78E09478 ^
+DF13573188F3BF705E697A3E1F580145F2183377 ^
+188835CFE52ECFA0C4135C2825F245DC29973970 ^
+41B615A34EE2CEC9D84A91B141CFAB115821950B ^
+AB3DD6221D2AFE6613B815DA1C389EEC74AA0337 ^
+0706D414B4AA7FB4A9051AA70D6856A7264054FB ^
+3CBF8151F3A00B1D5A809CBB8C4F3135055A6BD1 ^
+DA5D6A0319272BBCCEA63ACFA6799756FFDA6840 ^
+FB4429C95F6277B346D3B389413758DFFFEEDC98 ^
+2C6E30D9C895B42DCCCFC84C906EC88C09B20DE1 ^
+3DE3189A5E19F225CDCE254DFF23DACD22C61363 ^
+93530A9BC9A817F6922518A73A1505C411D05DA2 ^
+E31354345F832D31E05C1B842D405D4BD4588EC8 ^
+3FF76957E80B60CF74D015AD431FCA147B3AF232 ^
+34AE3B806BE143A84DCE82E4B830EB7D3D2BAC69 ^
+D7447E53D66BB5E4C26E8B41F83EFD107BF4ADDA ^
+77DD2A4482705BC2E9DC96EC0A13395771AC850C ^
+EAA1465DB1F59DE3F25EB8629602B568E693BB57 ^
+9329D5B40E0DC43AA25FED69A0FA9C211A948411 ^
+E94C0B6AA62AA08C625FAF817DDF8F51EC645273 ^
+7FF02B909D82AD668E31E547E0FB66CB8E213771 ^
+5BB3570858FA1744123BAC2873B0BB9810F53FA1 ^
+905F43940B3591CE39D1145ACB1ECA80AB5E43CD ^
+336C79FBD82F33E490C577E3F791C3CBFE842AFF ^
+5C6D07A6B44F7A75A64F6CE592F3BAE91E022210 ^
+7E0D3E9D33127F4A30EB8D9C134A58409FA8695B ^
+9A5F50DFCFB19286206C229019F0ABF25283028C ^
+DCA737E269F9D8626D488988C996E06B352C0708 ^
+B8FFC1D4972FCE63241E0E77850AC46DDE75DBFA ^
+E9C9BF41C8549354151B977003CE1D830BE667DB ^
+0942908960B54F96CB43452E583F4F9CB66E398A ^
+FCE34051C34D4B81B85DDC4B543CDE8007E284B3 ^
+61E8916532503627F4024D13884640A46F1D61D4 ^
+F008D5D7853B6A17B7466CD9E18BD135E520FAF4 ^
+BD8D2E873CF659B5C77AAC1616827EF8A3B1A3B3 ^
+B25A04DD425302ED211A1C2412D2410FA10C63B6 ^
+A404E21588123E0893718B4B44E91414A785B91F ^
+A1E13BC55BF6DAD83CF3AABDA3287AD68681EA64 ^
+D5FD35FFABED6733C92365929DF0FB4CAE864D15 ^
+C12E9C280EE9C079E0506FF89F9B20536E0A83EF ^
+E22769DC00748A9BBD6C05BBC8E81F2CD1DC4E2D ^
+F29835A93475740E888E8C14318F3CA45A3C8606 ^
+1A1D77C6D0F97C4B620FAA90F3F8644408E4B13D ^
+4EC84870E9BDD25F523C6DFB6EDD605052CA4EAA ^
+D689513FED08B80C39B67371959BC4E3FECB0537 ^
+C4FED58F209FC3C34AD19F86A6DACADC86C04D33 ^
+051888C6D00029C176DE792B84DECE2DC1C74B00 ^
+1A3540BEE05518505827954F58B751C475AEECE0 ^
+DFA19180359D5A7A38E842F172359CAF4208FC05 ^
+7B0FA84EBBCFF7D7F4500F73D79660C4A3431B67 ^
+9E886081C9ACAAD0F97B10810D1DE6FCDCE6B5F4 ^
+A4D46E4BA0AE4B012F75B1B50D0534D578AE9CB6 ^
+6342B199EE64C7B2C9CBCD4F2DCB65ACEF51516F ^
+AABFD63688EB678357869130083E1B52F6EA861D ^
+F732B7372DAF44801F81EFFE3108726239837936 ^
+5E9347FE4574CDCB80281ED092191199BADD7B42 ^
+D5776B7DFFF75C1358ABDBBB3F27A20BB6CA7C55 ^
+022B7ADA472FB7A9DA9219621C9C5F563D3792F6 ^
+7F1DE4ECA20362DA624653D225A5B3F7964A9FF2 ^
+CA0F2B1BFB4469C11ED006A994734F0F2F5EFD17 ^
+833D63F5C2EA0CD43EC15F2B9DD97FF12B030479 ^
+14FD356190416C00592B86FF7CA50B622F85593A ^
+4AB6B57EDDEF1CE935622F935C1619AE7C1667D6 ^
+B456A6A968ACD66CAA974F96A9A916E700AA3C5D ^
+FD1C257FE046B2A27E2F0CD55ED2DECA845F01D7 ^
+66E0D01780F1063E2929EAAD74826BC64060E38C ^
+A8478DF406F179FD4EF97F4574D7F99EA1CE9EB8 ^
+248E58CF09A372114FC2F93B09C5FC14F3D0059E ^
+F15767DE91796A6816977EFA4FCED4B7FD9B8A57 ^
+36A6BC5E680E15675D9696338C88B36248BBBAF4 ^
+4DEA6251B2A6DF017A8093AB066EE3863A4EC369 ^
+D30E70E357D57E3D82CA554B8A3D58DFF528FA94 ^
+70CA84D827F7FD61446233F88CF2F990B0F3E2AA ^
+8D500C9CFDE0288530A2106B70BED39326C52C3C ^
+F3D4D139EDFC24596377BC97A96FB7621F27FFC7 ^
+5509BAFFAC6D507860CEFC5AB5832CB63CD4B687 ^
+0C0AEA0C2FD7A620C77866B1A177481E26B4F592 ^
+149176007FEE58A591E3F00F8DB658B605F8390C ^
+17C0D7B0256159F3626786FFDB20237AE154FA84 ^
+741A58618ABEB1D983D67AFDCBC49AA397A3B8E0 ^
+B738D6B3409EB9ED2F1719B84D13F7C36169CDEC ^
+3D33DE31F64055D3B128AC9A6AA3F92DFD4F5330 ^
+B6925F4DF94949B8844C867428BA3DEDF4CF2B51 ^
+CF5E7256292ABEC431D8E8B9CBEAF22AF072377E ^
+975DCE94902923977F129C0E4ACF40AD28DDB9AA ^
+333B0259B18CE64D6B52CF563DD3041E5F63A516 ^
+<D
+
+H>SHS Type 3 Hashes<H
+D>
+80E044703A880C20EC41F645120A8A5B5D194ECE ^
+E142829CA08FC9787F17AA16CE727396169B2713 ^
+6A2BAF62469D311F9257A0727F52C7EAA87CCEB4 ^
+362E3E7136CA611D7FBF687D3BBDC54CDA64843F ^
+F5900ADC6223A5D24A7526ABFC60FA8E2D59A5AB ^
+AD0CAC6A21D5B10833DDE7FA85927D74EDA142A9 ^
+47AD337EAFFDC177AAF7CBD035BE6F398B9D0536 ^
+9CF58595DF80872535BCC7C056E223546F0BB4EE ^
+7151CEB1918278CED2902B1D663D596F8D1B986F ^
+ADDC9F09AA4026EF6C4B7F1A84D3A13B4CDC65B3 ^
+921FE78A863A317B1FA1FB3CA3BE1948DE7EF754 ^
+64BE10732D71D52CE8A486DA23E6B453DF7C6FBD ^
+4A450659470DD759ABFAE1D73972A6D2E63AC16C ^
+0D665E4BBF30B7EAB955BDE84759E185EECAB4CB ^
+0C1B8EE94D61CDD0837EAED9FE33DE4A8334B596 ^
+D93BFE2A6227A4BF9B7C61EBCE4A8CDE131593FE ^
+BDA883F804B470C90BD6AC490DFC34EBC27F9648 ^
+46A0969373552213632591C52030C38E5DBDC49E ^
+4781289E48B910C550DC23CA7D3AF5324C03532D ^
+693A34CFCDDED0F3AC72E7197FCE9BB66A8E3981 ^
+AE088AF1D8865140963B3ABFB63E32E04CD1506F ^
+ADF0F8F1D85CA97586F5DC6DC5FD11FA39270F55 ^
+E484F5AD86C5F4D09E366ADF6E0DE73449F97B28 ^
+81C49842BA3D7072FB42288E03CE737A2672C091 ^
+F6CC71AD897C23A16835490DED289BFD45500AB0 ^
+23E71AED62FE8E28F34F58E7FE5594EC5EB0486C ^
+92BA7934AA5867EE52960F4E0EDFB90AA7B69305 ^
+C3D1CC8CBD1B6FFEE0D90CE962CD9C09AB1548AA ^
+3CE37A583B71A6A77BE325066A0F00C5D11DFC3E ^
+76EF5D236E1042D356A3234A422C092F86003064 ^
+8C3F703436C6C882E60263540A8E4C3E5646DC15 ^
+6138F9F3AB43B988DD3857422CCB304352459F40 ^
+B812DE98775B4690B4FC2ECFCAB61C73C7271DC7 ^
+06660985CD80D48E7B9F88455B4233924C3B64BB ^
+76AB4B6378D6F63499A94EB67EB1CB31AFF8D775 ^
+F31F6B0BE7AB059A1F59A46481967E88392979E6 ^
+0C1638498FBB7DB9600B98B4B22EF85E0FE245FB ^
+5607C6AF600939736795AC523FA43B736F41A118 ^
+8A03244866BDD21B9D8A82E98436C894FAD86ECC ^
+8A75BFD911AF87303B9B8FB7A1A47CCA52D3D98A ^
+16F0F3B5D37411236A1E3D6B1EDAB74CDA25ED4B ^
+AC72BF45477481F58A302628DC5299FFA32E7C9F ^
+74CFFD5881F75AC20726E1447DCF7F47024380EF ^
+5BFBECEECBC27DA05729C4D1AC8C1286EA6DCEC9 ^
+012AACBC0579FA4CB4F107E9A9AD1A86AD2F6A4D ^
+F7D552CBC5EF90F1A579388B5A8A9EC71EB67681 ^
+10C70115C4C34753274BFED477DF01440A67A361 ^
+078D2FACD293B6B6219D89899C16AA1AA8E3DE82 ^
+83C6BF9FB0D3091ADF374EBFA0A69916F17E6D26 ^
+2CDB1924DA62AB64C007C6505FF657E4ADDEA9C1 ^
+E95D209BCB9864B076FF4DFCA8F8BD75D62D1B48 ^
+632824CF5025F8F90AD2923BDDF449550D64C0F5 ^
+02B1C0B41FC27EC5A32E586F1AC480BF0061E56A ^
+28156BC6769AE390BF32C6512C46169181E1536D ^
+F730E6E287D992E7F3E013B6F1E088F0B9C41598 ^
+B056A6A832FA5FE964EF77FF3E0BE1C32E0D58C0 ^
+D5B3D19AFBB48FB56BA6D44A82DE6BD08DB208DE ^
+0215AD79BD6B8023C05FD2F8966211897DF6337A ^
+EC4CF38C244EB6526A44F70570925247145DA8CA ^
+C0D931262ECE93DA5A6ABC89CD6AD3162EA6B09E ^
+6BB48FAC26AA2B4859BBDEFCFB53AE4D1D9A0340 ^
+58611D43741E67A7F0DA9CB337A59DCD1EBE758E ^
+7C2AEC216AF231509E47B7EED06BB17859812B7E ^
+F60EE5DBF4A7A676EC98B3DDB1CDD6CDF3CDA33B ^
+0492E59B1F4C94E97F29A26C3EE7D57E1B0FDD72 ^
+4FCF549D902D9BE1101A756DB9E45415FB61BCD2 ^
+95C71D26AD6B38CC771376B4A4F962F12E1E3D4F ^
+F6A2449E773C72FB886B3C43E2B30EC2A1B7454A ^
+CDE86695E00AEC9A5DB6FDDB5D5A5934448D58E0 ^
+502318A758FABFF6AC53844E9E2BCD159C678510 ^
+589D295148F95F75DAE964DD743FE981FA236D4E ^
+7973DD33AE3599A556BACC77E8656E782E029EFF ^
+9F5BE43AADD43C6DB3883C9DA4B52E1A50257AEE ^
+454289D8FFB237A56D5214EAE88F0A9D328FEA1A ^
+7E686B36595BEB4C0D4528FF960EDB55088A028D ^
+F9789D1EF19A0084AC0E9F43A4BC0EE0478939EF ^
+2F32B0E7CC8BE19C325545C816E77056D7BBE70F ^
+6B1617746F073CFCD2CEBCAFBBE6FD0E28ED2D56 ^
+CF8D2EA3888AD76761799383E5A15979F6DB7A88 ^
+557AF6D9D5947203C60E98C9A79B92B8BD085E2B ^
+C61A217423DE68ED6CD34C91756C8DD3A650A2A2 ^
+73F3F79C151B6C1BD9369EDB26B932C2362B0593 ^
+364141E5FBCDE83F210C5BBBEB6810F6299DE14B ^
+F806BECD025D264FD59E93D9E3606A674C40F216 ^
+E0C761A57F00CBFB07D49BCB034C36A7122F4C5B ^
+5D3831044B9E0032FBE3C3425FFD13698F413B33 ^
+7EB1AB41E9997753C5D530DF118E71E72D7B86FC ^
+CC053EA1556269D7E8BCBA30B208FCBF0EE2EE64 ^
+A57739B1DD41E7DC0C40D6B6159A7E73CE2748AA ^
+90DA527C9DB9ACC2FD530D560A2F1191A80D0567 ^
+6AC1F2A0B8CA0E5ABC9FDF1ADCE588FBDF5CC53E ^
+43C1A0A0EE4163EC929726989F92B03639B233AB ^
+8927F299462413AC29A74080E54D8EE2DB7165E7 ^
+0C8D7E22226D91B423E781B508F31517EAAB607B ^
+7286E20D7F08D18A893254FBD3CC833F7973DCAF ^
+0CB8C235928B8E936C43B8F29EF3758B9FD54A7B ^
+F67C24CC23E440CA3F206CEEB5504ECA54CD5CA3 ^
+D78A25DEAA1E7ADADDB3C145ED0E5263BA4F2910 ^
+00AA68174D29492C578AC853FFCD55908292D41A ^
+D5570EEDB09A62A5948F7F311F7ED5EF247F9AD9 ^
+<D
diff --git a/src/lib/libssl/src/test/sha1vectors.txt b/src/lib/libssl/src/test/sha1vectors.txt
new file mode 100644
index 0000000000..c2ea186603
--- /dev/null
+++ b/src/lib/libssl/src/test/sha1vectors.txt
@@ -0,0 +1,2293 @@
+#  Configuration information for "SHA-1 Test"
+#  SHA tests are configured for BYTE oriented implementations
+H>SHS Type 1 Strings<H
+D>
+0 1 ^
+5 0 2 1 2 1 2 ^
+5 0 1 3 4 4 4 ^
+7 0 4 3 4 4 1 4 4 ^
+10 0 4 1 5 3 4 4 3 1 3 4 ^
+10 0 3 1 6 5 5 1 3 6 6 4 ^
+13 1 3 2 5 3 3 3 4 6 6 1 4 6 2 ^
+16 1 3 5 5 1 2 1 3 3 6 3 5 2 3 5 7 2 ^
+15 1 8 1 5 3 2 7 4 5 6 7 3 3 1 6 3 ^
+15 1 4 6 8 2 1 4 2 5 1 6 8 8 6 4 7 ^
+18 1 1 2 7 3 8 6 7 5 4 3 4 3 5 3 3 2 6 8 ^
+16 0 9 8 1 8 1 7 6 7 7 1 2 6 9 5 4 7 ^
+18 0 7 1 7 3 9 4 7 7 5 2 8 1 7 8 2 7 2 9 ^
+19 1 2 3 1 8 8 6 9 10 3 10 8 9 2 4 1 5 1 5 9 ^
+19 1 8 5 4 8 1 3 9 5 7 7 2 7 2 7 8 7 4 8 10 ^
+20 1 1 9 7 4 1 4 5 1 10 8 6 4 4 9 9 9 8 2 9 10 ^
+19 1 11 6 7 7 2 6 2 6 10 6 9 10 5 11 1 6 8 11 4 ^
+22 0 10 5 10 3 7 8 9 9 1 1 1 10 2 1 5 10 2 9 9 9 7 8 ^
+21 0 1 10 1 6 9 4 2 5 2 11 8 12 12 9 8 1 3 10 7 11 12 ^
+24 1 3 9 5 12 3 4 2 9 12 11 6 6 1 1 9 5 9 1 4 9 4 10 8 9 ^
+25 1 3 2 3 11 1 12 5 6 2 7 8 4 8 8 9 9 8 4 9 1 4 8 10 9 9 ^
+23 0 11 10 7 10 10 6 10 9 4 5 10 5 8 4 1 10 12 4 6 1 8 11 6 ^
+22 0 12 8 10 4 3 8 5 5 7 11 13 11 12 11 4 12 3 6 5 11 10 5 ^
+26 1 10 9 6 9 7 2 10 4 4 5 5 2 12 13 5 3 1 10 1 4 7 8 13 13 12 9 ^
+31 0 2 6 5 4 7 3 10 6 13 6 3 9 6 2 10 5 3 8 4 1 11 3 5 3 7 11 1 12 9 12 5 ^
+27 1 14 5 1 3 7 2 3 9 3 4 14 4 4 10 8 5 14 1 11 12 12 10 4 13 7 11 9 ^
+30 1 4 9 5 5 8 9 5 10 4 2 4 7 9 9 6 3 5 1 8 3 2 13 3 14 9 8 9 10 14 10 ^
+27 0 12 9 5 8 7 2 14 12 3 8 14 6 6 4 7 5 7 10 7 11 10 1 9 6 7 12 14 ^
+24 0 12 9 9 2 11 13 12 11 11 6 14 13 10 5 6 8 10 4 3 11 11 14 5 14 ^
+24 0 15 4 5 3 8 12 15 8 14 15 9 12 12 3 10 13 6 11 10 4 13 14 8 8 ^
+28 1 1 8 1 5 11 4 9 12 4 13 15 5 9 11 7 14 11 1 11 7 8 8 11 1 13 15 12 13 ^
+32 1 5 8 3 8 10 7 8 1 5 13 12 14 5 3 6 4 12 15 6 6 10 11 13 9 1 11 6 10 3 7 14 
+2 ^
+31 0 10 3 5 1 14 11 11 16 1 2 2 11 6 13 15 12 6 5 16 2 14 2 10 12 2 5 5 6 10 13 
+15 ^
+34 0 3 10 8 16 9 5 12 15 4 11 13 3 6 5 10 8 1 3 9 3 11 1 2 16 12 10 6 1 9 1 16 
+5 6 14 ^
+30 1 1 12 4 4 2 15 13 15 11 15 5 11 9 7 15 16 6 16 12 3 2 10 16 5 5 7 1 7 11 16 
+^
+34 0 7 9 11 2 5 5 5 4 13 13 14 4 7 12 6 4 8 2 9 9 13 13 3 3 6 7 16 7 6 15 5 8 
+15 14 ^
+36 1 4 6 16 15 11 14 14 4 7 10 3 4 10 3 6 7 14 4 6 6 5 2 7 8 16 2 12 16 10 14 3 
+2 3 7 14 3 ^
+32 0 15 10 9 1 14 10 14 6 6 16 3 2 3 8 3 12 8 11 17 3 9 7 16 14 4 11 15 5 13 9 
+5 17 ^
+30 0 17 17 13 8 2 6 8 16 1 12 5 17 2 9 8 10 13 14 11 17 12 5 14 9 11 9 11 4 11 
+12 ^
+30 1 16 6 10 5 8 3 17 16 14 1 15 15 15 6 13 2 11 6 13 11 13 4 6 7 11 11 12 16 
+13 16 ^
+33 1 16 16 14 16 2 4 16 11 6 15 7 4 17 6 5 7 6 3 14 16 5 17 11 13 1 1 14 13 3 6 
+14 5 16 ^
+39 1 2 16 13 7 8 6 2 15 1 9 12 4 4 11 13 7 2 11 9 18 4 5 4 8 2 14 9 9 1 8 13 11 
+15 8 5 9 10 16 7 ^
+34 0 2 7 1 1 17 13 6 11 10 8 5 12 15 6 15 10 12 4 18 1 2 8 11 12 16 10 12 18 11 
+16 12 11 17 6 ^
+34 1 4 7 13 7 10 7 10 6 1 12 7 18 11 18 2 10 15 10 14 8 18 9 9 12 12 3 13 12 6 
+4 9 17 13 17 ^
+40 0 5 7 3 2 1 17 14 4 16 6 13 1 13 6 6 10 1 3 18 3 11 7 9 5 7 11 17 1 9 16 5 
+15 10 17 3 8 15 17 8 12 ^
+40 0 11 3 15 17 11 1 1 4 3 14 18 4 2 18 8 15 6 4 6 3 15 11 16 10 17 17 9 6 3 2 
+6 16 4 9 12 6 8 1 11 17 ^
+37 1 2 19 12 8 16 14 2 9 16 2 6 6 7 9 10 9 11 9 14 11 15 5 16 9 2 17 2 8 15 8 4 
+3 14 14 16 16 12 ^
+37 1 11 10 16 12 11 7 14 14 14 6 10 10 1 6 13 19 5 6 4 7 12 12 10 5 10 15 15 8 
+5 13 17 13 5 6 14 1 19 ^
+38 1 2 6 5 17 9 11 18 18 8 6 13 15 3 3 15 5 13 18 3 2 5 5 14 7 13 4 17 7 2 17 3 
+18 15 7 15 16 18 11 ^
+38 1 12 8 6 3 17 12 13 19 15 9 7 17 16 15 3 11 11 5 2 13 19 16 2 4 16 7 8 1 2 9 
+17 12 3 5 18 19 11 9 ^
+39 1 14 16 14 8 9 16 5 1 6 3 17 18 16 9 1 15 9 10 9 19 1 3 3 20 11 13 17 1 19 8 
+3 4 3 7 1 14 19 19 19 ^
+37 1 18 13 11 5 18 4 19 10 6 19 11 17 10 10 7 9 13 16 9 10 18 4 12 5 16 5 20 12 
+3 8 10 1 18 1 6 20 14 ^
+36 0 8 9 6 12 11 7 7 3 17 13 6 20 17 9 20 16 10 12 17 8 11 8 11 10 5 10 14 18 8 
+19 9 12 12 2 20 19 ^
+39 0 12 16 20 3 9 9 19 17 13 13 4 17 2 11 7 14 3 6 16 13 10 13 5 16 10 2 8 2 17 
+19 4 17 7 19 6 9 15 15 6 ^
+43 0 7 2 18 5 7 18 5 2 15 7 11 10 9 3 2 14 19 3 11 8 18 15 5 3 5 12 15 16 10 17 
+7 19 16 2 1 16 6 3 19 12 5 18 16 ^
+49 1 9 11 2 1 12 11 14 12 14 10 4 11 6 8 16 7 5 11 20 8 17 4 14 4 15 3 2 2 4 3 
+2 3 14 15 10 2 12 7 3 7 20 20 19 10 2 3 1 10 20 ^
+36 0 19 20 12 5 19 21 5 21 11 14 19 1 17 8 9 4 19 3 17 1 14 21 14 7 6 5 20 14 
+21 20 4 6 21 7 11 12 ^
+41 0 12 9 11 6 16 18 18 10 11 20 6 12 11 5 7 21 19 18 6 15 21 10 4 14 9 19 10 3 
+3 5 13 1 8 12 3 13 9 7 10 17 14 ^
+45 0 10 6 8 3 17 18 3 21 19 6 17 15 4 9 15 9 15 14 4 7 14 8 10 13 4 11 10 7 6 
+21 1 14 5 11 7 7 2 13 13 3 9 13 8 14 20 ^
+39 1 3 7 18 4 9 9 5 15 13 17 10 15 16 20 8 19 9 10 9 1 19 14 21 2 18 13 10 4 18 
+16 4 21 15 10 18 19 3 12 18 ^
+41 0 14 4 13 11 1 11 1 10 2 12 4 21 10 21 18 9 2 16 7 20 6 7 12 19 20 1 13 12 
+10 8 21 15 7 19 13 6 8 19 20 18 19 ^
+37 0 11 18 1 17 14 15 20 16 20 8 2 17 10 4 21 5 19 19 14 22 21 18 13 14 1 3 12 
+11 11 4 22 13 5 18 7 21 21 ^
+48 0 9 22 19 12 8 16 5 17 5 9 1 2 9 6 12 6 1 7 4 3 15 1 14 1 12 3 10 2 10 14 21 
+13 17 6 6 17 1 21 2 14 16 17 9 11 20 21 11 18 ^
+50 1 12 8 20 13 2 9 20 9 14 10 1 16 2 22 6 4 16 14 15 1 12 4 14 9 21 3 3 9 8 21 
+15 14 8 4 14 4 2 3 8 12 8 6 1 2 18 20 15 3 19 10 ^
+44 0 10 20 14 6 3 4 21 1 12 4 18 2 6 7 6 9 20 14 10 10 19 17 21 12 15 17 7 10 
+11 8 10 12 1 19 19 9 18 21 4 18 11 9 22 5 ^
+47 0 15 8 15 3 5 6 2 19 12 17 4 20 8 11 20 2 18 4 16 20 12 9 9 6 16 21 16 3 16 
+18 3 19 5 16 2 4 2 12 11 15 11 14 17 2 10 18 8 ^
+48 1 5 13 3 21 5 3 6 18 18 10 1 21 21 7 1 13 12 19 1 14 6 8 21 19 21 11 19 13 2 
+13 4 1 10 22 16 4 9 4 10 16 3 7 15 11 9 13 17 12 ^
+45 0 14 7 6 2 20 3 6 19 19 10 2 22 12 17 12 1 20 7 7 15 20 6 18 8 3 14 23 18 15 
+4 7 5 23 15 7 14 10 10 19 17 2 4 15 17 21 ^
+45 1 15 11 8 9 17 5 12 18 14 6 20 17 21 12 16 9 22 9 20 15 2 22 11 2 6 11 9 8 2 
+4 14 19 3 21 21 23 8 2 11 4 8 4 20 22 11 ^
+38 0 21 18 22 10 19 9 14 17 23 21 10 7 15 13 16 5 4 10 13 14 20 23 12 20 23 18 
+10 12 8 21 11 6 12 7 19 14 18 17 ^
+40 0 18 22 6 9 22 5 23 13 6 8 23 20 22 5 22 15 19 20 9 9 1 13 13 10 14 13 5 22 
+14 21 9 21 19 14 14 4 18 13 12 14 ^
+48 1 7 3 15 5 17 14 23 14 5 17 22 11 1 8 13 23 6 21 3 6 11 7 23 8 6 21 4 4 22 
+19 13 8 5 19 7 5 23 1 4 19 11 23 11 21 14 1 3 21 ^
+43 0 22 14 11 7 18 16 17 24 12 12 3 13 19 16 22 4 16 4 6 23 8 18 11 2 3 20 22 9 
+21 8 23 1 23 20 7 16 13 23 4 13 3 7 22 ^
+47 1 23 6 13 19 2 3 7 2 9 9 15 6 13 4 22 6 19 20 1 9 7 14 1 15 3 23 24 22 18 12 
+12 17 19 10 8 11 22 12 10 2 20 15 18 17 18 7 19 ^
+47 1 12 21 6 12 4 7 18 17 3 2 14 24 14 1 23 1 11 15 10 6 18 20 7 1 8 1 16 6 20 
+23 23 21 10 10 12 24 10 11 23 2 12 23 9 3 24 24 10 ^
+52 0 14 10 18 15 14 5 16 11 22 2 15 24 8 22 1 4 24 9 10 15 3 9 5 4 17 15 9 12 
+19 19 1 3 10 6 8 3 17 8 18 24 19 3 4 15 4 9 2 24 5 20 13 13 ^
+42 0 20 17 19 22 13 8 10 19 15 11 1 14 17 20 22 10 7 11 16 9 21 22 17 23 12 15 
+4 24 7 21 18 2 21 16 1 19 18 20 11 3 15 17 ^
+50 0 18 1 6 14 5 5 5 19 13 10 24 19 16 24 15 13 2 19 15 24 21 17 4 13 17 1 1 9 
+1 10 2 18 1 21 19 5 18 12 2 22 16 23 15 19 6 18 9 1 23 5 ^
+51 0 21 13 14 11 18 12 13 3 19 9 20 22 20 2 11 12 6 1 12 16 18 2 9 8 4 3 11 17 
+11 5 4 19 16 11 23 13 18 1 20 8 2 16 16 21 4 19 5 5 20 24 16 ^
+53 1 20 25 17 11 8 4 19 25 17 7 16 21 6 4 8 2 15 9 2 9 19 3 6 3 3 10 25 13 15 7 
+8 20 21 12 10 12 5 24 11 20 3 13 13 16 9 13 10 3 9 16 3 7 25 ^
+49 1 9 9 14 2 13 17 25 2 18 5 19 23 9 25 9 10 23 12 12 7 13 8 15 7 1 6 21 2 8 7 
+6 16 14 14 12 15 13 24 10 15 11 10 8 14 15 21 25 21 25 ^
+47 0 9 18 20 22 21 20 11 14 23 22 10 13 14 8 19 12 2 11 20 23 13 4 10 6 5 7 23 
+11 3 16 8 21 4 8 18 5 12 14 8 6 20 19 24 8 23 17 23 ^
+48 1 7 19 1 18 1 14 22 13 14 5 8 22 18 14 25 17 11 12 22 2 12 12 16 12 13 18 17 
+12 17 14 18 8 25 9 23 5 3 8 14 24 17 7 3 3 23 17 22 19 ^
+51 1 19 17 16 22 24 14 16 20 23 20 9 19 16 7 12 16 5 8 9 7 10 21 24 10 11 19 1 
+21 14 14 19 3 22 8 12 20 1 18 5 6 5 12 14 1 1 11 9 22 3 24 4 ^
+52 1 6 1 11 16 1 12 8 11 11 17 10 22 7 3 10 2 6 4 24 16 24 19 4 5 18 11 12 9 20 
+21 25 2 21 18 10 20 25 21 3 17 17 5 8 22 25 19 8 10 19 7 11 18 ^
+44 0 26 14 21 25 25 4 9 13 5 8 9 21 8 12 26 24 9 24 15 1 23 22 16 14 8 22 15 19 
+24 20 7 8 15 24 12 4 4 23 21 13 19 15 21 12 ^
+59 1 15 7 3 21 20 8 22 14 23 26 19 2 10 18 3 5 3 1 9 15 15 3 7 13 23 9 7 1 13 
+17 14 25 9 16 2 2 6 13 7 19 25 17 1 5 21 2 7 22 5 6 25 3 12 19 6 2 4 24 17 ^
+60 0 9 18 20 19 4 11 14 1 6 8 26 6 9 22 4 10 2 7 21 9 8 24 25 14 22 12 22 3 23 
+3 3 20 6 11 23 6 1 7 5 18 5 15 25 26 1 1 10 11 11 4 12 11 20 3 14 2 3 2 23 15 ^
+49 0 12 17 24 11 8 6 24 16 15 22 21 14 6 12 20 19 5 5 12 11 6 23 2 16 23 7 24 6 
+21 2 17 17 5 25 11 25 20 25 24 18 6 12 19 25 7 6 5 2 25 ^
+54 1 12 16 1 15 7 1 26 19 19 13 20 11 17 6 20 5 24 24 1 21 11 9 20 21 15 10 19 
+26 3 2 6 7 12 9 10 8 14 10 15 5 17 8 21 1 20 25 6 19 8 3 22 16 16 20 ^
+63 0 17 13 11 10 17 15 12 6 13 14 17 4 12 10 24 5 13 24 3 5 2 5 11 14 8 5 10 17 
+16 8 4 14 21 15 3 6 17 25 8 2 3 3 19 10 13 22 22 8 2 13 25 17 2 1 19 1 14 20 2 
+5 4 15 24 ^
+49 0 14 20 7 25 20 26 20 16 7 17 17 22 1 13 6 5 1 18 14 15 23 15 10 5 19 18 18 
+26 12 13 3 25 12 21 16 24 4 16 3 6 26 26 10 20 13 1 20 24 15 ^
+56 0 3 8 14 5 5 7 11 13 11 26 11 4 26 17 20 19 11 10 3 10 14 9 6 9 7 16 10 4 4 
+19 19 2 26 13 19 17 15 24 15 4 21 22 13 13 12 22 2 14 20 5 18 7 17 24 20 20 ^
+58 1 6 17 9 20 2 10 19 3 22 4 1 11 3 5 3 21 11 15 12 23 26 5 2 27 6 5 16 6 3 2 
+23 5 3 20 20 4 24 2 18 21 7 14 10 27 23 6 24 6 19 23 3 9 22 16 21 17 19 23 ^
+58 1 17 7 21 19 6 16 15 15 20 14 2 25 19 14 18 19 7 9 1 14 11 10 16 3 23 14 26 
+10 11 1 18 1 12 24 19 19 1 7 2 3 24 7 12 9 2 8 16 20 24 5 26 26 4 9 2 7 25 17 ^
+54 1 8 12 18 14 26 7 17 18 4 20 1 16 14 21 26 4 6 8 24 11 25 15 24 16 23 4 10 
+23 21 24 15 10 9 26 7 14 24 21 6 20 5 17 16 17 1 3 12 1 4 13 3 9 21 26 ^
+56 1 7 18 11 1 19 20 23 12 12 27 13 13 15 16 13 1 16 15 12 26 3 16 16 8 17 13 
+21 4 6 5 19 14 16 4 16 11 14 18 18 27 9 13 21 3 26 22 3 7 6 4 26 3 15 8 25 21 ^
+50 1 20 13 9 11 20 6 11 21 27 25 20 7 4 18 26 16 27 5 12 19 7 23 6 25 25 2 11 
+13 25 21 18 17 6 12 14 13 24 11 14 19 26 27 25 6 1 15 4 7 27 15 ^
+51 0 15 16 26 27 23 14 12 28 22 15 8 19 2 20 13 1 24 2 25 1 6 19 19 8 11 24 24 
+21 13 27 5 11 28 17 7 25 6 23 24 14 25 12 5 13 26 2 5 8 10 16 17 ^
+58 1 5 26 18 19 21 3 12 11 13 4 14 22 22 14 16 13 3 22 16 23 5 19 6 13 10 26 17 
+27 26 4 3 25 6 14 2 3 5 7 23 11 22 8 25 2 9 25 18 17 8 2 14 4 19 1 5 27 13 24 ^
+53 0 2 27 28 2 17 23 10 27 18 26 7 22 16 3 27 1 26 21 28 10 3 6 2 2 10 17 13 16 
+6 17 21 23 13 20 22 5 6 11 12 12 8 23 13 17 9 23 20 3 28 27 12 17 22 ^
+59 0 28 19 5 21 4 27 8 1 19 14 20 6 7 9 1 6 22 3 19 26 14 8 6 7 19 15 23 1 17 
+16 6 26 14 5 22 25 4 7 10 16 21 10 18 19 24 16 23 8 3 17 28 18 10 2 5 3 21 21 
+15 ^
+58 0 6 24 1 4 24 18 10 22 1 21 12 5 4 4 20 25 24 26 8 25 11 2 7 27 22 19 4 18 
+27 10 28 4 12 24 8 16 12 11 16 17 25 8 12 16 1 9 9 10 5 24 23 18 5 14 18 8 4 28 
+^
+61 0 5 17 8 28 1 22 4 11 3 2 17 3 14 9 27 13 18 24 9 8 7 28 25 14 21 27 24 6 18 
+16 2 12 15 9 14 10 1 8 17 4 6 15 26 11 15 2 28 20 26 16 3 7 5 8 9 26 10 12 25 
+11 22 ^
+53 0 9 13 24 15 20 2 4 8 2 22 20 19 4 15 14 28 13 25 10 10 12 28 24 22 26 28 15 
+9 11 26 19 22 27 2 21 8 20 23 26 12 10 21 9 15 13 25 7 26 1 13 5 9 20 ^
+58 0 3 9 21 22 7 1 23 28 1 2 8 22 12 18 28 5 18 14 7 11 17 20 20 7 21 13 8 28 
+21 22 2 16 20 15 28 9 3 22 13 10 23 4 16 11 14 1 10 8 14 14 15 18 13 12 21 18 
+25 28 ^
+60 1 29 20 2 29 22 8 16 20 4 12 9 6 12 16 16 7 9 20 29 11 9 4 1 15 25 16 29 10 
+22 7 2 8 5 18 14 23 24 4 6 26 3 11 6 12 1 7 14 24 14 6 10 21 16 23 29 25 6 14 
+17 24 ^
+64 0 12 10 5 10 15 25 8 15 3 7 13 25 16 14 1 29 22 26 15 27 9 1 8 8 28 6 13 5 
+13 3 15 5 23 8 23 2 5 5 4 17 13 14 7 17 12 27 3 18 5 7 5 26 18 15 22 28 16 13 7 
+2 23 19 25 15 ^
+56 1 17 7 16 25 23 11 11 15 2 13 9 26 2 24 26 7 28 11 2 29 7 22 23 5 28 19 1 27 
+29 1 24 11 18 20 3 13 11 7 3 15 17 24 1 18 13 6 3 25 27 16 28 18 24 8 23 22 ^
+51 1 29 28 6 28 14 12 28 27 22 4 14 25 1 3 9 7 11 14 15 16 10 19 12 19 11 20 13 
+28 4 27 28 7 27 12 4 28 21 17 22 20 17 15 15 23 22 13 12 21 22 21 29 ^
+64 1 12 14 12 18 27 8 7 4 9 14 16 15 8 11 21 20 10 10 21 23 20 2 11 23 1 11 1 5 
+3 23 16 15 27 14 5 16 3 22 2 3 24 3 19 29 4 4 10 8 20 14 15 1 26 12 27 25 4 28 
+22 11 19 19 24 9 ^
+60 1 20 8 9 5 25 19 17 19 15 7 24 24 21 3 20 16 8 3 17 28 18 29 9 23 9 10 29 4 
+12 24 15 5 8 22 17 29 12 3 8 29 15 21 21 4 7 20 7 10 7 26 10 16 24 6 7 12 8 12 
+15 17 ^
+60 0 9 17 11 28 12 26 26 6 29 13 10 20 6 23 10 4 3 26 26 14 20 20 25 14 13 15 
+24 14 11 4 23 27 24 20 9 16 17 24 13 12 6 1 14 26 25 7 8 21 1 19 3 2 2 17 21 13 
+5 9 21 11 ^
+54 0 25 1 27 24 6 23 16 5 1 20 29 22 25 9 25 10 3 28 28 25 19 18 16 24 14 15 5 
+28 12 28 26 29 2 15 15 9 5 18 19 22 12 15 4 6 15 24 16 9 4 26 25 18 27 12 ^
+61 1 20 4 26 12 3 22 1 22 30 3 28 10 9 24 14 29 6 30 3 10 20 14 6 3 19 21 21 28 
+16 18 11 30 11 20 30 1 9 8 11 5 19 10 24 4 22 4 2 26 5 15 20 8 3 13 30 18 8 1 
+25 28 19 ^
+56 1 20 15 21 18 18 12 16 13 24 9 21 2 28 6 1 23 9 18 27 27 4 9 13 10 8 14 16 
+15 12 11 14 21 14 10 11 25 17 17 30 21 13 27 26 26 22 14 13 17 21 19 9 9 20 23 
+13 28 ^
+59 1 10 28 24 10 22 27 23 27 8 17 14 6 4 21 26 15 1 8 29 27 6 28 15 3 27 25 25 
+14 19 13 29 8 24 2 8 2 4 12 19 11 10 6 26 14 22 24 30 10 11 12 2 12 17 23 8 8 
+12 28 12 ^
+56 0 14 28 2 17 4 8 3 26 9 23 21 30 30 20 4 13 28 29 9 3 17 7 19 30 28 1 2 20 9 
+12 24 15 30 20 27 3 23 11 6 29 25 23 26 17 20 10 22 15 23 6 25 5 4 30 2 29 ^
+63 1 23 15 27 14 26 1 1 7 19 12 7 6 20 18 14 4 15 17 28 7 11 7 8 9 22 17 12 5 
+23 18 25 18 6 12 26 30 12 30 14 3 1 18 10 20 27 21 8 6 24 26 20 11 24 7 2 4 18 
+15 14 30 16 19 14 ^
+52 0 27 15 4 19 25 29 29 7 14 18 9 11 9 27 11 15 29 9 28 20 2 30 26 21 17 8 28 
+17 22 29 24 8 11 18 29 15 6 7 27 27 17 24 18 23 11 19 8 30 5 24 22 24 ^
+66 1 25 15 28 23 5 10 21 5 8 7 3 10 19 17 6 9 15 29 10 7 4 1 16 21 16 29 13 18 
+5 3 8 15 8 21 29 20 5 27 2 13 27 7 7 30 2 18 26 10 2 5 29 21 15 25 26 24 8 12 
+20 3 9 10 30 7 12 29 ^
+53 1 30 26 20 11 22 19 27 2 16 10 6 4 24 17 20 25 20 15 8 23 23 20 30 18 16 3 
+30 15 26 23 28 7 21 8 7 31 31 14 26 18 3 1 26 28 15 25 11 31 3 25 9 21 30 ^
+67 0 2 6 14 4 9 5 28 8 17 22 1 4 8 7 10 14 19 10 14 8 27 9 24 26 4 30 11 8 19 5 
+21 7 2 27 20 16 20 20 22 14 13 16 26 14 10 3 25 22 25 23 21 10 15 15 29 8 13 4 
+2 13 22 20 7 4 20 31 23 ^
+65 0 2 2 28 13 19 14 12 23 27 6 2 14 2 22 6 25 30 29 31 13 14 16 31 12 16 30 5 
+14 31 11 4 1 1 25 21 13 26 22 21 5 22 14 29 1 21 3 14 30 4 2 29 12 15 23 3 15 5 
+1 6 23 22 13 1 14 23 ^
+59 1 25 5 15 6 13 3 22 11 23 31 24 6 5 20 4 14 3 29 8 29 19 7 29 23 25 28 19 11 
+15 27 21 14 1 19 20 26 12 7 12 1 18 13 29 28 23 29 14 23 7 1 9 29 24 5 30 18 5 
+25 30 ^
+55 1 31 25 13 7 24 25 24 1 12 19 9 7 6 28 20 14 28 21 19 31 20 20 6 24 18 27 24 
+4 18 21 1 31 15 1 15 2 27 4 26 25 4 23 19 2 31 22 30 21 22 5 27 12 30 28 31 ^
+62 0 27 15 18 14 25 15 17 7 28 11 28 29 30 1 17 12 10 2 18 20 21 2 11 12 5 4 12 
+25 14 5 5 24 22 18 31 15 22 29 11 3 21 31 21 27 3 28 7 10 25 2 15 30 9 30 7 22 
+15 9 3 20 24 14 ^
+60 0 28 14 18 9 27 14 22 27 31 10 8 14 7 15 7 20 5 26 1 29 7 17 17 8 3 13 27 18 
+8 31 27 28 22 22 17 19 18 18 11 19 13 25 10 19 6 28 4 31 23 10 18 26 31 5 10 13 
+12 8 15 27 ^
+60 1 24 22 4 29 22 31 28 20 4 16 21 3 1 15 5 15 6 30 3 29 29 7 27 20 2 20 31 22 
+26 9 29 16 4 26 32 17 20 14 28 17 19 6 24 11 26 28 5 18 15 8 16 20 21 4 9 12 4 
+8 17 29 ^
+<D
+
+H>SHS Type 2 Strings<H
+D>
+69 1 5 3 11 15 12 24 31 23 1 6 28 2 8 31 6 7 30 5 19 23 12 6 9 31 19 17 24 25 
+22 6 12 16 3 7 9 9 11 29 4 11 2 5 13 29 10 12 30 32 18 28 18 27 3 30 4 4 26 6 
+13 31 13 2 11 7 24 4 17 29 12 ^
+95 0 21 19 21 23 11 42 36 2 13 4 1 33 22 16 27 9 4 33 16 3 30 15 11 32 13 17 38 
+32 9 38 4 36 15 32 27 19 42 18 6 36 22 10 29 12 25 40 15 29 23 28 30 4 8 11 24 
+9 10 31 28 43 23 16 29 33 5 40 26 3 19 12 36 43 5 35 37 5 14 11 45 35 16 10 8 
+32 4 15 35 26 2 39 22 37 22 30 29 ^
+106 1 18 14 51 2 6 32 51 9 32 50 44 46 51 8 11 53 45 55 16 10 3 52 8 20 20 46 
+46 13 32 2 46 50 43 25 54 9 31 29 2 47 15 29 24 45 44 18 37 14 28 39 36 44 47 
+16 50 10 44 24 53 35 22 40 20 15 51 22 18 22 42 6 54 49 38 21 7 13 30 16 7 52 
+16 22 13 38 7 11 44 33 9 25 13 37 42 14 45 53 30 38 5 25 5 35 38 22 28 53 ^
+127 0 58 35 43 28 5 28 63 8 12 25 9 47 53 29 62 7 37 2 3 48 5 12 55 56 28 35 12 
+63 6 58 27 27 48 44 35 14 17 22 56 10 8 1 16 15 42 63 14 51 57 19 41 7 8 56 47 
+34 52 22 48 60 43 9 1 52 4 21 49 61 18 50 23 13 46 62 23 45 62 9 56 18 23 31 8 
+30 27 36 13 38 4 58 53 47 24 18 41 58 19 12 18 52 42 29 44 45 26 63 34 32 41 64 
+15 26 55 19 2 49 6 30 53 13 54 12 53 37 12 37 43 ^
+148 0 60 4 51 47 58 38 17 63 33 23 28 43 12 69 70 33 17 12 50 18 18 36 45 2 67 
+4 45 20 4 33 38 29 45 8 22 58 39 71 38 32 53 35 19 53 31 29 51 35 4 63 18 33 26 
+47 70 9 64 62 63 30 15 1 35 28 16 40 20 14 50 33 19 38 30 27 55 10 16 46 47 7 
+55 12 53 26 56 33 29 55 25 17 48 43 21 43 18 24 63 27 68 46 38 33 35 10 18 11 
+27 5 9 58 35 70 36 36 39 47 2 10 66 47 5 18 21 44 71 51 57 3 22 7 56 55 28 25 
+14 40 16 24 48 37 66 50 24 45 18 39 53 55 ^
+165 1 15 62 35 29 15 40 19 76 67 4 5 71 46 61 26 8 77 48 1 23 12 60 40 24 44 33 
+29 42 73 66 49 61 20 30 1 54 52 42 39 64 23 65 37 24 20 11 26 66 22 77 22 57 7 
+38 57 33 61 73 7 64 1 49 35 76 14 27 21 45 68 38 58 73 13 72 47 73 33 8 66 23 
+38 4 56 77 47 10 71 13 20 31 41 6 51 3 18 17 61 47 14 48 76 46 28 34 43 1 56 4 
+25 7 65 41 1 34 37 23 59 59 27 26 13 15 14 75 60 14 1 28 59 26 65 61 16 23 17 
+28 6 19 2 35 49 30 29 48 2 63 73 59 1 3 76 41 11 19 18 43 54 63 67 51 4 9 78 60 
+66 ^
+181 0 18 19 84 17 12 10 57 18 77 51 52 16 39 74 49 52 63 38 72 2 15 64 83 62 49 
+56 11 26 68 58 83 33 23 50 63 71 53 27 84 22 39 41 52 58 11 64 7 60 45 70 22 5 
+73 38 30 30 48 21 75 80 40 21 8 53 9 26 30 34 81 71 71 51 23 75 33 41 23 32 5 8 
+66 40 72 40 16 66 45 14 48 34 21 41 27 3 55 27 37 23 41 65 4 57 51 74 22 19 75 
+42 16 19 46 16 10 48 20 19 37 41 14 57 9 17 55 38 5 60 7 46 20 43 36 39 52 20 
+10 62 45 23 46 7 35 75 29 70 35 36 34 25 12 15 84 26 10 6 71 29 79 33 32 25 59 
+76 82 64 58 7 8 19 41 74 2 53 65 24 1 55 51 36 21 79 7 ^
+184 1 60 66 66 6 3 9 73 12 7 40 70 18 71 70 65 51 14 14 27 50 9 87 81 50 22 19 
+40 37 16 79 12 34 37 76 82 10 61 7 81 49 67 26 45 82 50 81 63 45 69 31 31 76 51 
+9 59 34 51 54 34 83 10 33 51 86 81 82 69 18 8 22 64 19 86 62 58 33 37 17 34 5 
+29 83 42 76 50 54 66 39 9 1 36 43 17 65 6 35 56 72 71 83 88 10 1 8 87 22 6 21 
+78 25 89 43 62 40 55 85 31 89 74 63 46 28 24 26 31 17 7 8 27 19 12 85 17 20 27 
+77 10 2 54 80 17 52 74 76 69 78 11 20 80 4 29 24 85 75 18 39 23 70 83 29 57 67 
+72 70 33 4 15 46 42 2 69 13 53 33 69 64 33 64 14 40 69 59 78 54 ^
+193 1 68 43 95 53 38 58 55 28 20 16 67 48 17 86 32 44 68 67 28 16 14 79 25 15 
+72 67 50 80 18 30 10 75 1 60 45 87 78 28 95 49 63 70 59 26 6 51 73 60 65 18 26 
+8 87 5 58 31 25 57 40 46 78 57 34 78 61 36 66 57 38 80 22 32 68 71 30 74 37 81 
+66 77 66 55 2 51 24 93 61 40 68 45 61 12 63 24 89 59 52 72 43 20 20 69 36 40 88 
+46 9 62 55 77 84 20 18 6 77 15 52 39 75 3 26 4 85 17 62 29 11 92 46 58 29 59 28 
+42 80 71 96 2 49 85 37 63 4 61 14 2 53 87 25 86 6 75 76 93 41 39 93 92 42 56 41 
+63 26 28 18 77 11 50 78 79 1 12 12 91 29 13 58 5 56 92 66 59 4 39 47 95 5 5 62 
+33 13 80 27 ^
+203 1 35 28 11 7 20 7 17 3 3 30 89 13 65 56 66 63 22 82 16 31 55 56 77 91 91 71 
+101 13 10 85 101 95 17 99 98 91 33 14 20 48 32 7 64 29 38 35 25 4 95 23 34 1 85 
+81 23 31 96 71 84 50 15 79 47 25 51 45 35 66 19 61 60 9 31 93 64 70 30 42 86 53 
+1 71 46 42 22 38 96 10 99 34 76 26 55 73 63 63 97 23 92 81 64 46 1 30 31 35 86 
+91 88 64 87 16 37 69 84 94 60 100 3 47 52 8 71 87 57 29 76 43 18 45 46 15 65 12 
+44 42 66 60 15 68 19 58 39 62 76 9 92 101 57 32 4 34 15 41 62 32 89 71 43 35 31 
+41 21 17 82 33 96 27 62 29 82 57 46 62 15 24 99 37 83 40 52 46 56 80 98 3 91 74 
+6 27 7 58 94 10 41 79 97 84 77 74 26 99 35 ^
+212 1 26 101 17 91 45 97 80 59 102 30 68 4 85 9 4 39 16 18 85 70 11 87 62 72 78 
+38 3 41 53 82 82 35 18 13 94 64 52 39 77 59 26 9 65 46 64 98 32 29 86 79 16 63 
+54 76 56 98 16 98 78 22 72 33 103 104 52 84 12 65 15 85 101 97 84 31 51 26 100 
+100 38 80 13 2 78 7 24 44 84 103 27 7 28 16 33 99 25 103 54 14 42 62 87 92 27 
+22 42 5 52 100 84 73 72 63 24 48 56 52 23 5 17 76 31 1 95 58 43 60 50 62 30 23 
+35 79 20 35 3 72 32 45 51 87 41 84 27 79 77 70 102 15 54 15 100 8 52 69 105 3 
+30 84 42 93 66 89 69 74 24 33 42 97 4 38 99 106 13 93 6 106 74 100 54 45 21 59 
+56 37 9 50 32 75 79 31 77 9 61 1 8 68 6 60 81 7 100 99 14 61 48 25 73 26 70 72 
+94 34 ^
+233 0 11 98 110 88 35 110 35 64 49 88 93 28 85 6 78 65 90 52 24 97 51 39 51 59 
+23 1 3 49 33 11 78 27 35 55 64 5 102 4 70 25 56 58 38 66 11 31 96 66 104 59 41 
+86 58 29 79 41 40 72 51 12 92 34 52 44 69 104 21 97 89 96 48 21 4 61 40 28 67 
+34 23 85 44 22 62 52 33 84 23 30 73 74 4 79 12 81 47 80 53 47 89 40 19 80 62 34 
+61 29 41 95 43 1 70 63 55 53 18 19 13 48 10 19 89 49 4 52 53 56 76 10 8 104 77 
+15 28 38 75 109 3 85 90 8 40 8 93 90 43 39 14 60 17 36 78 56 105 80 35 75 36 58 
+82 50 100 98 45 74 13 66 95 72 71 95 34 14 98 72 33 38 37 52 6 14 107 59 3 29 
+61 67 98 92 5 93 17 98 36 87 41 75 71 57 88 17 25 91 84 3 58 20 92 69 51 50 36 
+31 14 25 18 30 18 1 41 104 30 82 59 87 70 34 96 28 47 62 81 103 48 ^
+234 1 63 90 108 108 102 64 82 88 4 111 76 97 22 1 108 41 34 91 33 20 25 24 26 8 
+83 11 31 7 85 109 106 4 105 85 68 28 33 99 53 8 16 12 11 74 17 83 66 70 16 30 9 
+67 68 34 24 81 47 92 72 47 37 33 38 92 17 8 28 88 22 62 69 32 89 75 3 72 96 85 
+13 105 24 38 37 94 115 83 72 108 114 24 93 76 103 60 99 102 9 43 10 59 95 46 33 
+93 15 26 69 44 2 86 107 55 45 61 65 92 66 9 55 39 70 83 29 98 67 13 111 15 20 
+31 62 8 2 51 20 19 33 44 14 115 71 112 97 10 41 28 53 51 26 57 15 38 98 55 106 
+22 56 31 50 95 107 110 84 70 10 108 96 73 100 25 36 55 88 71 63 96 30 90 96 79 
+22 7 30 23 28 59 89 8 51 99 47 86 34 18 43 65 98 104 107 49 7 79 71 8 57 21 29 
+80 2 74 78 44 57 9 61 22 13 68 52 91 74 98 43 30 58 68 95 101 72 102 76 42 99 
+61 ^
+249 0 27 117 45 119 80 2 59 52 8 76 20 94 102 69 96 42 46 106 67 9 110 89 71 69 
+34 31 15 85 16 29 100 82 37 62 68 95 108 44 23 114 34 36 56 93 11 30 96 12 31 
+67 14 114 14 66 70 30 81 46 53 119 85 6 104 47 92 72 70 5 70 15 115 68 105 33 
+97 13 85 106 14 61 29 22 86 45 57 69 91 38 38 28 66 13 60 95 103 3 15 5 113 38 
+23 62 5 65 94 107 73 104 37 47 102 117 3 78 35 7 95 56 78 45 52 28 46 43 37 32 
+53 19 55 29 47 97 76 115 83 71 11 45 62 73 99 116 2 24 116 7 28 41 2 29 37 52 
+23 5 118 79 31 57 89 61 24 101 78 50 93 73 41 7 33 45 47 24 1 48 73 36 3 25 87 
+46 28 108 54 68 53 67 119 28 36 118 104 42 88 27 112 4 74 85 1 63 39 97 71 74 
+75 76 10 49 12 79 11 50 103 118 94 117 118 37 27 12 94 60 28 51 47 82 110 17 15 
+105 23 52 43 12 21 22 81 41 12 74 90 42 108 117 98 67 4 69 85 ^
+243 0 76 81 26 101 13 68 62 106 87 19 98 32 81 63 79 93 31 121 123 75 52 11 66 
+41 54 87 38 5 104 62 51 38 55 29 31 120 44 16 48 94 46 105 91 66 78 27 43 6 64 
+2 55 79 75 84 113 22 4 113 109 31 33 17 96 11 29 63 98 103 107 116 34 14 9 95 
+38 18 51 75 33 109 118 55 66 4 76 7 75 70 82 74 23 1 26 69 40 112 99 47 65 31 
+70 119 52 103 88 85 86 28 16 12 76 25 22 78 64 21 86 27 61 77 72 108 2 18 106 
+119 121 54 16 85 72 2 73 26 88 66 60 80 35 24 117 63 24 44 67 52 122 119 33 72 
+16 99 98 69 54 19 42 28 53 114 32 117 81 100 57 49 123 56 21 68 80 53 95 1 45 
+95 107 98 87 1 27 24 99 116 16 67 1 113 91 84 25 40 25 72 3 28 90 87 112 80 16 
+117 45 77 36 90 105 59 88 122 64 108 108 71 98 18 50 115 93 105 77 35 6 46 55 
+47 102 4 26 87 111 120 81 113 4 57 105 3 84 94 115 61 73 ^
+255 1 91 47 51 9 57 9 55 94 61 61 68 46 107 6 35 81 114 78 96 74 14 89 73 67 67 
+69 113 107 11 98 113 109 20 92 17 67 70 88 57 10 124 9 60 122 93 91 45 7 15 24 
+51 5 98 115 24 49 90 104 117 66 128 94 64 80 12 43 91 46 111 59 58 77 30 14 88 
+60 123 68 41 44 68 40 104 118 41 43 93 90 105 92 16 127 26 54 125 114 79 71 24 
+48 21 25 118 40 103 49 91 44 67 65 25 119 109 18 48 23 69 112 38 61 64 87 84 
+104 119 110 122 92 22 1 8 83 34 100 32 62 41 46 112 34 102 76 56 39 4 127 30 13 
+19 110 124 7 16 128 95 4 124 11 104 116 126 49 95 3 55 96 70 90 101 4 122 96 75 
+118 39 128 99 92 18 42 20 87 83 35 75 111 61 67 71 28 101 9 56 34 105 95 71 23 
+73 71 26 57 15 23 76 55 99 89 128 98 117 68 43 88 62 38 62 39 2 83 36 15 26 60 
+128 96 73 74 10 1 12 42 22 2 77 33 33 32 57 13 14 82 57 12 39 3 58 80 14 87 85 
+44 69 109 119 ^
+283 0 102 55 53 41 60 88 25 67 58 76 44 22 68 118 108 40 95 96 81 90 85 28 77 
+18 11 37 72 93 60 110 124 119 95 131 91 37 109 126 8 73 69 72 80 17 83 5 76 20 
+32 15 10 1 103 18 22 116 98 9 51 104 102 44 33 15 12 24 31 89 1 6 28 101 8 64 
+72 106 30 5 52 89 111 39 108 64 85 17 57 124 22 105 78 115 3 40 108 66 108 77 
+128 103 44 35 38 13 95 10 111 63 98 117 61 51 126 69 96 70 70 59 39 13 97 33 
+112 2 77 7 123 70 83 29 66 67 49 79 19 104 115 14 60 2 55 40 71 33 28 114 51 91 
+17 46 45 128 57 87 62 25 115 38 50 55 90 74 8 51 102 79 43 94 36 122 94 12 41 
+36 25 104 91 24 7 99 80 30 126 32 63 122 107 114 27 28 79 41 12 35 51 115 122 
+70 22 79 65 2 88 27 17 59 15 23 44 57 5 65 6 26 78 80 125 93 84 100 45 22 129 
+68 36 111 74 118 11 50 42 120 47 21 8 86 112 26 67 60 99 45 93 47 8 38 59 52 56 
+124 20 82 18 117 24 18 46 106 19 117 26 41 47 45 130 7 15 1 4 5 100 10 85 50 44 
+11 48 92 119 108 42 118 125 ^
+272 0 8 61 99 70 96 20 87 123 134 82 22 2 110 118 33 86 5 7 5 94 56 15 60 96 54 
+13 22 55 99 4 25 105 17 37 69 10 38 117 117 30 70 13 9 109 115 62 94 52 66 117 
+100 135 7 75 23 5 81 110 31 118 29 1 62 11 41 88 109 119 102 37 3 30 123 47 31 
+56 134 29 124 116 118 99 21 56 77 91 23 37 135 81 44 51 67 95 51 133 30 57 67 
+116 122 48 100 7 132 97 106 69 93 4 95 125 102 103 119 81 57 133 96 37 118 50 
+117 113 81 127 17 45 103 32 121 129 60 43 65 127 30 36 132 110 52 53 35 71 12 
+76 22 72 130 112 99 76 26 21 73 63 63 97 23 58 115 132 114 1 132 31 35 18 23 54 
+30 53 118 37 35 84 94 60 100 3 47 18 110 105 87 57 63 76 43 52 45 46 49 65 12 
+10 42 66 60 117 34 19 92 5 28 76 9 126 101 125 32 38 34 15 7 62 32 21 3 43 69 
+31 109 123 51 116 135 130 129 130 63 14 57 80 62 15 126 31 105 83 108 120 80 
+124 46 98 105 91 6 6 27 7 58 128 78 7 79 63 84 77 74 128 65 61 95 121 17 24 123 
+117 51 122 ^
+284 0 44 71 43 20 126 58 53 47 98 18 19 119 93 29 70 39 94 112 44 115 135 98 82 
+10 67 29 102 113 68 80 19 75 1 91 114 87 80 7 40 37 86 120 16 104 136 117 82 
+138 32 65 114 119 137 121 8 12 46 126 26 119 73 130 60 76 113 100 14 133 26 116 
+34 120 80 95 84 53 15 24 44 51 4 10 23 77 24 99 66 37 54 63 42 136 21 34 76 5 
+17 128 101 1 59 40 113 112 32 97 31 93 105 79 91 18 39 1 103 132 51 68 124 111 
+13 97 43 128 69 84 85 72 15 12 26 87 16 16 92 101 13 77 4 118 89 103 56 42 16 
+60 44 39 126 46 18 83 93 41 105 3 82 106 115 91 6 4 54 115 15 120 109 113 48 41 
+9 95 20 62 67 105 111 25 132 7 116 46 138 44 83 61 124 131 35 107 6 109 81 114 
+67 41 137 77 56 74 73 34 12 14 69 52 11 98 47 54 83 81 6 1 15 88 35 139 80 83 
+49 89 27 47 130 92 133 87 51 112 76 49 109 49 57 93 73 22 117 50 64 58 97 139 
+36 131 111 133 58 33 8 88 55 38 90 46 30 118 57 29 82 74 41 117 38 46 94 92 5 
+105 15 117 70 103 68 60 120 48 21 110 85 40 81 66 ^
+291 0 46 113 52 134 79 74 64 57 18 23 9 52 8 16 103 57 138 59 59 65 92 2 7 130 
+92 8 34 40 86 131 140 100 112 4 42 1 110 108 43 37 15 67 19 35 94 61 130 98 35 
+88 34 65 104 56 126 118 50 87 10 81 109 90 86 118 32 6 114 88 39 38 39 62 3 12 
+134 72 137 35 75 81 115 106 140 112 11 123 41 103 45 95 84 71 107 13 26 110 96 
+62 16 109 84 59 53 38 27 8 28 13 32 137 17 138 41 122 36 99 65 99 83 36 112 29 
+49 70 96 126 136 131 116 3 18 17 126 142 14 37 141 141 123 42 13 20 83 42 139 
+83 54 49 58 42 7 137 29 48 16 121 127 34 52 140 106 128 58 36 124 83 24 69 54 
+61 112 17 6 95 97 24 57 86 124 59 71 119 67 1 109 54 68 49 57 132 32 5 71 113 
+40 80 104 75 106 133 31 126 130 104 62 9 39 44 66 116 141 135 96 132 19 41 121 
+126 124 77 8 4 60 82 6 101 124 89 51 123 48 40 85 77 21 112 10 69 66 115 87 16 
+108 30 84 65 80 103 32 131 134 73 47 10 63 39 50 93 37 135 114 69 48 34 58 23 
+27 133 37 9 40 98 41 115 99 70 83 29 42 67 133 55 79 80 91 122 12 2 115 112 47 ^
+293 1 33 13 99 138 1 42 89 118 87 113 99 12 134 142 100 38 5 55 75 14 110 108 
+42 64 130 79 138 62 64 69 57 11 123 25 59 16 111 94 24 65 30 51 119 48 107 92 
+84 69 28 136 143 54 20 6 70 47 142 64 4 65 59 73 99 134 146 102 125 116 57 137 
+137 72 48 128 78 5 80 63 54 85 30 22 129 68 21 21 74 28 128 107 27 60 2 93 95 
+71 37 11 37 15 39 102 3 104 65 80 59 52 113 34 20 67 60 27 81 135 46 106 106 
+102 68 128 17 15 100 124 15 43 136 122 100 67 142 35 14 53 120 2 89 93 99 73 9 
+122 39 77 15 96 90 43 79 134 60 92 105 55 96 31 119 77 97 72 23 140 38 30 43 83 
+136 88 107 117 72 109 118 58 91 119 73 95 100 59 138 123 54 49 143 50 133 66 
+106 45 80 88 42 93 5 59 77 101 74 110 104 40 92 19 77 76 86 102 129 3 144 101 
+139 134 56 90 18 91 94 85 55 10 137 11 58 1 107 113 70 22 7 56 29 143 111 8 46 
+45 116 122 129 89 7 121 53 95 14 49 118 62 125 91 37 97 15 35 100 63 140 63 50 
+51 58 26 127 6 45 59 102 121 114 85 141 135 10 72 19 106 66 66 41 53 13 38 1 21 
+103 50 108 46 119 ^
+297 1 46 31 132 112 28 63 124 97 129 43 40 72 99 107 132 137 96 139 99 145 121 
+144 118 37 81 39 94 60 55 109 47 109 110 75 42 12 139 137 43 128 106 107 19 126 
+12 101 148 127 15 117 125 125 62 96 13 76 70 96 101 110 138 8 95 76 143 17 32 
+97 79 149 39 31 94 123 21 41 135 55 84 70 33 135 118 50 62 121 81 1 45 144 93 
+60 5 64 137 8 105 91 82 67 27 113 119 53 18 98 79 48 84 32 135 128 5 1 20 76 17 
+85 108 72 36 141 140 49 150 105 104 3 149 14 54 18 148 64 49 125 37 28 28 101 
+22 104 91 32 82 117 12 114 69 58 2 58 115 9 108 47 59 65 14 92 7 4 86 98 16 82 
+92 95 38 94 10 10 48 97 104 66 115 97 142 115 122 119 40 97 16 32 47 34 88 89 
+26 50 12 76 80 51 40 9 133 24 44 40 122 84 108 22 142 140 99 44 15 54 8 42 125 
+150 130 21 79 124 62 46 119 15 29 91 57 150 42 138 71 61 68 80 114 6 1 70 121 
+18 35 113 56 87 86 10 73 14 29 41 72 89 1 133 87 101 123 59 90 142 77 133 52 78 
+48 34 138 134 27 17 60 131 147 61 93 148 39 132 49 62 71 36 91 4 139 49 100 120 
+43 113 144 30 94 73 127 40 125 ^
+313 1 35 97 95 76 105 88 32 138 30 69 61 40 47 21 107 6 39 81 114 53 125 53 147 
+14 4 73 146 96 98 13 136 11 98 117 138 153 67 146 71 99 88 7 139 24 13 35 47 97 
+145 74 36 119 3 51 84 48 119 53 49 15 79 17 120 103 148 64 30 41 97 120 75 111 
+63 58 131 134 18 13 10 48 18 16 48 43 15 54 18 41 47 122 144 80 92 145 77 1 33 
+89 54 46 78 48 21 54 43 40 53 24 16 73 42 94 29 44 34 151 152 23 123 12 142 140 
+43 37 88 29 19 35 72 96 151 130 62 112 34 36 91 120 50 112 138 2 105 60 68 137 
+131 5 17 19 139 74 11 120 78 149 58 128 15 104 16 126 78 20 57 134 71 49 90 76 
+108 126 100 54 68 39 132 153 42 147 146 124 62 87 35 75 61 65 46 100 82 105 113 
+31 63 5 95 54 71 77 127 150 80 36 144 2 130 59 74 39 3 152 121 122 18 117 12 
+117 141 118 135 62 36 69 5 39 53 150 52 153 143 30 66 96 126 131 56 137 8 7 86 
+142 14 7 111 141 93 136 137 134 43 12 89 23 44 9 152 146 121 97 19 38 110 91 67 
+14 32 110 66 68 8 130 84 73 118 59 24 41 72 121 150 55 37 138 27 104 66 124 9 
+51 109 47 125 109 148 8 29 47 72 146 149 61 93 10 20 54 15 76 133 125 106 110 
+67 ^
+330 0 23 9 26 136 27 51 115 122 44 106 6 146 108 113 85 51 8 96 47 56 137 62 59 
+89 143 71 140 14 85 156 139 99 154 30 53 115 35 147 108 148 58 52 28 103 19 92 
+95 152 152 10 11 13 155 67 11 83 101 69 153 152 45 141 14 120 129 140 119 59 2 
+89 73 70 83 29 16 67 81 29 1 54 65 96 117 2 37 47 128 33 3 89 108 98 139 49 78 
+27 103 39 119 94 132 90 38 132 55 65 131 90 58 2 54 100 69 118 22 44 19 7 148 
+93 25 29 123 81 64 131 55 30 1 89 38 97 82 64 9 28 86 123 151 10 133 40 154 102 
+4 111 65 9 63 59 124 116 72 105 76 57 137 97 32 145 108 78 112 50 43 34 75 20 
+22 129 68 11 118 74 125 118 57 17 20 129 53 65 61 144 1 17 142 156 52 100 54 15 
+20 59 52 63 131 20 57 124 31 125 46 106 76 92 8 98 154 152 80 114 15 140 136 
+112 100 17 92 25 151 150 80 99 69 83 49 43 156 102 19 57 122 96 30 3 39 134 40 
+32 75 5 76 127 138 99 17 57 52 150 130 18 127 33 23 116 107 78 77 77 42 69 68 
+48 41 69 33 75 40 49 128 103 4 146 93 10 83 66 96 152 30 38 12 33 5 39 47 41 34 
+60 74 20 42 156 67 46 56 102 89 3 124 81 99 104 56 50 8 61 74 55 15 87 108 28 
+138 47 93 60 2 124 46 126 103 91 145 36 25 116 122 51 ^
+322 0 75 7 107 158 81 105 154 90 20 125 77 114 69 92 7 58 21 98 154 50 128 149 
+117 127 153 45 3 18 121 86 29 71 79 101 2 5 22 143 10 27 53 146 157 148 112 33 
+22 80 123 24 147 1 112 82 159 63 74 97 109 33 151 32 89 87 132 117 46 129 59 
+115 91 114 118 37 21 9 94 60 25 89 47 79 110 55 12 143 99 87 43 88 56 57 160 76 
+12 71 128 77 146 117 95 105 42 66 3 76 20 76 101 100 118 149 45 26 143 148 32 
+57 39 129 19 31 84 123 1 152 135 5 54 30 13 125 68 30 62 101 51 142 5 94 83 20 
+116 24 107 109 105 91 42 17 27 93 69 3 139 68 79 38 84 2 85 128 126 122 131 46 
+17 35 98 42 26 111 100 29 120 55 84 114 109 145 14 18 138 14 9 85 7 18 129 91 2 
+94 51 133 82 87 123 64 39 8 103 38 75 110 78 7 9 45 115 42 138 135 86 78 16 62 
+52 75 159 54 151 121 149 77 74 16 85 47 102 105 82 119 10 67 137 153 148 135 28 
+49 26 151 153 36 80 11 130 113 24 44 30 102 24 58 133 122 140 99 24 156 54 119 
+42 115 140 90 132 19 94 2 157 99 136 19 71 7 130 153 108 51 21 58 70 74 137 1 
+40 111 149 5 103 6 27 76 141 23 125 140 1 72 29 152 103 87 51 93 29 80 132 77 
+123 153 68 159 14 98 114 158 121 158 81 131 ^
+322 0 35 93 109 125 119 10 10 19 135 26 4 74 135 35 120 129 113 92 17 29 47 88 
+14 159 149 87 45 36 75 68 22 138 20 59 61 144 151 11 107 6 153 81 114 43 85 157 
+97 148 118 73 126 56 58 137 96 11 98 67 98 103 57 146 21 59 88 151 139 148 127 
+25 17 47 115 34 160 109 107 51 64 28 69 13 49 149 69 141 90 93 118 64 10 1 67 
+80 35 111 13 58 101 124 132 147 154 18 162 6 162 33 5 34 142 41 161 82 114 70 
+92 145 57 155 137 114 79 44 36 48 48 21 14 13 40 33 14 150 33 32 54 143 14 4 
+101 142 23 93 136 132 120 147 17 38 163 143 5 52 46 151 130 32 72 34 124 150 51 
+100 112 128 126 65 10 28 87 81 159 131 19 99 54 125 110 58 119 28 78 129 104 
+140 126 38 154 27 114 61 153 90 66 98 76 50 158 48 39 82 123 22 147 136 114 52 
+37 35 75 41 15 150 60 52 55 103 21 23 129 95 24 71 47 97 130 50 140 144 106 100 
+9 64 19 117 122 71 92 8 77 156 97 121 98 85 2 36 39 109 143 23 120 156 133 93 
+154 36 66 116 131 160 127 162 161 46 142 14 141 81 141 63 86 117 104 3 146 39 
+127 34 133 102 106 91 57 9 28 60 61 7 158 12 80 26 8 122 80 44 63 68 49 158 21 
+32 81 150 15 141 108 161 64 46 124 123 31 99 27 105 109 98 112 144 ^
+336 1 34 161 107 149 48 67 138 109 156 104 37 133 60 80 84 81 160 9 16 96 164 1 
+95 112 4 86 163 116 98 103 55 31 8 56 37 36 127 32 9 89 103 31 100 161 85 106 
+119 89 154 43 115 162 137 108 128 38 42 155 103 9 62 65 102 122 10 138 160 125 
+47 158 43 91 69 123 132 35 121 4 110 89 130 69 29 139 69 53 70 83 29 163 67 41 
+9 108 34 45 76 87 2 144 164 98 33 160 79 78 48 89 9 38 134 93 146 79 54 122 80 
+38 112 55 55 101 70 8 129 44 70 59 98 149 24 136 124 138 63 25 166 83 51 34 91 
+45 30 118 59 28 87 72 44 116 28 36 103 101 113 10 114 62 111 71 65 126 53 19 
+114 86 42 85 36 57 137 57 159 95 88 78 72 20 23 14 65 10 22 129 68 1 68 74 75 
+108 7 7 147 109 13 35 51 104 158 164 122 126 2 50 4 132 127 59 52 13 81 20 47 
+107 74 148 115 46 106 46 82 115 68 144 142 60 104 15 90 136 102 100 134 42 15 
+141 100 40 49 49 73 166 13 156 82 166 37 82 96 137 130 166 134 20 139 45 122 56 
+107 98 79 124 17 32 130 120 165 77 23 130 96 67 68 47 37 12 29 18 38 158 19 160 
+55 147 39 118 83 121 96 43 137 33 66 86 112 147 155 149 140 5 19 17 148 161 10 
+44 159 146 57 16 26 102 49 3 104 61 59 74 56 10 165 31 54 25 142 157 37 58 165 
+128 154 73 50 149 94 137 ^
+330 1 61 51 65 132 23 169 116 122 14 66 7 98 131 72 69 127 72 163 125 68 69 51 
+47 159 31 164 71 118 50 83 113 81 127 153 45 137 134 121 68 163 26 43 65 127 
+166 138 98 144 18 53 137 139 148 76 158 4 62 78 167 102 144 94 55 141 63 29 97 
+91 24 115 166 80 69 132 99 1 120 23 88 64 87 118 37 137 152 94 60 168 71 47 52 
+110 37 155 125 63 42 43 52 11 12 151 31 12 44 110 32 128 117 68 87 24 39 164 76 
+145 58 101 91 100 140 151 143 130 32 21 3 111 1 31 75 123 153 116 135 130 27 
+164 165 116 23 12 62 83 24 133 139 49 74 154 80 158 80 64 105 91 6 142 27 75 24 
+128 112 41 79 29 84 145 40 128 99 95 95 19 17 160 89 15 17 84 64 11 93 10 66 78 
+73 127 148 18 129 139 143 49 150 9 84 82 154 85 15 88 82 60 87 19 12 133 58 20 
+39 65 51 141 134 27 70 167 120 117 86 60 16 44 16 57 132 18 142 85 104 59 47 
+141 58 2 66 96 46 119 153 40 110 126 103 90 144 13 26 106 144 80 145 134 103 95 
+24 44 21 84 140 13 97 104 140 99 6 147 54 83 42 106 131 54 96 135 67 118 121 81 
+109 10 53 132 112 117 81 33 155 49 61 38 119 1 13 102 131 148 94 131 143 67 123 
+148 89 104 135 72 145 152 76 87 6 66 2 71 123 77 114 108 59 123 166 62 96 140 
+94 149 116 169 ^
+349 0 125 17 93 82 80 110 156 147 156 99 154 4 29 90 163 120 84 113 56 8 157 29 
+61 169 141 113 78 48 50 13 138 11 50 61 99 106 2 107 6 117 81 114 34 49 112 52 
+130 82 73 108 20 22 110 60 11 98 22 62 58 48 146 149 23 88 142 139 121 91 16 
+163 2 88 171 133 100 62 51 46 10 24 150 49 131 60 114 63 84 91 64 165 138 40 44 
+172 111 141 58 74 115 96 129 145 164 153 170 126 24 169 16 115 41 125 46 87 61 
+92 145 39 155 92 78 70 35 27 21 48 21 151 159 40 15 5 132 170 23 18 107 160 150 
+56 133 23 66 109 123 102 102 172 166 145 116 151 34 1 151 130 5 36 34 97 114 15 
+82 128 112 119 99 29 138 165 42 36 159 95 19 63 36 89 101 40 92 1 33 93 104 113 
+126 2 136 96 52 108 90 57 89 31 5 113 30 39 37 96 4 147 127 105 43 165 35 75 23 
+143 105 24 25 10 94 12 160 102 95 170 71 20 70 112 23 95 144 61 73 137 55 1 81 
+95 26 65 172 41 147 79 103 80 40 121 36 12 64 98 169 93 111 115 48 127 9 39 107 
+131 115 118 162 161 10 142 14 123 54 141 36 41 99 77 140 128 167 82 25 106 57 
+70 64 21 19 15 34 126 149 167 53 163 127 86 35 8 54 23 40 140 3 169 45 150 152 
+96 81 143 28 28 124 87 13 90 9 87 109 53 67 164 28 131 89 149 42 55 126 79 132 
+74 19 133 30 68 72 75 148 9 10 72 152 144 83 106 153 74 163 98 152 ^
+375 1 94 28 13 8 20 28 18 118 5 140 89 67 171 64 152 85 61 101 80 154 149 34 
+115 135 128 108 110 20 33 128 103 35 38 57 95 10 111 151 98 29 149 7 82 69 96 
+114 26 103 171 101 53 121 24 2 121 51 35 70 83 29 154 67 5 167 63 16 27 58 60 2 
+99 128 71 33 160 70 51 3 44 149 2 89 84 101 43 18 113 71 38 94 55 46 74 52 139 
+102 35 43 50 80 122 6 100 88 129 36 25 148 47 24 7 55 36 30 82 32 19 78 63 26 
+71 28 167 85 56 167 95 159 78 26 66 35 65 90 44 159 105 59 15 67 57 137 21 132 
+50 70 78 36 169 5 172 56 1 22 129 68 168 23 74 30 99 138 174 120 91 153 8 42 68 
+158 155 104 99 133 5 135 96 82 59 52 144 36 20 38 62 29 112 106 46 106 19 73 70 
+41 135 133 42 95 15 45 136 93 100 98 173 6 132 55 4 4 31 64 130 162 156 64 157 
+19 46 96 92 103 139 134 2 94 18 86 38 89 62 61 79 157 14 112 111 156 32 14 85 
+78 31 59 20 1 161 169 149 29 122 150 133 37 102 30 109 65 85 51 174 110 164 66 
+77 76 111 119 131 95 5 1 166 103 134 141 17 158 123 137 48 165 175 102 13 3 86 
+43 23 47 56 150 165 4 36 174 115 157 168 13 147 119 109 55 41 140 67 27 31 27 
+53 126 17 163 116 122 160 60 7 92 113 66 45 109 60 151 125 62 39 39 17 153 13 
+152 53 94 50 53 89 57 127 153 45 119 104 121 56 145 172 19 41 103 166 108 68 
+126 12 53 131 127 148 52 134 168 50 48 155 72 132 82 37 129 63 175 160 ^
+366 1 73 15 79 139 71 51 132 81 135 111 166 61 37 60 118 37 92 134 94 60 150 53 
+47 25 110 19 137 107 27 176 43 16 145 146 142 165 12 17 92 166 110 117 41 69 6 
+12 164 76 109 40 101 82 82 131 134 115 143 112 32 164 146 93 162 31 66 123 144 
+80 135 94 137 156 107 157 173 62 65 176 124 112 4 65 127 44 131 53 19 105 91 
+149 106 27 57 158 92 85 14 79 20 84 127 174 128 72 68 59 171 17 124 80 167 8 57 
+28 172 66 144 48 42 37 109 121 18 120 103 116 13 132 39 73 145 76 158 43 82 33 
+51 153 164 97 13 2 3 20 24 114 98 9 25 131 102 99 86 42 16 26 159 39 105 161 
+133 49 59 41 20 105 31 136 30 87 10 119 135 13 83 99 58 45 99 156 26 61 135 143 
+80 118 107 76 77 24 44 12 66 95 147 61 86 140 99 167 138 54 47 42 97 122 18 60 
+90 40 73 85 63 82 1 35 96 94 81 54 15 128 40 52 2 101 1 165 93 113 130 85 95 98 
+58 105 112 53 68 108 72 100 152 49 87 140 39 154 62 114 77 105 63 50 87 157 26 
+78 122 67 140 71 170 119 5 93 64 50 104 144 129 138 75 130 4 178 60 139 120 54 
+113 32 2 133 17 43 163 129 89 72 149 155 30 38 7 138 5 44 61 69 76 175 107 6 93 
+81 114 28 25 82 22 118 58 73 96 175 177 92 36 11 98 171 38 28 42 146 125 178 88 
+136 139 103 67 10 151 151 70 153 115 94 32 51 34 177 173 132 49 119 54 96 45 78 
+73 64 159 120 22 20 154 111 117 58 56 109 72 143 ^
+372 1 136 146 144 170 90 15 169 180 88 41 89 10 60 52 92 145 21 155 47 42 61 26 
+18 176 48 21 124 141 40 179 178 114 143 14 164 71 142 132 11 124 23 39 82 114 
+84 57 163 130 127 89 133 16 138 151 130 160 34 70 78 161 64 92 112 110 72 175 
+102 138 179 173 159 59 19 27 18 53 92 22 65 156 170 57 104 86 126 148 118 155 
+78 43 63 90 48 80 168 142 68 12 39 174 69 168 147 118 96 34 129 35 75 5 107 60 
+170 180 147 85 3 133 75 95 152 71 175 43 94 178 50 144 16 46 101 46 165 45 68 
+163 38 172 5 138 61 85 62 177 76 36 167 19 53 151 66 66 97 3 100 164 12 98 131 
+70 109 162 161 156 142 14 105 27 141 9 178 81 50 113 110 131 37 16 79 12 34 37 
+167 173 10 152 7 81 140 158 26 136 82 50 172 154 45 160 31 122 167 142 9 150 
+125 51 54 125 174 10 124 51 177 81 173 69 109 8 22 155 19 86 62 149 33 37 108 
+34 96 29 174 133 167 50 54 66 130 9 1 36 134 108 65 97 126 56 163 71 83 88 10 1 
+8 178 22 6 112 169 116 89 43 153 40 146 85 31 89 74 154 137 28 115 117 122 108 
+98 8 27 110 103 176 17 20 27 77 10 93 145 80 17 143 165 76 69 78 102 20 91 171 
+95 29 115 176 166 109 39 23 70 83 29 148 67 163 161 33 4 15 46 42 2 69 104 53 
+33 160 64 33 155 14 131 160 59 78 71 19 176 107 65 38 82 55 40 56 40 115 84 29 
+25 44 68 104 176 76 64 123 18 25 136 23 6 171 31 30 30 58 14 13 72 57 14 41 177 
+^
+363 0 135 69 16 167 79 143 46 178 26 3 65 58 36 135 97 35 175 51 152 57 137 173 
+108 10 54 78 4 153 173 164 48 177 22 129 68 168 167 74 174 91 106 174 96 75 129 
+168 34 36 158 147 88 75 101 149 103 64 42 59 52 112 180 20 30 22 173 80 98 46 
+106 179 65 30 17 127 125 26 87 15 5 136 85 100 66 141 182 124 15 156 148 15 56 
+98 146 156 48 149 3 14 96 52 79 115 134 170 54 178 54 22 73 30 45 39 133 182 96 
+103 148 176 6 45 62 183 51 180 153 145 145 117 21 90 118 109 21 62 22 101 49 53 
+11 142 86 132 66 69 44 79 87 115 55 5 169 150 63 110 109 177 150 91 129 40 149 
+159 102 165 3 70 27 175 23 56 126 165 164 20 158 91 157 136 157 131 111 69 39 
+33 132 43 19 175 179 37 118 9 155 116 122 128 52 7 84 89 58 13 85 44 135 125 54 
+183 23 161 145 173 136 29 62 50 13 57 25 127 153 45 95 64 121 40 121 140 171 9 
+71 166 68 28 102 4 53 123 111 148 20 102 160 34 8 139 32 116 66 13 113 63 143 
+97 63 10 59 124 66 41 132 71 115 106 151 46 22 45 118 37 67 124 94 60 140 43 47 
+10 110 9 127 97 7 156 43 180 125 126 137 145 12 2 82 146 100 117 26 59 180 181 
+164 76 89 30 101 77 72 126 114 95 143 102 32 149 131 83 157 31 61 123 139 60 
+135 74 169 122 151 102 137 168 62 55 166 119 97 163 60 112 24 116 38 178 105 91 
+134 86 27 47 138 72 70 183 79 15 84 117 154 128 57 53 39 161 88 ^
+393 1 92 72 151 33 183 164 42 112 32 10 5 93 97 18 112 71 92 168 116 179 186 65 
+137 68 134 3 82 9 19 121 148 65 160 173 158 167 90 66 180 172 99 86 83 86 26 16 
+10 135 23 81 137 125 17 19 25 183 73 7 104 185 79 165 119 119 176 59 75 18 5 59 
+132 26 21 127 119 80 94 83 52 61 24 44 4 50 55 115 29 70 140 99 159 130 54 15 
+42 89 114 173 28 50 16 33 53 47 58 180 19 64 78 49 30 186 104 32 44 157 85 1 
+149 85 97 114 77 63 58 50 89 80 21 36 84 72 60 152 25 87 108 15 138 54 106 77 
+97 23 42 55 149 181 62 106 43 132 31 138 111 176 93 40 10 96 128 105 114 43 98 
+4 146 20 107 120 14 113 181 101 1 19 155 113 57 64 117 131 6 22 186 138 184 36 
+61 29 36 175 107 6 61 81 114 20 180 42 169 102 26 73 80 151 153 68 4 11 98 139 
+6 175 34 146 93 154 88 128 139 79 35 2 135 119 46 129 91 86 179 51 18 169 141 
+108 49 103 46 72 21 70 49 64 151 96 185 175 130 111 85 58 32 101 40 101 131 136 
+139 170 70 10 169 175 73 41 69 177 45 47 92 145 11 155 22 22 56 21 13 166 48 21 
+109 131 40 174 178 104 128 9 149 51 132 122 173 119 23 24 67 109 74 32 158 110 
+117 74 123 6 118 151 130 150 167 34 55 58 146 54 72 112 105 57 160 82 123 159 
+153 159 39 19 7 8 33 87 12 50 146 150 37 104 71 126 133 108 145 68 38 38 90 43 
+75 148 122 43 2 39 154 54 163 147 113 91 29 109 35 75 182 87 35 155 170 127 80 
+185 118 60 95 142 71 165 28 84 168 25 144 178 31 81 41 160 25 53 143 ^
+381 1 14 172 163 130 45 69 46 145 36 36 151 169 13 135 42 26 81 153 76 148 178 
+90 131 30 101 162 161 132 142 14 89 3 141 175 146 65 26 89 94 99 187 8 55 162 2 
+13 143 173 2 120 173 41 132 150 2 112 42 18 140 130 37 128 23 106 159 118 167 
+150 101 11 30 109 150 184 124 19 169 73 165 53 109 158 172 147 11 46 38 149 25 
+21 92 184 64 179 158 133 135 34 38 58 114 9 183 4 118 76 49 89 102 40 163 47 75 
+80 176 175 8 154 14 180 104 153 84 89 11 129 8 138 85 181 73 66 154 121 20 115 
+93 114 108 82 182 19 86 103 176 183 186 177 53 10 69 137 56 1 135 141 68 69 54 
+86 12 75 171 87 187 107 144 150 93 23 7 70 83 29 140 67 139 153 183 178 189 30 
+18 2 29 72 29 33 160 56 9 123 164 107 136 19 70 31 177 152 99 57 38 66 55 32 32 
+24 83 60 21 1 36 52 80 168 44 32 115 184 25 120 181 172 155 189 22 30 26 180 5 
+64 49 188 1 28 111 57 176 167 67 131 22 160 186 169 65 34 30 117 91 17 163 39 
+134 57 137 155 90 170 42 78 170 141 167 158 42 177 22 129 68 168 143 74 150 85 
+82 174 78 63 111 156 28 12 158 141 76 57 77 125 79 40 12 59 52 88 156 20 24 182 
+149 56 92 46 106 167 59 189 121 119 14 81 15 165 136 79 100 42 117 182 118 175 
+138 124 3 50 74 134 156 36 143 181 180 96 22 61 97 134 164 24 166 30 10 61 6 33 
+9 115 176 84 97 142 152 15 50 165 45 168 135 133 127 93 15 66 94 91 9 32 16 95 
+37 29 171 118 68 108 66 63 20 55 186 ^
+396 1 97 10 5 160 132 18 83 73 159 141 55 120 31 131 141 102 138 3 52 9 148 189 
+56 99 165 146 2 140 64 157 100 121 113 102 24 21 24 123 16 10 139 152 19 109 
+146 116 122 92 43 7 75 62 49 170 58 26 117 125 45 147 5 125 136 155 118 2 26 50 
+161 21 182 127 153 45 68 19 121 22 94 104 144 166 35 166 23 176 75 188 53 114 
+93 148 177 66 151 16 156 121 180 98 48 179 95 63 107 97 45 1 23 97 57 23 132 53 
+79 97 124 19 188 18 118 37 22 106 94 60 122 25 47 176 110 184 109 79 164 120 43 
+153 89 90 128 109 12 168 64 110 82 117 192 41 171 163 164 76 53 12 101 68 54 
+117 78 59 143 84 32 122 104 65 148 31 52 123 130 24 135 38 151 95 142 93 101 
+159 62 37 148 110 70 127 51 85 181 89 11 142 105 91 107 50 27 29 102 36 43 165 
+79 6 84 99 118 128 30 26 3 143 17 68 66 139 187 15 165 158 24 88 20 179 174 81 
+79 18 106 47 74 150 104 179 162 59 131 62 116 166 82 184 188 97 136 41 136 167 
+140 143 175 72 42 174 148 75 74 71 86 14 16 191 117 11 63 119 119 186 182 13 
+171 49 182 80 167 73 147 119 107 164 41 57 181 168 29 114 26 184 121 101 80 76 
+65 34 49 24 44 191 38 25 91 5 58 140 99 153 124 54 184 42 83 108 155 4 20 191 3 
+29 35 40 180 7 40 66 25 12 180 86 26 38 139 73 1 137 79 85 102 71 39 28 44 77 
+56 190 12 66 72 30 152 7 87 84 190 126 48 100 77 91 186 36 31 143 163 50 94 25 
+126 1 114 105 170 93 22 173 90 116 87 96 19 74 4 122 183 83 120 177 113 169 181 
+77 182 1 149 186 ^
+384 1 25 56 85 107 177 6 186 138 184 28 61 184 191 175 107 6 29 81 114 12 156 2 
+137 86 189 73 64 127 129 44 167 11 98 107 169 143 26 146 61 130 88 120 139 55 3 
+189 119 87 22 105 67 78 147 51 2 161 109 84 49 87 38 48 192 62 25 64 143 72 169 
+151 106 111 53 58 8 93 8 85 123 120 131 170 38 2 169 167 49 41 37 153 21 39 92 
+145 190 155 177 185 48 13 5 150 48 21 85 115 40 166 178 88 104 1 125 19 116 106 
+141 111 23 43 101 58 187 150 78 101 50 107 185 86 151 130 134 143 34 31 26 122 
+38 40 112 97 33 136 50 99 127 121 159 7 19 170 187 1 79 191 26 130 118 5 104 47 
+126 109 92 129 52 30 193 90 35 67 116 90 3 181 39 122 30 155 147 105 83 21 77 
+35 75 174 55 190 131 154 95 72 185 94 36 95 126 71 149 4 68 152 180 144 146 7 
+49 33 152 188 29 111 194 172 148 125 35 59 36 125 11 36 141 149 183 125 27 1 71 
+133 61 138 168 85 131 5 96 162 161 117 142 14 79 183 141 165 126 55 11 74 84 79 
+167 3 40 142 177 193 128 173 192 100 163 16 127 145 182 97 17 193 120 115 32 
+108 18 96 154 103 152 150 86 181 15 99 135 179 124 194 164 68 160 43 109 138 
+152 142 6 21 23 149 20 11 82 164 44 159 148 133 115 24 28 53 104 9 183 179 108 
+56 39 84 87 30 163 32 70 75 166 170 8 139 9 175 99 143 64 89 186 114 183 133 85 
+161 63 61 154 111 15 115 78 109 108 72 177 14 71 103 176 173 176 157 38 10 54 
+132 41 186 130 126 63 69 39 76 7 65 171 82 172 102 124 140 83 113 ^
+396 1 189 70 83 29 132 67 115 145 151 170 181 14 192 2 187 40 5 33 160 48 183 
+91 132 83 112 177 62 189 153 128 91 49 38 50 55 24 8 8 51 36 13 175 28 36 56 
+160 12 107 168 25 104 157 156 139 165 14 30 192 164 195 56 41 180 159 28 79 41 
+144 167 51 115 188 136 154 145 65 2 22 93 83 191 147 23 110 57 137 131 66 138 
+26 78 146 125 159 150 34 177 22 129 68 168 111 74 118 77 50 174 54 47 87 140 20 
+178 158 133 60 33 45 93 47 8 170 59 52 56 124 20 16 150 117 24 84 46 106 151 51 
+158 173 113 111 196 73 15 133 136 71 100 10 85 182 110 143 114 92 185 42 42 118 
+156 20 135 173 156 96 180 37 73 134 156 182 150 196 192 45 172 17 167 91 168 68 
+89 134 120 190 173 34 141 37 152 111 117 103 61 7 34 62 67 191 190 8 87 21 195 
+139 86 44 76 66 55 186 23 31 87 183 5 155 122 191 68 53 149 136 35 115 26 121 
+131 102 123 3 42 197 133 179 56 84 165 136 190 130 49 157 80 101 103 97 197 11 
+19 118 1 5 119 137 9 104 193 141 116 122 72 38 7 70 47 44 155 43 16 107 125 40 
+127 193 105 131 145 108 185 6 50 141 1 167 127 153 45 53 192 121 12 79 84 129 
+151 15 166 196 156 60 188 53 109 83 148 162 46 146 6 136 111 160 88 38 169 85 
+63 87 97 35 194 3 82 52 13 132 43 59 92 109 4 178 3 118 37 195 96 94 60 112 15 
+47 166 110 179 99 69 149 100 43 138 69 70 123 89 12 158 54 90 72 117 182 31 166 
+153 164 76 33 2 101 63 44 112 58 39 143 74 32 107 89 55 143 31 47 123 125 4 135 
+18 141 80 137 88 81 154 187 ^
+406 0 23 134 103 49 99 44 64 160 68 190 114 105 91 86 22 27 15 74 8 22 151 79 
+199 84 85 90 128 9 5 175 129 17 40 59 125 187 194 144 151 3 60 6 158 153 67 58 
+18 99 19 53 129 90 179 134 52 124 55 95 138 82 170 167 69 122 13 108 160 119 
+115 161 51 14 167 120 47 60 57 86 16 184 96 197 42 98 112 165 154 199 157 21 
+168 52 146 66 126 119 93 150 20 36 153 140 194 93 26 156 114 80 80 55 44 13 35 
+24 44 191 24 190 63 177 44 140 99 146 117 54 163 42 76 101 134 176 185 177 168 
+1 21 19 180 193 12 52 197 191 173 65 19 31 118 59 1 123 72 71 88 64 11 193 37 
+63 28 169 184 45 72 195 152 186 87 56 176 112 41 93 77 84 158 29 3 136 142 36 
+80 4 119 166 86 98 163 93 1 145 83 102 66 75 191 46 4 94 155 55 120 149 113 148 
+181 49 175 180 142 87 5 51 65 92 167 196 186 138 184 23 61 164 171 175 107 6 9 
+81 114 7 141 177 117 76 174 73 54 112 114 29 152 11 98 87 154 123 21 146 41 115 
+88 115 139 40 183 189 109 67 7 90 52 73 127 51 192 156 89 69 49 77 33 33 182 57 
+10 64 138 57 159 136 91 111 33 58 193 88 188 75 118 110 126 170 18 197 169 162 
+34 41 17 138 6 34 92 145 185 155 157 170 43 8 140 48 21 70 105 40 161 178 78 89 
+196 110 199 106 96 121 106 23 185 28 96 48 167 145 58 91 35 97 180 66 151 130 
+124 128 34 16 6 107 28 20 112 92 18 121 30 84 107 101 159 187 19 155 182 181 74 
+186 11 120 98 185 104 32 126 94 82 119 42 25 173 90 30 62 96 70 178 176 39 102 
+15 150 147 100 78 16 57 35 75 169 35 170 116 144 75 146 ^
+409 1 185 70 12 95 110 71 133 183 52 136 148 144 114 186 17 25 144 164 5 79 178 
+172 124 117 19 43 20 93 174 36 125 117 151 109 3 164 55 101 37 122 152 77 131 
+168 88 162 161 93 142 14 63 167 141 149 94 39 190 50 68 47 135 198 16 110 153 
+177 104 173 192 68 147 179 119 137 166 73 180 169 88 91 24 76 10 80 146 79 128 
+150 62 149 194 83 111 171 124 170 156 60 152 27 109 106 120 134 201 184 202 149 
+12 198 66 132 12 127 132 133 83 8 12 45 88 9 183 155 92 24 23 76 63 14 163 8 62 
+67 150 162 8 115 1 167 91 127 32 89 162 90 159 125 85 129 47 53 154 95 7 115 54 
+101 108 56 169 6 47 103 176 157 160 125 14 10 30 124 17 178 122 102 55 69 15 60 
+202 49 171 74 148 94 92 124 67 200 184 70 83 29 127 67 100 140 131 165 176 4 
+182 2 167 20 193 33 160 43 173 71 112 68 97 157 57 169 138 113 86 44 38 40 55 
+19 196 201 31 21 8 165 23 26 41 155 195 183 102 158 25 94 142 146 129 150 9 30 
+177 154 195 51 36 175 139 28 59 31 124 167 41 105 173 121 134 130 65 185 17 78 
+78 181 137 13 95 57 137 116 51 118 16 78 131 115 154 145 29 177 22 129 68 168 
+91 74 98 72 30 174 39 37 72 130 15 163 158 128 50 18 25 73 27 191 150 59 52 36 
+104 20 11 130 97 4 79 46 106 141 46 138 163 108 106 191 68 15 113 136 66 100 
+193 65 182 105 123 99 72 180 37 22 108 156 10 130 168 141 96 160 22 58 134 151 
+162 140 181 187 35 157 7 147 76 163 58 84 129 100 190 153 24 126 32 142 96 107 
+88 41 2 14 42 52 186 170 3 82 11 180 119 66 29 56 66 50 171 3 11 77 163 5 150 
+112 128 ^
+413 1 47 25 135 129 7 108 19 107 117 102 102 3 28 190 112 165 56 63 165 122 183 
+116 28 157 52 73 89 90 169 202 12 111 185 203 91 116 200 97 193 134 116 122 44 
+31 7 63 26 37 134 22 2 93 125 33 99 186 77 124 131 94 171 183 50 113 178 146 
+127 153 45 32 164 121 203 58 56 108 130 192 166 168 128 39 188 53 102 69 148 
+141 18 139 197 108 97 132 74 24 155 71 63 59 97 21 194 180 61 45 204 132 29 31 
+85 88 188 164 187 118 37 167 82 94 60 98 1 47 152 110 172 85 55 128 72 43 117 
+41 42 116 61 12 144 40 62 58 117 168 17 159 139 164 76 5 193 101 56 30 105 30 
+11 143 60 32 86 68 41 136 31 40 123 118 181 135 195 127 59 130 81 53 147 62 13 
+124 98 34 79 39 49 145 53 180 94 105 91 71 2 27 5 54 193 7 141 79 199 84 75 70 
+128 199 195 160 119 17 20 54 115 187 184 129 146 193 40 201 143 138 57 43 18 94 
+204 38 114 80 179 114 47 119 50 80 118 82 160 152 49 112 198 88 155 104 95 151 
+36 199 162 100 27 50 47 86 195 16 179 81 192 27 83 107 150 134 194 147 1 158 32 
+131 61 111 119 83 140 5 21 133 120 174 78 26 136 109 65 80 40 29 203 25 24 44 
+191 14 170 43 162 34 140 99 141 112 54 148 42 71 96 119 161 165 167 148 186 11 
+4 180 188 197 42 182 181 168 50 14 26 103 49 1 113 67 61 78 59 196 173 32 53 8 
+154 169 30 72 175 152 176 87 36 166 102 36 88 77 79 138 24 188 131 127 26 70 
+194 114 146 66 93 158 93 191 125 78 92 51 60 176 26 4 74 135 35 120 129 113 133 
+181 29 170 170 137 77 190 46 45 77 157 191 186 138 184 18 61 144 151 175 107 6 
+194 81 114 2 126 110 ^
+427 1 85 60 150 73 38 88 90 5 128 11 98 55 130 91 13 146 9 91 88 107 139 16 159 
+189 93 35 191 66 28 65 95 51 184 148 57 45 49 61 25 9 166 49 194 64 130 33 143 
+112 67 111 1 58 177 80 164 59 110 94 118 170 194 197 169 154 10 41 193 114 190 
+26 92 145 177 155 125 146 35 200 124 48 21 46 89 40 153 178 62 65 196 86 175 90 
+80 89 98 23 169 4 88 32 135 137 26 75 11 81 172 34 151 130 108 104 34 200 182 
+83 12 196 112 84 202 97 206 60 75 69 159 163 19 131 174 157 66 178 195 104 66 
+161 104 8 126 70 66 103 26 17 141 90 22 54 64 38 146 168 39 70 199 142 147 92 
+70 8 25 35 75 161 3 138 92 128 43 59 185 55 205 95 100 71 123 173 42 126 128 
+144 94 176 205 20 139 149 198 59 168 172 109 112 9 33 10 73 154 36 115 97 131 
+99 196 144 45 81 22 112 142 72 131 148 83 162 161 78 142 14 53 157 141 139 74 
+29 180 35 58 27 115 198 1 90 138 167 89 173 192 48 137 159 114 132 156 58 160 
+154 68 76 19 56 5 70 141 64 113 150 47 129 184 73 96 166 124 155 151 55 147 17 
+109 86 100 129 201 164 192 149 7 193 56 112 200 107 122 133 63 206 2 40 78 9 
+183 140 82 4 13 71 48 4 163 201 57 62 140 157 8 100 204 162 86 117 12 89 147 75 
+144 120 85 109 37 48 154 85 2 115 39 96 108 46 164 1 32 103 176 147 150 105 207 
+10 15 119 2 173 117 87 50 69 50 202 39 171 69 133 89 72 114 57 195 179 70 83 29 
+122 67 85 135 111 160 171 202 172 2 147 183 33 160 38 163 51 92 53 82 137 52 
+149 123 98 81 39 38 30 55 14 186 196 11 6 3 155 18 16 26 150 180 168 97 148 25 
+84 127 136 119 135 4 30 162 144 195 46 31 170 119 28 190 ^
+443 1 17 96 167 27 91 152 100 106 109 65 164 10 57 71 167 123 209 74 57 137 95 
+30 90 2 78 110 101 147 138 22 177 22 129 68 168 63 74 70 65 2 174 18 23 51 116 
+8 142 158 121 36 207 207 45 209 170 122 59 52 8 76 20 4 102 69 186 72 46 106 
+127 39 110 149 101 99 184 61 15 85 136 59 100 172 37 182 98 95 78 44 173 30 204 
+94 156 206 123 161 120 96 132 1 37 134 144 134 126 160 180 21 136 203 119 55 
+156 44 77 122 72 190 125 10 105 25 128 75 93 67 13 205 196 14 31 179 142 206 75 
+207 159 91 38 8 28 66 43 150 185 193 63 135 5 143 98 143 32 5 125 124 197 103 
+14 97 107 102 87 3 18 185 97 155 56 48 165 112 178 106 13 157 32 53 79 85 149 
+197 7 106 175 203 71 101 195 92 193 129 116 122 24 26 7 58 11 32 119 7 202 83 
+125 28 79 181 57 119 121 84 161 168 50 93 163 131 127 153 45 17 144 121 198 43 
+36 93 115 177 166 148 108 24 188 53 97 59 148 126 208 134 192 88 87 112 64 14 
+145 61 63 39 97 11 194 165 46 40 199 132 19 11 80 73 178 154 177 118 37 147 72 
+94 60 88 201 47 142 110 167 75 45 113 52 43 102 21 22 111 41 12 134 30 42 48 
+117 158 7 154 129 164 76 195 188 101 51 20 100 10 201 143 50 32 71 53 31 131 31 
+35 123 113 166 135 180 117 44 125 76 33 142 62 3 114 93 19 59 34 34 130 38 170 
+74 105 91 56 192 27 205 34 178 202 131 79 199 84 65 50 128 189 185 145 109 17 
+49 105 187 174 114 141 183 20 196 128 123 47 28 18 89 189 23 99 70 179 94 42 
+114 45 65 98 82 150 137 29 102 183 68 150 89 75 141 21 184 157 80 7 40 37 86 
+190 16 174 66 187 12 68 102 135 114 189 137 191 148 12 116 56 96 119 73 130 200 
+6 113 100 154 63 26 116 104 50 80 25 14 193 83 ^
+436 1 24 44 191 211 138 11 138 18 140 99 133 104 54 124 42 63 88 95 137 133 151 
+116 162 208 193 180 180 173 26 158 165 160 26 6 18 79 33 1 97 59 45 62 51 172 
+141 24 37 189 130 145 6 72 143 152 160 87 4 150 86 28 80 77 71 106 16 164 123 
+103 10 54 178 106 114 34 85 150 93 175 93 70 76 27 36 152 207 4 42 103 3 120 97 
+113 109 181 210 162 154 129 61 166 38 13 53 141 183 186 138 184 10 61 112 119 
+175 107 6 170 81 114 207 102 125 65 50 135 73 28 73 75 203 113 11 98 35 115 71 
+8 146 202 76 88 102 139 1 144 189 83 15 181 51 13 60 75 51 179 143 37 30 49 51 
+20 207 156 44 184 64 125 18 133 97 52 111 194 58 167 75 149 49 105 84 113 170 
+179 197 169 149 208 41 178 99 180 21 92 145 172 155 105 131 30 208 200 114 48 
+21 31 79 40 148 178 52 50 196 71 160 80 70 69 93 23 159 202 83 22 115 132 6 65 
+209 71 167 14 151 130 98 89 34 190 167 68 2 181 112 79 192 82 191 45 55 49 159 
+148 19 116 169 142 61 173 185 94 46 146 104 206 126 55 56 93 16 12 121 90 17 49 
+44 18 126 163 39 50 189 137 147 87 65 3 5 35 75 156 196 118 77 118 23 54 185 40 
+195 95 90 71 113 163 32 116 108 144 74 166 190 15 134 134 188 39 158 172 94 107 
+212 23 53 134 36 105 77 111 89 186 124 35 61 7 102 132 67 131 128 78 162 161 63 
+142 14 43 147 141 129 54 19 170 20 48 7 95 198 199 70 123 157 74 173 192 28 127 
+139 109 127 146 43 140 139 48 61 14 36 60 136 49 98 150 32 109 174 63 81 161 
+124 140 146 50 142 7 109 66 80 124 201 144 182 149 2 188 46 92 185 87 112 133 
+43 201 205 35 68 9 183 125 72 197 3 66 33 207 163 191 52 57 130 152 8 85 204 
+157 81 107 205 187 ^
+462 1 126 54 123 113 85 81 23 41 154 71 210 115 18 89 108 32 157 209 11 103 176 
+133 136 77 193 10 209 112 196 166 110 66 43 69 194 36 202 25 171 62 112 82 44 
+100 43 188 172 70 83 29 115 67 64 128 83 153 164 195 158 2 119 187 169 33 160 
+31 149 23 64 32 61 109 45 121 102 77 74 32 38 16 55 7 172 189 198 200 211 141 
+11 2 5 143 159 147 90 134 25 70 106 122 105 114 212 30 141 130 195 39 24 163 91 
+28 11 7 76 167 17 81 137 85 86 94 65 149 5 42 66 157 113 204 59 57 137 80 15 70 
+207 78 95 91 142 133 17 177 22 129 68 168 43 74 50 60 197 174 3 13 36 106 3 127 
+158 116 26 197 192 25 194 155 102 59 52 203 56 20 214 82 49 171 67 46 106 117 
+34 90 139 96 94 179 56 15 65 136 54 100 157 17 182 93 75 63 24 168 25 189 84 
+156 201 118 156 105 96 112 201 22 134 139 114 116 145 175 11 121 198 99 40 151 
+34 72 117 52 190 105 90 20 118 60 83 52 208 205 181 209 16 174 122 206 70 202 
+144 71 18 208 8 66 38 135 170 178 53 115 5 138 88 123 17 200 115 119 182 98 9 
+87 97 102 72 3 8 180 82 145 56 33 165 102 173 96 213 157 12 33 69 80 129 192 2 
+101 165 203 51 86 190 87 193 124 116 122 4 21 7 53 211 27 104 207 197 73 125 23 
+59 176 37 114 111 74 151 153 50 73 148 116 127 153 45 2 124 121 193 28 16 78 
+100 162 166 128 88 9 188 53 92 49 148 111 193 129 187 68 77 92 54 4 135 51 63 
+19 97 1 194 150 31 35 194 132 9 206 75 58 168 144 167 118 37 127 62 94 60 78 
+196 47 132 110 162 65 35 98 32 43 87 1 2 106 21 12 124 20 22 38 117 148 212 149 
+119 164 76 180 183 101 46 10 95 205 186 143 40 32 56 38 21 126 31 30 123 108 
+151 135 165 107 29 120 71 13 137 62 208 104 88 4 39 29 19 115 23 160 54 105 91 
+41 177 27 200 14 163 124 ^
+453 0 115 79 199 84 49 18 128 173 169 121 93 17 186 41 89 187 158 90 133 167 
+206 188 104 99 31 4 18 81 165 217 75 54 179 62 34 106 37 41 66 82 134 113 215 
+86 159 36 142 65 43 125 215 160 149 48 193 24 21 86 182 16 166 42 179 206 44 94 
+111 82 181 121 167 132 198 92 48 72 119 57 114 184 200 81 68 122 39 26 84 96 26 
+80 1 208 177 217 24 44 191 206 118 209 123 8 140 99 128 99 54 109 42 58 83 80 
+122 113 141 96 147 203 183 180 175 158 16 143 155 155 11 1 13 64 23 1 87 54 35 
+52 46 157 121 19 27 174 115 130 209 72 123 152 150 87 202 140 76 23 75 77 66 86 
+11 149 118 88 44 168 101 94 14 80 145 93 165 73 65 66 12 21 137 192 4 22 83 201 
+120 77 113 94 181 195 157 144 124 51 151 33 211 38 131 178 186 138 184 5 61 92 
+99 175 107 6 155 81 114 207 87 105 45 40 120 73 18 58 60 193 98 11 98 15 100 51 
+3 146 187 61 88 97 139 204 129 189 73 213 171 36 216 55 55 51 174 138 17 15 49 
+41 15 197 146 39 174 64 120 3 123 82 37 111 179 58 157 70 134 39 100 74 108 170 
+164 197 169 144 198 41 163 84 170 16 92 145 167 155 85 116 25 208 200 104 48 21 
+16 69 40 143 178 42 35 196 56 145 70 60 49 88 23 149 192 78 12 95 127 204 55 
+199 61 162 212 151 130 88 74 34 180 152 53 210 166 112 74 182 67 176 30 35 29 
+159 133 19 101 164 127 56 168 175 84 26 131 104 196 126 40 46 83 6 7 101 90 12 
+44 24 216 106 158 39 30 179 132 147 82 60 216 203 35 75 151 181 98 62 108 3 49 
+185 25 185 95 80 71 103 153 22 106 88 144 54 156 175 10 129 119 178 19 148 172 
+79 102 207 13 208 33 114 36 95 57 91 79 176 104 25 41 210 92 122 62 131 108 73 
+162 161 48 142 14 33 137 141 119 34 9 160 5 38 205 75 198 189 50 108 112 ^
+454 1 53 173 192 113 111 102 120 132 22 112 118 20 40 7 8 213 46 129 28 77 150 
+11 81 160 49 60 154 124 119 139 43 135 213 109 38 52 117 201 116 168 149 215 
+181 32 64 164 59 98 133 15 194 198 28 54 9 183 104 58 176 209 59 12 200 163 177 
+45 50 116 145 8 64 204 150 74 93 184 89 111 39 108 108 85 61 13 36 154 61 210 
+115 3 84 108 22 152 209 216 103 176 123 126 57 183 10 199 107 186 161 105 51 38 
+69 184 26 202 15 171 57 97 77 24 90 33 183 167 70 83 29 110 67 49 123 63 148 
+159 190 148 2 99 172 159 33 160 26 139 3 44 17 46 89 40 101 87 62 69 27 38 6 55 
+2 162 184 183 190 211 131 6 212 210 138 144 132 85 124 25 60 91 112 95 99 212 
+30 126 120 195 34 19 158 71 28 211 217 56 167 7 71 122 70 66 79 65 134 27 61 
+147 103 199 44 57 137 65 50 202 78 80 81 137 128 12 177 22 129 68 168 23 74 30 
+55 182 174 208 3 21 96 218 112 158 111 16 187 177 5 179 140 82 59 52 188 36 20 
+214 62 29 156 62 46 106 107 29 70 129 91 89 174 51 15 45 136 49 100 142 217 182 
+88 55 48 4 163 20 174 74 156 196 113 151 90 96 92 191 7 134 134 94 106 130 170 
+1 106 193 79 25 146 24 67 112 32 190 85 210 75 15 108 45 73 37 193 205 166 194 
+1 169 102 206 65 197 129 51 218 198 208 66 33 120 155 163 43 95 5 133 78 103 2 
+185 105 114 167 93 4 77 87 102 57 3 218 175 67 135 56 18 165 92 168 86 203 157 
+212 13 59 75 109 187 217 96 155 203 31 71 185 82 193 119 116 122 204 16 7 48 
+201 22 89 197 192 63 125 18 39 171 17 109 101 64 141 138 50 53 133 101 127 153 
+45 207 104 121 188 13 216 63 85 147 166 108 68 214 188 53 87 39 148 96 178 124 
+182 48 67 72 44 214 125 41 63 219 97 211 194 135 16 30 189 132 219 191 70 43 
+158 181 ^
+475 0 153 118 37 99 48 94 60 64 189 47 118 110 155 51 21 77 4 43 66 195 196 99 
+215 12 110 6 216 24 117 134 205 142 105 164 76 159 176 101 39 218 88 184 165 
+143 26 32 35 17 7 119 31 23 123 101 130 135 144 93 8 113 64 207 130 62 201 90 
+81 205 11 22 220 94 2 146 26 105 91 20 156 27 193 208 142 178 107 79 199 84 41 
+2 128 165 161 109 85 17 174 37 81 187 150 78 129 159 194 184 92 87 23 214 18 77 
+153 209 63 46 179 46 30 102 33 29 50 82 126 101 203 78 147 20 138 53 27 117 207 
+148 145 32 181 16 13 86 178 16 162 30 175 198 32 90 99 66 177 113 155 124 186 
+80 44 60 119 49 106 176 192 65 52 106 27 26 68 92 14 80 211 200 169 213 24 44 
+191 202 102 197 111 140 99 124 95 54 97 42 54 79 68 110 97 133 80 135 199 175 
+180 171 146 8 131 147 151 221 219 9 52 15 1 79 50 27 44 42 145 105 15 19 162 
+103 118 201 72 107 152 142 87 190 132 68 19 71 77 62 70 7 137 114 76 214 36 160 
+97 78 220 76 141 93 157 57 61 58 9 125 180 4 6 67 189 120 61 113 82 181 183 153 
+136 120 43 139 29 199 26 123 174 186 138 184 1 61 76 83 175 107 6 143 81 114 
+207 75 89 29 32 108 73 10 46 48 185 86 11 98 221 88 35 221 146 175 49 88 93 139 
+196 117 189 65 201 163 24 208 51 39 51 170 134 1 3 49 33 11 189 138 35 166 64 
+116 213 115 70 25 111 167 58 149 66 122 31 96 66 104 170 152 197 169 140 190 41 
+151 72 162 12 92 145 163 155 69 104 21 208 200 96 48 21 4 61 40 139 178 34 23 
+196 44 133 62 52 33 84 23 141 184 74 4 79 123 192 47 191 53 158 200 151 130 80 
+62 34 172 140 41 206 154 112 70 174 55 164 18 19 13 159 121 19 89 160 115 52 
+164 167 76 10 119 104 188 126 28 38 75 220 3 85 90 8 40 8 204 90 154 39 14 171 
+128 147 78 56 216 191 35 75 147 169 82 50 100 209 45 185 13 177 95 150 ^
+471 0 71 89 139 8 92 60 144 26 142 154 3 122 98 164 216 134 172 58 95 200 224 
+201 5 86 36 81 29 63 65 162 76 11 13 196 78 108 55 131 80 66 162 161 27 142 14 
+19 123 141 105 6 220 146 209 24 184 47 198 175 22 87 133 38 173 192 205 103 91 
+97 115 122 7 92 103 25 2 213 213 36 124 13 62 150 221 61 150 39 45 149 124 104 
+134 38 130 208 109 18 32 112 201 96 158 149 215 176 22 44 149 39 88 133 220 189 
+193 23 44 9 183 89 48 161 204 54 222 195 163 167 40 45 106 140 8 49 204 145 69 
+83 169 89 96 24 93 103 85 41 3 31 154 51 210 115 213 79 108 12 147 209 206 103 
+176 113 116 37 173 10 189 102 176 156 100 36 33 69 174 16 202 5 171 52 82 72 4 
+80 23 178 162 70 83 29 105 67 34 118 43 143 154 185 138 2 79 157 149 33 160 21 
+129 208 24 2 31 69 35 81 72 47 64 22 38 221 55 222 152 179 168 180 211 121 1 
+207 200 133 129 117 80 114 25 50 76 102 85 84 212 30 111 110 195 29 14 153 51 
+28 196 212 36 167 222 61 107 55 46 64 65 119 220 12 56 137 93 194 29 57 137 50 
+210 30 197 78 65 71 132 123 7 177 22 129 68 168 3 74 10 50 167 174 198 218 6 86 
+218 97 158 106 6 177 162 210 164 125 62 59 52 173 16 20 214 42 9 141 57 46 106 
+97 24 50 119 86 84 169 46 15 25 136 44 100 127 202 182 83 35 33 209 158 15 159 
+64 156 191 108 146 75 96 72 181 217 134 129 74 96 115 165 216 91 188 59 10 141 
+14 62 107 12 190 65 205 60 10 98 30 63 22 178 205 151 179 211 164 82 206 60 192 
+114 31 203 188 193 66 28 105 140 148 33 75 5 128 68 83 212 170 95 109 152 88 
+224 67 77 102 42 3 213 170 52 125 56 3 165 82 163 76 193 157 197 218 49 70 89 
+182 217 91 145 203 11 56 180 77 193 114 116 122 189 11 7 43 191 17 74 187 187 
+53 125 13 19 166 222 104 91 54 131 123 50 33 118 86 127 167 ^
+480 1 45 193 76 121 181 219 195 42 64 126 166 80 40 200 188 53 80 25 148 75 157 
+117 175 20 53 44 30 207 111 27 63 198 97 204 194 114 222 23 182 132 212 170 63 
+22 144 120 143 118 37 79 38 94 60 54 184 47 108 110 150 41 11 62 211 43 51 180 
+181 94 200 12 100 223 201 14 117 124 200 137 95 164 76 144 171 101 34 213 83 
+169 150 143 16 32 20 2 224 114 31 18 123 96 115 135 129 83 220 108 59 192 125 
+62 196 80 76 195 218 17 210 79 214 136 6 105 91 5 141 27 188 193 127 168 97 79 
+199 84 31 209 128 155 151 94 75 17 159 32 71 187 140 63 124 149 179 179 77 72 
+13 204 18 72 138 199 48 36 179 26 25 97 28 14 30 82 116 86 188 68 132 133 38 7 
+107 197 133 140 12 166 6 3 86 173 16 157 15 170 188 17 85 84 46 172 103 140 114 
+171 65 39 45 119 39 96 166 182 45 32 86 12 26 48 87 226 80 201 190 159 208 24 
+44 191 197 82 182 96 217 140 99 119 90 54 82 42 49 74 53 95 77 123 60 120 194 
+165 180 166 131 225 116 137 146 211 219 4 37 5 1 69 45 17 34 37 130 85 10 9 147 
+88 103 191 72 87 152 132 87 175 122 58 14 66 77 57 50 2 122 109 61 209 26 150 
+92 58 205 71 136 93 147 37 56 48 212 221 110 165 4 213 47 174 120 41 113 67 181 
+168 148 126 115 33 124 24 184 11 113 169 186 138 184 223 61 56 63 175 107 6 128 
+81 114 207 60 69 9 22 93 73 31 33 175 71 11 98 206 73 15 221 146 160 34 88 88 
+139 186 102 189 55 186 153 9 198 46 19 51 165 129 208 215 49 23 6 179 128 30 
+156 64 111 203 105 55 10 111 152 58 139 61 107 21 91 56 99 170 137 197 169 135 
+180 41 136 57 152 7 92 145 158 155 49 89 16 208 200 86 48 21 216 51 40 134 178 
+24 8 196 29 118 52 42 13 79 23 131 174 69 221 59 118 177 37 181 43 153 185 151 
+130 70 47 34 162 125 26 201 139 112 65 164 40 149 3 226 220 159 106 19 74 155 
+100 47 159 157 193 ^
+471 0 211 98 104 174 126 7 24 61 213 225 57 90 1 33 209 183 62 147 39 215 157 
+121 147 71 49 216 170 35 75 140 148 54 29 86 188 38 185 221 163 95 58 71 81 131 
+84 44 144 10 134 142 228 118 86 156 204 126 172 46 91 196 220 197 218 70 36 73 
+13 47 57 154 60 3 226 188 70 100 51 131 64 62 162 161 15 142 14 11 115 141 97 
+219 216 138 201 16 172 31 198 167 6 75 125 26 173 192 193 95 75 93 111 114 224 
+76 91 213 13 227 201 213 28 120 1 50 150 213 45 142 31 33 145 124 92 130 34 126 
+204 109 2 16 108 201 80 150 149 215 172 14 28 137 23 80 133 208 185 189 19 36 9 
+183 77 40 149 200 50 214 191 163 159 36 41 98 136 8 37 204 141 65 75 157 89 84 
+12 81 99 85 25 224 27 154 43 210 115 205 75 108 4 143 209 198 103 176 105 108 
+21 165 10 181 98 168 152 96 24 29 69 166 8 202 226 171 48 70 68 217 72 15 174 
+158 70 83 29 101 67 22 114 27 139 150 181 130 2 63 145 141 33 160 17 121 196 8 
+219 19 53 31 65 60 35 60 18 38 217 55 222 144 175 156 172 211 113 226 203 192 
+129 117 105 76 106 25 42 64 94 77 72 212 30 99 102 195 25 10 149 35 28 184 208 
+20 167 218 53 95 43 30 52 65 107 220 52 129 85 190 17 57 137 38 202 14 193 78 
+53 63 128 119 3 177 22 129 68 168 216 74 223 46 155 174 190 214 223 78 218 85 
+158 102 227 169 150 198 152 113 46 59 52 161 20 214 26 222 129 53 46 106 89 20 
+34 111 82 80 165 42 15 9 136 40 100 115 190 182 79 19 21 197 154 11 147 56 156 
+187 104 142 63 96 56 173 209 134 125 58 88 103 161 212 79 184 43 227 137 6 58 
+103 225 190 49 201 48 6 90 18 55 10 166 205 139 167 203 160 66 206 56 188 102 
+15 191 180 181 66 24 93 128 136 25 59 5 124 60 67 204 158 87 105 140 84 224 59 
+69 102 30 3 209 166 40 117 56 220 165 74 159 68 185 157 185 206 41 66 167 ^
+490 1 176 217 85 133 203 218 38 174 71 193 108 116 122 171 5 7 37 179 11 56 175 
+181 41 125 7 226 160 204 98 79 42 119 105 50 9 100 68 127 153 45 185 60 121 177 
+211 183 30 52 114 166 64 24 192 188 53 76 17 148 63 145 113 171 4 45 28 22 203 
+103 19 63 186 97 200 194 102 214 19 178 132 208 158 59 10 136 112 135 118 37 63 
+30 94 60 46 180 47 100 110 146 33 3 50 199 43 39 168 169 90 188 12 92 219 189 6 
+117 116 196 133 87 164 76 132 167 101 30 209 79 157 138 143 8 32 8 221 220 110 
+31 14 123 92 103 135 117 75 212 104 55 180 121 62 192 72 72 187 206 13 202 67 
+206 128 221 105 91 224 129 27 184 181 115 160 89 79 199 84 23 197 128 147 143 
+82 67 17 147 28 63 187 132 51 120 141 167 175 65 60 5 196 18 68 126 191 36 28 
+179 10 21 93 24 2 14 82 108 74 176 60 120 215 129 26 222 99 189 121 136 227 154 
+229 226 86 169 16 153 3 166 180 5 81 72 30 168 95 128 106 159 53 35 33 119 31 
+88 158 174 29 16 70 26 32 83 218 80 193 182 151 204 24 44 191 193 66 170 84 213 
+140 99 115 86 54 70 42 45 70 41 83 61 115 44 108 190 157 180 162 119 221 104 
+129 142 203 219 25 228 1 61 41 9 26 33 118 69 6 1 135 76 91 183 72 71 152 124 
+87 163 114 50 10 62 77 53 34 229 110 105 49 205 18 142 88 42 193 67 132 93 139 
+21 52 40 204 213 98 153 4 201 31 162 120 25 113 55 181 156 144 118 111 25 112 
+20 172 230 105 165 186 138 184 223 61 40 47 175 107 6 116 81 114 207 48 53 224 
+14 81 73 223 19 21 167 59 11 98 194 61 230 221 146 148 22 88 84 139 178 90 189 
+47 174 145 228 190 42 3 51 161 125 196 207 49 15 2 171 120 26 148 64 107 195 97 
+43 229 111 140 58 131 57 95 13 87 48 95 170 125 197 169 131 172 41 124 45 144 3 
+92 145 154 155 33 77 12 208 200 78 48 21 208 43 40 130 178 16 227 196 17 106 44 
+34 228 75 23 123 166 65 217 43 114 165 29 173 35 200 ^
+479 0 167 151 130 58 29 34 150 107 8 195 121 112 59 152 22 131 218 208 202 159 
+88 19 56 149 82 41 153 145 54 199 86 104 166 126 228 16 53 209 225 41 90 230 29 
+197 171 46 143 39 203 149 117 147 67 45 216 158 35 75 136 136 38 17 78 176 34 
+185 213 155 95 50 71 73 123 225 76 28 144 227 126 130 228 114 74 148 192 118 
+172 34 87 192 216 193 206 54 36 65 230 31 49 146 44 228 214 180 62 92 47 131 48 
+58 162 161 3 142 14 3 107 141 89 207 212 130 193 8 160 15 198 159 223 63 117 14 
+173 192 181 87 59 89 107 106 216 60 79 201 1 227 189 213 20 116 222 38 150 205 
+29 134 23 21 141 124 80 126 30 122 200 109 219 104 201 64 142 149 215 168 6 12 
+125 7 72 133 196 181 185 15 28 9 183 65 32 137 196 46 206 187 163 151 32 37 90 
+132 8 25 204 137 61 67 145 89 72 69 95 85 9 220 23 154 35 210 115 197 71 108 
+229 139 209 190 103 176 97 100 5 157 10 173 94 160 148 92 12 25 69 158 202 222 
+171 44 58 64 205 64 7 170 154 70 83 29 97 67 10 110 11 135 146 177 122 2 47 133 
+133 33 160 13 113 184 225 211 7 37 27 49 48 23 56 14 38 213 55 222 136 171 144 
+164 211 105 226 199 184 125 105 93 72 98 25 34 52 86 69 60 212 30 87 94 195 21 
+6 145 19 28 172 204 4 167 214 45 83 31 14 40 65 95 220 221 48 121 77 186 5 57 
+137 26 194 231 189 78 41 55 124 115 232 177 22 129 68 168 204 74 211 42 143 174 
+182 210 215 70 218 73 158 98 223 161 138 186 140 101 30 59 52 149 217 20 214 10 
+210 117 49 46 106 81 16 18 103 78 76 161 38 15 226 136 36 100 103 178 182 75 3 
+9 185 150 7 135 48 156 183 100 138 51 96 40 165 201 134 121 42 80 91 157 208 67 
+180 27 219 133 231 54 99 213 190 33 197 36 2 82 6 47 231 154 205 127 155 195 
+156 50 206 52 184 90 232 179 172 169 66 20 81 116 124 17 43 5 120 52 51 196 146 
+79 101 128 80 224 65 ^
+503 1 55 102 9 3 202 159 19 103 56 206 165 60 152 54 171 157 164 185 27 59 45 
+171 217 80 123 203 203 23 169 66 193 103 116 122 156 7 32 169 6 41 165 176 31 
+125 2 211 155 189 93 69 32 109 90 50 225 85 53 127 153 45 175 40 121 172 201 
+168 15 37 99 166 44 4 182 188 53 71 7 148 48 130 108 166 220 35 8 12 198 93 9 
+63 171 97 195 194 87 204 14 173 132 203 143 54 231 126 102 125 118 37 43 20 94 
+60 36 175 47 90 110 141 23 229 35 184 43 24 153 154 85 173 12 82 214 174 232 
+117 106 191 128 77 164 76 117 162 101 25 204 74 142 123 143 234 32 229 211 215 
+105 31 9 123 87 88 135 102 65 202 99 50 165 116 62 187 62 67 177 191 8 192 52 
+196 118 206 105 91 214 114 27 179 166 100 150 79 79 199 84 13 182 128 137 133 
+67 57 17 132 23 53 187 122 36 115 131 152 170 50 45 231 186 18 63 111 181 21 18 
+179 226 16 88 19 223 230 82 98 59 161 50 105 200 124 11 207 89 179 106 131 212 
+139 224 221 86 164 16 148 224 161 170 226 76 57 10 163 85 113 96 144 38 30 18 
+119 21 78 148 164 9 232 50 221 26 12 78 208 80 183 172 141 199 24 44 191 188 46 
+155 69 208 140 99 110 81 54 55 42 40 65 26 68 41 105 24 93 185 147 180 157 104 
+216 89 119 137 193 219 231 10 223 1 51 36 235 16 28 103 49 1 227 120 61 76 173 
+72 51 152 114 87 148 104 40 5 57 77 48 14 229 95 100 34 200 8 132 83 22 178 62 
+127 93 129 1 47 30 194 203 83 138 4 186 11 147 120 5 113 40 181 141 139 108 106 
+15 97 15 157 220 95 160 186 138 184 223 61 20 27 175 107 6 101 81 114 207 33 33 
+209 4 66 73 218 4 6 157 44 11 98 179 46 215 221 146 133 7 88 79 139 168 75 189 
+37 159 135 218 180 37 219 51 156 120 181 197 49 5 233 161 110 21 138 64 102 185 
+87 28 219 111 125 58 121 52 80 3 82 38 90 170 110 197 169 126 162 41 109 30 134 
+234 92 145 149 155 13 62 7 208 200 68 48 21 198 33 40 125 178 6 217 196 2 91 34 
+24 213 70 23 113 161 ^
+470 0 58 210 15 107 144 15 159 21 142 152 151 130 48 14 34 140 92 231 190 106 
+112 54 142 7 116 208 193 187 159 73 19 41 144 67 36 148 135 44 184 71 104 156 
+126 218 6 43 204 225 21 90 230 24 182 156 26 138 39 188 139 112 147 62 40 216 
+143 35 75 131 121 18 2 68 161 29 185 203 145 95 40 71 63 113 220 66 8 144 212 
+116 115 228 109 59 138 177 108 172 19 82 187 211 188 191 34 36 55 215 11 39 136 
+24 223 199 170 52 82 42 131 28 53 162 161 226 142 14 231 97 141 79 192 207 120 
+183 236 145 233 198 149 208 48 107 237 173 192 166 77 39 84 102 96 206 40 64 
+186 224 227 174 213 10 111 212 23 150 195 9 124 13 6 136 124 65 121 25 117 195 
+109 204 218 99 201 44 132 149 215 163 234 230 110 225 62 133 181 176 180 10 18 
+9 183 50 22 122 191 41 196 182 163 141 27 32 80 127 8 10 204 132 56 57 130 89 
+57 223 54 90 85 227 215 18 154 25 210 115 187 66 108 224 134 209 180 103 176 87 
+90 223 147 10 163 89 150 143 87 235 20 69 148 228 202 217 171 39 43 59 190 54 
+235 165 149 70 83 29 92 67 233 105 229 130 141 172 112 2 27 118 123 33 160 8 
+103 169 210 201 230 17 22 29 33 8 51 9 38 208 55 222 126 166 129 154 211 95 226 
+194 174 120 90 78 67 88 25 24 37 76 59 45 212 30 72 84 195 16 1 140 237 28 157 
+199 222 167 209 35 68 16 232 25 65 80 220 211 43 111 67 181 228 57 137 11 184 
+216 184 78 26 45 119 110 232 177 22 129 68 168 189 74 196 37 128 174 172 205 
+205 60 218 58 158 93 218 151 123 171 125 86 10 59 52 134 202 20 214 228 195 102 
+44 46 106 71 11 236 93 73 71 156 33 15 211 136 31 100 88 163 182 70 221 232 170 
+145 2 120 38 156 178 95 133 36 96 20 155 191 134 116 22 70 76 152 203 52 175 7 
+209 128 226 49 94 198 190 13 192 21 235 72 229 37 221 139 205 112 140 185 151 
+30 206 47 179 75 217 101 ^
+502 0 158 148 66 13 60 95 103 3 15 5 113 38 23 182 125 65 94 107 73 224 37 47 
+102 237 3 198 155 7 95 56 198 165 52 148 46 163 157 152 173 19 55 29 167 217 76 
+115 203 191 11 165 62 193 99 116 122 144 236 7 28 161 2 29 157 172 23 125 238 
+199 151 177 89 61 24 101 78 50 213 73 41 127 153 45 167 24 121 168 193 156 3 25 
+87 166 28 228 174 188 53 67 239 148 36 118 104 162 208 27 232 4 194 85 1 63 159 
+97 191 194 75 196 10 169 132 199 131 50 223 118 94 117 118 37 27 12 94 60 28 
+171 47 82 110 137 15 225 23 172 43 12 141 142 81 161 12 74 210 162 228 117 98 
+187 124 69 164 76 105 158 101 21 200 70 130 111 143 230 32 221 203 211 101 31 5 
+123 83 76 135 90 57 194 95 46 153 112 62 183 54 63 169 179 4 184 40 188 110 194 
+105 91 206 102 27 175 154 88 142 71 79 199 84 5 170 128 129 125 55 49 17 120 19 
+45 187 114 24 111 123 140 166 38 33 227 178 18 59 99 173 9 10 179 214 12 84 15 
+215 218 82 90 47 149 42 93 188 120 239 195 81 171 94 127 200 127 220 217 86 160 
+16 144 216 157 162 218 72 45 234 159 77 101 88 132 26 26 6 119 13 70 140 156 
+233 220 34 213 26 236 74 200 80 175 164 133 195 24 44 191 184 30 143 57 204 140 
+99 106 77 54 43 42 36 61 14 56 25 97 8 81 181 139 180 153 92 212 77 111 133 185 
+219 231 238 219 1 43 32 231 8 24 91 33 237 223 108 49 64 165 72 35 152 106 87 
+136 96 32 1 53 77 44 238 229 83 96 22 196 124 79 6 166 58 123 93 121 225 43 22 
+186 195 71 126 4 174 235 135 120 229 113 28 181 129 135 100 102 7 85 11 145 212 
+87 156 186 138 184 223 61 4 11 175 107 6 89 81 114 207 21 17 197 236 54 73 214 
+232 234 149 32 11 98 167 34 203 221 146 121 235 88 75 139 160 63 189 29 147 127 
+210 172 33 207 51 152 116 169 189 49 237 233 153 102 17 130 64 98 177 79 16 211 
+111 113 58 113 48 68 235 78 30 86 170 98 197 169 122 154 41 97 18 126 234 92 
+145 145 155 237 50 209 ^
+481 1 208 200 56 48 21 186 21 40 119 178 236 205 196 226 73 22 12 195 64 23 101 
+144 54 206 241 103 132 7 151 13 138 140 151 130 40 2 34 132 80 223 186 94 112 
+50 134 237 104 200 181 175 159 61 19 29 140 55 32 144 127 36 172 59 104 148 126 
+210 240 35 200 225 5 90 230 20 170 144 10 134 39 176 131 108 147 58 36 216 131 
+35 75 127 109 2 232 60 149 25 185 195 137 95 32 71 55 105 216 58 234 144 200 
+108 103 228 105 47 130 165 100 172 7 78 183 207 184 179 18 36 47 203 237 31 128 
+8 219 187 162 44 74 38 131 12 49 162 161 218 142 14 227 89 141 71 180 203 112 
+175 232 133 221 198 141 196 36 99 229 173 192 154 69 23 80 98 88 198 24 52 174 
+216 227 162 213 2 107 204 11 150 187 235 116 5 236 132 124 53 117 21 113 191 
+109 192 206 95 201 28 124 149 215 159 230 218 98 213 54 133 169 172 176 6 10 9 
+183 38 14 110 187 37 188 178 163 133 23 28 72 123 8 240 204 128 52 49 118 89 45 
+215 42 86 85 215 211 14 154 17 210 115 179 62 108 220 130 209 172 103 176 79 82 
+211 139 10 155 85 142 139 83 227 16 69 140 224 202 213 171 35 31 55 178 46 231 
+161 145 70 83 29 88 67 225 101 217 126 137 168 104 2 11 106 115 33 160 4 95 157 
+198 193 222 1 18 13 21 238 47 5 38 204 55 222 118 162 117 146 211 87 226 190 
+166 116 78 66 63 80 25 16 25 68 51 33 212 30 60 76 195 12 239 136 225 28 145 
+195 210 167 205 27 56 4 220 13 65 68 220 203 39 103 59 177 220 57 137 241 176 
+204 180 78 14 37 115 106 232 177 22 129 68 168 177 74 184 33 116 174 164 201 
+197 52 218 46 158 89 214 143 111 159 113 74 236 59 52 122 190 20 214 216 183 90 
+40 46 106 63 7 224 85 69 67 152 29 15 199 136 27 100 76 151 182 66 209 224 158 
+141 240 108 30 156 174 91 129 24 96 4 147 183 134 112 6 62 64 148 199 40 171 
+233 201 124 222 45 90 186 190 239 188 9 235 64 221 29 213 127 178 ^
+508 1 94 122 173 145 6 206 41 173 57 199 146 150 136 66 9 48 83 91 239 243 5 
+109 30 7 174 113 57 90 95 69 224 29 39 102 229 3 194 151 239 87 56 190 165 44 
+144 38 155 157 140 161 11 51 13 163 217 72 107 203 179 243 161 58 193 95 116 
+122 132 236 7 24 153 242 17 149 168 15 125 238 187 147 165 85 53 16 93 66 50 
+201 61 29 127 153 45 159 8 121 164 185 144 235 13 75 166 12 216 166 188 53 63 
+235 148 24 106 100 158 196 19 220 240 190 77 237 63 147 97 187 194 63 188 6 165 
+132 195 119 46 215 110 86 109 118 37 11 4 94 60 20 167 47 74 110 133 7 221 11 
+160 43 129 130 77 149 12 66 206 150 224 117 90 183 120 61 164 76 93 154 101 17 
+196 66 118 99 143 226 32 213 195 207 97 31 1 123 79 64 135 78 49 186 91 42 141 
+108 62 179 46 59 161 167 176 28 180 102 182 105 91 198 90 27 171 142 76 134 63 
+79 199 84 241 158 128 121 117 43 41 17 108 15 37 187 106 12 107 115 128 162 26 
+21 223 170 18 55 87 165 241 2 179 202 8 80 11 207 206 82 82 35 137 34 81 176 
+116 231 183 73 163 82 123 188 115 216 213 86 156 16 140 208 153 154 210 68 33 
+222 155 69 89 80 120 14 22 238 119 5 62 132 148 221 208 18 205 26 224 70 192 80 
+167 156 125 191 24 44 191 180 14 131 45 200 140 99 102 73 54 31 42 32 57 2 44 9 
+89 236 69 177 131 180 149 80 208 65 103 129 177 219 231 230 215 1 35 28 227 20 
+79 17 237 219 96 37 52 157 72 19 152 98 87 124 88 24 241 49 77 40 226 229 71 92 
+10 192 236 116 75 234 154 54 119 93 113 213 39 14 178 187 59 114 4 162 223 123 
+120 217 113 16 181 117 131 92 98 243 73 7 133 204 79 152 186 138 184 223 61 232 
+239 175 107 6 77 81 114 207 9 1 185 232 42 73 210 224 226 141 20 11 98 155 22 
+191 221 146 109 227 88 71 139 152 51 189 21 135 119 202 164 29 195 51 148 112 
+157 181 49 233 233 145 94 13 122 64 94 169 71 4 203 111 101 58 105 44 56 231 74 
+22 82 170 86 197 169 118 146 41 85 6 118 234 92 145 141 149 ^
+484 1 219 32 243 208 200 48 48 21 178 13 40 115 178 232 197 196 218 61 14 4 183 
+60 23 93 136 50 202 229 99 120 245 143 5 134 128 151 130 32 236 34 124 68 215 
+182 82 112 46 126 229 92 192 169 163 159 49 19 17 136 43 28 140 119 28 160 47 
+104 140 126 202 236 27 196 225 235 90 230 16 158 132 240 130 39 164 123 104 147 
+54 32 216 119 35 75 123 97 232 224 52 137 21 185 187 129 95 24 71 47 97 212 50 
+222 144 188 100 91 228 101 35 122 153 92 172 241 74 179 203 180 167 2 36 39 191 
+225 23 120 238 215 175 154 36 66 34 131 242 45 162 161 210 142 14 223 81 141 63 
+168 199 104 167 228 121 209 198 133 184 24 91 221 173 192 142 61 7 76 94 80 190 
+8 40 162 208 227 150 213 240 103 196 245 150 179 223 108 243 228 128 124 41 113 
+17 109 187 109 180 194 91 201 12 116 149 215 155 226 206 86 201 46 133 157 168 
+172 2 2 9 183 26 6 98 183 33 180 174 163 125 19 24 64 119 8 232 204 124 48 41 
+106 89 33 207 30 82 85 203 207 10 154 9 210 115 171 58 108 216 126 209 164 103 
+176 71 74 199 131 10 147 81 134 135 79 219 12 69 132 220 202 209 171 31 19 51 
+166 38 227 157 141 70 83 29 84 67 217 97 205 122 133 164 96 2 241 94 107 33 160 
+87 145 186 185 214 231 14 243 9 230 43 1 38 200 55 222 110 158 105 138 211 79 
+226 186 158 112 66 54 59 72 25 8 13 60 43 21 212 30 48 68 195 8 239 132 213 28 
+133 191 198 167 201 19 44 238 208 1 65 56 220 195 35 95 51 173 212 57 137 233 
+168 192 176 78 2 29 111 102 232 177 22 129 68 168 165 74 172 29 104 174 156 197 
+189 44 218 34 158 85 210 135 99 147 101 62 224 59 52 110 178 20 214 204 171 78 
+36 46 106 55 3 212 77 65 63 148 25 15 187 136 23 100 64 139 182 62 197 216 146 
+137 240 96 22 156 170 87 125 12 96 234 139 175 134 108 236 54 52 144 195 28 167 
+221 193 120 218 41 86 174 190 227 184 243 235 56 213 21 205 115 205 71 ^
+506 0 110 165 141 238 206 37 169 45 187 134 142 124 66 5 36 71 79 235 231 5 105 
+22 239 166 101 49 86 83 65 224 21 31 102 221 3 190 147 231 79 56 182 165 36 140 
+30 147 157 128 149 3 47 245 159 217 68 99 203 167 235 157 54 193 91 116 122 120 
+236 7 20 145 242 5 141 164 7 125 238 175 143 153 81 45 8 85 54 50 189 49 17 127 
+153 45 151 240 121 160 177 132 227 1 63 166 244 204 158 188 53 59 231 148 12 94 
+96 154 184 11 208 236 186 69 233 63 135 97 183 194 51 180 2 161 132 191 107 42 
+207 102 78 101 118 37 243 244 94 60 12 163 47 66 110 129 247 217 247 148 43 236 
+117 118 73 137 12 58 202 138 220 117 82 179 116 53 164 76 81 150 101 13 192 62 
+106 87 143 222 32 205 187 203 93 31 245 123 75 52 135 66 41 178 87 38 129 104 
+62 175 38 55 153 155 244 168 16 172 94 170 105 91 190 78 27 167 130 64 126 55 
+79 199 84 237 146 128 113 109 31 33 17 96 11 29 187 98 103 107 116 158 14 9 219 
+162 18 51 75 157 233 242 179 190 4 76 7 199 194 82 74 23 125 26 69 164 112 223 
+171 65 155 70 119 176 103 212 209 86 152 16 136 200 149 146 202 64 21 210 151 
+61 77 72 108 2 18 230 119 245 54 124 140 209 196 2 197 26 212 66 184 80 159 148 
+117 187 24 44 191 176 246 119 33 196 140 99 98 69 54 19 42 28 53 238 32 241 81 
+224 57 173 123 180 145 68 204 53 95 125 169 219 231 222 211 1 27 24 223 240 16 
+67 1 237 215 84 25 40 149 72 3 152 90 87 112 80 16 241 45 77 36 214 229 59 88 
+246 188 232 108 71 222 142 50 115 93 105 201 35 6 170 179 47 102 4 150 211 111 
+120 205 113 4 181 105 127 84 94 239 61 3 121 196 71 148 186 138 184 223 61 220 
+227 175 107 6 65 81 114 207 245 233 173 228 30 73 206 216 218 133 8 11 98 143 
+10 179 221 146 97 219 88 67 139 144 39 189 13 123 111 194 156 25 183 51 144 108 
+145 173 49 229 233 137 86 9 114 64 90 161 63 240 195 111 89 58 97 40 44 227 70 
+14 78 170 74 197 169 114 138 41 73 242 110 234 177 ^
+491 0 145 135 155 207 20 243 208 200 40 48 21 170 5 40 111 178 228 189 196 210 
+49 6 246 171 56 23 85 128 46 198 217 95 108 241 135 247 130 116 151 130 24 228 
+34 116 56 207 178 70 112 42 118 221 80 184 157 151 159 37 19 5 132 31 24 136 
+111 20 148 35 104 132 126 194 232 19 192 225 223 90 230 12 146 120 228 126 39 
+152 115 100 147 50 28 216 107 35 75 119 85 220 216 44 125 17 185 179 121 95 16 
+71 39 89 208 42 210 144 176 92 79 228 97 23 114 141 84 172 233 70 175 199 176 
+155 236 36 31 179 213 15 112 226 211 163 146 28 58 30 131 230 41 162 161 202 
+142 14 219 73 141 55 156 195 96 159 224 109 197 198 125 172 12 83 213 173 192 
+130 53 241 72 90 72 182 242 28 150 200 227 138 213 236 99 188 237 150 171 211 
+100 239 220 124 124 29 109 13 105 183 109 168 182 87 201 246 108 149 215 151 
+222 194 74 189 38 133 145 164 168 248 244 9 183 14 248 86 179 29 172 170 163 
+117 15 20 56 115 8 224 204 120 44 33 94 89 21 199 18 78 85 191 203 6 154 1 210 
+115 163 54 108 212 122 209 156 103 176 63 66 187 123 10 139 77 126 131 75 211 8 
+69 124 216 202 205 171 27 7 47 154 30 223 153 137 70 83 29 80 67 209 93 193 118 
+129 160 88 2 229 82 99 33 160 246 79 133 174 177 206 219 10 231 247 222 39 247 
+38 196 55 222 102 154 93 130 211 71 226 182 150 108 54 42 55 64 25 1 52 35 9 
+212 30 36 60 195 4 239 128 201 28 121 187 186 167 197 11 32 230 196 239 65 44 
+220 187 31 87 43 169 204 57 137 225 160 180 172 78 240 21 107 98 232 177 22 129 
+68 168 153 74 160 25 92 174 148 193 181 36 218 22 158 81 206 127 87 135 89 50 
+212 59 52 98 166 20 214 192 159 66 32 46 106 47 249 200 69 61 59 144 21 15 175 
+136 19 100 52 127 182 58 185 208 134 133 240 84 14 156 166 83 121 96 222 131 
+167 134 104 224 46 40 140 191 16 163 209 185 116 214 37 82 162 190 215 180 235 
+235 48 205 13 197 103 205 76 104 161 139 232 146 ^
+516 0 33 165 33 175 122 134 112 66 1 24 59 67 231 219 5 101 14 227 158 89 41 82 
+71 61 224 13 23 102 213 3 186 143 223 71 56 174 165 28 136 22 139 157 116 137 
+247 43 233 155 217 64 91 203 155 227 153 50 193 87 116 122 108 236 7 16 137 242 
+245 133 160 251 125 238 163 139 141 77 37 77 42 50 177 37 5 127 153 45 143 228 
+121 156 169 120 219 241 51 166 232 192 150 188 53 55 227 148 82 92 150 172 3 
+196 232 182 61 229 63 123 97 179 194 39 172 250 157 132 187 95 38 199 94 70 93 
+118 37 231 240 94 60 4 159 47 58 110 125 243 213 239 136 43 228 105 106 69 125 
+12 50 198 126 216 117 74 175 112 45 164 76 69 146 101 9 188 58 94 75 143 218 32 
+197 179 199 89 31 245 123 71 40 135 54 33 170 83 34 117 100 62 171 30 51 145 
+143 244 160 4 164 86 158 105 91 182 66 27 163 118 52 118 47 79 199 84 233 134 
+128 105 101 19 25 17 84 7 21 187 90 240 99 99 104 154 2 249 215 154 18 47 63 
+149 225 238 179 178 72 3 191 182 82 66 11 113 18 57 152 108 215 159 57 147 58 
+115 164 91 208 205 86 148 16 132 192 145 138 194 60 9 198 147 53 65 64 96 242 
+14 222 119 241 46 116 132 197 184 238 189 26 200 62 176 80 151 140 109 183 24 
+44 191 172 234 107 21 192 140 99 94 65 54 7 42 24 49 230 20 229 73 212 45 169 
+115 180 141 56 200 41 87 121 161 219 231 214 207 1 19 20 219 236 12 55 237 237 
+211 72 13 28 141 72 239 152 82 87 100 72 8 241 41 77 32 202 229 47 84 238 184 
+228 100 67 210 130 46 111 93 97 189 31 250 162 171 35 90 4 138 199 99 120 193 
+113 244 181 93 123 76 90 235 49 251 109 188 63 144 186 138 184 223 61 208 215 
+175 107 6 53 81 114 207 237 221 161 224 18 73 202 208 210 125 248 11 98 131 250 
+167 221 146 85 211 88 63 139 136 27 189 5 111 103 186 148 21 171 51 140 104 133 
+165 49 225 233 129 78 5 106 64 86 153 55 232 187 111 77 58 89 36 32 223 66 6 74 
+170 62 197 169 110 130 41 61 234 102 234 92 145 133 155 201 14 243 208 200 36 
+48 21 166 1 40 109 178 147 ^
+522 0 179 196 200 34 251 241 156 51 23 75 118 41 193 202 90 93 236 125 242 125 
+101 151 130 14 218 34 106 41 197 173 55 112 37 108 211 65 174 142 136 159 22 19 
+245 127 16 19 131 101 10 133 20 104 122 126 184 227 9 187 225 208 90 230 7 131 
+105 213 121 39 137 105 95 147 45 23 216 92 35 75 114 70 205 206 34 110 12 185 
+169 111 95 6 71 29 79 203 32 195 144 161 82 64 228 92 8 104 126 74 172 223 65 
+170 194 171 140 221 36 21 164 198 5 102 211 206 148 136 18 48 25 131 215 36 162 
+161 192 142 14 214 63 141 45 141 190 86 149 219 94 182 198 115 157 252 73 203 
+173 192 115 43 226 67 85 62 172 227 13 135 190 227 123 213 231 94 178 227 150 
+161 196 90 234 210 119 124 14 104 8 100 178 109 153 167 82 201 231 98 149 215 
+146 217 179 59 174 28 133 130 159 163 248 239 9 183 254 243 71 174 24 162 165 
+163 107 10 15 46 110 8 214 204 115 39 23 79 89 6 189 3 73 85 176 198 1 154 246 
+210 115 153 49 108 207 117 209 146 103 176 53 56 172 113 10 129 72 116 126 70 
+201 3 69 114 211 202 200 171 22 247 42 139 20 218 148 132 70 83 29 75 67 199 88 
+178 113 124 155 78 2 214 67 89 33 160 246 69 118 159 167 196 204 5 216 237 212 
+34 247 38 191 55 222 92 149 78 120 211 61 226 177 140 103 39 27 50 54 25 245 
+241 42 25 249 212 30 21 50 195 254 239 123 186 28 106 182 171 167 192 1 17 220 
+181 229 65 29 220 177 26 77 33 164 194 57 137 215 150 165 167 78 230 11 102 93 
+232 177 22 129 68 168 138 74 145 20 77 174 138 188 171 26 218 7 158 76 201 117 
+72 120 74 35 197 59 52 83 151 20 214 177 144 51 27 46 106 37 249 185 59 56 54 
+139 16 15 160 136 14 100 37 112 182 53 170 198 119 128 240 69 4 156 161 78 116 
+240 96 207 121 157 134 99 209 36 25 135 186 1 158 194 175 111 209 32 77 147 190 
+200 175 225 235 38 195 3 187 88 205 61 89 151 134 217 206 30 162 24 166 113 128 
+103 66 253 15 50 58 228 210 5 98 8 218 152 80 35 79 62 58 224 7 17 102 207 3 
+183 140 217 65 56 168 165 22 133 16 133 157 107 128 244 12 ^
+517 1 218 150 217 59 81 203 140 217 148 45 193 82 116 122 93 236 7 11 127 242 
+235 123 155 246 125 238 148 134 126 72 27 247 67 27 50 162 22 247 127 153 45 
+133 213 121 151 159 105 209 231 36 166 217 177 140 188 53 50 222 148 242 67 87 
+145 157 250 181 227 177 51 224 63 108 97 174 194 24 162 250 152 132 182 80 33 
+189 84 60 83 118 37 216 235 94 60 251 154 47 48 110 120 238 208 229 121 43 218 
+90 91 64 110 12 40 193 111 211 117 64 170 107 35 164 76 54 141 101 4 183 53 79 
+60 143 213 32 187 169 194 84 31 245 123 66 25 135 39 23 160 78 29 102 95 62 166 
+20 46 135 128 244 150 246 154 76 143 105 91 172 51 27 158 103 37 108 37 79 199 
+84 228 119 128 95 91 4 15 17 69 2 11 187 80 230 94 89 89 149 244 239 210 144 18 
+42 48 139 215 233 179 163 252 67 255 181 167 82 56 253 98 8 42 137 103 205 144 
+47 137 43 110 149 76 203 200 86 143 16 127 182 140 128 184 55 251 183 142 43 50 
+54 81 232 9 212 119 236 36 106 122 182 169 223 179 26 185 57 166 80 141 130 99 
+178 24 44 191 167 219 92 6 187 140 99 89 60 54 249 42 19 44 220 5 214 63 197 30 
+164 105 180 136 41 195 26 77 116 151 219 231 204 202 1 9 15 214 231 7 40 222 
+237 206 57 255 13 131 72 224 152 72 87 85 62 255 241 36 77 27 187 229 32 79 228 
+179 223 90 62 195 115 41 106 93 87 174 26 245 152 161 20 75 4 123 184 84 120 
+178 113 234 181 78 118 66 85 230 34 251 94 178 53 139 186 138 184 223 61 193 
+200 175 107 6 38 81 114 207 227 206 146 219 3 73 197 198 200 115 238 11 98 116 
+240 152 221 146 70 201 88 58 139 126 12 189 252 96 93 176 138 16 156 51 135 99 
+118 155 49 220 233 119 68 96 64 81 143 45 222 177 111 62 58 79 31 17 218 61 253 
+69 170 47 197 169 105 120 41 46 224 92 234 92 145 128 155 186 256 243 208 200 
+26 48 21 156 248 40 104 178 221 175 196 196 28 249 239 150 49 23 71 114 39 191 
+196 88 87 234 121 240 123 95 151 130 10 214 34 102 35 193 171 49 112 35 104 207 
+59 170 136 130 159 16 19 241 125 213 ^
+529 1 15 127 93 2 121 8 104 114 126 176 223 1 183 225 196 90 230 3 119 93 201 
+117 39 125 97 91 147 41 19 216 80 35 75 110 58 193 198 26 98 8 185 161 103 95 
+257 71 21 71 199 24 183 144 149 74 52 228 88 255 96 114 66 172 215 61 166 190 
+167 128 209 36 13 152 186 256 94 199 202 136 128 10 40 21 131 203 32 162 161 
+184 142 14 210 55 141 37 129 186 78 141 215 82 170 198 107 145 244 65 195 173 
+192 103 35 214 63 81 54 164 215 1 123 182 227 111 213 227 90 170 219 150 153 
+184 82 230 202 115 124 2 100 4 96 174 109 141 155 78 201 219 90 149 215 142 213 
+167 47 162 20 133 118 155 159 248 235 9 183 246 239 59 170 20 154 161 163 99 6 
+11 38 106 8 206 204 111 35 15 67 89 253 181 250 69 85 164 194 256 154 242 210 
+115 145 45 108 203 113 209 138 103 176 45 48 160 105 10 121 68 108 122 66 193 
+258 69 106 207 202 196 171 18 239 38 127 12 214 144 128 70 83 29 71 67 191 84 
+166 109 120 151 70 2 202 55 81 33 160 246 61 106 147 159 188 192 1 204 229 204 
+30 247 38 187 55 222 84 145 66 112 211 53 226 173 132 99 27 15 46 46 25 241 233 
+34 17 241 212 30 9 42 195 254 239 119 174 28 94 178 159 167 188 252 5 212 169 
+221 65 17 220 169 22 69 25 160 186 57 137 207 142 153 163 78 222 3 98 89 232 
+177 22 129 68 168 126 74 133 16 65 174 130 184 163 18 218 254 158 72 197 109 60 
+108 62 23 185 59 52 71 139 20 214 165 132 39 23 46 106 29 249 173 51 52 50 135 
+12 15 148 136 10 100 25 100 182 49 158 190 107 124 240 57 255 156 157 74 112 
+232 96 195 113 149 134 95 197 28 13 131 182 248 154 182 167 107 205 28 73 135 
+190 188 171 217 235 30 187 254 179 76 205 49 77 143 130 205 206 26 158 12 154 
+101 120 91 66 253 3 38 46 224 198 5 94 206 144 68 27 75 50 54 224 258 9 102 199 
+3 179 136 209 57 56 160 165 14 129 8 125 157 95 116 240 36 212 148 217 57 77 
+203 134 213 146 43 193 80 116 122 87 236 7 9 123 242 231 119 153 244 125 238 
+142 132 120 70 23 245 63 21 50 156 16 243 127 153 45 129 207 121 149 155 99 205 
+227 30 166 211 57 ^
+548 0 134 188 53 47 219 148 236 58 84 142 148 247 172 224 174 45 221 63 99 97 
+171 194 15 156 250 149 132 179 71 30 183 78 54 77 118 37 207 232 94 60 248 151 
+47 42 110 117 235 205 223 112 43 212 81 82 61 101 12 34 190 102 208 117 58 167 
+104 29 164 76 45 138 101 1 180 50 70 51 143 210 32 181 163 191 81 31 245 123 63 
+16 135 30 17 154 75 26 93 92 62 163 14 43 129 119 244 144 240 148 70 134 105 91 
+166 42 27 155 94 28 102 31 79 199 84 225 110 128 89 85 255 9 17 60 259 5 187 74 
+224 91 83 80 146 238 233 207 138 18 39 39 133 209 230 179 154 252 64 255 175 
+158 82 50 247 89 2 33 128 100 199 135 41 131 34 107 140 67 200 197 86 140 16 
+124 176 137 122 178 52 245 174 139 37 41 48 72 226 6 206 119 233 30 100 116 173 
+160 214 173 26 176 54 160 80 135 124 93 175 24 44 191 164 210 83 257 184 140 99 
+86 57 54 243 42 16 41 214 256 205 57 188 21 161 99 180 133 32 192 17 71 113 145 
+219 231 198 199 1 3 12 211 228 4 31 213 237 203 48 249 4 125 72 215 152 66 87 
+76 56 252 241 33 77 24 178 229 23 76 222 176 220 84 59 186 106 38 103 93 81 165 
+23 242 146 155 11 66 4 114 175 75 120 169 113 228 181 69 115 60 82 227 25 251 
+85 172 47 136 186 138 184 223 61 184 191 175 107 6 29 81 114 207 221 197 137 
+216 254 73 194 192 194 109 232 11 98 107 234 143 221 146 61 195 88 55 139 120 3 
+189 249 87 87 170 132 13 147 51 132 96 109 149 49 217 233 113 62 257 90 64 78 
+137 39 216 171 111 53 58 73 28 8 215 58 250 66 170 38 197 169 102 114 41 37 218 
+86 234 92 145 125 155 177 250 243 208 200 20 48 21 150 245 40 101 178 218 169 
+196 190 19 246 236 141 46 23 65 108 36 188 187 85 78 231 115 237 120 86 151 130 
+4 208 34 96 26 187 168 40 112 32 98 201 50 164 127 121 159 7 19 235 122 1 14 
+126 91 118 5 104 112 126 174 222 259 182 225 193 90 230 2 116 90 198 116 39 122 
+95 90 147 40 18 216 77 35 75 109 55 190 196 24 95 7 185 159 101 95 256 71 19 69 
+198 22 180 144 146 72 49 228 87 253 94 111 64 172 213 60 165 189 166 125 206 36 
+11 149 183 255 92 196 201 133 126 8 38 20 131 213 ^
+547 0 29 162 161 178 142 14 207 49 141 31 120 183 72 135 212 73 161 198 101 136 
+238 59 189 173 192 94 29 205 60 78 48 158 206 254 114 176 227 102 213 224 87 
+164 213 150 147 175 76 227 196 112 124 255 97 1 93 171 109 132 146 75 201 210 
+84 149 215 139 210 158 38 153 14 133 109 152 156 248 232 9 183 240 236 50 167 
+17 148 158 163 93 3 8 32 103 8 200 204 108 32 9 58 89 247 175 244 66 85 155 191 
+256 154 239 210 115 139 42 108 200 110 209 132 103 176 39 42 151 99 10 115 65 
+102 119 63 187 258 69 100 204 202 193 171 15 233 35 118 6 211 141 125 70 83 29 
+68 67 185 81 157 106 117 148 64 2 193 46 75 33 160 246 55 97 138 153 182 183 
+260 195 223 198 27 247 38 184 55 222 78 142 57 106 211 47 226 170 126 96 18 6 
+43 40 25 238 227 28 11 235 212 30 36 195 254 239 116 165 28 85 175 150 167 185 
+249 258 206 160 215 65 8 220 163 19 63 19 157 180 57 137 201 136 144 160 78 216 
+259 95 86 232 177 22 129 68 168 117 74 124 13 56 174 124 181 157 12 218 248 158 
+69 194 103 51 99 53 14 176 59 52 62 130 20 214 156 123 30 20 46 106 23 249 164 
+45 49 47 132 9 15 139 136 7 100 16 91 182 46 149 184 98 121 240 48 252 156 154 
+71 109 226 96 186 107 143 134 92 188 22 4 128 179 242 151 173 161 104 202 25 70 
+126 190 179 168 211 235 24 181 251 173 67 205 40 68 137 127 196 206 23 155 3 
+145 92 114 82 66 253 256 29 37 221 189 5 91 256 197 138 59 21 72 41 51 224 255 
+3 102 193 3 176 133 203 51 56 154 165 8 126 2 119 157 86 107 237 33 203 145 217 
+54 71 203 125 207 143 40 193 77 116 122 78 236 7 6 117 242 225 113 150 241 125 
+238 133 129 111 67 17 242 57 12 50 147 7 237 127 153 45 123 198 121 146 149 90 
+199 221 21 166 202 162 130 188 53 45 217 148 232 52 82 140 142 245 166 222 172 
+41 219 63 93 97 169 194 9 152 250 147 132 177 65 28 179 74 50 73 118 37 201 230 
+94 60 246 149 47 38 110 115 233 203 219 106 43 208 75 76 59 95 12 30 188 96 206 
+117 54 165 102 25 164 76 39 136 101 261 178 48 64 45 143 208 32 177 159 189 79 
+31 245 123 61 10 135 24 13 150 73 24 87 90 62 161 10 41 125 209 ^
+542 1 244 136 232 140 62 122 105 91 158 30 27 151 82 16 94 23 79 199 84 221 98 
+128 81 77 247 1 17 48 259 261 187 66 216 87 75 68 142 230 225 203 130 18 35 27 
+125 201 226 179 142 252 60 255 167 146 82 42 239 77 258 21 116 96 191 123 33 
+123 22 103 128 55 196 193 86 136 16 120 168 133 114 170 48 237 162 135 29 29 40 
+60 218 2 198 119 229 22 92 108 161 148 202 165 26 164 50 152 80 127 116 85 171 
+24 44 191 160 198 71 249 180 140 99 82 53 54 235 42 12 37 206 248 193 49 176 9 
+157 91 180 129 20 188 5 63 109 137 219 231 190 195 1 259 8 207 224 19 201 237 
+199 36 241 256 117 72 203 152 58 87 64 48 248 241 29 77 20 166 229 11 72 214 
+172 216 76 55 174 94 34 99 93 73 153 19 238 138 147 263 54 4 102 163 63 120 157 
+113 220 181 57 111 52 78 223 13 251 73 164 39 132 186 138 184 223 61 172 179 
+175 107 6 17 81 114 207 213 185 125 212 246 73 190 184 186 101 224 11 98 95 226 
+131 221 146 49 187 88 51 139 112 255 189 245 75 79 162 124 9 135 51 128 92 97 
+141 49 213 233 105 54 257 82 64 74 129 31 208 163 111 41 58 65 24 260 211 54 
+246 62 170 26 197 169 98 106 41 25 210 78 234 92 145 121 155 165 242 243 208 
+200 12 48 21 142 241 40 97 178 214 161 196 182 7 242 232 129 42 23 57 100 32 
+184 175 81 66 227 107 233 116 74 151 130 260 200 34 88 14 179 164 28 112 28 90 
+193 38 156 115 109 159 259 19 227 118 253 10 122 83 256 106 257 104 104 126 166 
+218 255 178 225 181 90 230 262 104 78 186 112 39 110 87 86 147 36 14 216 65 35 
+75 105 43 178 188 16 83 3 185 151 93 95 252 71 11 61 194 14 168 144 134 64 37 
+228 83 245 86 99 56 172 205 56 161 185 162 113 194 36 3 137 171 251 84 184 197 
+121 118 30 16 131 188 27 162 161 174 142 14 205 45 141 27 114 181 68 131 210 67 
+155 198 97 130 234 55 185 173 192 88 25 199 58 76 44 154 200 250 108 172 227 96 
+213 222 85 160 209 150 143 169 72 225 192 110 124 251 95 263 91 169 109 126 140 
+73 201 204 80 149 215 137 208 152 32 147 10 133 103 150 154 248 230 9 183 236 
+234 44 165 15 144 156 163 89 1 6 28 101 8 196 204 106 164 ^
+567 0 1 46 89 239 167 236 62 85 143 187 256 154 235 210 115 131 38 108 196 106 
+209 124 103 176 31 34 139 91 10 107 61 94 115 59 179 258 69 92 200 202 189 171 
+11 225 31 106 264 207 137 121 70 83 29 64 67 177 77 145 102 113 144 56 2 181 34 
+67 33 160 246 47 85 126 145 174 171 260 183 215 190 23 247 38 180 55 222 70 138 
+45 98 211 39 226 166 118 92 6 260 39 32 25 234 219 20 3 227 212 30 254 28 195 
+254 239 112 153 28 73 171 138 167 181 245 250 198 148 207 65 262 220 155 15 55 
+11 153 172 57 137 193 128 132 156 78 208 255 91 82 232 177 22 129 68 168 105 74 
+112 9 44 174 116 177 149 4 218 240 158 65 190 95 39 87 41 2 164 59 52 50 118 20 
+214 144 111 18 16 46 106 15 249 152 37 45 43 128 5 15 127 136 3 100 4 79 182 42 
+137 176 86 117 240 36 248 156 150 67 105 218 96 174 99 135 134 88 176 14 258 
+124 175 234 147 161 153 100 198 21 66 114 190 167 164 203 235 16 173 247 165 55 
+205 28 56 129 123 184 206 19 151 257 133 80 106 70 66 253 248 17 25 217 177 5 
+87 252 185 130 47 13 68 29 47 224 251 261 102 185 3 172 129 195 43 56 146 165 
+122 260 111 157 74 95 233 29 191 141 217 50 63 203 113 199 139 36 193 73 116 
+122 66 236 7 2 109 242 217 105 146 237 125 238 121 125 99 63 9 238 49 50 135 
+261 229 127 153 45 115 186 121 142 141 78 191 213 9 166 190 150 122 188 53 41 
+213 148 224 40 78 136 130 241 154 218 168 33 215 63 81 97 165 194 263 144 250 
+143 132 173 53 24 171 66 42 65 118 37 189 226 94 60 242 145 47 30 110 111 229 
+199 211 94 43 200 63 64 55 83 12 22 184 84 202 117 46 161 98 17 164 76 27 132 
+101 261 174 44 52 33 143 204 32 169 151 185 75 31 245 123 57 264 135 12 5 142 
+69 20 75 86 62 157 2 37 117 101 244 132 228 136 58 116 105 91 154 24 27 149 76 
+10 90 19 79 199 84 219 92 128 77 73 243 263 17 42 259 259 187 62 212 85 71 62 
+140 226 221 201 126 18 33 21 121 197 224 179 136 252 58 255 163 140 82 38 235 
+71 256 15 110 94 187 117 29 119 16 101 122 49 194 191 86 134 16 118 164 131 110 
+166 46 233 156 133 25 23 36 54 214 194 119 227 18 88 104 155 142 196 161 26 158 
+48 148 80 123 112 81 169 24 44 191 158 192 65 245 178 140 223 ^
+551 1 78 49 54 227 42 8 33 198 240 181 41 164 265 153 83 180 125 8 184 261 55 
+105 129 219 231 182 191 1 255 4 203 220 264 7 189 237 195 24 233 248 109 72 191 
+152 50 87 52 40 244 241 25 77 16 154 229 267 68 206 168 212 68 51 162 82 30 95 
+93 65 141 15 234 130 139 255 42 4 90 151 51 120 145 113 212 181 45 107 44 74 
+219 1 251 61 156 31 128 186 138 184 223 61 160 167 175 107 6 5 81 114 207 205 
+173 113 208 238 73 186 176 178 93 216 11 98 83 218 119 221 146 37 179 88 47 139 
+104 247 189 241 63 71 154 116 5 123 51 124 88 85 133 49 209 233 97 46 257 74 64 
+70 121 23 200 155 111 29 58 57 20 252 207 50 242 58 170 14 197 169 94 98 41 13 
+202 70 234 92 145 117 155 153 234 243 208 200 4 48 21 134 237 40 93 178 210 153 
+196 174 263 238 228 117 38 23 49 92 28 180 163 77 54 223 99 229 112 62 151 130 
+256 192 34 80 2 171 160 16 112 24 82 185 26 148 103 97 159 251 19 219 114 245 6 
+118 75 252 94 249 104 96 126 158 214 251 174 225 169 90 230 262 92 66 174 108 
+39 98 79 82 147 32 10 216 53 35 75 101 31 166 180 8 71 267 185 143 85 95 248 71 
+3 53 190 6 156 144 122 56 25 228 79 237 78 87 48 172 197 52 157 181 158 101 182 
+36 263 125 159 247 76 172 193 109 110 260 22 12 131 176 23 162 161 166 142 14 
+201 37 141 19 102 177 60 123 206 55 143 198 89 118 226 47 177 173 192 76 17 187 
+54 72 36 146 188 242 96 164 227 84 213 218 81 152 201 150 135 157 64 221 184 
+106 124 243 91 263 87 165 109 114 128 69 201 192 72 149 215 133 204 140 20 135 
+2 133 91 146 150 248 226 9 183 228 230 32 161 11 136 152 163 81 265 2 20 97 8 
+188 204 102 26 265 40 89 235 163 232 60 85 137 185 256 154 233 210 115 127 36 
+108 194 104 209 120 103 176 27 30 133 87 10 103 59 90 113 57 175 258 69 88 198 
+202 187 171 9 221 29 100 262 205 135 119 70 83 29 62 67 173 75 139 100 111 142 
+52 2 175 28 63 33 160 246 43 79 120 141 170 165 260 177 211 186 21 247 38 178 
+55 222 66 136 39 94 211 35 226 164 114 90 256 37 28 25 232 215 16 267 223 212 
+30 250 24 195 254 239 110 147 28 67 169 132 167 179 243 246 194 142 203 65 263 ^
+578 0 220 147 11 47 3 149 164 57 137 185 120 120 152 78 200 251 87 78 232 177 
+22 129 68 168 93 74 100 5 32 174 108 173 141 266 218 232 158 61 186 87 27 75 29 
+260 152 59 52 38 106 20 214 132 99 6 12 46 106 7 249 140 29 41 39 124 1 15 115 
+136 269 100 262 67 182 38 125 168 74 113 240 24 244 156 146 63 101 210 96 162 
+91 127 134 84 164 6 250 120 171 226 143 149 145 96 194 17 62 102 190 155 160 
+195 235 8 165 243 157 43 205 16 44 121 119 172 206 15 147 249 121 68 98 58 66 
+253 240 5 13 213 165 5 83 248 173 122 35 5 64 17 43 224 247 257 102 177 3 168 
+125 187 35 56 138 165 262 118 256 103 157 62 83 229 25 179 137 217 46 55 203 
+101 191 135 32 193 69 116 122 54 236 7 268 101 242 209 97 142 233 125 238 109 
+121 87 59 1 234 41 258 50 123 253 221 127 153 45 107 174 121 138 133 66 183 205 
+267 166 178 138 114 188 53 37 209 148 216 28 74 132 118 237 142 214 164 25 211 
+63 69 97 161 194 255 136 250 139 132 169 41 20 163 58 34 57 118 37 177 222 94 
+60 238 141 47 22 110 107 225 195 203 82 43 192 51 52 51 71 12 14 180 72 198 117 
+38 157 94 9 164 76 15 128 101 261 170 40 40 21 143 200 32 161 143 181 71 31 245 
+123 53 256 135 267 134 65 16 63 82 62 153 264 33 109 89 244 124 220 128 50 104 
+105 91 146 12 27 145 64 268 82 11 79 199 84 215 80 128 69 65 235 259 17 30 259 
+255 187 54 204 81 63 50 136 218 213 197 118 18 29 9 113 189 220 179 124 252 54 
+255 155 128 82 30 227 59 252 3 98 90 179 105 21 111 4 97 110 37 190 187 86 130 
+16 114 156 127 102 158 42 225 144 129 17 11 28 42 206 266 186 119 223 10 80 96 
+143 130 184 153 26 146 44 140 80 115 104 73 165 24 44 191 154 180 53 237 174 
+140 99 76 47 54 223 42 6 31 194 236 175 37 158 261 151 79 180 123 2 182 257 51 
+103 125 219 231 178 189 1 253 2 201 218 264 1 183 237 193 18 229 244 105 72 185 
+152 46 87 46 36 242 241 23 77 14 148 229 263 66 202 166 210 64 49 156 76 28 93 
+93 61 135 13 232 126 135 251 36 4 84 145 45 120 139 113 208 181 39 105 40 72 
+217 265 251 55 152 27 126 186 138 184 223 61 154 161 175 107 6 269 81 114 207 
+201 167 107 206 234 73 184 172 174 89 212 11 98 77 214 113 221 146 31 175 88 45 
+139 100 243 189 213 ^
+578 1 51 63 146 108 1 111 51 120 84 73 125 49 205 233 89 38 257 66 64 66 113 15 
+192 147 111 17 58 49 16 244 203 46 238 54 170 2 197 169 90 90 41 1 194 62 234 
+92 145 113 155 141 226 243 208 200 268 48 21 126 233 40 89 178 206 145 196 166 
+255 234 224 105 34 23 41 84 24 176 151 73 42 219 91 225 108 50 151 130 252 184 
+34 72 262 163 156 4 112 20 74 177 14 140 91 85 159 243 19 211 110 237 2 114 67 
+248 82 241 104 88 126 150 210 247 170 225 157 90 230 262 80 54 162 104 39 86 71 
+78 147 28 6 216 41 35 75 97 19 154 172 59 267 185 135 77 95 244 71 267 45 186 
+270 144 144 110 48 13 228 75 229 70 75 40 172 189 48 153 177 154 89 170 36 259 
+113 147 243 68 160 189 97 102 256 14 8 131 164 19 162 161 158 142 14 197 29 141 
+11 90 173 52 115 202 43 131 198 81 106 218 39 169 173 192 64 9 175 50 68 28 138 
+176 234 84 156 227 72 213 214 77 144 193 150 127 145 56 217 176 102 124 235 87 
+263 83 161 109 102 116 65 201 180 64 149 215 129 200 128 8 123 266 133 79 142 
+146 248 222 9 183 220 226 20 157 7 128 148 163 73 265 270 12 93 8 180 204 98 22 
+261 28 89 227 155 224 56 85 125 181 256 154 229 210 115 119 32 108 190 100 209 
+112 103 176 19 22 121 79 10 95 55 82 109 53 167 258 69 80 194 202 183 171 5 213 
+25 88 258 201 131 115 70 83 29 58 67 165 71 127 96 107 138 44 2 163 16 55 33 
+160 246 35 67 108 133 162 153 260 165 203 178 17 247 38 174 55 222 58 132 27 86 
+211 27 226 160 106 86 260 248 33 20 25 228 207 8 263 215 212 30 242 16 195 254 
+239 106 135 28 55 165 120 167 175 239 238 186 130 195 65 250 220 143 9 43 271 
+147 160 57 137 181 116 114 150 78 196 249 85 76 232 177 22 129 68 168 87 74 94 
+3 26 174 104 171 137 264 218 228 158 59 184 83 21 69 23 256 146 59 52 32 100 20 
+214 126 93 10 46 106 3 249 134 25 39 37 122 271 15 109 136 269 100 258 61 182 
+36 119 164 68 111 240 18 242 156 144 61 99 206 96 156 87 123 134 82 158 2 246 
+118 169 222 141 143 141 94 192 15 60 96 190 149 158 191 235 4 161 241 153 37 
+205 10 38 117 117 166 206 13 145 245 115 62 94 52 66 253 236 271 7 211 159 5 81 
+246 167 118 29 1 62 11 41 224 245 255 102 173 3 166 123 183 31 56 134 165 260 
+116 254 81 ^
+583 1 157 50 71 225 21 167 133 217 42 47 203 89 183 131 28 193 65 116 122 42 
+236 7 268 93 242 201 89 138 229 125 238 97 117 75 55 267 230 33 250 50 111 245 
+213 127 153 45 99 162 121 134 125 54 175 197 259 166 166 126 106 188 53 33 205 
+148 208 16 70 128 106 233 130 210 160 17 207 63 57 97 157 194 247 128 250 135 
+132 165 29 16 155 50 26 49 118 37 165 218 94 60 234 137 47 14 110 103 221 191 
+195 70 43 184 39 40 47 59 12 6 176 60 194 117 30 153 90 1 164 76 3 124 101 261 
+166 36 28 9 143 196 32 153 135 177 67 31 245 123 49 248 135 262 263 126 61 12 
+51 78 62 149 260 29 101 77 244 116 212 120 42 92 105 91 138 27 141 52 260 74 3 
+79 199 84 211 68 128 61 57 227 255 17 18 259 251 187 46 196 77 55 38 132 210 
+205 193 110 18 25 271 105 181 216 179 112 252 50 255 147 116 82 22 219 47 248 
+265 86 86 171 93 13 103 266 93 98 25 186 183 86 126 16 110 148 123 94 150 38 
+217 132 125 9 273 20 30 198 266 178 119 219 2 72 88 131 118 172 145 26 134 40 
+132 80 107 96 65 161 24 44 191 150 168 41 229 170 140 99 72 43 54 215 42 2 27 
+186 228 163 29 146 253 147 71 180 119 264 178 249 43 99 117 219 231 170 185 1 
+249 272 197 214 264 263 171 237 189 6 221 236 97 72 173 152 38 87 34 28 238 241 
+19 77 10 136 229 255 62 194 162 206 56 45 144 64 24 89 93 53 123 9 228 118 127 
+243 24 4 72 133 33 120 127 113 200 181 27 101 32 68 213 257 251 43 144 19 122 
+186 138 184 223 61 142 149 175 107 6 261 81 114 207 193 155 95 202 226 73 180 
+164 166 81 204 11 98 65 206 101 221 146 19 167 88 41 139 92 235 189 235 45 59 
+142 104 273 105 51 118 82 67 121 49 203 233 85 34 257 62 64 64 109 11 188 143 
+111 11 58 45 14 240 201 44 236 52 170 270 197 169 88 86 41 269 190 58 234 92 
+145 111 155 135 222 243 208 200 266 48 21 122 231 40 87 178 204 141 196 162 251 
+232 222 99 32 23 37 80 22 174 145 71 36 217 87 223 106 44 151 130 250 180 34 68 
+258 159 154 272 112 18 70 173 8 136 85 79 159 239 19 207 108 233 112 63 246 76 
+237 104 84 126 146 208 245 168 225 151 90 230 262 74 48 156 102 39 80 67 76 147 
+26 4 216 35 35 75 95 13 148 168 270 53 267 185 131 73 95 242 71 265 41 184 268 
+138 144 104 44 7 228 73 225 66 69 36 272 ^
+588 0 181 44 149 173 150 77 158 36 255 101 135 239 60 148 185 85 94 252 6 4 131 
+152 15 162 161 150 142 14 193 21 141 3 78 169 44 107 198 31 119 198 73 94 210 
+31 161 173 192 52 1 163 46 64 20 130 164 226 72 148 227 60 213 210 73 136 185 
+150 119 133 48 213 168 98 124 227 83 263 79 157 109 90 104 61 201 168 56 149 
+215 125 196 116 272 111 262 133 67 138 142 248 218 9 183 212 222 8 153 3 120 
+144 163 65 265 270 4 89 8 172 204 94 18 257 16 89 219 147 216 52 85 113 177 256 
+154 225 210 115 111 28 108 186 96 209 104 103 176 11 14 109 71 10 87 51 74 105 
+49 159 258 69 72 190 202 179 171 1 205 21 76 254 197 127 111 70 83 29 54 67 157 
+67 115 92 103 134 36 2 151 4 47 33 160 246 27 55 96 125 154 141 260 153 195 170 
+13 247 38 170 55 222 50 128 15 78 211 19 226 156 98 82 252 240 29 12 25 224 199 
+259 207 212 30 234 8 195 254 239 102 123 28 43 161 108 167 171 235 230 178 118 
+187 65 242 220 135 5 35 267 143 152 57 137 173 108 102 146 78 188 245 81 72 232 
+177 22 129 68 168 75 74 82 275 14 174 96 167 129 260 218 220 158 55 180 75 9 57 
+11 248 134 59 52 20 88 20 214 114 81 264 6 46 106 271 249 122 17 35 33 118 271 
+15 97 136 269 100 250 49 182 32 107 156 56 107 240 6 238 156 140 57 95 198 96 
+144 79 115 134 78 146 270 238 114 165 214 137 131 133 90 188 11 56 84 190 137 
+154 183 235 272 153 237 145 25 205 274 26 109 113 154 206 9 141 237 103 50 86 
+40 66 253 228 263 271 207 147 5 77 242 155 110 17 269 58 275 37 224 241 251 102 
+165 3 162 119 175 23 56 126 165 256 112 250 91 157 44 65 223 19 161 131 217 40 
+43 203 83 179 129 26 193 63 116 122 36 236 7 268 89 242 197 85 136 227 125 238 
+91 115 69 53 265 228 29 246 50 105 241 209 127 153 45 95 156 121 132 121 48 171 
+193 255 166 160 120 102 188 53 31 203 148 204 10 68 126 100 231 124 208 158 13 
+205 63 51 97 155 194 243 124 250 133 132 163 23 14 151 46 22 45 118 37 159 216 
+94 60 232 135 47 10 110 101 219 189 191 64 43 180 33 34 45 53 12 2 174 54 192 
+117 26 151 88 273 164 76 273 122 101 261 164 34 22 3 143 194 32 149 131 175 65 
+31 245 123 47 244 135 258 261 122 59 10 45 76 62 147 258 27 97 71 244 112 208 
+116 38 86 105 91 134 270 27 139 46 256 70 275 79 199 160 ^
+594 0 207 56 128 53 49 219 251 17 6 259 247 187 38 188 73 47 26 128 202 197 189 
+102 18 21 263 97 173 212 179 100 252 46 255 139 104 82 14 211 35 244 257 74 82 
+163 81 5 95 258 89 86 13 182 179 86 122 16 106 140 119 86 142 34 209 120 121 1 
+265 12 18 190 266 170 119 215 272 64 80 119 106 160 137 26 122 36 124 80 99 88 
+57 157 24 44 191 146 156 29 221 166 140 99 68 39 54 207 42 276 23 178 220 151 
+21 134 245 143 63 180 115 256 174 241 35 95 109 219 231 162 181 1 245 272 193 
+210 264 255 159 237 185 272 213 228 89 72 161 152 30 87 22 20 234 241 15 77 6 
+124 229 247 58 186 158 202 48 41 132 52 20 85 93 45 111 5 224 110 119 235 12 4 
+60 121 21 120 115 113 192 181 15 97 24 64 209 249 251 31 136 11 118 186 138 184 
+223 61 130 137 175 107 6 253 81 114 207 185 143 83 198 218 73 176 156 158 73 
+196 11 98 53 198 89 221 146 7 159 88 37 139 84 227 189 231 33 51 134 96 273 93 
+51 114 78 55 113 49 199 233 77 26 257 54 64 60 101 3 180 135 111 277 58 37 10 
+232 197 40 232 48 170 262 197 169 84 78 41 261 182 50 234 92 145 107 155 123 
+214 243 208 200 262 48 21 114 227 40 83 178 200 133 196 154 243 228 218 87 28 
+23 29 72 18 170 133 67 24 213 79 219 102 32 151 130 246 172 34 60 250 151 150 
+264 112 14 62 165 274 128 73 67 159 231 19 199 104 225 274 108 55 242 64 229 
+104 76 126 138 204 241 164 225 139 90 230 262 62 36 144 98 39 68 59 72 147 22 
+216 23 35 75 91 1 136 160 266 41 267 185 123 65 95 238 71 261 33 180 264 126 
+144 92 36 273 228 69 217 58 57 28 172 177 42 147 171 148 71 152 36 253 95 129 
+237 56 142 183 79 90 250 2 2 131 146 13 162 161 146 142 14 191 17 141 277 72 
+167 40 103 196 25 113 198 69 88 206 27 157 173 192 46 275 157 44 62 16 126 158 
+222 66 144 227 54 213 208 71 132 181 150 115 127 44 211 164 96 124 223 81 263 
+77 155 109 84 98 59 201 162 52 149 215 123 194 110 268 105 260 133 61 136 140 
+248 216 9 183 208 220 2 151 1 116 142 163 61 265 270 87 8 168 204 92 16 255 10 
+89 215 143 212 50 85 107 175 256 154 223 210 115 107 26 108 184 94 209 100 103 
+176 7 10 103 67 10 83 49 70 103 47 155 258 69 68 188 202 177 171 277 201 19 70 
+252 195 125 109 70 83 29 52 67 153 65 109 90 101 132 32 2 145 276 43 33 160 246 
+23 259 ^
+600 1 87 119 148 132 260 144 189 164 10 247 38 167 55 222 44 125 6 72 211 13 
+226 153 92 79 246 234 26 6 25 221 193 273 256 201 212 30 228 2 195 254 239 99 
+114 28 34 158 99 167 168 232 224 172 109 181 65 236 220 129 2 29 264 140 146 57 
+137 167 102 93 143 78 182 242 78 69 232 177 22 129 68 168 66 74 73 275 5 174 90 
+164 123 257 218 214 158 52 177 69 48 2 242 125 59 52 11 79 20 214 105 72 258 3 
+46 106 268 249 113 11 32 30 115 271 15 88 136 269 100 244 40 182 29 98 150 47 
+104 240 276 235 156 137 54 92 192 96 135 73 109 134 75 137 267 232 111 162 208 
+134 122 127 87 185 8 53 75 190 128 151 177 235 269 147 234 139 16 205 268 17 
+103 110 145 206 6 138 231 94 41 80 31 66 253 222 257 265 204 138 5 74 239 146 
+104 8 266 55 269 34 224 238 248 102 159 3 159 116 169 17 56 120 165 253 109 247 
+85 157 35 56 220 16 152 128 217 37 37 203 74 173 126 23 193 60 116 122 27 236 7 
+268 83 242 191 79 133 224 125 238 82 112 60 50 262 225 23 240 50 96 235 203 127 
+153 45 89 147 121 129 115 39 165 187 249 166 151 111 96 188 53 28 200 148 198 1 
+65 123 91 228 115 205 155 7 202 63 42 97 152 194 237 118 250 130 132 160 14 11 
+145 40 16 39 118 37 150 213 94 60 229 132 47 4 110 98 216 186 185 55 43 174 24 
+25 42 44 12 275 171 45 189 117 20 148 85 270 164 76 267 119 101 261 161 31 13 
+273 143 191 32 143 125 172 62 31 245 123 44 238 135 252 258 116 56 7 36 73 62 
+144 255 24 91 62 244 106 202 110 32 77 105 91 128 264 27 136 37 250 64 272 79 
+199 84 206 53 128 51 47 217 250 17 3 259 246 187 36 186 72 45 23 127 200 195 
+188 100 18 20 261 95 171 211 179 97 252 45 255 137 101 82 12 209 32 243 255 71 
+81 161 78 3 93 256 88 83 10 181 178 86 121 16 105 138 118 84 140 33 207 117 120 
+278 263 10 15 188 266 168 119 214 271 62 78 116 103 157 135 26 119 35 122 80 97 
+86 55 156 24 44 191 145 153 26 219 165 140 99 67 38 54 205 42 276 22 176 218 
+148 19 131 243 142 61 180 114 254 173 239 33 94 107 219 231 160 180 1 244 272 
+192 209 264 253 156 237 184 270 211 226 87 72 158 152 28 87 19 18 233 241 14 77 
+5 121 229 245 57 184 157 201 46 40 129 49 19 84 93 43 108 4 223 108 117 233 9 4 
+57 118 18 120 112 113 190 181 12 96 22 63 208 247 251 28 134 9 117 186 138 184 
+223 61 127 216 ^
+590 1 175 107 6 247 81 114 207 179 134 74 195 212 73 173 150 152 67 190 11 98 
+44 192 80 221 146 279 153 88 34 139 78 221 189 228 24 45 128 90 273 84 51 111 
+75 46 107 49 196 233 71 20 257 48 64 57 95 278 174 129 111 271 58 31 7 226 194 
+37 229 45 170 256 197 169 81 72 41 255 176 44 234 92 145 104 155 114 208 243 
+208 200 259 48 21 108 224 40 80 178 197 127 196 148 237 225 215 78 25 23 23 66 
+15 167 124 64 15 210 73 216 99 23 151 130 243 166 34 54 244 145 147 258 112 11 
+56 159 268 122 64 58 159 225 19 193 101 219 274 105 49 239 55 223 104 70 126 
+132 201 238 161 225 130 90 230 262 53 27 135 95 39 59 53 69 147 19 278 216 14 
+35 75 88 273 127 154 263 32 267 185 117 59 95 235 71 258 27 177 261 117 144 83 
+30 267 228 66 211 52 48 22 172 171 39 144 168 145 62 143 36 250 86 120 234 50 
+133 180 70 84 247 277 280 131 137 10 162 161 140 142 14 188 11 141 274 63 164 
+34 97 193 16 104 198 63 79 200 21 151 173 192 37 272 148 41 59 10 120 149 216 
+57 138 227 45 213 205 68 126 175 150 109 118 38 208 158 93 124 217 78 263 74 
+152 109 75 89 56 201 153 46 149 215 120 191 101 262 96 257 133 52 133 137 248 
+213 9 183 202 217 274 148 279 110 139 163 55 265 270 275 84 8 162 204 89 13 252 
+1 89 209 137 206 47 85 98 172 256 154 220 210 115 101 23 108 181 91 209 94 103 
+176 1 4 94 61 10 77 46 64 100 44 149 258 69 62 185 202 174 171 277 195 16 61 
+249 192 122 106 70 83 29 49 67 147 62 100 87 98 129 26 2 136 270 37 33 160 246 
+17 40 81 115 144 126 260 138 185 160 8 247 38 165 55 222 40 123 68 211 9 226 
+151 88 77 242 230 24 2 25 219 189 271 254 197 212 30 224 279 195 254 239 97 108 
+28 28 156 93 167 166 230 220 168 103 177 65 232 220 125 25 262 138 142 57 137 
+163 98 87 141 78 178 240 76 67 232 177 22 129 68 168 60 74 67 275 280 174 86 
+162 119 255 218 210 158 50 175 65 275 42 277 238 119 59 52 5 73 20 214 99 66 
+254 1 46 106 266 249 107 7 30 28 113 271 15 82 136 269 100 240 34 182 27 92 146 
+41 102 240 272 233 156 135 52 90 188 96 129 69 105 134 73 131 265 228 109 160 
+204 132 116 123 85 183 6 51 69 190 122 149 173 235 267 143 232 135 10 205 264 
+11 99 108 139 206 4 136 227 88 35 76 25 66 253 218 253 261 202 132 5 72 237 140 
+203 ^
+620 0 279 262 51 261 30 224 234 244 102 151 3 155 112 161 9 56 112 165 249 105 
+243 77 157 23 44 216 12 140 124 217 33 29 203 62 165 122 19 193 56 116 122 15 
+236 7 268 75 242 183 71 129 220 125 238 70 108 48 46 258 221 15 232 50 84 227 
+195 127 153 45 81 135 121 125 107 27 157 179 241 166 139 99 88 188 53 24 196 
+148 190 272 61 119 79 224 103 201 151 282 198 63 30 97 148 194 229 110 250 126 
+132 156 2 7 137 32 8 31 118 37 138 209 94 60 225 128 47 279 110 94 212 182 177 
+43 43 166 12 13 38 32 12 271 167 33 185 117 12 144 81 266 164 76 259 115 101 
+261 157 27 1 265 143 187 32 135 117 168 58 31 245 123 40 230 135 244 254 108 52 
+3 24 69 62 140 251 20 83 50 244 98 194 102 24 65 105 91 120 256 27 132 25 242 
+56 268 79 199 84 202 41 128 43 39 209 246 17 274 259 242 187 28 178 68 37 11 
+123 192 187 184 92 18 16 253 87 163 207 179 85 252 41 255 129 89 82 4 201 20 
+239 247 59 77 153 66 278 85 248 84 71 281 177 174 86 117 16 101 130 114 76 132 
+29 199 105 116 274 255 2 3 180 266 160 119 210 267 54 70 104 91 145 127 26 107 
+31 114 80 89 78 47 152 24 44 191 141 141 14 211 161 140 99 63 34 54 197 42 276 
+18 168 210 136 11 119 235 138 53 180 110 246 169 231 25 90 99 219 231 152 176 1 
+240 272 188 205 264 245 144 237 180 262 203 218 79 72 146 152 20 87 7 10 229 
+241 10 77 1 109 229 237 53 176 153 197 38 36 117 37 15 80 93 35 96 219 100 109 
+225 280 4 45 106 6 120 100 113 182 181 92 14 59 204 239 251 16 126 1 113 186 
+138 184 223 61 115 122 175 107 6 243 81 114 207 175 128 68 193 208 73 171 146 
+148 63 186 11 98 38 188 74 221 146 275 149 88 32 139 74 217 189 226 18 41 124 
+86 273 78 51 109 73 40 103 49 194 233 67 16 257 44 64 55 91 276 170 125 111 267 
+58 27 5 222 192 35 227 43 170 252 197 169 79 68 41 251 172 40 234 92 145 102 
+155 108 204 243 208 200 257 48 21 104 222 40 78 178 195 123 196 144 233 223 213 
+72 23 23 19 62 13 165 118 62 9 208 69 214 97 17 151 130 241 162 34 50 240 141 
+145 254 112 9 52 155 264 118 58 52 159 221 19 189 99 215 274 103 45 237 49 219 
+104 66 126 128 199 236 159 225 124 90 230 262 47 21 129 93 39 53 49 67 147 17 
+278 216 8 35 75 86 269 121 150 261 26 267 185 113 55 95 233 71 256 23 175 259 
+111 144 77 26 263 228 64 207 48 42 18 172 167 37 142 166 143 56 137 36 248 80 
+114 232 46 127 257 ^
+605 1 58 76 243 273 280 131 125 6 162 161 132 142 14 184 3 141 270 51 160 26 89 
+189 4 92 198 55 67 192 13 143 173 192 25 268 136 37 55 2 112 137 208 45 130 227 
+33 213 201 64 118 167 150 101 106 30 204 150 89 124 209 74 263 70 148 109 63 77 
+52 201 141 38 149 215 116 187 89 254 84 253 133 40 129 133 248 209 9 183 194 
+213 266 144 279 102 135 163 47 265 270 271 80 8 154 204 85 9 248 274 89 201 129 
+198 43 85 86 168 256 154 216 210 115 93 19 108 177 87 209 86 103 176 278 281 82 
+53 10 69 42 56 96 40 141 258 69 54 181 202 170 171 277 187 12 49 245 188 118 
+102 70 83 29 45 67 139 58 88 83 94 125 18 2 124 262 29 33 160 246 9 28 69 107 
+136 114 260 126 177 152 4 247 38 161 55 222 32 119 273 60 211 1 226 147 80 73 
+234 222 20 279 25 215 181 267 250 189 212 30 216 275 195 254 239 93 96 28 16 
+152 81 167 162 226 212 160 91 169 65 224 220 117 281 17 258 134 134 57 137 155 
+90 75 137 78 170 236 72 63 232 177 22 129 68 168 48 74 55 275 272 174 78 158 
+111 251 218 202 158 46 171 57 267 30 269 230 107 59 52 278 61 20 214 87 54 246 
+282 46 106 262 249 95 284 26 24 109 271 15 70 136 269 100 232 22 182 23 80 138 
+29 98 240 264 229 156 131 48 86 180 96 117 61 97 134 69 119 261 220 105 156 196 
+128 104 115 81 179 2 47 57 190 110 145 165 235 263 135 228 127 283 205 256 284 
+91 104 127 206 132 219 76 23 68 13 66 253 210 245 253 198 120 5 68 233 128 92 
+275 260 49 257 28 224 232 242 102 147 3 153 110 157 5 56 108 165 247 103 241 73 
+157 17 38 214 10 134 122 217 31 25 203 56 161 120 17 193 54 116 122 9 236 7 268 
+71 242 179 67 127 218 125 238 64 106 42 44 256 219 11 228 50 78 223 191 127 153 
+45 77 129 121 123 103 21 153 175 237 166 133 93 84 188 53 22 194 148 186 268 59 
+117 73 222 97 199 149 280 196 63 24 97 146 194 225 106 250 124 132 154 281 5 
+133 28 4 27 118 37 132 207 94 60 223 126 47 277 110 92 210 180 173 37 43 162 6 
+7 36 26 12 269 165 27 183 117 8 142 79 264 164 76 255 113 101 261 155 25 280 
+261 143 185 32 131 113 166 56 31 245 123 38 226 135 240 252 104 50 1 18 67 62 
+138 249 18 79 44 244 94 190 98 20 59 105 91 116 252 27 130 19 238 52 266 79 199 
+84 200 35 128 39 35 205 244 17 270 259 240 187 24 174 66 33 5 121 188 183 182 
+88 18 14 249 83 159 205 179 79 252 186 ^
+615 0 255 121 77 82 283 193 8 235 239 47 73 145 54 274 77 240 80 59 273 173 170 
+86 113 16 97 122 110 68 124 25 191 93 112 270 247 281 278 172 266 152 119 206 
+263 46 62 92 79 133 119 26 95 27 106 80 81 70 39 148 24 44 191 137 129 2 203 
+157 140 99 59 30 54 189 42 276 14 160 202 124 3 107 227 134 45 180 106 238 165 
+223 17 86 91 219 231 144 172 1 236 272 184 201 264 237 132 237 176 254 195 210 
+71 72 134 152 12 87 282 2 225 241 6 77 284 97 229 229 49 168 149 193 30 32 105 
+25 11 76 93 27 84 283 215 92 101 217 272 4 33 94 281 120 88 113 174 181 275 88 
+6 55 200 231 251 4 118 280 109 186 138 184 223 61 103 110 175 107 6 235 81 114 
+207 167 116 56 189 200 73 167 138 140 55 178 11 98 26 180 62 221 146 267 141 88 
+28 139 66 209 189 222 6 33 116 78 273 66 51 105 69 28 95 49 190 233 59 8 257 36 
+64 51 83 272 162 117 111 259 58 19 1 214 188 31 223 39 170 244 197 169 75 60 41 
+243 164 32 234 92 145 98 155 96 196 243 208 200 253 48 21 96 218 40 74 178 191 
+115 196 136 225 219 209 60 19 23 11 54 9 161 106 58 284 204 61 210 93 5 151 130 
+237 154 34 42 232 133 141 246 112 5 44 147 256 110 46 40 159 213 19 181 95 207 
+274 99 37 233 37 211 104 58 126 120 195 232 155 225 112 90 230 262 35 9 117 89 
+39 41 41 63 147 13 278 216 283 35 75 82 261 109 142 257 14 267 185 105 47 95 
+229 71 252 15 171 255 99 144 65 18 255 228 60 199 40 30 10 172 159 33 138 162 
+139 44 125 36 244 68 102 228 38 115 174 52 72 241 271 280 131 119 4 162 161 128 
+142 14 182 286 141 268 45 158 22 85 187 285 86 198 51 61 188 9 139 173 192 19 
+266 130 35 53 285 108 131 204 39 126 227 27 213 199 62 114 163 150 97 100 26 
+202 146 87 124 205 72 263 68 146 109 57 71 50 201 135 34 149 215 114 185 83 250 
+78 251 133 34 127 131 248 207 9 183 190 211 262 142 279 98 133 163 43 265 270 
+269 78 8 150 204 83 7 246 270 89 197 125 194 41 85 80 166 256 154 214 210 115 
+89 17 108 175 85 209 82 103 176 276 279 76 49 10 65 40 52 94 38 137 258 69 50 
+179 202 168 171 277 183 10 43 243 186 116 100 70 83 29 43 67 135 56 82 81 92 
+123 14 2 118 258 25 33 160 246 5 22 63 103 132 108 260 120 173 148 2 247 38 159 
+55 222 28 117 269 56 211 284 226 145 76 71 230 218 18 277 25 213 177 265 248 
+185 212 30 212 273 195 254 239 91 90 28 10 150 75 167 160 224 175 ^
+613 0 152 79 161 65 216 220 109 281 9 254 130 126 57 137 147 82 63 133 78 162 
+232 68 59 232 177 22 129 68 168 36 74 43 275 264 174 70 154 103 247 218 194 158 
+42 167 49 259 18 261 222 95 59 52 270 49 20 214 75 42 238 282 46 106 258 249 83 
+280 22 20 105 271 15 58 136 269 100 224 10 182 19 68 130 17 94 240 256 225 156 
+127 44 82 172 96 105 53 89 134 65 107 257 212 101 152 188 124 92 107 77 175 287 
+43 45 190 98 141 157 235 259 127 224 119 275 205 248 276 83 100 115 206 285 128 
+211 64 11 60 1 66 253 202 237 245 194 108 5 64 229 116 84 267 256 45 249 24 224 
+228 238 102 139 3 149 106 149 286 56 100 165 243 99 237 65 157 5 26 210 6 122 
+118 217 27 17 203 44 153 116 13 193 50 116 122 286 236 7 268 63 242 171 59 123 
+214 125 238 52 102 30 40 252 215 3 220 50 66 215 183 127 153 45 69 117 121 119 
+95 9 145 167 229 166 121 81 76 188 53 18 190 148 178 260 55 113 61 218 85 195 
+145 276 192 63 12 97 142 194 217 98 250 120 132 150 273 1 125 20 285 19 118 37 
+120 203 94 60 219 122 47 273 110 88 206 176 165 25 43 154 283 284 32 14 12 265 
+161 15 179 117 138 75 260 164 76 247 109 101 261 151 21 272 253 143 181 32 123 
+105 162 52 31 245 123 34 218 135 232 248 96 46 286 6 63 62 134 245 14 71 32 244 
+86 182 90 12 47 105 91 108 244 27 126 7 230 44 262 79 199 84 196 23 128 31 27 
+197 240 17 262 259 236 187 16 166 62 25 282 117 180 175 178 80 18 10 241 75 151 
+201 179 67 252 35 255 117 71 82 281 189 2 233 235 41 71 141 48 272 73 236 78 53 
+269 171 168 86 111 16 95 118 108 64 120 23 187 87 110 268 243 279 274 168 266 
+148 119 204 261 42 58 86 73 127 115 26 89 25 102 80 77 66 35 146 24 44 191 135 
+123 285 199 155 140 99 57 28 54 185 42 276 12 156 198 118 288 101 223 132 41 
+180 104 234 163 219 13 84 87 219 231 140 170 1 234 272 182 199 264 233 126 237 
+174 250 191 206 67 72 128 152 8 87 278 287 223 241 4 77 284 91 229 225 47 164 
+147 191 26 30 99 19 9 74 93 23 78 283 213 88 97 213 268 4 27 88 277 120 82 113 
+170 181 271 86 2 53 198 227 251 287 114 278 107 186 138 184 223 61 97 104 175 
+107 6 231 81 114 207 163 110 50 187 196 73 165 134 136 51 174 11 98 20 176 56 
+221 146 263 137 88 26 139 62 205 189 220 29 112 74 273 60 51 103 67 22 91 49 
+188 233 55 4 257 32 64 49 79 270 158 113 111 255 58 15 288 210 213 ^
+624 1 28 220 36 170 238 197 169 72 54 41 237 158 26 234 92 145 95 155 87 190 
+243 208 200 250 48 21 90 215 40 71 178 188 109 196 130 219 216 206 51 16 23 5 
+48 6 158 97 55 278 201 55 207 90 286 151 130 234 148 34 36 226 127 138 240 112 
+2 38 141 250 104 37 31 159 207 19 175 92 201 274 96 31 230 28 205 104 52 126 
+114 192 229 152 225 103 90 230 262 26 108 86 39 32 35 60 147 10 278 216 277 35 
+75 79 255 100 136 254 5 267 185 99 41 95 226 71 249 9 168 252 90 144 56 12 249 
+228 57 193 34 21 4 172 153 30 135 159 136 35 116 36 241 59 93 225 32 106 171 43 
+66 238 268 280 131 110 1 162 161 122 142 14 179 283 141 265 36 155 16 79 184 
+279 77 198 45 52 182 3 133 173 192 10 263 121 32 50 282 102 122 198 30 120 227 
+18 213 196 59 108 157 150 91 91 20 199 140 84 124 199 69 263 65 143 109 48 62 
+47 201 126 28 149 215 111 182 74 244 69 248 133 25 124 128 248 204 9 183 184 
+208 256 139 279 92 130 163 37 265 270 266 75 8 144 204 80 4 243 264 89 191 119 
+188 38 85 71 163 256 154 211 210 115 83 14 108 172 82 209 76 103 176 273 276 67 
+43 10 59 37 46 91 35 131 258 69 44 176 202 165 171 277 177 7 34 240 183 113 97 
+70 83 29 40 67 129 53 73 78 89 120 8 2 109 252 19 33 160 246 289 13 54 97 126 
+99 260 111 167 142 289 247 38 156 55 222 22 114 263 50 211 281 226 142 70 68 
+224 212 15 274 25 210 171 262 245 179 212 30 206 270 195 254 239 88 81 28 1 147 
+66 167 157 221 202 150 76 159 65 214 220 107 281 7 253 129 124 57 137 145 80 60 
+132 78 160 231 67 58 232 177 22 129 68 168 33 74 40 275 262 174 68 153 101 246 
+218 192 158 41 166 47 257 15 259 220 92 59 52 268 46 20 214 72 39 236 282 46 
+106 257 249 80 279 21 19 104 271 15 55 136 269 100 222 7 182 18 65 128 14 93 
+240 254 224 156 126 43 81 170 96 102 51 87 134 64 104 256 210 100 151 186 123 
+89 105 76 174 287 42 42 190 95 140 155 235 258 125 223 117 273 205 246 274 81 
+99 112 206 285 127 209 61 8 58 288 66 253 200 235 243 193 105 5 63 228 113 82 
+265 255 44 247 23 224 227 237 102 137 3 148 105 147 285 56 98 165 242 98 236 63 
+157 2 23 209 5 119 117 217 26 15 203 41 151 115 12 193 49 116 122 284 236 7 268 
+61 242 169 57 122 213 125 238 49 101 27 39 251 214 1 218 50 63 213 181 127 153 
+45 67 114 121 118 93 6 143 165 227 166 118 78 74 188 53 17 189 148 176 258 54 
+112 58 217 82 194 144 275 191 141 ^
+628 1 3 97 139 194 211 92 250 117 132 147 267 290 119 14 282 13 118 37 111 200 
+94 60 216 119 47 270 110 85 203 173 159 16 43 148 277 278 29 5 12 262 158 6 176 
+117 286 135 72 257 164 76 241 106 101 261 148 18 266 247 143 178 32 117 99 159 
+49 31 245 123 31 212 135 226 245 90 43 286 289 60 62 131 242 11 65 23 244 80 
+176 84 6 38 105 91 102 238 27 123 290 224 38 259 79 199 84 193 14 128 25 21 191 
+237 17 256 259 233 187 10 160 59 19 276 114 174 169 175 74 18 7 235 69 145 198 
+179 58 252 32 255 111 62 82 278 183 285 230 229 32 68 135 39 269 67 230 75 44 
+263 168 165 86 108 16 92 112 105 58 114 20 181 78 107 265 237 276 268 162 266 
+142 119 201 258 36 52 77 64 118 109 26 80 22 96 80 71 60 29 143 24 44 191 132 
+114 279 193 152 140 99 54 25 54 179 42 276 9 150 192 109 285 92 217 129 35 180 
+101 228 160 213 7 81 81 219 231 134 167 1 231 272 179 196 264 227 117 237 171 
+244 185 200 61 72 119 152 2 87 272 284 220 241 1 77 284 82 229 219 44 158 144 
+188 20 27 90 10 6 71 93 17 69 283 210 82 91 207 262 4 18 79 271 120 73 113 164 
+181 265 83 288 50 195 221 251 281 108 275 104 186 138 184 223 61 88 95 175 107 
+6 225 81 114 207 157 101 41 184 190 73 162 128 130 45 168 11 98 11 170 47 221 
+146 257 131 88 23 139 56 199 189 217 283 23 106 68 273 51 51 100 64 13 85 49 
+185 233 49 290 257 26 64 46 73 267 152 107 111 249 58 9 288 204 183 26 218 34 
+170 234 197 169 70 50 41 233 154 22 234 92 145 93 155 81 186 243 208 200 248 48 
+21 86 213 40 69 178 186 105 196 126 215 214 204 45 14 23 1 44 4 156 91 53 274 
+199 51 205 88 282 151 130 232 144 34 32 222 123 136 236 112 34 137 246 100 31 
+25 159 203 19 171 90 197 274 94 27 228 22 201 104 48 126 110 190 227 150 225 97 
+90 230 262 20 286 102 84 39 26 31 58 147 8 278 216 273 35 75 77 251 94 132 252 
+291 267 185 95 37 95 224 71 247 5 166 250 84 144 50 8 245 228 55 189 30 15 172 
+149 28 133 157 134 29 110 36 239 53 87 223 28 100 169 37 62 236 266 280 131 104 
+291 162 161 118 142 14 177 281 141 263 30 153 12 75 182 275 71 198 41 46 178 
+291 129 173 192 4 261 115 30 48 280 98 116 194 24 116 227 12 213 194 57 104 153 
+150 87 85 16 197 136 82 124 195 67 263 63 141 109 42 56 45 201 120 24 149 215 
+109 180 68 240 63 246 133 19 122 126 248 202 9 183 180 206 252 137 279 88 128 
+163 33 265 270 264 73 8 140 204 78 2 241 76 ^
+622 0 89 183 111 180 34 85 59 159 256 154 207 210 115 75 10 108 168 78 209 68 
+103 176 269 272 55 35 10 51 33 38 87 31 123 258 69 36 172 202 161 171 277 169 3 
+22 236 179 109 93 70 83 29 36 67 121 49 61 74 85 116 2 97 244 11 33 160 246 285 
+1 42 89 118 87 260 99 159 134 289 247 38 152 55 222 14 110 255 42 211 277 226 
+138 62 64 216 204 11 270 25 206 163 258 241 171 212 30 198 266 195 254 239 84 
+69 28 283 143 54 167 153 217 194 142 64 151 65 206 220 99 281 293 249 125 116 
+57 137 137 72 48 128 78 152 227 63 54 232 177 22 129 68 168 21 74 28 275 254 
+174 60 149 93 242 218 184 158 37 162 39 249 3 251 212 80 59 52 260 34 20 214 60 
+27 228 282 46 106 253 249 68 275 17 15 100 271 15 43 136 269 100 214 289 182 14 
+53 120 2 89 240 246 220 156 122 39 77 162 96 90 43 79 134 60 92 252 202 96 147 
+178 119 77 97 72 170 287 38 30 190 83 136 147 235 254 117 219 109 265 205 238 
+266 73 95 100 206 285 123 201 49 290 50 280 66 253 192 227 235 189 93 5 59 224 
+101 74 257 251 40 239 19 224 223 233 102 129 3 144 101 139 281 56 90 165 238 94 
+232 55 157 284 11 205 1 107 113 217 22 7 203 29 143 111 8 193 45 116 122 276 
+236 7 268 53 242 161 49 118 209 125 238 37 97 15 35 247 210 287 210 50 51 205 
+173 127 153 45 59 102 121 114 85 288 135 157 219 166 106 66 66 188 53 13 185 
+148 168 250 50 108 46 213 70 190 140 271 187 63 291 97 137 194 207 88 250 115 
+132 145 263 290 115 10 280 9 118 37 105 198 94 60 214 117 47 268 110 83 201 171 
+155 10 43 144 273 274 27 293 12 260 156 174 117 284 133 70 255 164 76 237 104 
+101 261 146 16 262 243 143 176 32 113 95 157 47 31 245 123 29 208 135 222 243 
+86 41 286 285 58 62 129 240 9 61 17 244 76 172 80 2 32 105 91 98 234 27 121 286 
+220 34 257 79 199 84 191 8 128 21 17 187 235 17 252 259 231 187 6 156 57 15 272 
+112 170 165 173 70 18 5 231 65 141 196 179 52 252 30 255 107 56 82 276 179 281 
+228 225 26 66 131 33 267 63 226 73 38 259 166 163 86 106 16 90 108 103 54 110 
+18 177 72 105 263 233 274 264 158 266 138 119 199 256 32 48 71 58 112 105 26 74 
+20 92 80 67 56 25 141 24 44 191 130 108 275 189 150 140 99 52 23 54 175 42 276 
+7 146 188 103 283 86 213 127 31 180 99 224 158 209 3 79 77 219 231 130 165 1 
+229 272 177 194 264 223 111 237 169 240 181 196 57 72 113 152 292 87 268 282 
+218 241 293 77 284 76 229 80 ^
+635 1 40 150 140 184 12 23 78 294 2 67 93 9 57 283 206 74 83 199 254 4 6 67 263 
+120 61 113 156 181 257 79 284 46 191 213 251 273 100 271 100 186 138 184 223 61 
+76 83 175 107 6 217 81 114 207 149 89 29 180 182 73 158 120 122 37 160 11 98 
+295 162 35 221 146 249 123 88 19 139 48 191 189 213 275 15 98 60 273 39 51 96 
+60 1 77 49 181 233 41 286 257 18 64 42 65 263 144 99 111 241 58 1 288 196 179 
+22 214 30 170 226 197 169 66 42 41 225 146 14 234 92 145 89 155 69 178 243 208 
+200 244 48 21 78 209 40 65 178 182 97 196 118 207 210 200 33 10 23 289 36 152 
+79 49 266 195 43 201 84 274 151 130 228 136 34 24 214 115 132 228 112 292 26 
+129 238 92 19 13 159 195 19 163 86 189 274 90 19 224 10 193 104 40 126 102 186 
+223 146 225 85 90 230 262 8 278 90 80 39 14 23 54 147 4 278 216 265 35 75 73 
+243 82 124 248 283 267 185 87 29 95 220 71 243 293 162 246 72 144 38 237 228 51 
+181 22 3 288 172 141 24 129 153 130 17 98 36 235 41 75 219 20 88 165 25 54 232 
+262 280 131 92 291 162 161 110 142 14 173 277 141 259 18 149 4 67 178 267 59 
+198 33 34 170 287 121 173 192 288 257 103 26 44 276 90 104 186 12 108 227 213 
+190 53 96 145 150 79 73 8 193 128 78 124 187 63 263 59 137 109 30 44 41 201 108 
+16 149 215 105 176 56 232 51 242 133 7 118 122 248 198 9 183 172 202 244 133 
+279 80 124 163 25 265 270 260 69 8 132 204 74 294 237 252 89 179 107 176 32 85 
+53 157 256 154 205 210 115 71 8 108 166 76 209 64 103 176 267 270 49 31 10 47 
+31 34 85 29 119 258 69 32 170 202 159 171 277 165 1 16 234 177 107 91 70 83 29 
+34 67 117 47 55 72 83 114 292 2 91 240 7 33 160 246 283 291 36 85 114 81 260 93 
+155 130 289 247 38 150 55 222 10 108 251 38 211 275 226 136 58 62 212 200 9 268 
+25 204 159 256 239 167 212 30 194 264 195 254 239 82 63 28 279 141 48 167 151 
+215 190 138 58 147 65 202 220 95 281 291 247 123 112 57 137 133 68 42 126 78 
+148 225 61 52 232 177 22 129 68 168 15 74 22 275 250 174 56 147 89 240 218 180 
+158 35 160 35 245 293 247 208 74 59 52 256 28 20 214 54 21 224 282 46 106 251 
+249 62 273 15 13 98 271 15 37 136 269 100 210 285 182 12 47 116 292 87 240 242 
+218 156 120 37 75 158 96 84 39 75 134 58 86 250 198 94 145 174 117 71 93 70 168 
+287 36 24 190 77 134 143 235 252 113 217 105 261 205 234 262 69 93 94 206 285 
+121 197 43 286 46 276 66 253 188 223 231 187 87 5 57 222 95 285 ^
+636 0 251 248 37 233 16 224 220 230 102 123 3 141 98 133 278 56 84 165 235 91 
+229 49 157 278 2 202 295 98 110 217 19 1 203 20 137 108 5 193 42 116 122 270 
+236 7 268 47 242 155 43 115 206 125 238 28 94 6 32 244 207 284 204 50 42 199 
+167 127 153 45 53 93 121 111 79 282 129 151 213 166 97 57 60 188 53 10 182 148 
+162 244 47 105 37 210 61 187 137 268 184 63 285 97 134 194 201 82 250 112 132 
+142 257 290 109 4 277 3 118 37 96 195 94 60 211 114 47 265 110 80 198 168 149 1 
+43 138 267 268 24 287 12 257 153 288 171 117 281 130 67 252 164 76 231 101 101 
+261 143 13 256 237 143 173 32 107 89 154 44 31 245 123 26 202 135 216 240 80 38 
+286 279 55 62 126 237 6 55 8 244 70 166 74 293 23 105 91 92 228 27 118 280 214 
+28 254 79 199 84 188 296 128 15 11 181 232 17 246 259 228 187 150 54 9 266 109 
+164 159 170 64 18 2 225 59 135 193 179 43 252 27 255 101 47 82 273 173 275 225 
+219 17 63 125 24 264 57 220 70 29 253 163 160 86 103 16 87 102 100 48 104 15 
+171 63 102 260 227 271 258 152 266 132 119 196 253 26 42 62 49 103 99 26 65 17 
+86 80 61 50 19 138 24 44 191 127 99 269 183 147 140 99 49 20 54 169 42 276 4 
+140 182 94 280 77 207 124 25 180 96 218 155 203 294 76 71 219 231 124 162 1 226 
+272 174 191 264 217 102 237 166 234 175 190 51 72 104 152 289 87 262 279 215 
+241 293 77 284 67 229 209 39 148 139 183 10 22 75 292 1 66 93 7 54 283 205 72 
+81 197 252 4 3 64 261 120 58 113 154 181 255 78 283 45 190 211 251 271 98 270 
+99 186 138 184 223 61 73 80 175 107 6 215 81 114 207 147 86 26 179 180 73 157 
+118 120 35 158 11 98 293 160 32 221 146 247 121 88 18 139 46 189 189 212 273 13 
+96 58 273 36 51 95 59 295 75 49 180 233 39 285 257 16 64 41 63 262 142 97 111 
+239 58 296 288 194 178 21 213 29 170 224 197 169 65 40 41 223 144 12 234 92 145 
+88 155 66 176 243 208 200 243 48 21 76 208 40 64 178 181 95 196 116 205 209 199 
+30 9 23 288 34 296 151 76 48 264 194 41 200 83 272 151 130 227 134 34 22 212 
+113 131 226 112 292 24 127 236 90 16 10 159 193 19 161 85 187 274 89 17 223 7 
+191 104 38 126 100 185 222 145 225 82 90 230 262 5 276 87 79 39 11 21 53 147 3 
+278 216 263 35 75 72 241 79 122 247 281 267 185 85 27 95 219 71 242 292 161 245 
+69 144 35 295 235 228 50 179 20 287 172 139 23 128 152 129 14 95 36 234 38 72 
+218 18 85 164 22 52 231 261 280 131 89 291 162 161 108 142 14 172 276 91 ^
+635 1 256 9 146 297 61 175 261 50 198 27 25 164 284 115 173 192 282 254 94 23 
+41 273 84 95 180 3 102 227 290 213 187 50 90 139 150 73 64 2 190 122 75 124 181 
+60 263 56 134 109 21 35 38 201 99 10 149 215 102 173 47 226 42 239 133 297 115 
+119 248 195 9 183 166 199 238 130 279 74 121 163 19 265 270 257 66 8 126 204 71 
+294 234 246 89 173 101 170 29 85 44 154 256 154 202 210 115 65 5 108 163 73 209 
+58 103 176 264 267 40 25 10 41 28 28 82 26 113 258 69 26 167 202 156 171 277 
+159 297 7 231 174 104 88 70 83 29 31 67 111 44 46 69 80 111 289 2 82 234 1 33 
+160 246 280 285 27 79 108 72 260 84 149 124 289 247 38 147 55 222 4 105 245 32 
+211 272 226 133 52 59 206 194 6 265 25 201 153 253 236 161 212 30 188 261 195 
+254 239 79 54 28 273 138 39 167 148 212 184 132 49 141 65 196 220 89 281 288 
+244 120 106 57 137 127 62 33 123 78 142 222 58 49 232 177 22 129 68 168 6 74 13 
+275 244 174 50 144 83 237 218 174 158 32 157 29 239 287 241 202 65 59 52 250 19 
+20 214 45 12 218 282 46 106 248 249 53 270 12 10 95 271 15 28 136 269 100 204 
+279 182 9 38 110 286 84 240 236 215 156 117 34 72 152 96 75 33 69 134 55 77 247 
+192 91 142 168 114 62 87 67 165 287 33 15 190 68 131 137 235 249 107 214 99 255 
+205 228 256 63 90 85 206 285 118 191 34 280 40 270 66 253 182 217 225 184 78 5 
+54 219 86 64 247 246 35 229 14 224 218 228 102 119 3 139 96 129 276 56 80 165 
+233 89 227 45 157 274 295 200 295 92 108 217 17 296 203 14 133 106 3 193 40 116 
+122 266 236 7 268 43 242 151 39 113 204 125 238 22 92 30 242 205 282 200 50 36 
+195 163 127 153 45 49 87 121 109 75 278 125 147 209 166 91 51 56 188 53 8 180 
+148 158 240 45 103 31 208 55 185 135 266 182 63 281 97 132 194 197 78 250 110 
+132 140 253 290 105 275 298 118 37 90 193 94 60 209 112 47 263 110 78 196 166 
+145 294 43 134 263 264 22 283 12 255 151 284 169 117 279 128 65 250 164 76 227 
+99 101 261 141 11 252 233 143 171 32 103 85 152 42 31 245 123 24 198 135 212 
+238 76 36 286 275 53 62 124 235 4 51 2 244 66 162 70 291 17 105 91 88 224 27 
+116 276 210 24 252 79 199 84 186 292 128 11 7 177 230 17 242 259 226 187 295 
+146 52 5 262 107 160 155 168 60 18 221 55 131 191 179 37 252 25 255 97 41 82 
+271 169 271 223 215 11 61 121 18 262 53 216 68 23 249 161 158 86 101 16 85 98 
+98 44 100 13 167 57 100 258 223 269 254 148 266 128 119 194 251 22 38 56 43 275 
+^
+642 0 91 26 53 13 78 80 53 42 11 134 24 44 191 123 87 261 175 143 140 99 45 16 
+54 161 42 276 132 174 82 276 65 199 120 17 180 92 210 151 195 290 72 63 219 231 
+116 158 1 222 272 170 187 264 209 90 237 162 226 167 182 43 72 92 152 285 87 
+254 275 211 241 293 77 284 55 229 201 35 140 135 179 2 18 63 284 298 62 93 300 
+42 283 201 64 73 189 244 4 292 52 253 120 46 113 146 181 247 74 279 41 186 203 
+251 263 90 266 95 186 138 184 223 61 61 68 175 107 6 207 81 114 207 139 74 14 
+175 172 73 153 110 112 27 150 11 98 285 152 20 221 146 239 113 88 14 139 38 181 
+189 208 265 5 88 50 273 24 51 91 55 287 67 49 176 233 31 281 257 8 64 37 55 258 
+134 89 111 231 58 292 288 186 174 17 209 25 170 216 197 169 61 32 41 215 136 4 
+234 92 145 84 155 54 168 243 208 200 239 48 21 68 204 40 60 178 177 87 196 108 
+197 205 195 18 5 23 284 26 296 147 64 44 256 190 33 196 79 264 151 130 223 126 
+34 14 204 105 127 218 112 292 16 119 228 82 4 299 159 185 19 153 81 179 274 85 
+9 219 296 183 104 30 126 92 181 218 141 225 70 90 230 262 294 268 75 75 39 300 
+13 49 147 300 278 216 255 35 75 68 233 67 114 243 273 267 185 77 19 95 215 71 
+238 288 157 241 57 144 23 291 227 228 46 171 12 289 283 172 131 19 124 148 125 
+2 83 36 230 26 60 214 10 73 160 10 44 227 257 280 131 77 291 162 161 100 142 14 
+168 272 141 254 3 144 295 57 173 257 44 198 23 19 160 282 111 173 192 278 252 
+88 21 39 271 80 89 176 298 98 227 286 213 185 48 86 135 150 69 58 299 188 118 
+73 124 177 58 263 54 132 109 15 29 36 201 93 6 149 215 100 171 41 222 36 237 
+133 293 113 117 248 193 9 183 162 197 234 128 279 70 119 163 15 265 270 255 64 
+8 122 204 69 294 232 242 89 169 97 166 27 85 38 152 256 154 200 210 115 61 3 
+108 161 71 209 54 103 176 262 265 34 21 10 37 26 24 80 24 109 258 69 22 165 202 
+154 171 277 155 297 1 229 172 102 86 70 83 29 29 67 107 42 40 67 78 109 287 2 
+76 230 298 33 160 246 278 281 21 75 104 66 260 78 145 120 289 247 38 145 55 222 
+103 241 28 211 270 226 131 48 57 202 190 4 263 25 199 149 251 234 157 212 30 
+184 259 195 254 239 77 48 28 269 136 33 167 146 210 180 128 43 137 65 192 220 
+85 281 286 242 118 102 57 137 123 58 27 121 78 138 220 56 47 232 177 22 129 68 
+168 74 7 275 240 174 46 142 79 235 218 170 158 30 155 25 235 283 237 198 59 59 
+52 246 13 20 214 39 6 214 282 46 106 246 249 47 268 10 8 93 271 15 22 136 269 
+100 200 275 42 ^
+644 0 6 29 104 280 81 240 230 212 156 114 31 69 146 96 66 27 63 134 52 68 244 
+186 88 139 162 111 53 81 64 162 287 30 6 190 59 128 131 235 246 101 211 93 249 
+205 222 250 57 87 76 206 285 115 185 25 274 34 264 66 253 176 211 219 181 69 5 
+51 216 77 58 241 243 32 223 11 224 215 225 102 113 3 136 93 123 273 56 74 165 
+230 86 224 39 157 268 289 197 295 83 105 217 14 293 203 5 127 103 193 37 116 
+122 260 236 7 268 37 242 145 33 110 201 125 238 13 89 293 27 239 202 279 194 50 
+27 189 157 127 153 45 43 78 121 106 69 272 119 141 203 166 82 42 50 188 53 5 
+177 148 152 234 42 100 22 205 46 182 132 263 179 63 275 97 129 194 191 72 250 
+107 132 137 247 290 99 296 272 295 118 37 81 190 94 60 206 109 47 260 110 75 
+193 163 139 288 43 128 257 258 19 277 12 252 148 278 166 117 276 125 62 247 164 
+76 221 96 101 261 138 8 246 227 143 168 32 97 79 149 39 31 245 123 21 192 135 
+206 235 70 33 286 269 50 62 121 232 1 45 295 244 60 156 64 288 8 105 91 82 218 
+27 113 270 204 18 249 79 199 84 183 286 128 5 1 171 227 17 236 259 223 187 292 
+140 49 301 256 104 154 149 165 54 18 299 215 49 125 188 179 28 252 22 255 91 32 
+82 268 163 265 220 209 2 58 115 9 259 47 210 65 14 243 158 155 86 98 16 82 92 
+95 38 94 10 161 48 97 255 217 266 248 142 266 122 119 191 248 16 32 47 34 88 89 
+26 50 12 76 80 51 40 9 133 24 44 191 122 84 259 173 142 140 99 44 15 54 159 42 
+276 301 130 172 79 275 62 197 119 15 180 91 208 150 193 289 71 61 219 231 114 
+157 1 221 272 169 186 264 207 87 237 161 224 165 180 41 72 89 152 284 87 252 
+274 210 241 293 77 284 52 229 199 34 138 134 178 17 60 282 298 61 93 299 39 283 
+200 62 71 187 242 4 290 49 251 120 43 113 144 181 245 73 278 40 185 201 251 261 
+88 265 94 186 138 184 223 61 58 65 175 107 6 205 81 114 207 137 71 11 174 170 
+73 152 108 110 25 148 11 98 283 150 17 221 146 237 111 88 13 139 36 179 189 207 
+263 3 86 48 273 21 51 90 54 285 65 49 175 233 29 280 257 6 64 36 53 257 132 87 
+111 229 58 291 288 184 173 16 208 24 170 214 197 169 60 30 41 213 134 2 234 92 
+145 83 155 51 166 243 208 200 238 48 21 66 203 40 59 178 176 85 196 106 195 204 
+194 15 4 23 283 24 296 146 61 43 254 189 31 195 78 262 151 130 222 124 34 12 
+202 103 126 216 112 292 14 117 226 80 1 297 159 183 19 151 80 177 274 84 7 218 
+294 181 104 28 126 90 180 217 140 225 67 90 230 262 292 266 72 74 39 298 11 48 
+147 300 278 216 253 265 ^
+638 1 75 65 227 58 108 240 267 267 185 71 13 95 212 71 235 285 154 238 48 144 
+14 288 221 228 43 165 6 283 280 172 125 16 121 145 122 297 74 36 227 17 51 211 
+4 64 157 1 38 224 254 280 131 68 291 162 161 94 142 14 165 269 141 251 298 141 
+292 51 170 251 35 198 17 10 154 279 105 173 192 272 249 79 18 36 268 74 80 170 
+292 92 227 280 213 182 45 80 129 150 63 49 296 185 112 70 124 171 55 263 51 129 
+109 6 20 33 201 84 149 215 97 168 32 216 27 234 133 287 110 114 248 190 9 183 
+156 194 228 125 279 64 116 163 9 265 270 252 61 8 116 204 66 294 229 236 89 163 
+91 160 24 85 29 149 256 154 197 210 115 55 108 158 68 209 48 103 176 259 262 25 
+15 10 31 23 18 77 21 103 258 69 16 162 202 151 171 277 149 297 296 226 169 99 
+83 70 83 29 26 67 101 39 31 64 75 106 284 2 67 224 295 33 160 246 275 275 12 69 
+98 57 260 69 139 114 289 247 38 142 55 222 298 100 235 22 211 267 226 128 42 54 
+196 184 1 260 25 196 143 248 231 151 212 30 178 256 195 254 239 74 39 28 263 
+133 24 167 143 207 174 122 34 131 65 186 220 79 281 283 239 115 96 57 137 117 
+52 18 118 78 132 217 53 44 232 177 22 129 68 168 295 74 302 275 234 174 40 139 
+73 232 218 164 158 27 152 19 229 277 231 192 50 59 52 240 4 20 214 30 301 208 
+282 46 106 243 249 38 265 7 5 90 271 15 13 136 269 100 194 269 182 4 23 100 276 
+79 240 226 210 156 112 29 67 142 96 60 23 59 134 50 62 242 182 86 137 158 109 
+47 77 62 160 287 28 190 53 126 127 235 244 97 209 89 245 205 218 246 53 85 70 
+206 285 113 181 19 270 30 260 66 253 172 207 215 179 63 5 49 214 71 54 237 241 
+30 219 9 224 213 223 102 109 3 134 91 119 271 56 70 165 228 84 222 35 157 264 
+285 195 295 77 103 217 12 291 203 303 123 101 302 193 35 116 122 256 236 7 268 
+33 242 141 29 108 199 125 238 7 87 289 25 237 200 277 190 50 21 185 153 127 153 
+45 39 72 121 104 65 268 115 137 199 166 76 36 46 188 53 3 175 148 148 230 40 98 
+16 203 40 180 130 261 177 63 271 97 127 194 187 68 250 105 132 135 243 290 95 
+294 270 293 118 37 75 188 94 60 204 107 47 258 110 73 191 161 135 284 43 124 
+253 254 17 273 12 250 146 274 164 117 274 123 60 245 164 76 217 94 101 261 136 
+6 242 223 143 166 32 93 75 147 37 31 245 123 19 188 135 202 233 66 31 286 265 
+48 62 119 230 303 41 291 244 56 152 60 286 2 105 91 78 214 27 111 266 200 14 
+247 79 199 84 181 282 128 1 301 167 225 17 232 259 221 187 290 136 47 299 252 
+102 150 145 163 157 ^
+653 0 18 299 207 41 117 184 179 16 252 18 255 83 20 82 264 155 257 216 201 296 
+54 107 303 255 39 202 61 2 235 154 151 86 94 16 78 84 91 30 86 6 153 36 93 251 
+209 262 240 134 266 114 119 187 244 8 24 35 22 76 81 26 38 8 68 80 43 32 1 129 
+24 44 191 118 72 251 165 138 140 99 40 11 54 151 42 276 301 122 164 67 271 50 
+189 115 7 180 87 200 146 185 285 67 53 219 231 106 153 1 217 272 165 182 264 
+199 75 237 157 216 157 172 33 72 77 152 280 87 244 270 206 241 293 77 284 40 
+229 191 30 130 130 174 298 13 48 274 298 57 93 295 27 283 196 54 63 179 234 4 
+282 37 243 120 31 113 136 181 237 69 274 36 181 193 251 253 80 261 90 186 138 
+184 223 61 46 53 175 107 6 197 81 114 207 129 59 305 170 162 73 148 100 102 17 
+140 11 98 275 142 5 221 146 229 103 88 9 139 28 171 189 203 255 301 78 40 273 9 
+51 86 50 277 57 49 171 233 21 276 257 304 64 32 45 253 124 79 111 221 58 287 
+288 176 169 12 204 20 170 206 197 169 56 22 41 205 126 300 234 92 145 79 155 39 
+158 243 208 200 234 48 21 58 199 40 55 178 172 77 196 98 187 200 190 3 23 279 
+16 296 142 49 39 246 185 23 191 74 254 151 130 218 116 34 4 194 95 122 208 112 
+292 6 109 218 72 295 289 159 175 19 143 76 169 274 80 305 214 286 173 104 20 
+126 82 176 213 136 225 55 90 230 262 284 258 60 70 39 290 3 44 147 300 278 216 
+245 35 75 63 223 52 104 238 263 267 185 67 9 95 210 71 233 283 152 236 42 144 8 
+286 217 228 41 161 2 279 278 172 121 14 119 143 120 293 68 36 225 11 45 209 58 
+155 301 34 222 252 280 131 62 291 162 161 90 142 14 163 267 141 249 294 139 290 
+47 168 247 29 198 13 4 150 277 101 173 192 268 247 73 16 34 266 70 74 166 288 
+88 227 276 213 180 43 76 125 150 59 43 294 183 108 68 124 167 53 263 49 127 109 
+14 31 201 78 302 149 215 95 166 26 212 21 232 133 283 108 112 248 188 9 183 152 
+192 224 123 279 60 114 163 5 265 270 250 59 8 112 204 64 294 227 232 89 159 87 
+156 22 85 23 147 256 154 195 210 115 51 304 108 156 66 209 44 103 176 257 260 
+19 11 10 27 21 14 75 19 99 258 69 12 160 202 149 171 277 145 297 292 224 167 97 
+81 70 83 29 24 67 97 37 25 62 73 104 282 2 61 220 293 33 160 246 273 271 6 65 
+94 51 260 63 135 110 289 247 38 140 55 222 296 98 231 18 211 265 226 126 38 52 
+192 180 305 258 25 194 139 246 229 147 212 30 174 254 195 254 239 72 33 28 259 
+131 18 167 141 205 170 118 28 127 65 182 220 75 281 281 237 113 92 57 137 113 
+48 12 116 78 128 215 51 42 232 177 22 129 68 168 291 161 ^
+653 0 296 275 228 174 34 136 67 229 218 158 158 24 149 13 223 271 225 186 41 59 
+52 234 302 20 214 21 295 202 282 46 106 240 249 29 262 4 2 87 271 15 4 136 269 
+100 188 263 182 1 14 94 270 76 240 220 207 156 109 26 64 136 96 51 17 53 134 47 
+53 239 176 83 134 152 106 38 71 59 157 287 25 298 190 44 123 121 235 241 91 206 
+83 239 205 212 240 47 82 61 206 285 110 175 10 264 24 254 66 253 166 201 209 
+176 54 5 46 211 62 48 231 238 27 213 6 224 210 220 102 103 3 131 88 113 268 56 
+64 165 225 81 219 29 157 258 279 192 295 68 100 217 9 288 203 297 117 98 302 
+193 32 116 122 250 236 7 268 27 242 135 23 105 196 125 238 305 84 283 22 234 
+197 274 184 50 12 179 147 127 153 45 33 63 121 101 59 262 109 131 193 166 67 27 
+40 188 53 172 148 142 224 37 95 7 200 31 177 127 258 174 63 265 97 124 194 181 
+62 250 102 132 132 237 290 89 291 267 290 118 37 66 185 94 60 201 104 47 255 
+110 70 188 158 129 278 43 118 247 248 14 267 12 247 143 268 161 117 271 120 57 
+242 164 76 211 91 101 261 133 3 236 217 143 163 32 87 69 144 34 31 245 123 16 
+182 135 196 230 60 28 286 259 45 62 116 227 303 35 285 244 50 146 54 283 300 
+105 91 72 208 27 108 260 194 8 244 79 199 84 178 276 128 302 298 161 222 17 226 
+259 218 187 287 130 44 296 246 99 144 139 160 44 18 299 205 39 115 183 179 13 
+252 17 255 81 17 82 263 153 255 215 199 294 53 105 301 254 37 200 60 306 233 
+153 150 86 93 16 77 82 90 28 84 5 151 33 92 250 207 261 238 132 266 112 119 186 
+243 6 22 32 19 73 79 26 35 7 66 80 41 30 306 128 24 44 191 117 69 249 163 137 
+140 99 39 10 54 149 42 276 301 120 162 64 270 47 187 114 5 180 86 198 145 183 
+284 66 51 219 231 104 152 1 216 272 164 181 264 197 72 237 156 214 155 170 31 
+72 74 152 279 87 242 269 205 241 293 77 284 37 229 189 29 128 129 173 297 12 45 
+272 298 56 93 294 24 283 195 52 61 177 232 4 280 34 241 120 28 113 134 181 235 
+68 273 35 180 191 251 251 78 260 89 186 138 184 223 61 43 50 175 107 6 195 81 
+114 207 127 56 303 169 160 73 147 98 100 15 138 11 98 273 140 2 221 146 227 101 
+88 8 139 26 169 189 202 253 300 76 38 273 6 51 85 49 275 55 49 170 233 19 275 
+257 303 64 31 43 252 122 77 111 219 58 286 288 174 168 11 203 19 170 204 197 
+169 55 20 41 203 124 299 234 92 145 78 155 36 156 243 208 200 233 48 21 56 198 
+40 54 178 171 75 196 96 185 199 189 306 23 278 14 296 141 46 38 244 184 21 190 
+73 252 151 130 217 114 34 2 192 93 121 206 112 292 4 107 216 70 293 112 ^
+646 1 159 169 19 137 73 163 274 77 302 211 280 167 104 14 126 76 173 210 133 
+225 46 90 230 262 278 252 51 67 39 284 306 41 147 300 278 216 239 35 75 60 217 
+43 98 235 257 267 185 61 3 95 207 71 230 280 149 233 33 144 308 283 211 228 38 
+155 305 273 275 172 115 11 116 140 117 287 59 36 222 2 36 206 303 49 152 295 28 
+219 249 280 131 53 291 162 161 84 142 14 160 264 141 246 288 136 287 41 165 241 
+20 198 7 304 144 274 95 173 192 262 244 64 13 31 263 64 65 160 282 82 227 270 
+213 177 40 70 119 150 53 34 291 180 102 65 124 161 50 263 46 124 109 300 5 28 
+201 69 299 149 215 92 163 17 206 12 229 133 277 105 109 248 185 9 183 146 189 
+218 120 279 54 111 163 308 265 270 247 56 8 106 204 61 294 224 226 89 153 81 
+150 19 85 14 144 256 154 192 210 115 45 304 108 153 63 209 38 103 176 254 257 
+10 5 10 21 18 8 72 16 93 258 69 6 157 202 146 171 277 139 297 286 221 164 94 78 
+70 83 29 21 67 91 34 16 59 70 101 279 2 52 214 290 33 160 246 270 265 306 59 88 
+42 260 54 129 104 289 247 38 137 55 222 293 95 225 12 211 262 226 123 32 49 186 
+174 305 255 25 191 133 243 226 141 212 30 168 251 195 254 239 69 24 28 253 128 
+9 167 138 202 164 112 19 121 65 176 220 69 281 278 234 110 86 57 137 107 42 3 
+113 78 122 212 48 39 232 177 22 129 68 168 285 74 292 275 224 174 30 134 63 227 
+218 154 158 22 147 9 219 267 221 182 35 59 52 230 298 20 214 15 291 198 282 46 
+106 238 249 23 260 2 85 271 15 307 136 269 100 184 259 182 308 8 90 266 74 240 
+216 205 156 107 24 62 132 96 45 13 49 134 45 47 237 172 81 132 148 104 32 67 57 
+155 287 23 294 190 38 121 117 235 239 87 204 79 235 205 208 236 43 80 55 206 
+285 108 171 4 260 20 250 66 253 162 197 205 174 48 5 44 209 56 44 227 236 25 
+209 4 224 208 218 102 99 3 129 86 109 266 56 60 165 223 79 217 25 157 254 275 
+190 295 62 98 217 7 286 203 293 113 96 302 193 30 116 122 246 236 7 268 23 242 
+131 19 103 194 125 238 301 82 279 20 232 195 272 180 50 6 175 143 127 153 45 29 
+57 121 99 55 258 105 127 189 166 61 21 36 188 53 307 170 148 138 220 35 93 1 
+198 25 175 125 256 172 63 261 97 122 194 177 58 250 100 132 130 233 290 85 289 
+265 288 118 37 60 183 94 60 199 102 47 253 110 68 186 156 125 274 43 114 243 
+244 12 263 12 245 141 264 159 117 269 118 55 240 164 76 207 89 101 261 131 1 
+232 213 143 161 32 83 65 142 32 31 245 123 14 178 135 192 228 56 26 286 255 43 
+62 114 225 303 31 281 244 46 142 50 281 296 105 91 238 ^
+647 0 200 27 104 252 186 240 79 199 84 174 268 128 298 294 153 218 17 218 259 
+214 187 283 122 40 292 238 95 136 131 156 36 18 299 197 31 107 179 179 1 252 13 
+255 73 5 82 259 145 247 211 191 286 49 97 293 250 29 192 56 298 225 149 146 86 
+89 16 73 74 86 20 76 1 143 21 88 246 199 257 230 124 266 104 119 182 239 309 14 
+20 7 61 71 26 23 3 58 80 33 22 302 124 24 44 191 113 57 241 155 133 140 99 35 6 
+54 141 42 276 301 112 154 52 266 35 179 110 308 180 82 190 141 175 280 62 43 
+219 231 96 148 1 212 272 160 177 264 189 60 237 152 206 147 162 23 72 62 152 
+275 87 234 265 201 241 293 77 284 25 229 181 25 120 125 169 293 8 33 264 298 52 
+93 290 12 283 191 44 53 169 224 4 272 22 233 120 16 113 126 181 227 64 269 31 
+176 183 251 243 70 256 85 186 138 184 223 61 31 38 175 107 6 187 81 114 207 119 
+44 295 165 152 73 143 90 92 7 130 11 98 265 132 301 221 146 219 93 88 4 139 18 
+161 189 198 245 296 68 30 273 305 51 81 45 267 47 49 166 233 11 271 257 299 64 
+27 35 248 114 69 111 211 58 282 288 166 164 7 199 15 170 196 197 169 51 12 41 
+195 116 295 234 92 145 74 155 24 148 243 208 200 229 48 21 48 194 40 50 178 167 
+67 196 88 177 195 185 299 306 23 274 6 296 137 34 34 236 180 13 186 69 244 151 
+130 213 106 34 305 184 85 117 198 112 292 307 99 208 62 285 279 159 165 19 133 
+71 159 274 75 300 209 276 163 104 10 126 72 171 208 131 225 40 90 230 262 274 
+248 45 65 39 280 304 39 147 300 278 216 235 35 75 58 213 37 94 233 253 267 185 
+57 310 95 205 71 228 278 147 231 27 144 304 281 207 228 36 151 303 269 273 172 
+111 9 114 138 115 283 53 36 220 307 30 204 301 43 150 291 24 217 247 280 131 47 
+291 162 161 80 142 14 158 262 141 244 284 134 285 37 163 237 14 198 3 300 140 
+272 91 173 192 258 242 58 11 29 261 60 59 156 278 78 227 266 213 175 38 66 115 
+150 49 28 289 178 98 63 124 157 48 263 44 122 109 296 310 26 201 63 297 149 215 
+90 161 11 202 6 227 133 273 103 107 248 183 9 183 142 187 214 118 279 50 109 
+163 306 265 270 245 54 8 102 204 59 294 222 222 89 149 77 146 17 85 8 142 256 
+154 190 210 115 41 304 108 151 61 209 34 103 176 252 255 4 1 10 17 16 4 70 14 
+89 258 69 2 155 202 144 171 277 135 297 282 219 162 92 76 70 83 29 19 67 87 32 
+10 57 68 99 277 2 46 210 288 33 160 246 268 261 302 55 84 36 260 48 125 100 289 
+247 38 135 55 222 291 93 221 8 211 260 226 121 28 47 182 170 305 253 25 189 129 
+241 224 137 212 30 164 249 195 254 239 86 ^
+665 0 15 28 247 125 167 135 199 158 106 10 115 65 170 220 63 281 275 231 107 80 
+57 137 101 36 306 110 78 116 209 45 36 232 177 22 129 68 168 279 74 286 275 218 
+174 24 131 57 224 218 148 158 19 144 3 213 261 215 176 26 59 52 224 292 20 214 
+6 285 192 282 46 106 235 249 14 257 311 309 82 271 15 301 136 269 100 178 253 
+182 308 311 84 260 71 240 210 202 156 104 21 59 126 96 36 7 43 134 42 38 234 
+166 78 129 142 101 23 61 54 152 287 20 288 190 29 118 111 235 236 81 201 73 229 
+205 202 230 37 77 46 206 285 105 165 307 254 14 244 66 253 156 191 199 171 39 5 
+41 206 47 38 221 233 22 203 1 224 205 215 102 93 3 126 83 103 263 56 54 165 220 
+76 214 19 157 248 269 187 295 53 95 217 4 283 203 287 107 93 302 193 27 116 122 
+240 236 7 268 17 242 125 13 100 191 125 238 295 79 273 17 229 192 269 174 50 
+309 169 137 127 153 45 23 48 121 96 49 252 99 121 183 166 52 12 30 188 53 307 
+167 148 132 214 32 90 304 195 16 172 122 253 169 63 255 97 119 194 171 52 250 
+97 132 127 227 290 79 286 262 285 118 37 51 180 94 60 196 99 47 250 110 65 183 
+153 119 268 43 108 237 238 9 257 12 242 138 258 156 117 266 115 52 237 164 76 
+201 86 101 261 128 310 226 207 143 158 32 77 59 139 29 31 245 123 11 172 135 
+186 225 50 23 286 249 40 62 111 222 303 25 275 244 40 136 44 278 290 105 91 62 
+198 27 103 250 184 310 239 79 199 84 173 266 128 297 293 151 217 17 216 259 213 
+187 282 120 39 291 236 94 134 129 155 34 18 299 195 29 105 178 179 310 252 12 
+255 71 2 82 258 143 245 210 189 284 48 95 291 249 27 190 55 296 223 148 145 86 
+88 16 72 72 85 18 74 141 18 87 245 197 256 228 122 266 102 119 181 238 308 12 
+17 4 58 69 26 20 2 56 80 31 20 301 123 24 44 191 112 54 239 153 132 140 99 34 5 
+54 139 42 276 301 110 152 49 265 32 177 109 307 180 81 188 140 173 279 61 41 
+219 231 94 147 1 211 272 159 176 264 187 57 237 151 204 145 160 21 72 59 152 
+274 87 232 264 200 241 293 77 284 22 229 179 24 118 124 168 292 7 30 262 298 51 
+93 289 9 283 190 42 51 167 222 4 270 19 231 120 13 113 124 181 225 63 268 30 
+175 181 251 241 68 255 84 186 138 184 223 61 28 35 175 107 6 185 81 114 207 117 
+41 293 164 150 73 142 88 90 5 128 11 98 263 130 299 221 146 217 91 88 3 139 16 
+159 189 197 243 295 66 28 273 303 51 80 44 265 45 49 165 233 9 270 257 298 64 
+26 33 247 112 67 111 209 58 281 288 164 163 6 198 14 170 194 197 169 50 10 41 
+193 114 294 234 92 145 73 155 21 146 243 208 200 228 48 21 46 193 40 49 178 166 
+65 196 86 175 194 184 297 306 23 273 206 ^
+641 0 296 134 25 31 230 177 7 183 66 238 151 130 210 100 34 302 178 79 114 192 
+112 292 304 93 202 56 279 273 159 159 19 127 68 153 274 72 297 206 270 157 104 
+4 126 66 168 205 128 225 31 90 230 262 268 242 36 62 39 274 301 36 147 300 278 
+216 229 35 75 55 207 28 88 230 247 267 185 51 307 95 202 71 225 275 144 228 18 
+144 298 278 201 228 33 145 300 263 270 172 105 6 111 135 112 277 44 36 217 301 
+21 201 298 34 147 285 18 214 244 280 131 38 291 162 161 74 142 14 155 259 141 
+241 278 131 282 31 160 231 5 198 311 294 134 269 85 173 192 252 239 49 8 26 258 
+54 50 150 272 72 227 260 213 172 35 60 109 150 43 19 286 175 92 60 124 151 45 
+263 41 119 109 290 304 23 201 54 294 149 215 87 158 2 196 311 224 133 267 100 
+104 248 180 9 183 136 184 208 115 279 44 106 163 303 265 270 242 51 8 96 204 56 
+294 219 216 89 143 71 140 14 85 313 139 256 154 187 210 115 35 304 108 148 58 
+209 28 103 176 249 252 309 309 10 11 13 312 67 11 83 258 69 310 152 202 141 171 
+277 129 297 276 216 159 89 73 70 83 29 16 67 81 29 1 54 65 96 274 2 37 204 285 
+33 160 246 265 255 296 49 78 27 260 39 119 94 289 247 38 132 55 222 288 90 215 
+2 211 257 226 118 22 44 176 164 305 250 25 186 123 238 221 131 212 30 158 246 
+195 254 239 64 9 28 243 123 308 167 133 197 154 102 4 111 65 166 220 59 281 273 
+229 105 76 57 137 97 32 302 108 78 112 207 43 34 232 177 22 129 68 168 275 74 
+282 275 214 174 20 129 53 222 218 144 158 17 142 313 209 257 211 172 20 59 52 
+220 288 20 214 281 188 282 46 106 233 249 8 255 311 309 80 271 15 297 136 269 
+100 174 249 182 308 307 80 256 69 240 206 200 156 102 19 57 122 96 30 3 39 134 
+40 32 232 162 76 127 138 99 17 57 52 150 287 18 284 190 23 116 107 235 234 77 
+199 69 225 205 198 226 33 75 40 206 285 103 161 303 250 10 240 66 253 152 187 
+195 169 33 5 39 204 41 34 217 231 20 199 313 224 203 213 102 89 3 124 81 99 261 
+56 50 165 218 74 212 15 157 244 265 185 295 47 93 217 2 281 203 283 103 91 302 
+193 25 116 122 236 236 7 268 13 242 121 9 98 189 125 238 291 77 269 15 227 190 
+267 170 50 305 165 133 127 153 45 19 42 121 94 45 248 95 117 179 166 46 6 26 
+188 53 307 165 148 128 210 30 88 300 193 10 170 120 251 167 63 251 97 117 194 
+167 48 250 95 132 125 223 290 75 284 260 283 118 37 45 178 94 60 194 97 47 248 
+110 63 181 151 115 264 43 104 233 234 7 253 12 240 136 254 154 117 264 113 50 
+235 164 76 197 84 101 261 126 310 222 203 143 276 ^
+656 0 32 69 51 135 25 31 245 123 7 164 135 178 221 42 19 286 241 36 62 107 218 
+303 17 267 244 32 128 36 274 282 105 91 54 190 27 99 242 176 306 235 79 199 84 
+169 258 128 293 289 143 213 17 208 259 209 187 278 112 35 287 228 90 126 121 
+151 26 18 299 187 21 97 174 179 302 252 8 255 63 306 82 254 135 237 206 181 276 
+44 87 283 245 19 182 51 288 215 144 141 86 84 16 68 64 81 10 66 312 133 6 83 
+241 189 252 220 114 266 94 119 177 234 304 4 5 308 46 61 26 8 314 48 80 23 12 
+297 119 24 44 191 108 42 231 145 128 140 99 30 1 54 131 42 276 301 102 144 37 
+261 20 169 105 303 180 77 180 136 165 275 57 33 219 231 86 143 1 207 272 155 
+172 264 179 45 237 147 196 137 152 13 72 47 152 270 87 224 260 196 241 293 77 
+284 10 229 171 20 110 120 164 288 3 18 254 298 47 93 285 313 283 186 34 43 159 
+214 4 262 7 223 120 1 113 116 181 217 59 264 26 171 173 251 233 60 251 80 186 
+138 184 223 61 16 23 175 107 6 177 81 114 207 109 29 285 160 142 73 138 80 82 
+313 120 11 98 255 122 291 221 146 209 83 88 315 139 8 151 189 193 235 291 58 20 
+273 295 51 76 40 257 37 49 161 233 1 266 257 294 64 22 25 243 104 59 111 201 58 
+277 288 156 159 2 194 10 170 186 197 169 46 2 41 185 106 290 234 92 145 69 155 
+9 138 243 208 200 224 48 21 38 189 40 45 178 162 57 196 78 167 190 180 289 306 
+23 269 312 296 132 19 29 226 175 3 181 64 234 151 130 208 96 34 300 174 75 112 
+188 112 292 302 89 198 52 275 269 159 155 19 123 66 149 274 70 295 204 266 153 
+104 126 62 166 203 126 225 25 90 230 262 264 238 30 60 39 270 299 34 147 300 
+278 216 225 35 75 53 203 22 84 228 243 267 185 47 305 95 200 71 223 273 142 226 
+12 144 294 276 197 228 31 141 298 259 268 172 101 4 109 133 110 273 38 36 215 
+297 15 199 296 28 145 281 14 212 242 280 131 32 291 162 161 70 142 14 153 257 
+141 239 274 129 280 27 158 227 315 198 309 290 130 267 81 173 192 248 237 43 6 
+24 256 50 44 146 268 68 227 256 213 170 33 56 105 150 39 13 284 173 88 58 124 
+147 43 263 39 117 109 286 300 21 201 48 292 149 215 85 156 312 192 307 222 133 
+263 98 102 248 178 9 183 132 182 204 113 279 40 104 163 301 265 270 240 49 8 92 
+204 54 294 217 212 89 139 67 136 12 85 309 137 256 154 185 210 115 31 304 108 
+146 56 209 24 103 176 247 250 305 307 10 7 11 310 65 9 79 258 69 308 150 202 
+139 171 277 125 297 272 214 157 87 71 70 83 29 14 67 77 27 311 52 63 94 272 2 
+31 200 283 33 160 246 263 251 292 45 74 21 260 33 115 90 289 247 38 130 55 222 
+286 88 211 227 ^
+668 0 211 254 226 115 16 41 170 158 305 247 25 183 117 235 218 125 212 30 152 
+243 195 254 239 61 28 237 120 302 167 130 194 148 96 312 105 65 160 220 53 281 
+270 226 102 70 57 137 91 26 296 105 78 106 204 40 31 232 177 22 129 68 168 269 
+74 276 275 208 174 14 126 47 219 218 138 158 14 139 310 203 251 205 166 11 59 
+52 214 282 20 214 308 275 182 282 46 106 230 249 316 252 311 309 77 271 15 291 
+136 269 100 168 243 182 308 301 74 250 66 240 200 197 156 99 16 54 116 96 21 
+314 33 134 37 23 229 156 73 124 132 96 8 51 49 147 287 15 278 190 14 113 101 
+235 231 71 196 63 219 205 192 220 27 72 31 206 285 100 155 297 244 4 234 66 253 
+146 181 189 166 24 5 36 201 32 28 211 228 17 193 313 224 200 210 102 83 3 121 
+78 93 258 56 44 165 215 71 209 9 157 238 259 182 295 38 90 217 316 278 203 277 
+97 88 302 193 22 116 122 230 236 7 268 7 242 115 3 95 186 125 238 285 74 263 12 
+224 187 264 164 50 299 159 127 127 153 45 13 33 121 91 39 242 89 111 173 166 37 
+314 20 188 53 307 162 148 122 204 27 85 294 190 1 167 117 248 164 63 245 97 114 
+194 161 42 250 92 132 122 217 290 69 281 257 280 118 37 36 175 94 60 191 94 47 
+245 110 60 178 148 109 258 43 98 227 228 4 247 12 237 133 248 151 117 261 110 
+47 232 164 76 191 81 101 261 123 310 216 197 143 153 32 67 49 134 24 31 245 123 
+6 162 135 176 220 40 18 286 239 35 62 106 217 303 15 265 244 30 126 34 273 280 
+105 91 52 188 27 98 240 174 305 234 79 199 84 168 256 128 292 288 141 212 17 
+206 259 208 187 277 110 34 286 226 89 124 119 150 24 18 299 185 19 95 173 179 
+300 252 7 255 61 304 82 253 133 235 205 179 274 43 85 281 244 17 180 50 286 213 
+143 140 86 83 16 67 62 80 8 64 312 131 3 82 240 187 251 218 112 266 92 119 176 
+233 303 2 2 306 43 59 26 5 314 46 80 21 10 296 118 24 44 191 107 39 229 143 127 
+140 99 29 54 129 42 276 301 100 142 34 260 17 167 104 302 180 76 178 135 163 
+274 56 31 219 231 84 142 1 206 272 154 171 264 177 42 237 146 194 135 150 11 72 
+44 152 269 87 222 259 195 241 293 77 284 7 229 169 19 108 119 163 287 2 15 252 
+298 46 93 284 311 283 185 32 41 157 212 4 260 4 221 120 315 113 114 181 215 58 
+263 25 170 171 251 231 58 250 79 186 138 184 223 61 13 20 175 107 6 175 81 114 
+207 107 26 283 159 140 73 137 78 80 312 118 11 98 253 120 289 221 146 207 81 88 
+315 139 6 149 189 192 233 290 56 18 273 293 51 75 39 255 35 49 160 233 316 265 
+257 293 64 21 23 242 102 57 111 199 58 276 288 154 158 1 193 9 170 184 197 169 
+45 41 183 104 289 234 92 145 68 155 6 136 243 208 203 ^
+656 0 221 48 21 32 186 40 42 178 159 51 196 72 161 187 177 283 306 23 266 309 
+296 129 10 26 220 172 316 178 61 228 151 130 205 90 34 297 168 69 109 182 112 
+292 299 83 192 46 269 263 159 149 19 117 63 143 274 67 292 201 260 147 104 313 
+126 56 163 200 123 225 16 90 230 262 258 232 21 57 39 264 296 31 147 300 278 
+216 219 35 75 50 197 13 78 225 237 267 185 41 302 95 197 71 220 270 139 223 3 
+144 288 273 191 228 28 135 295 253 265 172 95 1 106 130 107 267 29 36 212 291 6 
+196 293 19 142 275 8 209 239 280 131 23 291 162 161 64 142 14 150 254 141 236 
+268 126 277 21 155 221 309 198 306 284 124 264 75 173 192 242 234 34 3 21 253 
+44 35 140 262 62 227 250 213 167 30 50 99 150 33 4 281 170 82 55 124 141 40 263 
+36 114 109 280 294 18 201 39 289 149 215 82 153 306 186 301 219 133 257 95 99 
+248 175 9 183 126 179 198 110 279 34 101 163 298 265 270 237 46 8 86 204 51 294 
+214 206 89 133 61 130 9 85 303 134 256 154 182 210 115 25 304 108 143 53 209 18 
+103 176 244 247 299 304 10 1 8 307 62 6 73 258 69 305 147 202 136 171 277 119 
+297 266 211 154 84 68 70 83 29 11 67 71 24 305 49 60 91 269 2 22 194 280 33 160 
+246 260 245 286 39 68 12 260 24 109 84 289 247 38 127 55 222 283 85 205 311 211 
+252 226 113 12 39 166 154 305 245 25 181 113 233 216 121 212 30 148 241 195 254 
+239 59 313 28 233 118 298 167 128 192 144 92 308 101 65 156 220 49 281 268 224 
+100 66 57 137 87 22 292 103 78 102 202 38 29 232 177 22 129 68 168 265 74 272 
+275 204 174 10 124 43 217 218 134 158 12 137 308 199 247 201 162 5 59 52 210 
+278 20 214 304 271 178 282 46 106 228 249 312 250 311 309 75 271 15 287 136 269 
+100 164 239 182 308 297 70 246 64 240 196 195 156 97 14 52 112 96 15 312 29 134 
+35 17 227 152 71 122 128 94 2 47 47 145 287 13 274 190 8 111 97 235 229 67 194 
+59 215 205 188 216 23 70 25 206 285 98 151 293 240 230 66 253 142 177 185 164 
+18 5 34 199 26 24 207 226 15 189 313 224 198 208 102 79 3 119 76 89 256 56 40 
+165 213 69 207 5 157 234 255 180 295 32 88 217 316 276 203 273 93 86 302 193 20 
+116 122 226 236 7 268 3 242 111 318 93 184 125 238 281 72 259 10 222 185 262 
+160 50 295 155 123 127 153 45 9 27 121 89 35 238 85 107 169 166 31 310 16 188 
+53 307 160 148 118 200 25 83 290 188 314 165 115 246 162 63 241 97 112 194 157 
+38 250 90 132 120 213 290 65 279 255 278 118 37 30 173 94 60 189 92 47 243 110 
+58 176 146 105 254 43 94 223 224 2 243 12 235 131 244 149 117 259 108 45 230 
+164 76 187 79 101 261 109 ^
+656 0 310 208 189 143 149 32 59 41 130 20 31 245 123 2 154 135 168 216 32 14 
+286 231 31 62 102 213 303 7 257 244 22 118 26 269 272 105 91 44 180 27 94 232 
+166 301 230 79 199 84 164 248 128 288 284 133 208 17 198 259 204 187 273 102 30 
+282 218 85 116 111 146 16 18 299 177 11 87 169 179 292 252 3 255 53 296 82 249 
+125 227 201 171 266 39 77 273 240 9 172 46 278 205 139 136 86 79 16 63 54 76 56 
+312 123 312 78 236 179 247 210 104 266 84 119 172 229 299 315 311 298 31 51 26 
+314 314 38 80 13 2 292 114 24 44 191 103 27 221 135 123 140 99 25 317 54 121 42 
+276 301 92 134 22 256 5 159 100 298 180 72 170 131 155 270 52 23 219 231 76 138 
+1 202 272 150 167 264 169 30 237 142 186 127 142 3 72 32 152 265 87 214 255 191 
+241 293 77 284 316 229 161 15 100 115 159 283 319 3 244 298 42 93 280 303 283 
+181 24 33 149 204 4 252 313 213 120 307 113 106 181 207 54 259 21 166 163 251 
+223 50 246 75 186 138 184 223 61 1 8 175 107 6 167 81 114 207 99 14 275 155 132 
+73 133 70 72 308 110 11 98 245 112 281 221 146 199 73 88 315 139 319 141 189 
+188 225 286 48 10 273 285 51 71 35 247 27 49 156 233 312 261 257 289 64 17 15 
+238 94 49 111 191 58 272 288 146 154 318 189 5 170 176 197 169 41 313 41 175 96 
+285 234 92 145 64 155 315 128 243 208 200 219 48 21 28 184 40 40 178 157 47 196 
+68 157 185 175 279 306 23 264 307 296 127 4 24 216 170 314 176 59 224 151 130 
+203 86 34 295 164 65 107 178 112 292 297 79 188 42 265 259 159 145 19 113 61 
+139 274 65 290 199 256 143 104 311 126 52 161 198 121 225 10 90 230 262 254 228 
+15 55 39 260 294 29 147 300 278 216 215 35 75 48 193 7 74 223 233 267 185 37 
+300 95 195 71 218 268 137 221 318 144 284 271 187 228 26 131 293 249 263 172 91 
+320 104 128 105 263 23 36 210 287 194 291 13 140 271 4 207 237 280 131 17 291 
+162 161 60 142 14 148 252 141 234 264 124 275 17 153 217 305 198 304 280 120 
+262 71 173 192 238 232 28 1 19 251 40 29 136 258 58 227 246 213 165 28 46 95 
+150 29 319 279 168 78 53 124 137 38 263 34 112 109 276 290 16 201 33 287 149 
+215 80 151 302 182 297 217 133 253 93 97 248 173 9 183 122 177 194 108 279 30 
+99 163 296 265 270 235 44 8 82 204 49 294 212 202 89 129 57 126 7 85 299 132 
+256 154 180 210 115 21 304 108 141 51 209 14 103 176 242 245 295 302 10 318 6 
+305 60 4 69 258 69 303 145 202 134 171 277 115 297 262 209 152 82 66 70 83 29 9 
+67 67 22 301 47 58 89 267 2 16 190 278 33 160 246 258 241 282 35 64 6 260 18 
+105 80 289 247 38 125 55 292 ^
+<D
+
+H>SHS Type 3 Strings<H
+D>
+45 0 14 5 3 1 4 16 12 20 1 6 15 11 18 4 17 16 6 10 3 2 9 9 14 6 2 8 6 7 10 17 
+12 20 6 7 5 16 1 4 2 17 10 15 8 20 1 ^
+<D
diff --git a/src/lib/libssl/src/test/times b/src/lib/libssl/src/test/times
index 49aeebf216..738d569b8f 100644
--- a/src/lib/libssl/src/test/times
+++ b/src/lib/libssl/src/test/times
@@ -68,7 +68,7 @@ eric (adding numbers to speculation)
 --- Appendix ---
 - The time measured is user time but these number a very rough.
 - Remember this is the cost of both client and server sides of the protocol.
-- The TCP/kernal overhead of connection establishment is normally the
+- The TCP/kernel overhead of connection establishment is normally the
   killer in SSL.  Often delays in the TCP protocol will make session-id
   reuse look slower that new sessions, but this would not be the case on
   a loaded server.
diff --git a/src/lib/libssl/src/test/tverify.com b/src/lib/libssl/src/test/tverify.com
index 021d701d79..2060184d1e 100644
--- a/src/lib/libssl/src/test/tverify.com
+++ b/src/lib/libssl/src/test/tverify.com
@@ -8,22 +8,22 @@ $	copy/concatenate [-.certs]*.pem certs.tmp
 $
 $       old_f :=
 $ loop_certs:
-$       verify := NO
-$       more := YES
+$       c := NO
 $       certs :=
 $ loop_certs2:
 $       f = f$search("[-.certs]*.pem")
 $       if f .nes. "" .and. f .nes. old_f
 $       then
 $           certs = certs + " [-.certs]" + f$parse(f,,,"NAME") + ".pem"
-$           verify := YES
+$           c := YES
 $           if f$length(certs) .lt. 180 then goto loop_certs2
-$       else
-$           more := NO
 $       endif
 $       certs = certs - " "
 $
-$       if verify then mcr 'exe_dir'openssl verify "-CAfile" certs.tmp 'certs'
-$       if more then goto loop_certs
+$       if c
+$       then
+$           mcr 'exe_dir'openssl verify "-CAfile" certs.tmp 'certs'
+$           goto loop_certs
+$       endif
 $
 $       delete certs.tmp;*
diff --git a/src/lib/libssl/src/tools/Makefile.ssl b/src/lib/libssl/src/tools/Makefile.ssl
new file mode 100644
index 0000000000..cb33d4a41e
--- /dev/null
+++ b/src/lib/libssl/src/tools/Makefile.ssl
@@ -0,0 +1,64 @@
+#
+# SSLeay/tools/Makefile
+#
+
+DIR=    tools
+TOP=    ..
+CC=     cc
+INCLUDES= -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile.ssl
+TEST=
+APPS= c_rehash
+MISC_APPS= c_hash c_info c_issuer c_name
+
+all:
+
+install:
+        @for i in $(APPS) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+        chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+        mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
+        done;
+        @for i in $(MISC_APPS) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
+        chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
+        mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \
+        done;
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+
+lint:
+
+tags:
+
+errors:
+
+depend:
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/src/lib/libssl/src/tools/c_rehash b/src/lib/libssl/src/tools/c_rehash
deleted file mode 100644
index e614fb5466..0000000000
--- a/src/lib/libssl/src/tools/c_rehash
+++ /dev/null
@@ -1,160 +0,0 @@
-#!/usr/bin/perl
-
-
-# Perl c_rehash script, scan all files in a directory
-# and add symbolic links to their hash values.
-
-my $openssl;
-
-my $dir = "/usr/local/ssl";
-
-if(defined $ENV{OPENSSL}) {
-        $openssl = $ENV{OPENSSL};
-} else {
-        $openssl = "openssl";
-        $ENV{OPENSSL} = $openssl;
-}
-
-$ENV{PATH} .= ":$dir/bin";
-
-if(! -x $openssl) {
-        my $found = 0;
-        foreach (split /:/, $ENV{PATH}) {
-                if(-x "$_/$openssl") {
-                        $found = 1;
-                        last;
-                }       
-        }
-        if($found == 0) {
-                print STDERR "c_rehash: rehashing skipped ('openssl' program not available)\n";
-                exit 0;
-        }
-}
-
-if(@ARGV) {
-        @dirlist = @ARGV;
-} elsif($ENV{SSL_CERT_DIR}) {
-        @dirlist = split /:/, $ENV{SSL_CERT_DIR};
-} else {
-        $dirlist[0] = "$dir/certs";
-}
-
-
-foreach (@dirlist) {
-        if(-d $_ and -w $_) {
-                hash_dir($_);
-        }
-}
-
-sub hash_dir {
-        my %hashlist;
-        print "Doing $_[0]\n";
-        chdir $_[0];
-        opendir(DIR, ".");
-        my @flist = readdir(DIR);
-        # Delete any existing symbolic links
-        foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) {
-                if(-l $_) {
-                        unlink $_;
-                }
-        }
-        closedir DIR;
-        FILE: foreach $fname (grep {/\.pem$/} @flist) {
-                # Check to see if certificates and/or CRLs present.
-                my ($cert, $crl) = check_file($fname);
-                if(!$cert && !$crl) {
-                        print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
-                        next;
-                }
-                link_hash_cert($fname) if($cert);
-                link_hash_crl($fname) if($crl);
-        }
-}
-
-sub check_file {
-        my ($is_cert, $is_crl) = (0,0);
-        my $fname = $_[0];
-        open IN, $fname;
-        while(<IN>) {
-                if(/^-----BEGIN (.*)-----/) {
-                        my $hdr = $1;
-                        if($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) {
-                                $is_cert = 1;
-                                last if($is_crl);
-                        } elsif($hdr eq "X509 CRL") {
-                                $is_crl = 1;
-                                last if($is_cert);
-                        }
-                }
-        }
-        close IN;
-        return ($is_cert, $is_crl);
-}
-
-
-# Link a certificate to its subject name hash value, each hash is of
-# the form <hash>.<n> where n is an integer. If the hash value already exists
-# then we need to up the value of n, unless its a duplicate in which
-# case we skip the link. We check for duplicates by comparing the
-# certificate fingerprints
-
-sub link_hash_cert {
-                my $fname = $_[0];
-                $fname =~ s/'/'\\''/g;
-                my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname'`;
-                chomp $hash;
-                chomp $fprint;
-                $fprint =~ s/^.*=//;
-                $fprint =~ tr/://d;
-                my $suffix = 0;
-                # Search for an unused hash filename
-                while(exists $hashlist{"$hash.$suffix"}) {
-                        # Hash matches: if fingerprint matches its a duplicate cert
-                        if($hashlist{"$hash.$suffix"} eq $fprint) {
-                                print STDERR "WARNING: Skipping duplicate certificate $fname\n";
-                                return;
-                        }
-                        $suffix++;
-                }
-                $hash .= ".$suffix";
-                print "$fname => $hash\n";
-                $symlink_exists=eval {symlink("",""); 1};
-                if ($symlink_exists) {
-                        symlink $fname, $hash;
-                } else {
-                        system ("cp", $fname, $hash);
-                }
-                $hashlist{$hash} = $fprint;
-}
-
-# Same as above except for a CRL. CRL links are of the form <hash>.r<n>
-
-sub link_hash_crl {
-                my $fname = $_[0];
-                $fname =~ s/'/'\\''/g;
-                my ($hash, $fprint) = `"$openssl" crl -hash -fingerprint -noout -in '$fname'`;
-                chomp $hash;
-                chomp $fprint;
-                $fprint =~ s/^.*=//;
-                $fprint =~ tr/://d;
-                my $suffix = 0;
-                # Search for an unused hash filename
-                while(exists $hashlist{"$hash.r$suffix"}) {
-                        # Hash matches: if fingerprint matches its a duplicate cert
-                        if($hashlist{"$hash.r$suffix"} eq $fprint) {
-                                print STDERR "WARNING: Skipping duplicate CRL $fname\n";
-                                return;
-                        }
-                        $suffix++;
-                }
-                $hash .= ".r$suffix";
-                print "$fname => $hash\n";
-                $symlink_exists=eval {symlink("",""); 1};
-                if ($symlink_exists) {
-                        symlink $fname, $hash;
-                } else {
-                        system ("cp", $fname, $hash);
-                }
-                $hashlist{$hash} = $fprint;
-}
-
diff --git a/src/lib/libssl/src/util/libeay.num b/src/lib/libssl/src/util/libeay.num
index 4222bef6d6..56fb7446e0 100644
--- a/src/lib/libssl/src/util/libeay.num
+++ b/src/lib/libssl/src/util/libeay.num
@@ -2811,7 +2811,7 @@ EVP_aes_192_cfb8                        3252	EXIST::FUNCTION:AES
 FIPS_mode_set                           3253    EXIST:OPENSSL_FIPS:FUNCTION:
 FIPS_selftest_dsa                       3254    EXIST:OPENSSL_FIPS:FUNCTION:
 EVP_aes_256_cfb8                        3255    EXIST::FUNCTION:AES
-FIPS_allow_md5                          3256    NOEXIST::FUNCTION:
+FIPS_allow_md5                          3256    EXIST:OPENSSL_FIPS:FUNCTION:
 DES_ede3_cfb_encrypt                    3257    EXIST::FUNCTION:DES
 EVP_des_ede3_cfb8                       3258    EXIST::FUNCTION:DES
 FIPS_rand_seeded                        3259    EXIST:OPENSSL_FIPS:FUNCTION:
@@ -2837,7 +2837,7 @@ FIPS_dsa_check                          3278	EXIST:OPENSSL_FIPS:FUNCTION:
 AES_cfb1_encrypt                        3279    EXIST::FUNCTION:AES
 EVP_des_ede3_cfb1                       3280    EXIST::FUNCTION:DES
 FIPS_rand_check                         3281    EXIST:OPENSSL_FIPS:FUNCTION:
-FIPS_md5_allowed                        3282    NOEXIST::FUNCTION:
+FIPS_md5_allowed                        3282    EXIST:OPENSSL_FIPS:FUNCTION:
 FIPS_mode                               3283    EXIST:OPENSSL_FIPS:FUNCTION:
 FIPS_selftest_failed                    3284    EXIST:OPENSSL_FIPS:FUNCTION:
 sk_is_sorted                            3285    EXIST::FUNCTION:
@@ -2867,41 +2867,3 @@ PROXY_CERT_INFO_EXTENSION_it            3307	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA
 PROXY_CERT_INFO_EXTENSION_it            3307    EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
 PROXY_POLICY_free                       3308    EXIST::FUNCTION:
 PROXY_POLICY_new                        3309    EXIST::FUNCTION:
-BN_MONT_CTX_set_locked                  3310    EXIST::FUNCTION:
-FIPS_selftest_rng                       3311    EXIST:OPENSSL_FIPS:FUNCTION:
-EVP_sha384                              3312    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
-EVP_sha512                              3313    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
-EVP_sha224                              3314    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
-EVP_sha256                              3315    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
-FIPS_selftest_hmac                      3316    EXIST:OPENSSL_FIPS:FUNCTION:
-FIPS_corrupt_rng                        3317    EXIST:OPENSSL_FIPS:FUNCTION:
-BN_mod_exp_mont_consttime               3318    EXIST::FUNCTION:
-RSA_X931_hash_id                        3319    EXIST::FUNCTION:RSA
-RSA_padding_check_X931                  3320    EXIST::FUNCTION:RSA
-RSA_verify_PKCS1_PSS                    3321    EXIST::FUNCTION:RSA
-RSA_padding_add_X931                    3322    EXIST::FUNCTION:RSA
-RSA_padding_add_PKCS1_PSS               3323    EXIST::FUNCTION:RSA
-PKCS1_MGF1                              3324    EXIST::FUNCTION:RSA
-BN_X931_generate_Xpq                    3325    EXIST:OPENSSL_FIPS:FUNCTION:
-RSA_X931_generate_key                   3326    EXIST:OPENSSL_FIPS:FUNCTION:RSA
-BN_X931_derive_prime                    3327    EXIST:OPENSSL_FIPS:FUNCTION:
-BN_X931_generate_prime                  3328    EXIST:OPENSSL_FIPS:FUNCTION:
-RSA_X931_derive                         3329    EXIST:OPENSSL_FIPS:FUNCTION:RSA
-SHA512_Update                           3356    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
-SHA256_Init                             3479    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
-SHA224                                  3510    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
-SHA384_Update                           3551    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
-SHA224_Final                            3560    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
-SHA224_Update                           3562    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
-SHA512_Final                            3581    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
-SHA224_Init                             3631    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
-SHA512_Init                             3633    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
-SHA256                                  3654    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
-SHA256_Transform                        3664    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
-SHA512                                  3669    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
-SHA512_Transform                        3675    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
-SHA256_Final                            3712    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
-SHA384_Init                             3737    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
-SHA384_Final                            3740    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
-SHA384                                  3745    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
-SHA256_Update                           3765    EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
diff --git a/src/lib/libssl/src/util/mk1mf.pl b/src/lib/libssl/src/util/mk1mf.pl
index 05a6086164..957264c6b5 100644
--- a/src/lib/libssl/src/util/mk1mf.pl
+++ b/src/lib/libssl/src/util/mk1mf.pl
@@ -10,20 +10,6 @@ $OPTIONS="";
 $ssl_version="";
 $banner="\t\@echo Building OpenSSL";
 
-local $zlib_opt = 0;    # 0 = no zlib, 1 = static, 2 = dynamic
-local $zlib_lib = "";
-
-my $fips_canister_path = "";
-my $fips_premain_dso_exe_path = "";
-my $fips_premain_c_path = "";
-my $fips_sha1_exe_path = "";
-
-my $fipslibdir = "";
-my $baseaddr = "";
-
-my $ex_l_libs = "";
-
-
 open(IN,"<Makefile") || die "unable to open Makefile!\n";
 while(<IN>) {
     $ssl_version=$1 if (/^VERSION=(.*)$/);
@@ -38,7 +24,6 @@ $infile="MINFO";
 
 %ops=(
         "VC-WIN32",   "Microsoft Visual C++ [4-6] - Windows NT or 9X",
-        "VC-WIN32-GMAKE", "Microsoft Visual C++ [4-6] - Windows NT or 9X, GNU make",
         "VC-CE",   "Microsoft eMbedded Visual C++ 3.0 - Windows CE ONLY",
         "VC-NT",   "Microsoft Visual C++ [4-6] - Windows NT ONLY",
         "VC-W31-16",  "Microsoft Visual C++ 1.52 - Windows 3.1 - 286",
@@ -58,7 +43,6 @@ $infile="MINFO";
         );
 
 $platform="";
-my $xcflags="";
 foreach (@ARGV)
         {
         if (!&read_options && !defined($ops{$_}))
@@ -120,12 +104,8 @@ $inc_def="outinc";
 $tmp_def="tmp";
 
 $mkdir="-mkdir";
-$mkcanister="ld -r -o";
-
-$ex_build_targets = "";
 
 ($ssl,$crypto)=("ssl","crypto");
-$cryptocompat = "";
 $ranlib="echo ranlib";
 
 $cc=(defined($VARS{'CC'}))?$VARS{'CC'}:'cc';
@@ -160,10 +140,6 @@ elsif (($platform eq "VC-WIN32") || ($platform eq "VC-NT"))
         $NT = 1 if $platform eq "VC-NT";
         require 'VC-32.pl';
         }
-elsif ($platform eq "VC-WIN32-GMAKE")
-        {
-        require 'VC-32-GMAKE.pl';
-        }
 elsif ($platform eq "VC-CE")
         {
         require 'VC-CE.pl';
@@ -234,8 +210,6 @@ $inc_dir=(defined($VARS{'INC'}))?$VARS{'INC'}:$inc_def;
 
 $bin_dir=$bin_dir.$o unless ((substr($bin_dir,-1,1) eq $o) || ($bin_dir eq ''));
 
-$cflags= "$xcflags$cflags" if $xcflags ne "";
-
 $cflags.=" -DOPENSSL_NO_IDEA" if $no_idea;
 $cflags.=" -DOPENSSL_NO_AES"  if $no_aes;
 $cflags.=" -DOPENSSL_NO_RC2"  if $no_rc2;
@@ -265,9 +239,6 @@ $cflags.=" -DOPENSSL_NO_HW"   if $no_hw;
 $cflags.=" -DOPENSSL_FIPS"    if $fips;
 #$cflags.=" -DRSAref"  if $rsaref ne "";
 
-$cflags.= " -DZLIB" if $zlib_opt;
-$cflags.= " -DZLIB_SHARED" if $zlib_opt == 2;
-
 ## if ($unix)
 ##      { $cflags="$c_flags" if ($c_flags ne ""); }
 ##else
@@ -275,7 +246,6 @@ $cflags.= " -DZLIB_SHARED" if $zlib_opt == 2;
 
 $ex_libs="$l_flags$ex_libs" if ($l_flags ne "");
 
-
 %shlib_ex_cflags=("SSL" => " -DOPENSSL_BUILD_SHLIBSSL",
                   "CRYPTO" => " -DOPENSSL_BUILD_SHLIBCRYPTO");
 
@@ -292,135 +262,6 @@ $link="$bin_dir$link" if ($link !~ /^\$/);
 
 $INSTALLTOP =~ s|/|$o|g;
 
-#############################################
-# We parse in input file and 'store' info for later printing.
-open(IN,"<$infile") || die "unable to open $infile:$!\n";
-$_=<IN>;
-for (;;)
-        {
-        chop;
-
-        ($key,$val)=/^([^=]+)=(.*)/;
-        if ($key eq "RELATIVE_DIRECTORY")
-                {
-                if ($lib ne "")
-                        {
-                        if ($fips && $dir =~ /^fips/)
-                                {
-                                $uc = "FIPS";
-                                }
-                        else
-                                {
-                                $uc=$lib;
-                                $uc =~ s/^lib(.*)\.a/$1/;
-                                $uc =~ tr/a-z/A-Z/;
-                                }
-                        if (($uc ne "FIPS") || $fips_canister_build)
-                                {
-                                $lib_nam{$uc}=$uc;
-                                $lib_obj{$uc}.=$libobj." ";
-                                }
-                        }
-                last if ($val eq "FINISHED");
-                $lib="";
-                $libobj="";
-                $dir=$val;
-                }
-
-        if ($key eq "KRB5_INCLUDES")
-                { $cflags .= " $val";}
-
-        if ($key eq "ZLIB_INCLUDE")
-                { $cflags .= " $val" if $val ne "";}
-
-        if ($key eq "LIBZLIB")
-                { $zlib_lib = "$val" if $val ne "";}
-
-        if ($key eq "LIBKRB5")
-                { $ex_libs .= " $val" if $val ne "";}
-
-        if ($key eq "TEST")
-                { $test.=&var_add($dir,$val); }
-
-        if (($key eq "PROGS") || ($key eq "E_OBJ"))
-                { $e_exe.=&var_add($dir,$val); }
-
-        if ($key eq "LIB")
-                {
-                $lib=$val;
-                $lib =~ s/^.*\/([^\/]+)$/$1/;
-                }
-
-        if ($key eq "EXHEADER")
-                { $exheader.=&var_add($dir,$val); }
-
-        if ($key eq "HEADER")
-                { $header.=&var_add($dir,$val); }
-
-        if ($key eq "LIBOBJ")
-                { $libobj=&var_add($dir,$val); }
-
-        if ($key eq "FIPSLIBDIR")
-                { $fipslibdir=$val;}
-
-        if ($key eq "BASEADDR")
-                { $baseaddr=$val;}
-
-        if (!($_=<IN>))
-                { $_="RELATIVE_DIRECTORY=FINISHED\n"; }
-        }
-close(IN);
-
-if ($fips_canister_path eq "")
-        {
-        $fips_canister_path = "\$(FIPSLIB_D)${o}fipscanister.o";
-        }
-
-if ($fips_premain_c_path eq "")
-        {
-        $fips_premain_c_path = "\$(FIPSLIB_D)${o}fips_premain.c";
-        }
-
-if ($fips)
-        {
-        if ($fips_sha1_exe_path eq "")
-                {
-                $fips_sha1_exe_path =
-                        "\$(BIN_D)${o}fips_standalone_sha1$exep";
-                }
-        }
-        else
-        {
-        $fips_sha1_exe_path = "";
-        }
-
-if ($fips_premain_dso_exe_path eq "")
-        {
-        $fips_premain_dso_exe_path = "\$(BIN_D)${o}fips_premain_dso$exep";
-        }
-
-#       $ex_build_targets .= "\$(BIN_D)${o}\$(E_PREMAIN_DSO)$exep" if ($fips);
-
-if ($fips)
-        {
-        if (!$shlib)
-                {
-                $ex_build_targets .= " \$(LIB_D)$o$crypto_compat \$(PREMAIN_DSO_EXE)";
-                $ex_l_libs .= " \$(O_FIPSCANISTER)";
-                }
-        if ($fipslibdir eq "")
-                {
-                open (IN, "util/fipslib_path.txt") || fipslib_error();
-                $fipslibdir = <IN>;
-                chomp $fipslibdir;
-                close IN;
-                }
-        fips_check_files($fipslibdir,
-                        "fipscanister.o", "fipscanister.o.sha1",
-                        "fips_premain.c", "fips_premain.c.sha1");
-        }
-        
-
 $defs= <<"EOF";
 # This makefile has been automatically generated from the OpenSSL distribution.
 # This single makefile will build the complete OpenSSL distribution and
@@ -445,7 +286,6 @@ if ($platform eq "VC-CE")
 !INCLUDE <\$(WCECOMPAT)/wcedefs.mak>
 
 EOF
-        $ex_libs .= " $zlib_lib" if $zlib_opt == 1;
         }
 
 $defs.= <<"EOF";
@@ -468,8 +308,6 @@ EX_LIBS=$ex_libs
 SRC_D=$src_dir
 
 LINK=$link
-PERL=perl
-FIPSLINK=\$(PERL) util${o}fipslink.pl
 LFLAGS=$lflags
 
 BN_ASM_OBJ=$bn_asm_obj
@@ -501,9 +339,6 @@ TMP_D=$tmp_dir
 INC_D=$inc_dir
 INCO_D=$inc_dir${o}openssl
 
-# Directory containing FIPS module
-
-
 CP=$cp
 RM=$rm
 RANLIB=$ranlib
@@ -511,18 +346,6 @@ MKDIR=$mkdir
 MKLIB=$bin_dir$mklib
 MLFLAGS=$mlflags
 ASM=$bin_dir$asm
-MKCANISTER=$mkcanister
-
-# FIPS validated module and support file locations
-
-E_PREMAIN_DSO=fips_premain_dso
-
-FIPSLIB_D=$fipslibdir
-BASEADDR=$baseaddr
-FIPS_PREMAIN_SRC=$fips_premain_c_path
-O_FIPSCANISTER=$fips_canister_path
-FIPS_SHA1_EXE=$fips_sha1_exe_path
-PREMAIN_DSO_EXE=$fips_premain_dso_exe_path
 
 ######################################################
 # You should not need to touch anything below this point
@@ -554,7 +377,7 @@ SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp
 L_SSL=     \$(LIB_D)$o$plib\$(SSL)$libp
 L_CRYPTO=  \$(LIB_D)$o$plib\$(CRYPTO)$libp
 
-L_LIBS= \$(L_SSL) \$(L_CRYPTO) $ex_l_libs
+L_LIBS= \$(L_SSL) \$(L_CRYPTO)
 
 ######################################################
 # Don't touch anything below this point
@@ -564,13 +387,13 @@ INC=-I\$(INC_D) -I\$(INCL_D)
 APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG)
 LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG)
 SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG)
-LIBS_DEP=\$(O_CRYPTO) \$(O_SSL) $ex_libs_dep
+LIBS_DEP=\$(O_CRYPTO) \$(O_SSL)
 
 #############################################
 EOF
 
 $rules=<<"EOF";
-all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers \$(FIPS_SHA1_EXE) lib exe $ex_build_targets
+all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe
 
 banner:
 $banner
@@ -656,6 +479,57 @@ printf OUT "  #define DATE \"%s\"\n", scalar gmtime();
 printf OUT "#endif\n";
 close(OUT);
 
+#############################################
+# We parse in input file and 'store' info for later printing.
+open(IN,"<$infile") || die "unable to open $infile:$!\n";
+$_=<IN>;
+for (;;)
+        {
+        chop;
+
+        ($key,$val)=/^([^=]+)=(.*)/;
+        if ($key eq "RELATIVE_DIRECTORY")
+                {
+                if ($lib ne "")
+                        {
+                        $uc=$lib;
+                        $uc =~ s/^lib(.*)\.a/$1/;
+                        $uc =~ tr/a-z/A-Z/;
+                        $lib_nam{$uc}=$uc;
+                        $lib_obj{$uc}.=$libobj." ";
+                        }
+                last if ($val eq "FINISHED");
+                $lib="";
+                $libobj="";
+                $dir=$val;
+                }
+
+        if ($key eq "TEST")
+                { $test.=&var_add($dir,$val); }
+
+        if (($key eq "PROGS") || ($key eq "E_OBJ"))
+                { $e_exe.=&var_add($dir,$val); }
+
+        if ($key eq "LIB")
+                {
+                $lib=$val;
+                $lib =~ s/^.*\/([^\/]+)$/$1/;
+                }
+
+        if ($key eq "EXHEADER")
+                { $exheader.=&var_add($dir,$val); }
+
+        if ($key eq "HEADER")
+                { $header.=&var_add($dir,$val); }
+
+        if ($key eq "LIBOBJ")
+                { $libobj=&var_add($dir,$val); }
+
+        if (!($_=<IN>))
+                { $_="RELATIVE_DIRECTORY=FINISHED\n"; }
+        }
+close(IN);
+
 # Strip of trailing ' '
 foreach (keys %lib_obj) { $lib_obj{$_}=&clean_up_ws($lib_obj{$_}); }
 $test=&clean_up_ws($test);
@@ -680,29 +554,6 @@ $rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)");
 $defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj);
 $rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)');
 
-# Special case rules for fips_start and fips_end fips_premain_dso
-
-if ($fips)
-        {
-        if ($fips_canister_build)
-                {
-                $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_start$obj",
-                        "fips-1.0${o}fips_canister.c",
-                        "-DFIPS_START \$(SHLIB_CFLAGS)");
-                $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_end$obj",
-                        "fips-1.0${o}fips_canister.c", "\$(SHLIB_CFLAGS)");
-                }
-        $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_standalone_sha1$obj",
-                "fips-1.0${o}sha${o}fips_standalone_sha1.c",
-                "\$(SHLIB_CFLAGS)");
-        $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_sha1dgst$obj",
-                "fips-1.0${o}sha${o}fips_sha1dgst.c",
-                "\$(SHLIB_CFLAGS)") unless $fips_canister_build;
-        $rules.=&cc_compile_target("\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj",
-                "fips-1.0${o}fips_premain.c",
-                "-DFINGERPRINT_PREMAIN_DSO_LOAD \$(SHLIB_CFLAGS)");
-        }
-
 foreach (values %lib_nam)
         {
         $lib_obj=$lib_obj{$_};
@@ -779,42 +630,16 @@ foreach (split(/\s+/,$test))
         }
 
 $rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)");
-
+$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)");
 
 if ($fips)
         {
-        if ($shlib)
-                {
-                $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
-                        "\$(O_CRYPTO)",
-                        "$crypto",
-                        $shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)");
-                }
-        else
-                {
-                $rules.= &do_lib_rule("\$(CRYPTOOBJ)",
-                        "\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)", "");
-                $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
-                        "\$(LIB_D)$o$crypto_compat",$crypto,$shlib,"\$(SO_CRYPTO)", "");
-                }
+        $rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)","\$(BIN_D)$o.sha1","\$(BIN_D)$o\$(E_EXE)$exep");
         }
-        else
-        {
-        $rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,
-                                                        "\$(SO_CRYPTO)");
-        }
-
-
-if ($fips)
+else
         {
-        $rules.= &do_rlink_rule("\$(O_FIPSCANISTER)", "\$(OBJ_D)${o}fips_start$obj \$(FIPSOBJ) \$(OBJ_D)${o}fips_end$obj", "\$(FIPSLIB_D)${o}fips_standalone_sha1$exep", "") if $fips_canister_build;
-        $rules.=&do_link_rule("\$(PREMAIN_DSO_EXE)","\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj \$(CRYPTOOBJ) \$(O_FIPSCANISTER)","","\$(EX_LIBS)", 1);
-        
-        $rules.=&do_link_rule("\$(FIPS_SHA1_EXE)","\$(OBJ_D)${o}fips_standalone_sha1$obj \$(OBJ_D)${o}fips_sha1dgst$obj","","", 1);
+        $rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
         }
-
-        $rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)",0);
-
 print $defs;
 
 if ($platform eq "linux-elf") {
@@ -1110,24 +935,6 @@ sub read_options
         elsif (/^shlib$/)       { $shlib=1; }
         elsif (/^dll$/)         { $shlib=1; }
         elsif (/^shared$/)      { } # We just need to ignore it for now...
-        elsif (/^zlib$/) { $zlib_opt = 1 if $zlib_opt == 0 }
-        elsif (/^zlib-dynamic$/){ $zlib_opt = 2; }
-        elsif (/^--with-krb5-flavor=(.*)$/)
-                {
-                my $krb5_flavor = $1;
-                if ($krb5_flavor =~ /^force-[Hh]eimdal$/)
-                        {
-                        $xcflags="-DKRB5_HEIMDAL $xcflags";
-                        }
-                elsif ($krb5_flavor =~ /^MIT/i)
-                        {
-                        $xcflags="-DKRB5_MIT $xcflags";
-                        if ($krb5_flavor =~ /^MIT[._-]*1[._-]*[01]/i)
-                                {
-                                $xcflags="-DKRB5_MIT_OLD11 $xcflags"
-                                }
-                        }
-                }
         elsif (/^([^=]*)=(.*)$/){ $VARS{$1}=$2; }
         elsif (/^-[lL].*$/)     { $l_flags.="$_ "; }
         elsif ((!/^-help/) && (!/^-h/) && (!/^-\?/) && /^-.*$/)
@@ -1135,31 +942,3 @@ sub read_options
         else { return(0); }
         return(1);
         }
-
-sub fipslib_error
-        {
-        print STDERR "***FIPS module directory sanity check failed***\n";
-        print STDERR "FIPS module build failed, or was deleted\n";
-        print STDERR "Please rebuild FIPS module.\n"; 
-        exit 1;
-        }
-
-sub fips_check_files
-        {
-        my $dir = shift @_;
-        my $ret = 1;
-        if (!-d $dir)
-                {
-                print STDERR "FIPS module directory $dir does not exist\n";
-                fipslib_error();
-                }
-        foreach (@_)
-                {
-                if (!-f "$dir${o}$_")
-                        {
-                        print STDERR "FIPS module file $_ does not exist!\n";
-                        $ret = 0;
-                        }
-                }
-        fipslib_error() if ($ret == 0);
-        }
diff --git a/src/lib/libssl/src/util/mkdef.pl b/src/lib/libssl/src/util/mkdef.pl
index 6c1e53bb14..9918c3d549 100644
--- a/src/lib/libssl/src/util/mkdef.pl
+++ b/src/lib/libssl/src/util/mkdef.pl
@@ -83,7 +83,7 @@ my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT",
 my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" );
 my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
                          "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
-                         "SHA256", "SHA512", "RIPEMD",
+                         "RIPEMD",
                          "MDC2", "RSA", "DSA", "DH", "EC", "HMAC", "AES",
                          # Envelope "algorithms"
                          "EVP", "X509", "ASN1_TYPEDEFS",
@@ -267,7 +267,7 @@ $crypto.=" crypto/ocsp/ocsp.h";
 $crypto.=" crypto/ui/ui.h crypto/ui/ui_compat.h";
 $crypto.=" crypto/krb5/krb5_asn.h";
 $crypto.=" crypto/tmdiff.h";
-$crypto.=" fips-1.0/fips.h fips-1.0/rand/fips_rand.h fips-1.0/sha/fips_sha.h";
+$crypto.=" fips/fips.h fips/rand/fips_rand.h";
 
 my $symhacks="crypto/symhacks.h";
 
@@ -864,9 +864,6 @@ sub do_defs
                         $a .= ",RSA" if($s =~ /PEM_Seal(Final|Init|Update)/);
                         $a .= ",RSA" if($s =~ /RSAPrivateKey/);
                         $a .= ",RSA" if($s =~ /SSLv23?_((client|server)_)?method/);
-                        # SHA2 algorithms only defined in FIPS mode for
-                        # OpenSSL 0.9.7
-                        $p .= "OPENSSL_FIPS" if($s =~ /SHA[235]/);
 
                         $platform{$s} =
                             &reduce_platforms((defined($platform{$s})?$platform{$s}.',':"").$p);
@@ -1014,7 +1011,7 @@ sub is_valid
 {
         my ($keywords_txt,$platforms) = @_;
         my (@keywords) = split /,/,$keywords_txt;
-        my ($falsesum, $truesum) = (0, 1);
+        my ($falsesum, $truesum) = (0, !grep(/^[^!]/,@keywords));
 
         # Param: one keyword
         sub recognise
@@ -1082,7 +1079,7 @@ sub is_valid
                 if ($k =~ /^!(.*)$/) {
                         $falsesum += &recognise($1,$platforms);
                 } else {
-                        $truesum *= &recognise($k,$platforms);
+                        $truesum += &recognise($k,$platforms);
                 }
         }
         print STDERR "DEBUG: [",$#keywords,",",$#keywords < 0,"] is_valid($keywords_txt) => (\!$falsesum) && $truesum = ",(!$falsesum) && $truesum,"\n" if $debug;
diff --git a/src/lib/libssl/src/util/mkerr.pl b/src/lib/libssl/src/util/mkerr.pl
index 9678514604..60e534807e 100644
--- a/src/lib/libssl/src/util/mkerr.pl
+++ b/src/lib/libssl/src/util/mkerr.pl
@@ -9,9 +9,6 @@ my $reindex = 0;
 my $dowrite = 0;
 my $staticloader = "";
 
-my $pack_errcode;
-my $load_errcode;
-
 while (@ARGV) {
         my $arg = $ARGV[0];
         if($arg eq "-conf") {
@@ -44,8 +41,8 @@ while (@ARGV) {
 }
 
 if($recurse) {
-        @source = (<crypto/*.c>, <crypto/*/*.c>, <ssl/*.c>, <fips-1.0/*.c>,
-                   <fips-1.0/*/*.c>);
+        @source = (<crypto/*.c>, <crypto/*/*.c>, <ssl/*.c>, <fips/*.c>,
+                   <fips/*/*.c>);
 } else {
         @source = @ARGV;
 }
@@ -402,20 +399,6 @@ EOF
                 $hincf = "\"$hfile\"";
         }
 
-        # If static we know the error code at compile time so use it
-        # in error definitions.
-
-        if ($static)
-                {
-                $pack_errcode = "ERR_LIB_${lib}";
-                $load_errcode = "0";
-                }
-        else
-                {
-                $pack_errcode = "0";
-                $load_errcode = "ERR_LIB_${lib}";
-                }
-
 
         open (OUT,">$cfile") || die "Can't open $cfile for writing";
 
@@ -486,10 +469,6 @@ EOF
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK($pack_errcode,func,0)
-#define ERR_REASON(reason) ERR_PACK($pack_errcode,0,reason)
-
 static ERR_STRING_DATA ${lib}_str_functs[]=
         {
 EOF
@@ -501,8 +480,7 @@ EOF
                 if(exists $ftrans{$fn}) {
                         $fn = $ftrans{$fn};
                 }
-#               print OUT "{ERR_PACK($pack_errcode,$i,0),\t\"$fn\"},\n";
-                print OUT "{ERR_FUNC($i),\t\"$fn\"},\n";
+                print OUT "{ERR_PACK(0,$i,0),\t\"$fn\"},\n";
         }
         print OUT <<"EOF";
 {0,NULL}
@@ -514,7 +492,6 @@ EOF
         # Add each reason code.
         foreach $i (@reasons) {
                 my $rn;
-                my $rstr = "ERR_REASON($i)";
                 my $nspc = 0;
                 if (exists $err_reason_strings{$i}) {
                         $rn = $err_reason_strings{$i};
@@ -523,9 +500,9 @@ EOF
                         $rn = $1;
                         $rn =~ tr/_[A-Z]/ [a-z]/;
                 }
-                $nspc = 40 - length($rstr) unless length($rstr) > 40;
+                $nspc = 40 - length($i) unless length($i) > 40;
                 $nspc = " " x $nspc;
-                print OUT "{${rstr}${nspc},\"$rn\"},\n";
+                print OUT "{${i}${nspc},\"$rn\"},\n";
         }
 if($static) {
         print OUT <<"EOF";
@@ -542,8 +519,8 @@ ${staticloader}void ERR_load_${lib}_strings(void)
                 {
                 init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings($load_errcode,${lib}_str_functs);
-                ERR_load_strings($load_errcode,${lib}_str_reasons);
+                ERR_load_strings(ERR_LIB_${lib},${lib}_str_functs);
+                ERR_load_strings(ERR_LIB_${lib},${lib}_str_reasons);
 #endif
 
                 }
diff --git a/src/lib/libssl/src/util/mkfiles.pl b/src/lib/libssl/src/util/mkfiles.pl
index bc78510f56..928a274303 100644
--- a/src/lib/libssl/src/util/mkfiles.pl
+++ b/src/lib/libssl/src/util/mkfiles.pl
@@ -51,15 +51,14 @@ my @dirs = (
 "crypto/ocsp",
 "crypto/ui",
 "crypto/krb5",
-"fips-1.0",
-"fips-1.0/aes",
-"fips-1.0/des",
-"fips-1.0/dsa",
-"fips-1.0/dh",
-"fips-1.0/hmac",
-"fips-1.0/rand",
-"fips-1.0/rsa",
-"fips-1.0/sha",
+"fips",
+"fips/aes",
+"fips/des",
+"fips/dsa",
+"fips/dh",
+"fips/rand",
+"fips/rsa",
+"fips/sha1",
 "ssl",
 "apps",
 "test",
diff --git a/src/lib/libssl/src/util/mklink.pl b/src/lib/libssl/src/util/mklink.pl
index 182732d959..c8653cecc3 100644
--- a/src/lib/libssl/src/util/mklink.pl
+++ b/src/lib/libssl/src/util/mklink.pl
@@ -14,16 +14,13 @@
 # not contain symbolic links and that the parent of / is never referenced.
 # Apart from this, this script should be able to handle even the most
 # pathological cases.
-#
-
-use Cwd;
 
 my $from = shift;
 my @files = @ARGV;
 
 my @from_path = split(/[\\\/]/, $from);
-my $pwd = getcwd();
-chomp($pwd);
+my $pwd = `pwd`;
+chop($pwd);
 my @pwd_path = split(/[\\\/]/, $pwd);
 
 my @to_path = ();
diff --git a/src/lib/libssl/src/util/pl/BC-32.pl b/src/lib/libssl/src/util/pl/BC-32.pl
index 28869c868d..897ae9d824 100644
--- a/src/lib/libssl/src/util/pl/BC-32.pl
+++ b/src/lib/libssl/src/util/pl/BC-32.pl
@@ -18,7 +18,7 @@ $out_def="out32";
 $tmp_def="tmp32";
 $inc_def="inc32";
 #enable max error messages, disable most common warnings
-$cflags="-DWIN32_LEAN_AND_MEAN -q -w-ccc -w-rch -w-pia -w-aus -w-par -w-inl  -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 -D_stricmp=stricmp -D_strnicmp=strnicmp ";
+$cflags="-DWIN32_LEAN_AND_MEAN -q -w-aus -w-par -w-inl  -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 -D_stricmp=stricmp ";
 if ($debug)
 {
     $cflags.="-Od -y -v -vi- -D_DEBUG";
@@ -51,7 +51,7 @@ $lfile='';
 $shlib_ex_obj="";
 $app_ex_obj="c0x32.obj"; 
 
-$asm='nasmw -f obj -d__omf__';
+$asm='nasmw -f obj';
 $asm.=" /Zi" if $debug;
 $afile='-o';
 
@@ -106,13 +106,9 @@ sub do_lib_rule
         $ret.="$target: $objs\n";
         if (!$shlib)
                 {
-                $ret.=<<___;
-        -\$(RM) $lfile$target
-        \$(MKLIB) $lfile$target \@&&!
-+\$(**: = &^
-+)
-!
-___
+                #               $ret.="\t\$(RM) \$(O_$Name)\n";
+                $ret.="\techo LIB $<\n";    
+                $ret.="\t&\$(MKLIB) $lfile$target -+\$**\n";
                 }
         else
                 {
diff --git a/src/lib/libssl/src/util/pl/OS2-EMX.pl b/src/lib/libssl/src/util/pl/OS2-EMX.pl
index 8dbeaa7a08..75d72ebbcb 100644
--- a/src/lib/libssl/src/util/pl/OS2-EMX.pl
+++ b/src/lib/libssl/src/util/pl/OS2-EMX.pl
@@ -68,7 +68,6 @@ if (!$no_asm && !$fips)
         $sha1_asm_src="crypto/sha/asm/s1-os2.asm";
         $rmd160_asm_obj="crypto/ripemd/asm/rm-os2$obj";
         $rmd160_asm_src="crypto/ripemd/asm/rm-os2.asm";
-        $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DOPENSSL_BN_ASM_PART_WORDS";
         }
 
 if ($shlib)
diff --git a/src/lib/libssl/src/util/pl/VC-32.pl b/src/lib/libssl/src/util/pl/VC-32.pl
index 4e97dfa9af..cf689b9feb 100644
--- a/src/lib/libssl/src/util/pl/VC-32.pl
+++ b/src/lib/libssl/src/util/pl/VC-32.pl
@@ -3,28 +3,15 @@
 #
 
 $ssl=   "ssleay32";
-
-if ($fips && !$shlib)
-        {
-        $crypto="libeayfips32";
-        $crypto_compat = "libeaycompat32.lib";
-        }
-else
-        {
-        $crypto="libeay32";
-        }
+$crypto="libeay32";
 
 $o='\\';
 $cp='copy nul+';        # Timestamps get stuffed otherwise
 $rm='del';
 
-$zlib_lib="zlib1.lib";
-
 # C compiler stuff
 $cc='cl';
-$cflags=' /MD /W3 /WX /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32';
-$cflags.=' -D_CRT_SECURE_NO_DEPRECATE';         # shut up VC8
-$cflags.=' -D_CRT_NONSTDC_NO_DEPRECATE';        # shut up VC8
+$cflags=' /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32';
 $lflags="/nologo /subsystem:console /machine:I386 /opt:ref";
 $mlflags='';
 
@@ -113,56 +100,25 @@ $cflags.=" /Fd$out_def";
 
 sub do_lib_rule
         {
-        local($objs,$target,$name,$shlib,$ign,$base_addr) = @_;
+        local($objs,$target,$name,$shlib)=@_;
         local($ret,$Name);
 
         $taget =~ s/\//$o/g if $o ne '/';
         ($Name=$name) =~ tr/a-z/A-Z/;
-        my $base_arg;
-        if ($base_addr ne "")
-                {
-                $base_arg= " /base:$base_addr";
-                }
-        else
-                {
-                $base_arg = "";
-                }
-
 
 #       $target="\$(LIB_D)$o$target";
+        $ret.="$target: $objs\n";
         if (!$shlib)
                 {
 #               $ret.="\t\$(RM) \$(O_$Name)\n";
-                $ret.="$target: $objs\n";
                 $ex =' advapi32.lib';
-                $ex.=" \$(FIPSLIB_D)${o}_chkstk.o" if $fips && $target =~ /O_CRYPTO/;
                 $ret.="\t\$(MKLIB) $lfile$target @<<\n  $objs $ex\n<<\n";
                 }
         else
                 {
                 local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
-                $ex.=' wsock32.lib gdi32.lib advapi32.lib user32.lib';
-                $ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/;
-                if ($fips && $target =~ /O_CRYPTO/)
-                        {
-                        $ex.=" \$(FIPSLIB_D)${o}_chkstk.o";
-                        $ret.="$target: $objs \$(PREMAIN_DSO_EXE)\n";
-                        $ret.="\tSET FIPS_LINK=\$(LINK)\n";
-                        $ret.="\tSET FIPS_CC=\$(CC)\n";
-                        $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n";
-                        $ret.="\tSET PREMAIN_DSO_EXE=\$(PREMAIN_DSO_EXE)\n";
-                        $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
-                        $ret.="\tSET FIPS_TARGET=$target\n";
-                        $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
-                        $ret.="\t\$(FIPSLINK) \$(MLFLAGS) $base_arg $efile$target ";
-                        $ret.="/def:ms/${Name}.def @<<\n  \$(SHLIB_EX_OBJ) $objs ";
-                        $ret.="\$(OBJ_D)${o}fips_premain.obj $ex\n<<\n";
-                        }
-                else
-                        {
-                        $ret.="$target: $objs\n";
-                        $ret.="\t\$(LINK) \$(MLFLAGS) $base_arg $efile$target /def:ms/${Name}.def @<<\n  \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
-                        }
+                $ex.=' wsock32.lib gdi32.lib advapi32.lib';
+                $ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n  \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
                 }
         $ret.="\n";
         return($ret);
@@ -170,51 +126,20 @@ sub do_lib_rule
 
 sub do_link_rule
         {
-        local($target,$files,$dep_libs,$libs,$standalone)=@_;
+        local($target,$files,$dep_libs,$libs,$sha1file,$openssl)=@_;
         local($ret,$_);
+        
         $file =~ s/\//$o/g if $o ne '/';
         $n=&bname($targer);
         $ret.="$target: $files $dep_libs\n";
-        if ($standalone)
-                {
-                $ret.="  \$(LINK) \$(LFLAGS) $efile$target @<<\n\t";
-                $ret.="\$(FIPSLIB_D)${o}_chkstk.o " if ($files =~ /O_FIPSCANISTER/);
-                $ret.="$files $libs\n<<\n";
-                }
-        elsif ($fips && !$shlib)
+        $ret.="  \$(LINK) \$(LFLAGS) $efile$target @<<\n";
+        $ret.="  \$(APP_EX_OBJ) $files $libs\n<<\n";
+        if (defined $sha1file)
                 {
-                $ret.="\tSET FIPS_LINK=\$(LINK)\n";
-                $ret.="\tSET FIPS_CC=\$(CC)\n";
-                $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n";
-                $ret.="\tSET PREMAIN_DSO_EXE=\n";
-                $ret.="\tSET FIPS_TARGET=$target\n";
-                $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
-                $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
-                $ret.="  \$(FIPSLINK) \$(LFLAGS) $efile$target @<<\n";
-                $ret.="  \$(APP_EX_OBJ) $files \$(OBJ_D)${o}fips_premain.obj $libs\n<<\n";
+                $ret.="  $openssl sha1 -hmac etaonrishdlcupfm -binary $target > $sha1file";
                 }
-        else
-                {
-                $ret.="  \$(LINK) \$(LFLAGS) $efile$target @<<\n";
-                $ret.="  \$(APP_EX_OBJ) $files $libs\n<<\n";
-                }
-        $ret.="\n";
-        return($ret);
-        }
-
-sub do_rlink_rule
-        {
-        local($target,$files,$dep_libs,$libs)=@_;
-        local($ret,$_);
-
-        $file =~ s/\//$o/g if $o ne '/';
-        $n=&bname($targer);
-        $ret.="$target: $files $dep_libs\n";
-        $ret.="  \$(MKCANISTER) $target <<\n";
-        $ret.="INPUT($files)\n<<\n";
         $ret.="\n";
         return($ret);
         }
 
-
 1;
diff --git a/src/lib/libssl/src/util/pod2man.pl b/src/lib/libssl/src/util/pod2man.pl
index 546d1ec186..657e4e264e 100644
--- a/src/lib/libssl/src/util/pod2man.pl
+++ b/src/lib/libssl/src/util/pod2man.pl
@@ -425,7 +425,6 @@ if ($name ne 'something') {
             }
             next if /^=cut\b/;  # DB_File and Net::Ping have =cut before NAME
             next if /^=pod\b/;  # It is OK to have =pod before NAME
-            next if /^=for\s+comment\b/;  # It is OK to have =for comment before NAME
             die "$0: Invalid man page - 1st pod line is not NAME in $ARGV[0]\n" unless $lax;
         }
         die "$0: Invalid man page - no documentation in $ARGV[0]\n" unless $lax;
diff --git a/src/lib/libssl/src/util/selftest.pl b/src/lib/libssl/src/util/selftest.pl
index 4778c5ab01..e9d5aa8938 100644
--- a/src/lib/libssl/src/util/selftest.pl
+++ b/src/lib/libssl/src/util/selftest.pl
@@ -49,7 +49,7 @@ if (open(IN,"<Makefile")) {
 }
 
 $cversion=`$cc -v 2>&1`;
-$cversion=`$cc -V 2>&1` if $cversion =~ "[Uu]sage";
+$cversion=`$cc -V 2>&1` if $cversion =~ "usage";
 $cversion=`$cc -V |head -1` if $cversion =~ "Error";
 $cversion=`$cc --version` if $cversion eq "";
 $cversion =~ s/Reading specs.*\n//;
@@ -130,21 +130,15 @@ if (system("make 2>&1 | tee make.log") > 255) {
     goto err;
 }
 
-# Not sure why this is here.  The tests themselves can detect if their
-# particular feature isn't included, and should therefore skip themselves.
-# To skip *all* tests just because one algorithm isn't included is like
-# shooting mosquito with an elephant gun...
-#                   -- Richard Levitte, inspired by problem report 1089
-#
-#$_=$options;
-#s/no-asm//;
-#s/no-shared//;
-#s/no-krb5//;
-#if (/no-/)
-#{
-#    print OUT "Test skipped.\n";
-#    goto err;
-#}
+$_=$options;
+s/no-asm//;
+s/no-shared//;
+s/no-krb5//;
+if (/no-/)
+{
+    print OUT "Test skipped.\n";
+    goto err;
+}
 
 print "Running make test...\n";
 if (system("make test 2>&1 | tee maketest.log") > 255)
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
new file mode 100644
index 0000000000..3161f532cf
--- /dev/null
+++ b/src/lib/libssl/ssl.h
@@ -0,0 +1,1858 @@
+/* ssl/ssl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_SSL_H 
+#define HEADER_SSL_H 
+
+#include <openssl/e_os2.h>
+
+#ifndef OPENSSL_NO_COMP
+#include <openssl/comp.h>
+#endif
+#ifndef OPENSSL_NO_BIO
+#include <openssl/bio.h>
+#endif
+#ifndef OPENSSL_NO_X509
+#include <openssl/x509.h>
+#endif
+#include <openssl/kssl.h>
+#include <openssl/safestack.h>
+#include <openssl/symhacks.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* SSLeay version number for ASN.1 encoding of the session information */
+/* Version 0 - initial version
+ * Version 1 - added the optional peer certificate
+ */
+#define SSL_SESSION_ASN1_VERSION 0x0001
+
+/* text strings for the ciphers */
+#define SSL_TXT_NULL_WITH_MD5           SSL2_TXT_NULL_WITH_MD5                  
+#define SSL_TXT_RC4_128_WITH_MD5        SSL2_TXT_RC4_128_WITH_MD5               
+#define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5    
+#define SSL_TXT_RC2_128_CBC_WITH_MD5    SSL2_TXT_RC2_128_CBC_WITH_MD5           
+#define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5    
+#define SSL_TXT_IDEA_128_CBC_WITH_MD5   SSL2_TXT_IDEA_128_CBC_WITH_MD5          
+#define SSL_TXT_DES_64_CBC_WITH_MD5     SSL2_TXT_DES_64_CBC_WITH_MD5            
+#define SSL_TXT_DES_64_CBC_WITH_SHA     SSL2_TXT_DES_64_CBC_WITH_SHA            
+#define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5    
+#define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA    
+
+/*    VRS Additional Kerberos5 entries
+ */
+#define SSL_TXT_KRB5_DES_64_CBC_SHA   SSL3_TXT_KRB5_DES_64_CBC_SHA
+#define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
+#define SSL_TXT_KRB5_RC4_128_SHA      SSL3_TXT_KRB5_RC4_128_SHA
+#define SSL_TXT_KRB5_IDEA_128_CBC_SHA SSL3_TXT_KRB5_IDEA_128_CBC_SHA
+#define SSL_TXT_KRB5_DES_64_CBC_MD5   SSL3_TXT_KRB5_DES_64_CBC_MD5       
+#define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5       
+#define SSL_TXT_KRB5_RC4_128_MD5      SSL3_TXT_KRB5_RC4_128_MD5
+#define SSL_TXT_KRB5_IDEA_128_CBC_MD5 SSL3_TXT_KRB5_IDEA_128_CBC_MD5 
+
+#define SSL_TXT_KRB5_DES_40_CBC_SHA   SSL3_TXT_KRB5_DES_40_CBC_SHA 
+#define SSL_TXT_KRB5_RC2_40_CBC_SHA   SSL3_TXT_KRB5_RC2_40_CBC_SHA 
+#define SSL_TXT_KRB5_RC4_40_SHA       SSL3_TXT_KRB5_RC4_40_SHA
+#define SSL_TXT_KRB5_DES_40_CBC_MD5   SSL3_TXT_KRB5_DES_40_CBC_MD5 
+#define SSL_TXT_KRB5_RC2_40_CBC_MD5   SSL3_TXT_KRB5_RC2_40_CBC_MD5 
+#define SSL_TXT_KRB5_RC4_40_MD5       SSL3_TXT_KRB5_RC4_40_MD5
+
+#define SSL_TXT_KRB5_DES_40_CBC_SHA   SSL3_TXT_KRB5_DES_40_CBC_SHA
+#define SSL_TXT_KRB5_DES_40_CBC_MD5   SSL3_TXT_KRB5_DES_40_CBC_MD5
+#define SSL_TXT_KRB5_DES_64_CBC_SHA   SSL3_TXT_KRB5_DES_64_CBC_SHA
+#define SSL_TXT_KRB5_DES_64_CBC_MD5   SSL3_TXT_KRB5_DES_64_CBC_MD5
+#define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
+#define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
+#define SSL_MAX_KRB5_PRINCIPAL_LENGTH  256
+
+#define SSL_MAX_SSL_SESSION_ID_LENGTH           32
+#define SSL_MAX_SID_CTX_LENGTH                  32
+
+#define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES     (512/8)
+#define SSL_MAX_KEY_ARG_LENGTH                  8
+#define SSL_MAX_MASTER_KEY_LENGTH               48
+
+/* These are used to specify which ciphers to use and not to use */
+#define SSL_TXT_LOW             "LOW"
+#define SSL_TXT_MEDIUM          "MEDIUM"
+#define SSL_TXT_HIGH            "HIGH"
+#define SSL_TXT_FIPS            "FIPS"
+#define SSL_TXT_kFZA            "kFZA"
+#define SSL_TXT_aFZA            "aFZA"
+#define SSL_TXT_eFZA            "eFZA"
+#define SSL_TXT_FZA             "FZA"
+
+#define SSL_TXT_aNULL           "aNULL"
+#define SSL_TXT_eNULL           "eNULL"
+#define SSL_TXT_NULL            "NULL"
+
+#define SSL_TXT_kKRB5           "kKRB5"
+#define SSL_TXT_aKRB5           "aKRB5"
+#define SSL_TXT_KRB5            "KRB5"
+
+#define SSL_TXT_kRSA            "kRSA"
+#define SSL_TXT_kDHr            "kDHr"
+#define SSL_TXT_kDHd            "kDHd"
+#define SSL_TXT_kEDH            "kEDH"
+#define SSL_TXT_aRSA            "aRSA"
+#define SSL_TXT_aDSS            "aDSS"
+#define SSL_TXT_aDH             "aDH"
+#define SSL_TXT_DSS             "DSS"
+#define SSL_TXT_DH              "DH"
+#define SSL_TXT_EDH             "EDH"
+#define SSL_TXT_ADH             "ADH"
+#define SSL_TXT_RSA             "RSA"
+#define SSL_TXT_DES             "DES"
+#define SSL_TXT_3DES            "3DES"
+#define SSL_TXT_RC4             "RC4"
+#define SSL_TXT_RC2             "RC2"
+#define SSL_TXT_IDEA            "IDEA"
+#define SSL_TXT_AES             "AES"
+#define SSL_TXT_MD5             "MD5"
+#define SSL_TXT_SHA1            "SHA1"
+#define SSL_TXT_SHA             "SHA"
+#define SSL_TXT_EXP             "EXP"
+#define SSL_TXT_EXPORT          "EXPORT"
+#define SSL_TXT_EXP40           "EXPORT40"
+#define SSL_TXT_EXP56           "EXPORT56"
+#define SSL_TXT_SSLV2           "SSLv2"
+#define SSL_TXT_SSLV3           "SSLv3"
+#define SSL_TXT_TLSV1           "TLSv1"
+#define SSL_TXT_ALL             "ALL"
+
+/*
+ * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
+ * ciphers normally not being used.
+ * Example: "RC4" will activate all ciphers using RC4 including ciphers
+ * without authentication, which would normally disabled by DEFAULT (due
+ * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT"
+ * will make sure that it is also disabled in the specific selection.
+ * COMPLEMENTOF* identifiers are portable between version, as adjustments
+ * to the default cipher setup will also be included here.
+ *
+ * COMPLEMENTOFDEFAULT does not experience the same special treatment that
+ * DEFAULT gets, as only selection is being done and no sorting as needed
+ * for DEFAULT.
+ */
+#define SSL_TXT_CMPALL          "COMPLEMENTOFALL"
+#define SSL_TXT_CMPDEF          "COMPLEMENTOFDEFAULT"
+
+/* The following cipher list is used by default.
+ * It also is substituted when an application-defined cipher list string
+ * starts with 'DEFAULT'. */
+#define SSL_DEFAULT_CIPHER_LIST "ALL:!ADH:+RC4:@STRENGTH" /* low priority for RC4 */
+
+/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
+#define SSL_SENT_SHUTDOWN       1
+#define SSL_RECEIVED_SHUTDOWN   2
+
+#ifdef __cplusplus
+}
+#endif
+
+#include <openssl/crypto.h>
+#include <openssl/lhash.h>
+#include <openssl/buffer.h>
+#include <openssl/pem.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#if (defined(OPENSSL_NO_RSA) || defined(OPENSSL_NO_MD5)) && !defined(OPENSSL_NO_SSL2)
+#define OPENSSL_NO_SSL2
+#endif
+
+#define SSL_FILETYPE_ASN1       X509_FILETYPE_ASN1
+#define SSL_FILETYPE_PEM        X509_FILETYPE_PEM
+
+/* This is needed to stop compilers complaining about the
+ * 'struct ssl_st *' function parameters used to prototype callbacks
+ * in SSL_CTX. */
+typedef struct ssl_st *ssl_crock_st;
+
+/* used to hold info on the particular ciphers used */
+typedef struct ssl_cipher_st
+        {
+        int valid;
+        const char *name;               /* text name */
+        unsigned long id;               /* id, 4 bytes, first is version */
+        unsigned long algorithms;       /* what ciphers are used */
+        unsigned long algo_strength;    /* strength and export flags */
+        unsigned long algorithm2;       /* Extra flags */
+        int strength_bits;              /* Number of bits really used */
+        int alg_bits;                   /* Number of bits for algorithm */
+        unsigned long mask;             /* used for matching */
+        unsigned long mask_strength;    /* also used for matching */
+        } SSL_CIPHER;
+
+DECLARE_STACK_OF(SSL_CIPHER)
+
+typedef struct ssl_st SSL;
+typedef struct ssl_ctx_st SSL_CTX;
+
+/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */
+typedef struct ssl_method_st
+        {
+        int version;
+        int (*ssl_new)(SSL *s);
+        void (*ssl_clear)(SSL *s);
+        void (*ssl_free)(SSL *s);
+        int (*ssl_accept)(SSL *s);
+        int (*ssl_connect)(SSL *s);
+        int (*ssl_read)(SSL *s,void *buf,int len);
+        int (*ssl_peek)(SSL *s,void *buf,int len);
+        int (*ssl_write)(SSL *s,const void *buf,int len);
+        int (*ssl_shutdown)(SSL *s);
+        int (*ssl_renegotiate)(SSL *s);
+        int (*ssl_renegotiate_check)(SSL *s);
+        long (*ssl_ctrl)(SSL *s,int cmd,long larg,void *parg);
+        long (*ssl_ctx_ctrl)(SSL_CTX *ctx,int cmd,long larg,void *parg);
+        SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr);
+        int (*put_cipher_by_char)(const SSL_CIPHER *cipher,unsigned char *ptr);
+        int (*ssl_pending)(const SSL *s);
+        int (*num_ciphers)(void);
+        SSL_CIPHER *(*get_cipher)(unsigned ncipher);
+        struct ssl_method_st *(*get_ssl_method)(int version);
+        long (*get_timeout)(void);
+        struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
+        int (*ssl_version)();
+        long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)());
+        long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)());
+        } SSL_METHOD;
+
+/* Lets make this into an ASN.1 type structure as follows
+ * SSL_SESSION_ID ::= SEQUENCE {
+ *      version                 INTEGER,        -- structure version number
+ *      SSLversion              INTEGER,        -- SSL version number
+ *      Cipher                  OCTET_STRING,   -- the 3 byte cipher ID
+ *      Session_ID              OCTET_STRING,   -- the Session ID
+ *      Master_key              OCTET_STRING,   -- the master key
+ *      KRB5_principal          OCTET_STRING    -- optional Kerberos principal
+ *      Key_Arg [ 0 ] IMPLICIT  OCTET_STRING,   -- the optional Key argument
+ *      Time [ 1 ] EXPLICIT     INTEGER,        -- optional Start Time
+ *      Timeout [ 2 ] EXPLICIT  INTEGER,        -- optional Timeout ins seconds
+ *      Peer [ 3 ] EXPLICIT     X509,           -- optional Peer Certificate
+ *      Session_ID_context [ 4 ] EXPLICIT OCTET_STRING,   -- the Session ID context
+ *      Verify_result [ 5 ] EXPLICIT INTEGER    -- X509_V_... code for `Peer'
+ *      Compression [6] IMPLICIT ASN1_OBJECT    -- compression OID XXXXX
+ *      }
+ * Look in ssl/ssl_asn1.c for more details
+ * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
+ */
+typedef struct ssl_session_st
+        {
+        int ssl_version;        /* what ssl version session info is
+                                 * being kept in here? */
+
+        /* only really used in SSLv2 */
+        unsigned int key_arg_length;
+        unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH];
+        int master_key_length;
+        unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
+        /* session_id - valid? */
+        unsigned int session_id_length;
+        unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
+        /* this is used to determine whether the session is being reused in
+         * the appropriate context. It is up to the application to set this,
+         * via SSL_new */
+        unsigned int sid_ctx_length;
+        unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
+
+#ifndef OPENSSL_NO_KRB5
+        unsigned int krb5_client_princ_len;
+        unsigned char krb5_client_princ[SSL_MAX_KRB5_PRINCIPAL_LENGTH];
+#endif /* OPENSSL_NO_KRB5 */
+
+        int not_resumable;
+
+        /* The cert is the certificate used to establish this connection */
+        struct sess_cert_st /* SESS_CERT */ *sess_cert;
+
+        /* This is the cert for the other end.
+         * On clients, it will be the same as sess_cert->peer_key->x509
+         * (the latter is not enough as sess_cert is not retained
+         * in the external representation of sessions, see ssl_asn1.c). */
+        X509 *peer;
+        /* when app_verify_callback accepts a session where the peer's certificate
+         * is not ok, we must remember the error for session reuse: */
+        long verify_result; /* only for servers */
+
+        int references;
+        long timeout;
+        long time;
+
+        int compress_meth;              /* Need to lookup the method */
+
+        SSL_CIPHER *cipher;
+        unsigned long cipher_id;        /* when ASN.1 loaded, this
+                                         * needs to be used to load
+                                         * the 'cipher' structure */
+
+        STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */
+
+        CRYPTO_EX_DATA ex_data; /* application specific data */
+
+        /* These are used to make removal of session-ids more
+         * efficient and to implement a maximum cache size. */
+        struct ssl_session_st *prev,*next;
+        } SSL_SESSION;
+
+
+#define SSL_OP_MICROSOFT_SESS_ID_BUG                    0x00000001L
+#define SSL_OP_NETSCAPE_CHALLENGE_BUG                   0x00000002L
+#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG         0x00000008L
+#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG              0x00000010L
+#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER               0x00000020L
+#define SSL_OP_MSIE_SSLV2_RSA_PADDING                   0x00000040L
+#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG                 0x00000080L
+#define SSL_OP_TLS_D5_BUG                               0x00000100L
+#define SSL_OP_TLS_BLOCK_PADDING_BUG                    0x00000200L
+
+/* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
+ * in OpenSSL 0.9.6d.  Usually (depending on the application protocol)
+ * the workaround is not needed.  Unfortunately some broken SSL/TLS
+ * implementations cannot handle it at all, which is why we include
+ * it in SSL_OP_ALL. */
+#define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS              0x00000800L /* added in 0.9.6e */
+
+/* SSL_OP_ALL: various bug workarounds that should be rather harmless.
+ *             This used to be 0x000FFFFFL before 0.9.7. */
+#define SSL_OP_ALL                                      0x00000FFFL
+
+/* As server, disallow session resumption on renegotiation */
+#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION   0x00010000L
+/* If set, always create a new key when using tmp_dh parameters */
+#define SSL_OP_SINGLE_DH_USE                            0x00100000L
+/* Set to always use the tmp_rsa key when doing RSA operations,
+ * even when this violates protocol specs */
+#define SSL_OP_EPHEMERAL_RSA                            0x00200000L
+/* Set on servers to choose the cipher according to the server's
+ * preferences */
+#define SSL_OP_CIPHER_SERVER_PREFERENCE                 0x00400000L
+/* If set, a server will allow a client to issue a SSLv3.0 version number
+ * as latest version supported in the premaster secret, even when TLSv1.0
+ * (version 3.1) was announced in the client hello. Normally this is
+ * forbidden to prevent version rollback attacks. */
+#define SSL_OP_TLS_ROLLBACK_BUG                         0x00800000L
+
+#define SSL_OP_NO_SSLv2                                 0x01000000L
+#define SSL_OP_NO_SSLv3                                 0x02000000L
+#define SSL_OP_NO_TLSv1                                 0x04000000L
+
+/* The next flag deliberately changes the ciphertest, this is a check
+ * for the PKCS#1 attack */
+#define SSL_OP_PKCS1_CHECK_1                            0x08000000L
+#define SSL_OP_PKCS1_CHECK_2                            0x10000000L
+#define SSL_OP_NETSCAPE_CA_DN_BUG                       0x20000000L
+#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG          0x40000000L
+
+
+/* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
+ * when just a single record has been written): */
+#define SSL_MODE_ENABLE_PARTIAL_WRITE       0x00000001L
+/* Make it possible to retry SSL_write() with changed buffer location
+ * (buffer contents must stay the same!); this is not the default to avoid
+ * the misconception that non-blocking SSL_write() behaves like
+ * non-blocking write(): */
+#define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
+/* Never bother the application with retries if the transport
+ * is blocking: */
+#define SSL_MODE_AUTO_RETRY 0x00000004L
+/* Don't attempt to automatically build certificate chain */
+#define SSL_MODE_NO_AUTO_CHAIN 0x00000008L
+
+
+/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
+ * they cannot be used to clear bits. */
+
+#define SSL_CTX_set_options(ctx,op) \
+        SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
+#define SSL_CTX_get_options(ctx) \
+        SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL)
+#define SSL_set_options(ssl,op) \
+        SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL)
+#define SSL_get_options(ssl) \
+        SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL)
+
+#define SSL_CTX_set_mode(ctx,op) \
+        SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
+#define SSL_CTX_get_mode(ctx) \
+        SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
+#define SSL_set_mode(ssl,op) \
+        SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
+#define SSL_get_mode(ssl) \
+        SSL_ctrl((ssl),SSL_CTRL_MODE,0,NULL)
+
+
+void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
+void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
+#define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
+#define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
+
+
+
+#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)
+#define SSL_MAX_CERT_LIST_DEFAULT 1024*30 /* 30k max cert list :-) */
+#else
+#define SSL_MAX_CERT_LIST_DEFAULT 1024*100 /* 100k max cert list :-) */
+#endif
+
+#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT      (1024*20)
+
+/* This callback type is used inside SSL_CTX, SSL, and in the functions that set
+ * them. It is used to override the generation of SSL/TLS session IDs in a
+ * server. Return value should be zero on an error, non-zero to proceed. Also,
+ * callbacks should themselves check if the id they generate is unique otherwise
+ * the SSL handshake will fail with an error - callbacks can do this using the
+ * 'ssl' value they're passed by;
+ *      SSL_has_matching_session_id(ssl, id, *id_len)
+ * The length value passed in is set at the maximum size the session ID can be.
+ * In SSLv2 this is 16 bytes, whereas SSLv3/TLSv1 it is 32 bytes. The callback
+ * can alter this length to be less if desired, but under SSLv2 session IDs are
+ * supposed to be fixed at 16 bytes so the id will be padded after the callback
+ * returns in this case. It is also an error for the callback to set the size to
+ * zero. */
+typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id,
+                                unsigned int *id_len);
+
+typedef struct ssl_comp_st
+        {
+        int id;
+        char *name;
+#ifndef OPENSSL_NO_COMP
+        COMP_METHOD *method;
+#else
+        char *method;
+#endif
+        } SSL_COMP;
+
+DECLARE_STACK_OF(SSL_COMP)
+
+struct ssl_ctx_st
+        {
+        SSL_METHOD *method;
+
+        STACK_OF(SSL_CIPHER) *cipher_list;
+        /* same as above but sorted for lookup */
+        STACK_OF(SSL_CIPHER) *cipher_list_by_id;
+
+        struct x509_store_st /* X509_STORE */ *cert_store;
+        struct lhash_st /* LHASH */ *sessions;  /* a set of SSL_SESSIONs */
+        /* Most session-ids that will be cached, default is
+         * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */
+        unsigned long session_cache_size;
+        struct ssl_session_st *session_cache_head;
+        struct ssl_session_st *session_cache_tail;
+
+        /* This can have one of 2 values, ored together,
+         * SSL_SESS_CACHE_CLIENT,
+         * SSL_SESS_CACHE_SERVER,
+         * Default is SSL_SESSION_CACHE_SERVER, which means only
+         * SSL_accept which cache SSL_SESSIONS. */
+        int session_cache_mode;
+
+        /* If timeout is not 0, it is the default timeout value set
+         * when SSL_new() is called.  This has been put in to make
+         * life easier to set things up */
+        long session_timeout;
+
+        /* If this callback is not null, it will be called each
+         * time a session id is added to the cache.  If this function
+         * returns 1, it means that the callback will do a
+         * SSL_SESSION_free() when it has finished using it.  Otherwise,
+         * on 0, it means the callback has finished with it.
+         * If remove_session_cb is not null, it will be called when
+         * a session-id is removed from the cache.  After the call,
+         * OpenSSL will SSL_SESSION_free() it. */
+        int (*new_session_cb)(struct ssl_st *ssl,SSL_SESSION *sess);
+        void (*remove_session_cb)(struct ssl_ctx_st *ctx,SSL_SESSION *sess);
+        SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,
+                unsigned char *data,int len,int *copy);
+
+        struct
+                {
+                int sess_connect;       /* SSL new conn - started */
+                int sess_connect_renegotiate;/* SSL reneg - requested */
+                int sess_connect_good;  /* SSL new conne/reneg - finished */
+                int sess_accept;        /* SSL new accept - started */
+                int sess_accept_renegotiate;/* SSL reneg - requested */
+                int sess_accept_good;   /* SSL accept/reneg - finished */
+                int sess_miss;          /* session lookup misses  */
+                int sess_timeout;       /* reuse attempt on timeouted session */
+                int sess_cache_full;    /* session removed due to full cache */
+                int sess_hit;           /* session reuse actually done */
+                int sess_cb_hit;        /* session-id that was not
+                                         * in the cache was
+                                         * passed back via the callback.  This
+                                         * indicates that the application is
+                                         * supplying session-id's from other
+                                         * processes - spooky :-) */
+                } stats;
+
+        int references;
+
+        /* if defined, these override the X509_verify_cert() calls */
+        int (*app_verify_callback)(X509_STORE_CTX *, void *);
+        void *app_verify_arg;
+        /* before OpenSSL 0.9.7, 'app_verify_arg' was ignored
+         * ('app_verify_callback' was called with just one argument) */
+
+        /* Default password callback. */
+        pem_password_cb *default_passwd_callback;
+
+        /* Default password callback user data. */
+        void *default_passwd_callback_userdata;
+
+        /* get client cert callback */
+        int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
+
+        CRYPTO_EX_DATA ex_data;
+
+        const EVP_MD *rsa_md5;/* For SSLv2 - name is 'ssl2-md5' */
+        const EVP_MD *md5;      /* For SSLv3/TLSv1 'ssl3-md5' */
+        const EVP_MD *sha1;   /* For SSLv3/TLSv1 'ssl3->sha1' */
+
+        STACK_OF(X509) *extra_certs;
+        STACK_OF(SSL_COMP) *comp_methods; /* stack of SSL_COMP, SSLv3/TLSv1 */
+
+
+        /* Default values used when no per-SSL value is defined follow */
+
+        void (*info_callback)(const SSL *ssl,int type,int val); /* used if SSL's info_callback is NULL */
+
+        /* what we put in client cert requests */
+        STACK_OF(X509_NAME) *client_CA;
+
+
+        /* Default values to use in SSL structures follow (these are copied by SSL_new) */
+
+        unsigned long options;
+        unsigned long mode;
+        long max_cert_list;
+
+        struct cert_st /* CERT */ *cert;
+        int read_ahead;
+
+        /* callback that allows applications to peek at protocol messages */
+        void (*msg_callback)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg);
+        void *msg_callback_arg;
+
+        int verify_mode;
+        int verify_depth;
+        unsigned int sid_ctx_length;
+        unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
+        int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx); /* called 'verify_callback' in the SSL */
+
+        /* Default generate session ID callback. */
+        GEN_SESSION_CB generate_session_id;
+
+        int purpose;            /* Purpose setting */
+        int trust;              /* Trust setting */
+
+        int quiet_shutdown;
+        };
+
+#define SSL_SESS_CACHE_OFF                      0x0000
+#define SSL_SESS_CACHE_CLIENT                   0x0001
+#define SSL_SESS_CACHE_SERVER                   0x0002
+#define SSL_SESS_CACHE_BOTH     (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER)
+#define SSL_SESS_CACHE_NO_AUTO_CLEAR            0x0080
+/* enough comments already ... see SSL_CTX_set_session_cache_mode(3) */
+#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP       0x0100
+#define SSL_SESS_CACHE_NO_INTERNAL_STORE        0x0200
+#define SSL_SESS_CACHE_NO_INTERNAL \
+        (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE)
+
+  struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx);
+#define SSL_CTX_sess_number(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
+#define SSL_CTX_sess_connect(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL)
+#define SSL_CTX_sess_connect_good(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL)
+#define SSL_CTX_sess_connect_renegotiate(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL)
+#define SSL_CTX_sess_accept(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL)
+#define SSL_CTX_sess_accept_renegotiate(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL)
+#define SSL_CTX_sess_accept_good(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL)
+#define SSL_CTX_sess_hits(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL)
+#define SSL_CTX_sess_cb_hits(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL)
+#define SSL_CTX_sess_misses(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL)
+#define SSL_CTX_sess_timeouts(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL)
+#define SSL_CTX_sess_cache_full(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)
+
+#define SSL_CTX_sess_set_new_cb(ctx,cb) ((ctx)->new_session_cb=(cb))
+#define SSL_CTX_sess_get_new_cb(ctx)    ((ctx)->new_session_cb)
+#define SSL_CTX_sess_set_remove_cb(ctx,cb)      ((ctx)->remove_session_cb=(cb))
+#define SSL_CTX_sess_get_remove_cb(ctx) ((ctx)->remove_session_cb)
+#define SSL_CTX_sess_set_get_cb(ctx,cb) ((ctx)->get_session_cb=(cb))
+#define SSL_CTX_sess_get_get_cb(ctx)    ((ctx)->get_session_cb)
+#define SSL_CTX_set_info_callback(ctx,cb)       ((ctx)->info_callback=(cb))
+#define SSL_CTX_get_info_callback(ctx)          ((ctx)->info_callback)
+#define SSL_CTX_set_client_cert_cb(ctx,cb)      ((ctx)->client_cert_cb=(cb))
+#define SSL_CTX_get_client_cert_cb(ctx)         ((ctx)->client_cert_cb)
+
+#define SSL_NOTHING     1
+#define SSL_WRITING     2
+#define SSL_READING     3
+#define SSL_X509_LOOKUP 4
+
+/* These will only be used when doing non-blocking IO */
+#define SSL_want_nothing(s)     (SSL_want(s) == SSL_NOTHING)
+#define SSL_want_read(s)        (SSL_want(s) == SSL_READING)
+#define SSL_want_write(s)       (SSL_want(s) == SSL_WRITING)
+#define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
+
+struct ssl_st
+        {
+        /* protocol version
+         * (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION)
+         */
+        int version;
+        int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
+
+        SSL_METHOD *method; /* SSLv3 */
+
+        /* There are 2 BIO's even though they are normally both the
+         * same.  This is so data can be read and written to different
+         * handlers */
+
+#ifndef OPENSSL_NO_BIO
+        BIO *rbio; /* used by SSL_read */
+        BIO *wbio; /* used by SSL_write */
+        BIO *bbio; /* used during session-id reuse to concatenate
+                    * messages */
+#else
+        char *rbio; /* used by SSL_read */
+        char *wbio; /* used by SSL_write */
+        char *bbio;
+#endif
+        /* This holds a variable that indicates what we were doing
+         * when a 0 or -1 is returned.  This is needed for
+         * non-blocking IO so we know what request needs re-doing when
+         * in SSL_accept or SSL_connect */
+        int rwstate;
+
+        /* true when we are actually in SSL_accept() or SSL_connect() */
+        int in_handshake;
+        int (*handshake_func)();
+
+        /* Imagine that here's a boolean member "init" that is
+         * switched as soon as SSL_set_{accept/connect}_state
+         * is called for the first time, so that "state" and
+         * "handshake_func" are properly initialized.  But as
+         * handshake_func is == 0 until then, we use this
+         * test instead of an "init" member.
+         */
+
+        int server;     /* are we the server side? - mostly used by SSL_clear*/
+
+        int new_session;/* 1 if we are to use a new session.
+                         * 2 if we are a server and are inside a handshake
+                         *   (i.e. not just sending a HelloRequest)
+                         * NB: For servers, the 'new' session may actually be a previously
+                         * cached session or even the previous session unless
+                         * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
+        int quiet_shutdown;/* don't send shutdown packets */
+        int shutdown;   /* we have shut things down, 0x01 sent, 0x02
+                         * for received */
+        int state;      /* where we are */
+        int rstate;     /* where we are when reading */
+
+        BUF_MEM *init_buf;      /* buffer used during init */
+        void *init_msg;         /* pointer to handshake message body, set by ssl3_get_message() */
+        int init_num;           /* amount read/written */
+        int init_off;           /* amount read/written */
+
+        /* used internally to point at a raw packet */
+        unsigned char *packet;
+        unsigned int packet_length;
+
+        struct ssl2_state_st *s2; /* SSLv2 variables */
+        struct ssl3_state_st *s3; /* SSLv3 variables */
+
+        int read_ahead;         /* Read as many input bytes as possible
+                                 * (for non-blocking reads) */
+
+        /* callback that allows applications to peek at protocol messages */
+        void (*msg_callback)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg);
+        void *msg_callback_arg;
+
+        int hit;                /* reusing a previous session */
+
+        int purpose;            /* Purpose setting */
+        int trust;              /* Trust setting */
+
+        /* crypto */
+        STACK_OF(SSL_CIPHER) *cipher_list;
+        STACK_OF(SSL_CIPHER) *cipher_list_by_id;
+
+        /* These are the ones being used, the ones in SSL_SESSION are
+         * the ones to be 'copied' into these ones */
+
+        EVP_CIPHER_CTX *enc_read_ctx;           /* cryptographic state */
+        const EVP_MD *read_hash;                /* used for mac generation */
+#ifndef OPENSSL_NO_COMP
+        COMP_CTX *expand;                       /* uncompress */
+#else
+        char *expand;
+#endif
+
+        EVP_CIPHER_CTX *enc_write_ctx;          /* cryptographic state */
+        const EVP_MD *write_hash;               /* used for mac generation */
+#ifndef OPENSSL_NO_COMP
+        COMP_CTX *compress;                     /* compression */
+#else
+        char *compress; 
+#endif
+
+        /* session info */
+
+        /* client cert? */
+        /* This is used to hold the server certificate used */
+        struct cert_st /* CERT */ *cert;
+
+        /* the session_id_context is used to ensure sessions are only reused
+         * in the appropriate context */
+        unsigned int sid_ctx_length;
+        unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
+
+        /* This can also be in the session once a session is established */
+        SSL_SESSION *session;
+
+        /* Default generate session ID callback. */
+        GEN_SESSION_CB generate_session_id;
+
+        /* Used in SSL2 and SSL3 */
+        int verify_mode;        /* 0 don't care about verify failure.
+                                 * 1 fail if verify fails */
+        int verify_depth;
+        int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback returns 0 */
+
+        void (*info_callback)(const SSL *ssl,int type,int val); /* optional informational callback */
+
+        int error;              /* error bytes to be written */
+        int error_code;         /* actual code */
+
+#ifndef OPENSSL_NO_KRB5
+        KSSL_CTX *kssl_ctx;     /* Kerberos 5 context */
+#endif  /* OPENSSL_NO_KRB5 */
+
+        SSL_CTX *ctx;
+        /* set this flag to 1 and a sleep(1) is put into all SSL_read()
+         * and SSL_write() calls, good for nbio debuging :-) */
+        int debug;      
+
+        /* extra application data */
+        long verify_result;
+        CRYPTO_EX_DATA ex_data;
+
+        /* for server side, keep the list of CA_dn we can use */
+        STACK_OF(X509_NAME) *client_CA;
+
+        int references;
+        unsigned long options; /* protocol behaviour */
+        unsigned long mode; /* API behaviour */
+        long max_cert_list;
+        int first_packet;
+        int client_version;     /* what was passed, used for
+                                 * SSLv3/TLS rollback check */
+        };
+
+#ifdef __cplusplus
+}
+#endif
+
+#include <openssl/ssl2.h>
+#include <openssl/ssl3.h>
+#include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
+#include <openssl/ssl23.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* compatibility */
+#define SSL_set_app_data(s,arg)         (SSL_set_ex_data(s,0,(char *)arg))
+#define SSL_get_app_data(s)             (SSL_get_ex_data(s,0))
+#define SSL_SESSION_set_app_data(s,a)   (SSL_SESSION_set_ex_data(s,0,(char *)a))
+#define SSL_SESSION_get_app_data(s)     (SSL_SESSION_get_ex_data(s,0))
+#define SSL_CTX_get_app_data(ctx)       (SSL_CTX_get_ex_data(ctx,0))
+#define SSL_CTX_set_app_data(ctx,arg)   (SSL_CTX_set_ex_data(ctx,0,(char *)arg))
+
+/* The following are the possible values for ssl->state are are
+ * used to indicate where we are up to in the SSL connection establishment.
+ * The macros that follow are about the only things you should need to use
+ * and even then, only when using non-blocking IO.
+ * It can also be useful to work out where you were when the connection
+ * failed */
+
+#define SSL_ST_CONNECT                  0x1000
+#define SSL_ST_ACCEPT                   0x2000
+#define SSL_ST_MASK                     0x0FFF
+#define SSL_ST_INIT                     (SSL_ST_CONNECT|SSL_ST_ACCEPT)
+#define SSL_ST_BEFORE                   0x4000
+#define SSL_ST_OK                       0x03
+#define SSL_ST_RENEGOTIATE              (0x04|SSL_ST_INIT)
+
+#define SSL_CB_LOOP                     0x01
+#define SSL_CB_EXIT                     0x02
+#define SSL_CB_READ                     0x04
+#define SSL_CB_WRITE                    0x08
+#define SSL_CB_ALERT                    0x4000 /* used in callback */
+#define SSL_CB_READ_ALERT               (SSL_CB_ALERT|SSL_CB_READ)
+#define SSL_CB_WRITE_ALERT              (SSL_CB_ALERT|SSL_CB_WRITE)
+#define SSL_CB_ACCEPT_LOOP              (SSL_ST_ACCEPT|SSL_CB_LOOP)
+#define SSL_CB_ACCEPT_EXIT              (SSL_ST_ACCEPT|SSL_CB_EXIT)
+#define SSL_CB_CONNECT_LOOP             (SSL_ST_CONNECT|SSL_CB_LOOP)
+#define SSL_CB_CONNECT_EXIT             (SSL_ST_CONNECT|SSL_CB_EXIT)
+#define SSL_CB_HANDSHAKE_START          0x10
+#define SSL_CB_HANDSHAKE_DONE           0x20
+
+/* Is the SSL_connection established? */
+#define SSL_get_state(a)                SSL_state(a)
+#define SSL_is_init_finished(a)         (SSL_state(a) == SSL_ST_OK)
+#define SSL_in_init(a)                  (SSL_state(a)&SSL_ST_INIT)
+#define SSL_in_before(a)                (SSL_state(a)&SSL_ST_BEFORE)
+#define SSL_in_connect_init(a)          (SSL_state(a)&SSL_ST_CONNECT)
+#define SSL_in_accept_init(a)           (SSL_state(a)&SSL_ST_ACCEPT)
+
+/* The following 2 states are kept in ssl->rstate when reads fail,
+ * you should not need these */
+#define SSL_ST_READ_HEADER                      0xF0
+#define SSL_ST_READ_BODY                        0xF1
+#define SSL_ST_READ_DONE                        0xF2
+
+/* Obtain latest Finished message
+ *   -- that we sent (SSL_get_finished)
+ *   -- that we expected from peer (SSL_get_peer_finished).
+ * Returns length (0 == no Finished so far), copies up to 'count' bytes. */
+size_t SSL_get_finished(const SSL *s, void *buf, size_t count);
+size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
+
+/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options
+ * are 'ored' with SSL_VERIFY_PEER if they are desired */
+#define SSL_VERIFY_NONE                 0x00
+#define SSL_VERIFY_PEER                 0x01
+#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
+#define SSL_VERIFY_CLIENT_ONCE          0x04
+
+#define OpenSSL_add_ssl_algorithms()    SSL_library_init()
+#define SSLeay_add_ssl_algorithms()     SSL_library_init()
+
+/* this is for backward compatibility */
+#if 0 /* NEW_SSLEAY */
+#define SSL_CTX_set_default_verify(a,b,c) SSL_CTX_set_verify(a,b,c)
+#define SSL_set_pref_cipher(c,n)        SSL_set_cipher_list(c,n)
+#define SSL_add_session(a,b)            SSL_CTX_add_session((a),(b))
+#define SSL_remove_session(a,b)         SSL_CTX_remove_session((a),(b))
+#define SSL_flush_sessions(a,b)         SSL_CTX_flush_sessions((a),(b))
+#endif
+/* More backward compatibility */
+#define SSL_get_cipher(s) \
+                SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+#define SSL_get_cipher_bits(s,np) \
+                SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
+#define SSL_get_cipher_version(s) \
+                SSL_CIPHER_get_version(SSL_get_current_cipher(s))
+#define SSL_get_cipher_name(s) \
+                SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+#define SSL_get_time(a)         SSL_SESSION_get_time(a)
+#define SSL_set_time(a,b)       SSL_SESSION_set_time((a),(b))
+#define SSL_get_timeout(a)      SSL_SESSION_get_timeout(a)
+#define SSL_set_timeout(a,b)    SSL_SESSION_set_timeout((a),(b))
+
+#if 1 /*SSLEAY_MACROS*/
+#define d2i_SSL_SESSION_bio(bp,s_id) (SSL_SESSION *)ASN1_d2i_bio( \
+        (char *(*)())SSL_SESSION_new,(char *(*)())d2i_SSL_SESSION, \
+        (bp),(unsigned char **)(s_id))
+#define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio(i2d_SSL_SESSION, \
+        bp,(unsigned char *)s_id)
+#define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \
+        (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)
+#define PEM_read_bio_SSL_SESSION(bp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read_bio( \
+        (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb,u)
+#define PEM_write_SSL_SESSION(fp,x) \
+        PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
+                PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL)
+#define PEM_write_bio_SSL_SESSION(bp,x) \
+        PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \
+                PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL,NULL)
+#endif
+
+#define SSL_AD_REASON_OFFSET            1000
+/* These alert types are for SSLv3 and TLSv1 */
+#define SSL_AD_CLOSE_NOTIFY             SSL3_AD_CLOSE_NOTIFY
+#define SSL_AD_UNEXPECTED_MESSAGE       SSL3_AD_UNEXPECTED_MESSAGE /* fatal */
+#define SSL_AD_BAD_RECORD_MAC           SSL3_AD_BAD_RECORD_MAC     /* fatal */
+#define SSL_AD_DECRYPTION_FAILED        TLS1_AD_DECRYPTION_FAILED
+#define SSL_AD_RECORD_OVERFLOW          TLS1_AD_RECORD_OVERFLOW
+#define SSL_AD_DECOMPRESSION_FAILURE    SSL3_AD_DECOMPRESSION_FAILURE/* fatal */
+#define SSL_AD_HANDSHAKE_FAILURE        SSL3_AD_HANDSHAKE_FAILURE/* fatal */
+#define SSL_AD_NO_CERTIFICATE           SSL3_AD_NO_CERTIFICATE /* Not for TLS */
+#define SSL_AD_BAD_CERTIFICATE          SSL3_AD_BAD_CERTIFICATE
+#define SSL_AD_UNSUPPORTED_CERTIFICATE  SSL3_AD_UNSUPPORTED_CERTIFICATE
+#define SSL_AD_CERTIFICATE_REVOKED      SSL3_AD_CERTIFICATE_REVOKED
+#define SSL_AD_CERTIFICATE_EXPIRED      SSL3_AD_CERTIFICATE_EXPIRED
+#define SSL_AD_CERTIFICATE_UNKNOWN      SSL3_AD_CERTIFICATE_UNKNOWN
+#define SSL_AD_ILLEGAL_PARAMETER        SSL3_AD_ILLEGAL_PARAMETER   /* fatal */
+#define SSL_AD_UNKNOWN_CA               TLS1_AD_UNKNOWN_CA      /* fatal */
+#define SSL_AD_ACCESS_DENIED            TLS1_AD_ACCESS_DENIED   /* fatal */
+#define SSL_AD_DECODE_ERROR             TLS1_AD_DECODE_ERROR    /* fatal */
+#define SSL_AD_DECRYPT_ERROR            TLS1_AD_DECRYPT_ERROR
+#define SSL_AD_EXPORT_RESTRICTION       TLS1_AD_EXPORT_RESTRICTION/* fatal */
+#define SSL_AD_PROTOCOL_VERSION         TLS1_AD_PROTOCOL_VERSION /* fatal */
+#define SSL_AD_INSUFFICIENT_SECURITY    TLS1_AD_INSUFFICIENT_SECURITY/* fatal */
+#define SSL_AD_INTERNAL_ERROR           TLS1_AD_INTERNAL_ERROR  /* fatal */
+#define SSL_AD_USER_CANCELLED           TLS1_AD_USER_CANCELLED
+#define SSL_AD_NO_RENEGOTIATION         TLS1_AD_NO_RENEGOTIATION
+
+#define SSL_ERROR_NONE                  0
+#define SSL_ERROR_SSL                   1
+#define SSL_ERROR_WANT_READ             2
+#define SSL_ERROR_WANT_WRITE            3
+#define SSL_ERROR_WANT_X509_LOOKUP      4
+#define SSL_ERROR_SYSCALL               5 /* look at error stack/return value/errno */
+#define SSL_ERROR_ZERO_RETURN           6
+#define SSL_ERROR_WANT_CONNECT          7
+#define SSL_ERROR_WANT_ACCEPT           8
+
+#define SSL_CTRL_NEED_TMP_RSA                   1
+#define SSL_CTRL_SET_TMP_RSA                    2
+#define SSL_CTRL_SET_TMP_DH                     3
+#define SSL_CTRL_SET_TMP_RSA_CB                 4
+#define SSL_CTRL_SET_TMP_DH_CB                  5
+
+#define SSL_CTRL_GET_SESSION_REUSED             6
+#define SSL_CTRL_GET_CLIENT_CERT_REQUEST        7
+#define SSL_CTRL_GET_NUM_RENEGOTIATIONS         8
+#define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS       9
+#define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS       10
+#define SSL_CTRL_GET_FLAGS                      11
+#define SSL_CTRL_EXTRA_CHAIN_CERT               12
+
+#define SSL_CTRL_SET_MSG_CALLBACK               13
+#define SSL_CTRL_SET_MSG_CALLBACK_ARG           14
+
+/* Stats */
+#define SSL_CTRL_SESS_NUMBER                    20
+#define SSL_CTRL_SESS_CONNECT                   21
+#define SSL_CTRL_SESS_CONNECT_GOOD              22
+#define SSL_CTRL_SESS_CONNECT_RENEGOTIATE       23
+#define SSL_CTRL_SESS_ACCEPT                    24
+#define SSL_CTRL_SESS_ACCEPT_GOOD               25
+#define SSL_CTRL_SESS_ACCEPT_RENEGOTIATE        26
+#define SSL_CTRL_SESS_HIT                       27
+#define SSL_CTRL_SESS_CB_HIT                    28
+#define SSL_CTRL_SESS_MISSES                    29
+#define SSL_CTRL_SESS_TIMEOUTS                  30
+#define SSL_CTRL_SESS_CACHE_FULL                31
+#define SSL_CTRL_OPTIONS                        32
+#define SSL_CTRL_MODE                           33
+
+#define SSL_CTRL_GET_READ_AHEAD                 40
+#define SSL_CTRL_SET_READ_AHEAD                 41
+#define SSL_CTRL_SET_SESS_CACHE_SIZE            42
+#define SSL_CTRL_GET_SESS_CACHE_SIZE            43
+#define SSL_CTRL_SET_SESS_CACHE_MODE            44
+#define SSL_CTRL_GET_SESS_CACHE_MODE            45
+
+#define SSL_CTRL_GET_MAX_CERT_LIST              50
+#define SSL_CTRL_SET_MAX_CERT_LIST              51
+
+#define SSL_session_reused(ssl) \
+        SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
+#define SSL_num_renegotiations(ssl) \
+        SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
+#define SSL_clear_num_renegotiations(ssl) \
+        SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
+#define SSL_total_renegotiations(ssl) \
+        SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
+
+#define SSL_CTX_need_tmp_RSA(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL)
+#define SSL_CTX_set_tmp_rsa(ctx,rsa) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
+#define SSL_CTX_set_tmp_dh(ctx,dh) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
+
+#define SSL_need_tmp_RSA(ssl) \
+        SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL)
+#define SSL_set_tmp_rsa(ssl,rsa) \
+        SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
+#define SSL_set_tmp_dh(ssl,dh) \
+        SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
+
+#define SSL_CTX_add_extra_chain_cert(ctx,x509) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
+
+#ifndef OPENSSL_NO_BIO
+BIO_METHOD *BIO_f_ssl(void);
+BIO *BIO_new_ssl(SSL_CTX *ctx,int client);
+BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
+int BIO_ssl_copy_session_id(BIO *to,BIO *from);
+void BIO_ssl_shutdown(BIO *ssl_bio);
+
+#endif
+
+int     SSL_CTX_set_cipher_list(SSL_CTX *,const char *str);
+SSL_CTX *SSL_CTX_new(SSL_METHOD *meth);
+void    SSL_CTX_free(SSL_CTX *);
+long SSL_CTX_set_timeout(SSL_CTX *ctx,long t);
+long SSL_CTX_get_timeout(const SSL_CTX *ctx);
+X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *);
+void SSL_CTX_set_cert_store(SSL_CTX *,X509_STORE *);
+int SSL_want(const SSL *s);
+int     SSL_clear(SSL *s);
+
+void    SSL_CTX_flush_sessions(SSL_CTX *ctx,long tm);
+
+SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
+int     SSL_CIPHER_get_bits(const SSL_CIPHER *c,int *alg_bits);
+char *  SSL_CIPHER_get_version(const SSL_CIPHER *c);
+const char *    SSL_CIPHER_get_name(const SSL_CIPHER *c);
+
+int     SSL_get_fd(const SSL *s);
+int     SSL_get_rfd(const SSL *s);
+int     SSL_get_wfd(const SSL *s);
+const char  * SSL_get_cipher_list(const SSL *s,int n);
+char *  SSL_get_shared_ciphers(const SSL *s, char *buf, int len);
+int     SSL_get_read_ahead(const SSL * s);
+int     SSL_pending(const SSL *s);
+#ifndef OPENSSL_NO_SOCK
+int     SSL_set_fd(SSL *s, int fd);
+int     SSL_set_rfd(SSL *s, int fd);
+int     SSL_set_wfd(SSL *s, int fd);
+#endif
+#ifndef OPENSSL_NO_BIO
+void    SSL_set_bio(SSL *s, BIO *rbio,BIO *wbio);
+BIO *   SSL_get_rbio(const SSL *s);
+BIO *   SSL_get_wbio(const SSL *s);
+#endif
+int     SSL_set_cipher_list(SSL *s, const char *str);
+void    SSL_set_read_ahead(SSL *s, int yes);
+int     SSL_get_verify_mode(const SSL *s);
+int     SSL_get_verify_depth(const SSL *s);
+int     (*SSL_get_verify_callback(const SSL *s))(int,X509_STORE_CTX *);
+void    SSL_set_verify(SSL *s, int mode,
+                       int (*callback)(int ok,X509_STORE_CTX *ctx));
+void    SSL_set_verify_depth(SSL *s, int depth);
+#ifndef OPENSSL_NO_RSA
+int     SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+#endif
+int     SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+int     SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+int     SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, unsigned char *d, long len);
+int     SSL_use_certificate(SSL *ssl, X509 *x);
+int     SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+
+#ifndef OPENSSL_NO_STDIO
+int     SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+int     SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+int     SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+int     SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+int     SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+int     SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+int     SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); /* PEM type */
+STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
+int     SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
+                                            const char *file);
+#ifndef OPENSSL_SYS_VMS
+#ifndef OPENSSL_SYS_MACINTOSH_CLASSIC /* XXXXX: Better scheme needed! [was: #ifndef MAC_OS_pre_X] */
+int     SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
+                                           const char *dir);
+#endif
+#endif
+
+#endif
+
+void    SSL_load_error_strings(void );
+const char *SSL_state_string(const SSL *s);
+const char *SSL_rstate_string(const SSL *s);
+const char *SSL_state_string_long(const SSL *s);
+const char *SSL_rstate_string_long(const SSL *s);
+long    SSL_SESSION_get_time(const SSL_SESSION *s);
+long    SSL_SESSION_set_time(SSL_SESSION *s, long t);
+long    SSL_SESSION_get_timeout(const SSL_SESSION *s);
+long    SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
+void    SSL_copy_session_id(SSL *to,const SSL *from);
+
+SSL_SESSION *SSL_SESSION_new(void);
+unsigned long SSL_SESSION_hash(const SSL_SESSION *a);
+int     SSL_SESSION_cmp(const SSL_SESSION *a,const SSL_SESSION *b);
+#ifndef OPENSSL_NO_FP_API
+int     SSL_SESSION_print_fp(FILE *fp,const SSL_SESSION *ses);
+#endif
+#ifndef OPENSSL_NO_BIO
+int     SSL_SESSION_print(BIO *fp,const SSL_SESSION *ses);
+#endif
+void    SSL_SESSION_free(SSL_SESSION *ses);
+int     i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp);
+int     SSL_set_session(SSL *to, SSL_SESSION *session);
+int     SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
+int     SSL_CTX_remove_session(SSL_CTX *,SSL_SESSION *c);
+int     SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB);
+int     SSL_set_generate_session_id(SSL *, GEN_SESSION_CB);
+int     SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
+                                        unsigned int id_len);
+SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a,const unsigned char * const *pp,
+                             long length);
+
+#ifdef HEADER_X509_H
+X509 *  SSL_get_peer_certificate(const SSL *s);
+#endif
+
+STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s);
+
+int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
+int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
+int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int,X509_STORE_CTX *);
+void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,
+                        int (*callback)(int, X509_STORE_CTX *));
+void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth);
+void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,void *), void *arg);
+#ifndef OPENSSL_NO_RSA
+int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+#endif
+int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+int SSL_CTX_use_PrivateKey_ASN1(int pk,SSL_CTX *ctx,
+        unsigned char *d, long len);
+int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+
+void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
+void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
+
+int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+int SSL_check_private_key(const SSL *ctx);
+
+int     SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,
+                                       unsigned int sid_ctx_len);
+
+SSL *   SSL_new(SSL_CTX *ctx);
+int     SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
+                                   unsigned int sid_ctx_len);
+
+int SSL_CTX_set_purpose(SSL_CTX *s, int purpose);
+int SSL_set_purpose(SSL *s, int purpose);
+int SSL_CTX_set_trust(SSL_CTX *s, int trust);
+int SSL_set_trust(SSL *s, int trust);
+
+void    SSL_free(SSL *ssl);
+int     SSL_accept(SSL *ssl);
+int     SSL_connect(SSL *ssl);
+int     SSL_read(SSL *ssl,void *buf,int num);
+int     SSL_peek(SSL *ssl,void *buf,int num);
+int     SSL_write(SSL *ssl,const void *buf,int num);
+long    SSL_ctrl(SSL *ssl,int cmd, long larg, void *parg);
+long    SSL_callback_ctrl(SSL *, int, void (*)());
+long    SSL_CTX_ctrl(SSL_CTX *ctx,int cmd, long larg, void *parg);
+long    SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)());
+
+int     SSL_get_error(const SSL *s,int ret_code);
+const char *SSL_get_version(const SSL *s);
+
+/* This sets the 'default' SSL version that SSL_new() will create */
+int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth);
+
+SSL_METHOD *SSLv2_method(void);         /* SSLv2 */
+SSL_METHOD *SSLv2_server_method(void);  /* SSLv2 */
+SSL_METHOD *SSLv2_client_method(void);  /* SSLv2 */
+
+SSL_METHOD *SSLv3_method(void);         /* SSLv3 */
+SSL_METHOD *SSLv3_server_method(void);  /* SSLv3 */
+SSL_METHOD *SSLv3_client_method(void);  /* SSLv3 */
+
+SSL_METHOD *SSLv23_method(void);        /* SSLv3 but can rollback to v2 */
+SSL_METHOD *SSLv23_server_method(void); /* SSLv3 but can rollback to v2 */
+SSL_METHOD *SSLv23_client_method(void); /* SSLv3 but can rollback to v2 */
+
+SSL_METHOD *TLSv1_method(void);         /* TLSv1.0 */
+SSL_METHOD *TLSv1_server_method(void);  /* TLSv1.0 */
+SSL_METHOD *TLSv1_client_method(void);  /* TLSv1.0 */
+
+STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);
+
+int SSL_do_handshake(SSL *s);
+int SSL_renegotiate(SSL *s);
+int SSL_renegotiate_pending(SSL *s);
+int SSL_shutdown(SSL *s);
+
+SSL_METHOD *SSL_get_ssl_method(SSL *s);
+int SSL_set_ssl_method(SSL *s,SSL_METHOD *method);
+const char *SSL_alert_type_string_long(int value);
+const char *SSL_alert_type_string(int value);
+const char *SSL_alert_desc_string_long(int value);
+const char *SSL_alert_desc_string(int value);
+
+void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
+void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
+STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s);
+int SSL_add_client_CA(SSL *ssl,X509 *x);
+int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x);
+
+void SSL_set_connect_state(SSL *s);
+void SSL_set_accept_state(SSL *s);
+
+long SSL_get_default_timeout(const SSL *s);
+
+int SSL_library_init(void );
+
+char *SSL_CIPHER_description(SSL_CIPHER *,char *buf,int size);
+STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
+
+SSL *SSL_dup(SSL *ssl);
+
+X509 *SSL_get_certificate(const SSL *ssl);
+/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl);
+
+void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode);
+int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
+void SSL_set_quiet_shutdown(SSL *ssl,int mode);
+int SSL_get_quiet_shutdown(const SSL *ssl);
+void SSL_set_shutdown(SSL *ssl,int mode);
+int SSL_get_shutdown(const SSL *ssl);
+int SSL_version(const SSL *ssl);
+int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
+int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
+        const char *CApath);
+#define SSL_get0_session SSL_get_session /* just peek at pointer */
+SSL_SESSION *SSL_get_session(const SSL *ssl);
+SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */
+SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
+void SSL_set_info_callback(SSL *ssl,
+                           void (*cb)(const SSL *ssl,int type,int val));
+void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl,int type,int val);
+int SSL_state(const SSL *ssl);
+
+void SSL_set_verify_result(SSL *ssl,long v);
+long SSL_get_verify_result(const SSL *ssl);
+
+int SSL_set_ex_data(SSL *ssl,int idx,void *data);
+void *SSL_get_ex_data(const SSL *ssl,int idx);
+int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+        CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+
+int SSL_SESSION_set_ex_data(SSL_SESSION *ss,int idx,void *data);
+void *SSL_SESSION_get_ex_data(const SSL_SESSION *ss,int idx);
+int SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+        CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+
+int SSL_CTX_set_ex_data(SSL_CTX *ssl,int idx,void *data);
+void *SSL_CTX_get_ex_data(const SSL_CTX *ssl,int idx);
+int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+        CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+
+int SSL_get_ex_data_X509_STORE_CTX_idx(void );
+
+#define SSL_CTX_sess_set_cache_size(ctx,t) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL)
+#define SSL_CTX_sess_get_cache_size(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL)
+#define SSL_CTX_set_session_cache_mode(ctx,m) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL)
+#define SSL_CTX_get_session_cache_mode(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL)
+
+#define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx)
+#define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m)
+#define SSL_CTX_get_read_ahead(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)
+#define SSL_CTX_set_read_ahead(ctx,m) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL)
+#define SSL_CTX_get_max_cert_list(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
+#define SSL_CTX_set_max_cert_list(ctx,m) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
+#define SSL_get_max_cert_list(ssl) \
+        SSL_ctrl(ssl,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
+#define SSL_set_max_cert_list(ssl,m) \
+        SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
+
+     /* NB: the keylength is only applicable when is_export is true */
+#ifndef OPENSSL_NO_RSA
+void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
+                                  RSA *(*cb)(SSL *ssl,int is_export,
+                                             int keylength));
+
+void SSL_set_tmp_rsa_callback(SSL *ssl,
+                                  RSA *(*cb)(SSL *ssl,int is_export,
+                                             int keylength));
+#endif
+#ifndef OPENSSL_NO_DH
+void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
+                                 DH *(*dh)(SSL *ssl,int is_export,
+                                           int keylength));
+void SSL_set_tmp_dh_callback(SSL *ssl,
+                                 DH *(*dh)(SSL *ssl,int is_export,
+                                           int keylength));
+#endif
+
+#ifndef OPENSSL_NO_COMP
+int SSL_COMP_add_compression_method(int id,COMP_METHOD *cm);
+#else
+int SSL_COMP_add_compression_method(int id,char *cm);
+#endif
+
+/* BEGIN ERROR CODES */
+/* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_SSL_strings(void);
+
+/* Error codes for the SSL functions. */
+
+/* Function codes. */
+#define SSL_F_CLIENT_CERTIFICATE                         100
+#define SSL_F_CLIENT_FINISHED                            238
+#define SSL_F_CLIENT_HELLO                               101
+#define SSL_F_CLIENT_MASTER_KEY                          102
+#define SSL_F_D2I_SSL_SESSION                            103
+#define SSL_F_DO_SSL3_WRITE                              104
+#define SSL_F_GET_CLIENT_FINISHED                        105
+#define SSL_F_GET_CLIENT_HELLO                           106
+#define SSL_F_GET_CLIENT_MASTER_KEY                      107
+#define SSL_F_GET_SERVER_FINISHED                        108
+#define SSL_F_GET_SERVER_HELLO                           109
+#define SSL_F_GET_SERVER_VERIFY                          110
+#define SSL_F_I2D_SSL_SESSION                            111
+#define SSL_F_READ_N                                     112
+#define SSL_F_REQUEST_CERTIFICATE                        113
+#define SSL_F_SERVER_FINISH                              239
+#define SSL_F_SERVER_HELLO                               114
+#define SSL_F_SERVER_VERIFY                              240
+#define SSL_F_SSL23_ACCEPT                               115
+#define SSL_F_SSL23_CLIENT_HELLO                         116
+#define SSL_F_SSL23_CONNECT                              117
+#define SSL_F_SSL23_GET_CLIENT_HELLO                     118
+#define SSL_F_SSL23_GET_SERVER_HELLO                     119
+#define SSL_F_SSL23_PEEK                                 237
+#define SSL_F_SSL23_READ                                 120
+#define SSL_F_SSL23_WRITE                                121
+#define SSL_F_SSL2_ACCEPT                                122
+#define SSL_F_SSL2_CONNECT                               123
+#define SSL_F_SSL2_ENC_INIT                              124
+#define SSL_F_SSL2_GENERATE_KEY_MATERIAL                 241
+#define SSL_F_SSL2_PEEK                                  234
+#define SSL_F_SSL2_READ                                  125
+#define SSL_F_SSL2_READ_INTERNAL                         236
+#define SSL_F_SSL2_SET_CERTIFICATE                       126
+#define SSL_F_SSL2_WRITE                                 127
+#define SSL_F_SSL3_ACCEPT                                128
+#define SSL_F_SSL3_CALLBACK_CTRL                         233
+#define SSL_F_SSL3_CHANGE_CIPHER_STATE                   129
+#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM              130
+#define SSL_F_SSL3_CLIENT_HELLO                          131
+#define SSL_F_SSL3_CONNECT                               132
+#define SSL_F_SSL3_CTRL                                  213
+#define SSL_F_SSL3_CTX_CTRL                              133
+#define SSL_F_SSL3_ENC                                   134
+#define SSL_F_SSL3_GENERATE_KEY_BLOCK                    238
+#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST               135
+#define SSL_F_SSL3_GET_CERT_VERIFY                       136
+#define SSL_F_SSL3_GET_CLIENT_CERTIFICATE                137
+#define SSL_F_SSL3_GET_CLIENT_HELLO                      138
+#define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE               139
+#define SSL_F_SSL3_GET_FINISHED                          140
+#define SSL_F_SSL3_GET_KEY_EXCHANGE                      141
+#define SSL_F_SSL3_GET_MESSAGE                           142
+#define SSL_F_SSL3_GET_RECORD                            143
+#define SSL_F_SSL3_GET_SERVER_CERTIFICATE                144
+#define SSL_F_SSL3_GET_SERVER_DONE                       145
+#define SSL_F_SSL3_GET_SERVER_HELLO                      146
+#define SSL_F_SSL3_OUTPUT_CERT_CHAIN                     147
+#define SSL_F_SSL3_PEEK                                  235
+#define SSL_F_SSL3_READ_BYTES                            148
+#define SSL_F_SSL3_READ_N                                149
+#define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST              150
+#define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE               151
+#define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE              152
+#define SSL_F_SSL3_SEND_CLIENT_VERIFY                    153
+#define SSL_F_SSL3_SEND_SERVER_CERTIFICATE               154
+#define SSL_F_SSL3_SEND_SERVER_HELLO                     242
+#define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE              155
+#define SSL_F_SSL3_SETUP_BUFFERS                         156
+#define SSL_F_SSL3_SETUP_KEY_BLOCK                       157
+#define SSL_F_SSL3_WRITE_BYTES                           158
+#define SSL_F_SSL3_WRITE_PENDING                         159
+#define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK         215
+#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK        216
+#define SSL_F_SSL_BAD_METHOD                             160
+#define SSL_F_SSL_BYTES_TO_CIPHER_LIST                   161
+#define SSL_F_SSL_CERT_DUP                               221
+#define SSL_F_SSL_CERT_INST                              222
+#define SSL_F_SSL_CERT_INSTANTIATE                       214
+#define SSL_F_SSL_CERT_NEW                               162
+#define SSL_F_SSL_CHECK_PRIVATE_KEY                      163
+#define SSL_F_SSL_CIPHER_PROCESS_RULESTR                 230
+#define SSL_F_SSL_CIPHER_STRENGTH_SORT                   231
+#define SSL_F_SSL_CLEAR                                  164
+#define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD            165
+#define SSL_F_SSL_CREATE_CIPHER_LIST                     166
+#define SSL_F_SSL_CTRL                                   232
+#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY                  168
+#define SSL_F_SSL_CTX_NEW                                169
+#define SSL_F_SSL_CTX_SET_PURPOSE                        226
+#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT             219
+#define SSL_F_SSL_CTX_SET_SSL_VERSION                    170
+#define SSL_F_SSL_CTX_SET_TRUST                          229
+#define SSL_F_SSL_CTX_USE_CERTIFICATE                    171
+#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1               172
+#define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE         220
+#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE               173
+#define SSL_F_SSL_CTX_USE_PRIVATEKEY                     174
+#define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1                175
+#define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE                176
+#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY                  177
+#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1             178
+#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE             179
+#define SSL_F_SSL_DO_HANDSHAKE                           180
+#define SSL_F_SSL_GET_NEW_SESSION                        181
+#define SSL_F_SSL_GET_PREV_SESSION                       217
+#define SSL_F_SSL_GET_SERVER_SEND_CERT                   182
+#define SSL_F_SSL_GET_SIGN_PKEY                          183
+#define SSL_F_SSL_INIT_WBIO_BUFFER                       184
+#define SSL_F_SSL_LOAD_CLIENT_CA_FILE                    185
+#define SSL_F_SSL_NEW                                    186
+#define SSL_F_SSL_READ                                   223
+#define SSL_F_SSL_RSA_PRIVATE_DECRYPT                    187
+#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT                     188
+#define SSL_F_SSL_SESSION_NEW                            189
+#define SSL_F_SSL_SESSION_PRINT_FP                       190
+#define SSL_F_SSL_SESS_CERT_NEW                          225
+#define SSL_F_SSL_SET_CERT                               191
+#define SSL_F_SSL_SET_FD                                 192
+#define SSL_F_SSL_SET_PKEY                               193
+#define SSL_F_SSL_SET_PURPOSE                            227
+#define SSL_F_SSL_SET_RFD                                194
+#define SSL_F_SSL_SET_SESSION                            195
+#define SSL_F_SSL_SET_SESSION_ID_CONTEXT                 218
+#define SSL_F_SSL_SET_TRUST                              228
+#define SSL_F_SSL_SET_WFD                                196
+#define SSL_F_SSL_SHUTDOWN                               224
+#define SSL_F_SSL_UNDEFINED_CONST_FUNCTION               243
+#define SSL_F_SSL_UNDEFINED_FUNCTION                     197
+#define SSL_F_SSL_USE_CERTIFICATE                        198
+#define SSL_F_SSL_USE_CERTIFICATE_ASN1                   199
+#define SSL_F_SSL_USE_CERTIFICATE_FILE                   200
+#define SSL_F_SSL_USE_PRIVATEKEY                         201
+#define SSL_F_SSL_USE_PRIVATEKEY_ASN1                    202
+#define SSL_F_SSL_USE_PRIVATEKEY_FILE                    203
+#define SSL_F_SSL_USE_RSAPRIVATEKEY                      204
+#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1                 205
+#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE                 206
+#define SSL_F_SSL_VERIFY_CERT_CHAIN                      207
+#define SSL_F_SSL_WRITE                                  208
+#define SSL_F_TLS1_CHANGE_CIPHER_STATE                   209
+#define SSL_F_TLS1_ENC                                   210
+#define SSL_F_TLS1_SETUP_KEY_BLOCK                       211
+#define SSL_F_WRITE_PENDING                              212
+
+/* Reason codes. */
+#define SSL_R_APP_DATA_IN_HANDSHAKE                      100
+#define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
+#define SSL_R_BAD_ALERT_RECORD                           101
+#define SSL_R_BAD_AUTHENTICATION_TYPE                    102
+#define SSL_R_BAD_CHANGE_CIPHER_SPEC                     103
+#define SSL_R_BAD_CHECKSUM                               104
+#define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK              106
+#define SSL_R_BAD_DECOMPRESSION                          107
+#define SSL_R_BAD_DH_G_LENGTH                            108
+#define SSL_R_BAD_DH_PUB_KEY_LENGTH                      109
+#define SSL_R_BAD_DH_P_LENGTH                            110
+#define SSL_R_BAD_DIGEST_LENGTH                          111
+#define SSL_R_BAD_DSA_SIGNATURE                          112
+#define SSL_R_BAD_HELLO_REQUEST                          105
+#define SSL_R_BAD_LENGTH                                 271
+#define SSL_R_BAD_MAC_DECODE                             113
+#define SSL_R_BAD_MESSAGE_TYPE                           114
+#define SSL_R_BAD_PACKET_LENGTH                          115
+#define SSL_R_BAD_PROTOCOL_VERSION_NUMBER                116
+#define SSL_R_BAD_RESPONSE_ARGUMENT                      117
+#define SSL_R_BAD_RSA_DECRYPT                            118
+#define SSL_R_BAD_RSA_ENCRYPT                            119
+#define SSL_R_BAD_RSA_E_LENGTH                           120
+#define SSL_R_BAD_RSA_MODULUS_LENGTH                     121
+#define SSL_R_BAD_RSA_SIGNATURE                          122
+#define SSL_R_BAD_SIGNATURE                              123
+#define SSL_R_BAD_SSL_FILETYPE                           124
+#define SSL_R_BAD_SSL_SESSION_ID_LENGTH                  125
+#define SSL_R_BAD_STATE                                  126
+#define SSL_R_BAD_WRITE_RETRY                            127
+#define SSL_R_BIO_NOT_SET                                128
+#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG                  129
+#define SSL_R_BN_LIB                                     130
+#define SSL_R_CA_DN_LENGTH_MISMATCH                      131
+#define SSL_R_CA_DN_TOO_LONG                             132
+#define SSL_R_CCS_RECEIVED_EARLY                         133
+#define SSL_R_CERTIFICATE_VERIFY_FAILED                  134
+#define SSL_R_CERT_LENGTH_MISMATCH                       135
+#define SSL_R_CHALLENGE_IS_DIFFERENT                     136
+#define SSL_R_CIPHER_CODE_WRONG_LENGTH                   137
+#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE                 138
+#define SSL_R_CIPHER_TABLE_SRC_ERROR                     139
+#define SSL_R_COMPRESSED_LENGTH_TOO_LONG                 140
+#define SSL_R_COMPRESSION_FAILURE                        141
+#define SSL_R_COMPRESSION_LIBRARY_ERROR                  142
+#define SSL_R_CONNECTION_ID_IS_DIFFERENT                 143
+#define SSL_R_CONNECTION_TYPE_NOT_SET                    144
+#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED              145
+#define SSL_R_DATA_LENGTH_TOO_LONG                       146
+#define SSL_R_DECRYPTION_FAILED                          147
+#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC        1109
+#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG            148
+#define SSL_R_DIGEST_CHECK_FAILED                        149
+#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG                  150
+#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY               1092
+#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST              151
+#define SSL_R_EXCESSIVE_MESSAGE_SIZE                     152
+#define SSL_R_EXTRA_DATA_IN_MESSAGE                      153
+#define SSL_R_GOT_A_FIN_BEFORE_A_CCS                     154
+#define SSL_R_HTTPS_PROXY_REQUEST                        155
+#define SSL_R_HTTP_REQUEST                               156
+#define SSL_R_ILLEGAL_PADDING                            1110
+#define SSL_R_INVALID_CHALLENGE_LENGTH                   158
+#define SSL_R_INVALID_COMMAND                            280
+#define SSL_R_INVALID_PURPOSE                            278
+#define SSL_R_INVALID_TRUST                              279
+#define SSL_R_KEY_ARG_TOO_LONG                           1112
+#define SSL_R_KRB5                                       1104
+#define SSL_R_KRB5_C_CC_PRINC                            1094
+#define SSL_R_KRB5_C_GET_CRED                            1095
+#define SSL_R_KRB5_C_INIT                                1096
+#define SSL_R_KRB5_C_MK_REQ                              1097
+#define SSL_R_KRB5_S_BAD_TICKET                          1098
+#define SSL_R_KRB5_S_INIT                                1099
+#define SSL_R_KRB5_S_RD_REQ                              1108
+#define SSL_R_KRB5_S_TKT_EXPIRED                         1105
+#define SSL_R_KRB5_S_TKT_NYV                             1106
+#define SSL_R_KRB5_S_TKT_SKEW                            1107
+#define SSL_R_LENGTH_MISMATCH                            159
+#define SSL_R_LENGTH_TOO_SHORT                           160
+#define SSL_R_LIBRARY_BUG                                274
+#define SSL_R_LIBRARY_HAS_NO_CIPHERS                     161
+#define SSL_R_MASTER_KEY_TOO_LONG                        1112
+#define SSL_R_MESSAGE_TOO_LONG                           1111
+#define SSL_R_MISSING_DH_DSA_CERT                        162
+#define SSL_R_MISSING_DH_KEY                             163
+#define SSL_R_MISSING_DH_RSA_CERT                        164
+#define SSL_R_MISSING_DSA_SIGNING_CERT                   165
+#define SSL_R_MISSING_EXPORT_TMP_DH_KEY                  166
+#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY                 167
+#define SSL_R_MISSING_RSA_CERTIFICATE                    168
+#define SSL_R_MISSING_RSA_ENCRYPTING_CERT                169
+#define SSL_R_MISSING_RSA_SIGNING_CERT                   170
+#define SSL_R_MISSING_TMP_DH_KEY                         171
+#define SSL_R_MISSING_TMP_RSA_KEY                        172
+#define SSL_R_MISSING_TMP_RSA_PKEY                       173
+#define SSL_R_MISSING_VERIFY_MESSAGE                     174
+#define SSL_R_NON_SSLV2_INITIAL_PACKET                   175
+#define SSL_R_NO_CERTIFICATES_RETURNED                   176
+#define SSL_R_NO_CERTIFICATE_ASSIGNED                    177
+#define SSL_R_NO_CERTIFICATE_RETURNED                    178
+#define SSL_R_NO_CERTIFICATE_SET                         179
+#define SSL_R_NO_CERTIFICATE_SPECIFIED                   180
+#define SSL_R_NO_CIPHERS_AVAILABLE                       181
+#define SSL_R_NO_CIPHERS_PASSED                          182
+#define SSL_R_NO_CIPHERS_SPECIFIED                       183
+#define SSL_R_NO_CIPHER_LIST                             184
+#define SSL_R_NO_CIPHER_MATCH                            185
+#define SSL_R_NO_CLIENT_CERT_RECEIVED                    186
+#define SSL_R_NO_COMPRESSION_SPECIFIED                   187
+#define SSL_R_NO_METHOD_SPECIFIED                        188
+#define SSL_R_NO_PRIVATEKEY                              189
+#define SSL_R_NO_PRIVATE_KEY_ASSIGNED                    190
+#define SSL_R_NO_PROTOCOLS_AVAILABLE                     191
+#define SSL_R_NO_PUBLICKEY                               192
+#define SSL_R_NO_SHARED_CIPHER                           193
+#define SSL_R_NO_VERIFY_CALLBACK                         194
+#define SSL_R_NULL_SSL_CTX                               195
+#define SSL_R_NULL_SSL_METHOD_PASSED                     196
+#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED            197
+#define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE              1115
+#define SSL_R_PACKET_LENGTH_TOO_LONG                     198
+#define SSL_R_PATH_TOO_LONG                              270
+#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE          199
+#define SSL_R_PEER_ERROR                                 200
+#define SSL_R_PEER_ERROR_CERTIFICATE                     201
+#define SSL_R_PEER_ERROR_NO_CERTIFICATE                  202
+#define SSL_R_PEER_ERROR_NO_CIPHER                       203
+#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE    204
+#define SSL_R_PRE_MAC_LENGTH_TOO_LONG                    205
+#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS          206
+#define SSL_R_PROTOCOL_IS_SHUTDOWN                       207
+#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR                   208
+#define SSL_R_PUBLIC_KEY_IS_NOT_RSA                      209
+#define SSL_R_PUBLIC_KEY_NOT_RSA                         210
+#define SSL_R_READ_BIO_NOT_SET                           211
+#define SSL_R_READ_WRONG_PACKET_TYPE                     212
+#define SSL_R_RECORD_LENGTH_MISMATCH                     213
+#define SSL_R_RECORD_TOO_LARGE                           214
+#define SSL_R_RECORD_TOO_SMALL                           1093
+#define SSL_R_REQUIRED_CIPHER_MISSING                    215
+#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO                 216
+#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO                   217
+#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO                 218
+#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED           277
+#define SSL_R_SHORT_READ                                 219
+#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE      220
+#define SSL_R_SSL23_DOING_SESSION_ID_REUSE               221
+#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG                1114
+#define SSL_R_SSL3_SESSION_ID_TOO_LONG                   1113
+#define SSL_R_SSL3_SESSION_ID_TOO_SHORT                  222
+#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE                1042
+#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC                 1020
+#define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED            1045
+#define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED            1044
+#define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN            1046
+#define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE          1030
+#define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE              1040
+#define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER              1047
+#define SSL_R_SSLV3_ALERT_NO_CERTIFICATE                 1041
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE         223
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE      224
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER           225
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 226
+#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE             1010
+#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE      227
+#define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE        1043
+#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION         228
+#define SSL_R_SSL_HANDSHAKE_FAILURE                      229
+#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS                 230
+#define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED             1102
+#define SSL_R_SSL_SESSION_ID_CONFLICT                    1103
+#define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG            273
+#define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH              1101
+#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT                231
+#define SSL_R_TLSV1_ALERT_ACCESS_DENIED                  1049
+#define SSL_R_TLSV1_ALERT_DECODE_ERROR                   1050
+#define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED              1021
+#define SSL_R_TLSV1_ALERT_DECRYPT_ERROR                  1051
+#define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION             1060
+#define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY          1071
+#define SSL_R_TLSV1_ALERT_INTERNAL_ERROR                 1080
+#define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION               1100
+#define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION               1070
+#define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW                1022
+#define SSL_R_TLSV1_ALERT_UNKNOWN_CA                     1048
+#define SSL_R_TLSV1_ALERT_USER_CANCELLED                 1090
+#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER       232
+#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
+#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG    234
+#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER            235
+#define SSL_R_UNABLE_TO_DECODE_DH_CERTS                  236
+#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY               237
+#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS               238
+#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS       239
+#define SSL_R_UNABLE_TO_FIND_SSL_METHOD                  240
+#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES           241
+#define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES           242
+#define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES          243
+#define SSL_R_UNEXPECTED_MESSAGE                         244
+#define SSL_R_UNEXPECTED_RECORD                          245
+#define SSL_R_UNINITIALIZED                              276
+#define SSL_R_UNKNOWN_ALERT_TYPE                         246
+#define SSL_R_UNKNOWN_CERTIFICATE_TYPE                   247
+#define SSL_R_UNKNOWN_CIPHER_RETURNED                    248
+#define SSL_R_UNKNOWN_CIPHER_TYPE                        249
+#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE                  250
+#define SSL_R_UNKNOWN_PKEY_TYPE                          251
+#define SSL_R_UNKNOWN_PROTOCOL                           252
+#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE                  253
+#define SSL_R_UNKNOWN_SSL_VERSION                        254
+#define SSL_R_UNKNOWN_STATE                              255
+#define SSL_R_UNSUPPORTED_CIPHER                         256
+#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM          257
+#define SSL_R_UNSUPPORTED_OPTION                         1091
+#define SSL_R_UNSUPPORTED_PROTOCOL                       258
+#define SSL_R_UNSUPPORTED_SSL_VERSION                    259
+#define SSL_R_WRITE_BIO_NOT_SET                          260
+#define SSL_R_WRONG_CIPHER_RETURNED                      261
+#define SSL_R_WRONG_MESSAGE_TYPE                         262
+#define SSL_R_WRONG_NUMBER_OF_KEY_BITS                   263
+#define SSL_R_WRONG_SIGNATURE_LENGTH                     264
+#define SSL_R_WRONG_SIGNATURE_SIZE                       265
+#define SSL_R_WRONG_SSL_VERSION                          266
+#define SSL_R_WRONG_VERSION_NUMBER                       267
+#define SSL_R_X509_LIB                                   268
+#define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS           269
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/src/lib/libssl/ssl/Makefile b/src/lib/libssl/ssl/Makefile
new file mode 100644
index 0000000000..dd5ff5720c
--- /dev/null
+++ b/src/lib/libssl/ssl/Makefile
@@ -0,0 +1,52 @@
+# $OpenBSD: Makefile,v 1.21 2005/11/24 20:49:23 deraadt Exp $
+
+LIB=    ssl
+WANTLINT=
+
+SSLEAYDIST= src
+
+LSSL_SRC= ${.CURDIR}/../${SSLEAYDIST}/ssl
+
+.if ${MACHINE_ARCH} == "i386"
+CFLAGS+= -DL_ENDIAN -DBN_ASM
+.else
+.if ${MACHINE_ARCH} == "vax"
+CFLAGS+= -DL_ENDIAN
+.else
+.if ${MACHINE_ARCH} == "alpha"
+# no ENDIAN stuff defined for alpha
+.else
+CFLAGS+= -DB_ENDIAN
+.endif
+.endif 
+.endif
+
+CFLAGS+= -DOPENSSL_NO_IDEA -DTERMIOS -DANSI_SOURCE -DNO_ERR 
+CFLAGS+= -DOPENSSL_NO_MDC2
+CFLAGS+= -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5 -DHAVE_DLFCN_H 
+CFLAGS+= -I${.CURDIR}/../${SSLEAYDIST}
+
+SRCS=   bio_ssl.c s2_clnt.c s3_both.c s3_srvr.c ssl_err2.c ssl_txt.c    \
+        t1_srvr.c s23_clnt.c s2_enc.c s3_clnt.c ssl_algs.c ssl_lib.c    \
+        s23_lib.c s2_lib.c s3_enc.c ssl_asn1.c ssl_rsa.c        \
+        t1_clnt.c s23_meth.c s2_meth.c s3_lib.c ssl_cert.c ssl_sess.c   \
+        t1_enc.c s23_pkt.c s2_pkt.c s3_meth.c ssl_ciph.c ssl_stat.c     \
+        t1_lib.c s23_srvr.c s2_srvr.c s3_pkt.c ssl_err.c \
+        t1_meth.c 
+
+HDRS=   ssl.h ssl2.h ssl3.h ssl23.h tls1.h kssl.h 
+
+.PATH:  ${LSSL_SRC}
+
+includes:
+        @test -d ${DESTDIR}/usr/include/openssl || \
+            mkdir ${DESTDIR}/usr/include/openssl
+        @cd ${LSSL_SRC}; for i in $(HDRS); do \
+            j="cmp -s $$i ${DESTDIR}/usr/include/openssl/`basename $$i` || \
+            ${INSTALL} ${INSTALL_COPY} -o ${BINOWN} -g ${BINGRP} -m 444 $$i\
+                ${DESTDIR}/usr/include/openssl"; \
+            echo $$j; \
+            eval "$$j"; \
+        done;
+
+.include <bsd.lib.mk>
diff --git a/src/lib/libssl/ssl/shlib_version b/src/lib/libssl/ssl/shlib_version
new file mode 100644
index 0000000000..c10074d52a
--- /dev/null
+++ b/src/lib/libssl/ssl/shlib_version
@@ -0,0 +1,2 @@
+major=10
+minor=0
diff --git a/src/lib/libssl/ssl2.h b/src/lib/libssl/ssl2.h
new file mode 100644
index 0000000000..99a52ea0dd
--- /dev/null
+++ b/src/lib/libssl/ssl2.h
@@ -0,0 +1,268 @@
+/* ssl/ssl2.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_SSL2_H 
+#define HEADER_SSL2_H 
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* Protocol Version Codes */
+#define SSL2_VERSION            0x0002
+#define SSL2_VERSION_MAJOR      0x00
+#define SSL2_VERSION_MINOR      0x02
+/* #define SSL2_CLIENT_VERSION  0x0002 */
+/* #define SSL2_SERVER_VERSION  0x0002 */
+
+/* Protocol Message Codes */
+#define SSL2_MT_ERROR                   0
+#define SSL2_MT_CLIENT_HELLO            1
+#define SSL2_MT_CLIENT_MASTER_KEY       2
+#define SSL2_MT_CLIENT_FINISHED         3
+#define SSL2_MT_SERVER_HELLO            4
+#define SSL2_MT_SERVER_VERIFY           5
+#define SSL2_MT_SERVER_FINISHED         6
+#define SSL2_MT_REQUEST_CERTIFICATE     7
+#define SSL2_MT_CLIENT_CERTIFICATE      8
+
+/* Error Message Codes */
+#define SSL2_PE_UNDEFINED_ERROR         0x0000
+#define SSL2_PE_NO_CIPHER               0x0001
+#define SSL2_PE_NO_CERTIFICATE          0x0002
+#define SSL2_PE_BAD_CERTIFICATE         0x0004
+#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
+
+/* Cipher Kind Values */
+#define SSL2_CK_NULL_WITH_MD5                   0x02000000 /* v3 */
+#define SSL2_CK_RC4_128_WITH_MD5                0x02010080
+#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5       0x02020080
+#define SSL2_CK_RC2_128_CBC_WITH_MD5            0x02030080
+#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5   0x02040080
+#define SSL2_CK_IDEA_128_CBC_WITH_MD5           0x02050080
+#define SSL2_CK_DES_64_CBC_WITH_MD5             0x02060040
+#define SSL2_CK_DES_64_CBC_WITH_SHA             0x02060140 /* v3 */
+#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5       0x020700c0
+#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA       0x020701c0 /* v3 */
+#define SSL2_CK_RC4_64_WITH_MD5                 0x02080080 /* MS hack */
+ 
+#define SSL2_CK_DES_64_CFB64_WITH_MD5_1         0x02ff0800 /* SSLeay */
+#define SSL2_CK_NULL                            0x02ff0810 /* SSLeay */
+
+#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1        "DES-CFB-M1"
+#define SSL2_TXT_NULL_WITH_MD5                  "NULL-MD5"
+#define SSL2_TXT_RC4_128_WITH_MD5               "RC4-MD5"
+#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5      "EXP-RC4-MD5"
+#define SSL2_TXT_RC2_128_CBC_WITH_MD5           "RC2-CBC-MD5"
+#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5  "EXP-RC2-CBC-MD5"
+#define SSL2_TXT_IDEA_128_CBC_WITH_MD5          "IDEA-CBC-MD5"
+#define SSL2_TXT_DES_64_CBC_WITH_MD5            "DES-CBC-MD5"
+#define SSL2_TXT_DES_64_CBC_WITH_SHA            "DES-CBC-SHA"
+#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5      "DES-CBC3-MD5"
+#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA      "DES-CBC3-SHA"
+#define SSL2_TXT_RC4_64_WITH_MD5                "RC4-64-MD5"
+
+#define SSL2_TXT_NULL                           "NULL"
+
+/* Flags for the SSL_CIPHER.algorithm2 field */
+#define SSL2_CF_5_BYTE_ENC                      0x01
+#define SSL2_CF_8_BYTE_ENC                      0x02
+
+/* Certificate Type Codes */
+#define SSL2_CT_X509_CERTIFICATE                0x01
+
+/* Authentication Type Code */
+#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION         0x01
+
+#define SSL2_MAX_SSL_SESSION_ID_LENGTH          32
+
+/* Upper/Lower Bounds */
+#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS      256
+#ifdef OPENSSL_SYS_MPE
+#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER    29998u
+#else
+#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER    32767u  /* 2^15-1 */
+#endif
+#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER    16383 /* 2^14-1 */
+
+#define SSL2_CHALLENGE_LENGTH   16
+/*#define SSL2_CHALLENGE_LENGTH 32 */
+#define SSL2_MIN_CHALLENGE_LENGTH       16
+#define SSL2_MAX_CHALLENGE_LENGTH       32
+#define SSL2_CONNECTION_ID_LENGTH       16
+#define SSL2_MAX_CONNECTION_ID_LENGTH   16
+#define SSL2_SSL_SESSION_ID_LENGTH      16
+#define SSL2_MAX_CERT_CHALLENGE_LENGTH  32
+#define SSL2_MIN_CERT_CHALLENGE_LENGTH  16
+#define SSL2_MAX_KEY_MATERIAL_LENGTH    24
+
+#ifndef HEADER_SSL_LOCL_H
+#define  CERT           char
+#endif
+
+typedef struct ssl2_state_st
+        {
+        int three_byte_header;
+        int clear_text;         /* clear text */
+        int escape;             /* not used in SSLv2 */
+        int ssl2_rollback;      /* used if SSLv23 rolled back to SSLv2 */
+
+        /* non-blocking io info, used to make sure the same
+         * args were passwd */
+        unsigned int wnum;      /* number of bytes sent so far */
+        int wpend_tot;
+        const unsigned char *wpend_buf;
+
+        int wpend_off;  /* offset to data to write */
+        int wpend_len;  /* number of bytes passwd to write */
+        int wpend_ret;  /* number of bytes to return to caller */
+
+        /* buffer raw data */
+        int rbuf_left;
+        int rbuf_offs;
+        unsigned char *rbuf;
+        unsigned char *wbuf;
+
+        unsigned char *write_ptr;/* used to point to the start due to
+                                  * 2/3 byte header. */
+
+        unsigned int padding;
+        unsigned int rlength; /* passed to ssl2_enc */
+        int ract_data_length; /* Set when things are encrypted. */
+        unsigned int wlength; /* passed to ssl2_enc */
+        int wact_data_length; /* Set when things are decrypted. */
+        unsigned char *ract_data;
+        unsigned char *wact_data;
+        unsigned char *mac_data;
+
+        unsigned char *read_key;
+        unsigned char *write_key;
+
+                /* Stuff specifically to do with this SSL session */
+        unsigned int challenge_length;
+        unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH];
+        unsigned int conn_id_length;
+        unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH];
+        unsigned int key_material_length;
+        unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH*2];
+
+        unsigned long read_sequence;
+        unsigned long write_sequence;
+
+        struct  {
+                unsigned int conn_id_length;
+                unsigned int cert_type; 
+                unsigned int cert_length;
+                unsigned int csl; 
+                unsigned int clear;
+                unsigned int enc; 
+                unsigned char ccl[SSL2_MAX_CERT_CHALLENGE_LENGTH];
+                unsigned int cipher_spec_length;
+                unsigned int session_id_length;
+                unsigned int clen;
+                unsigned int rlen;
+                } tmp;
+        } SSL2_STATE;
+
+/* SSLv2 */
+/* client */
+#define SSL2_ST_SEND_CLIENT_HELLO_A             (0x10|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_HELLO_B             (0x11|SSL_ST_CONNECT)
+#define SSL2_ST_GET_SERVER_HELLO_A              (0x20|SSL_ST_CONNECT)
+#define SSL2_ST_GET_SERVER_HELLO_B              (0x21|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_MASTER_KEY_A        (0x30|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_MASTER_KEY_B        (0x31|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_FINISHED_A          (0x40|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_FINISHED_B          (0x41|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_CERTIFICATE_A       (0x50|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_CERTIFICATE_B       (0x51|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_CERTIFICATE_C       (0x52|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_CERTIFICATE_D       (0x53|SSL_ST_CONNECT)
+#define SSL2_ST_GET_SERVER_VERIFY_A             (0x60|SSL_ST_CONNECT)
+#define SSL2_ST_GET_SERVER_VERIFY_B             (0x61|SSL_ST_CONNECT)
+#define SSL2_ST_GET_SERVER_FINISHED_A           (0x70|SSL_ST_CONNECT)
+#define SSL2_ST_GET_SERVER_FINISHED_B           (0x71|SSL_ST_CONNECT)
+#define SSL2_ST_CLIENT_START_ENCRYPTION         (0x80|SSL_ST_CONNECT)
+#define SSL2_ST_X509_GET_CLIENT_CERTIFICATE     (0x90|SSL_ST_CONNECT)
+/* server */
+#define SSL2_ST_GET_CLIENT_HELLO_A              (0x10|SSL_ST_ACCEPT)
+#define SSL2_ST_GET_CLIENT_HELLO_B              (0x11|SSL_ST_ACCEPT)
+#define SSL2_ST_GET_CLIENT_HELLO_C              (0x12|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_SERVER_HELLO_A             (0x20|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_SERVER_HELLO_B             (0x21|SSL_ST_ACCEPT)
+#define SSL2_ST_GET_CLIENT_MASTER_KEY_A         (0x30|SSL_ST_ACCEPT)
+#define SSL2_ST_GET_CLIENT_MASTER_KEY_B         (0x31|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_SERVER_VERIFY_A            (0x40|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_SERVER_VERIFY_B            (0x41|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_SERVER_VERIFY_C            (0x42|SSL_ST_ACCEPT)
+#define SSL2_ST_GET_CLIENT_FINISHED_A           (0x50|SSL_ST_ACCEPT)
+#define SSL2_ST_GET_CLIENT_FINISHED_B           (0x51|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_SERVER_FINISHED_A          (0x60|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_SERVER_FINISHED_B          (0x61|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_REQUEST_CERTIFICATE_A      (0x70|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_REQUEST_CERTIFICATE_B      (0x71|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_REQUEST_CERTIFICATE_C      (0x72|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_REQUEST_CERTIFICATE_D      (0x73|SSL_ST_ACCEPT)
+#define SSL2_ST_SERVER_START_ENCRYPTION         (0x80|SSL_ST_ACCEPT)
+#define SSL2_ST_X509_GET_SERVER_CERTIFICATE     (0x90|SSL_ST_ACCEPT)
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/ssl23.h b/src/lib/libssl/ssl23.h
new file mode 100644
index 0000000000..d3228983c7
--- /dev/null
+++ b/src/lib/libssl/ssl23.h
@@ -0,0 +1,83 @@
+/* ssl/ssl23.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_SSL23_H 
+#define HEADER_SSL23_H 
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/*client */
+/* write to server */
+#define SSL23_ST_CW_CLNT_HELLO_A        (0x210|SSL_ST_CONNECT)
+#define SSL23_ST_CW_CLNT_HELLO_B        (0x211|SSL_ST_CONNECT)
+/* read from server */
+#define SSL23_ST_CR_SRVR_HELLO_A        (0x220|SSL_ST_CONNECT)
+#define SSL23_ST_CR_SRVR_HELLO_B        (0x221|SSL_ST_CONNECT)
+
+/* server */
+/* read from client */
+#define SSL23_ST_SR_CLNT_HELLO_A        (0x210|SSL_ST_ACCEPT)
+#define SSL23_ST_SR_CLNT_HELLO_B        (0x211|SSL_ST_ACCEPT)
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h
new file mode 100644
index 0000000000..1153aeda74
--- /dev/null
+++ b/src/lib/libssl/ssl3.h
@@ -0,0 +1,526 @@
+/* ssl/ssl3.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_SSL3_H 
+#define HEADER_SSL3_H 
+
+#ifndef OPENSSL_NO_COMP
+#include <openssl/comp.h>
+#endif
+#include <openssl/buffer.h>
+#include <openssl/evp.h>
+#include <openssl/ssl.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define SSL3_CK_RSA_NULL_MD5                    0x03000001
+#define SSL3_CK_RSA_NULL_SHA                    0x03000002
+#define SSL3_CK_RSA_RC4_40_MD5                  0x03000003
+#define SSL3_CK_RSA_RC4_128_MD5                 0x03000004
+#define SSL3_CK_RSA_RC4_128_SHA                 0x03000005
+#define SSL3_CK_RSA_RC2_40_MD5                  0x03000006
+#define SSL3_CK_RSA_IDEA_128_SHA                0x03000007
+#define SSL3_CK_RSA_DES_40_CBC_SHA              0x03000008
+#define SSL3_CK_RSA_DES_64_CBC_SHA              0x03000009
+#define SSL3_CK_RSA_DES_192_CBC3_SHA            0x0300000A
+
+#define SSL3_CK_DH_DSS_DES_40_CBC_SHA           0x0300000B
+#define SSL3_CK_DH_DSS_DES_64_CBC_SHA           0x0300000C
+#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA         0x0300000D
+#define SSL3_CK_DH_RSA_DES_40_CBC_SHA           0x0300000E
+#define SSL3_CK_DH_RSA_DES_64_CBC_SHA           0x0300000F
+#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA         0x03000010
+
+#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA          0x03000011
+#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA          0x03000012
+#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA        0x03000013
+#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA          0x03000014
+#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA          0x03000015
+#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA        0x03000016
+
+#define SSL3_CK_ADH_RC4_40_MD5                  0x03000017
+#define SSL3_CK_ADH_RC4_128_MD5                 0x03000018
+#define SSL3_CK_ADH_DES_40_CBC_SHA              0x03000019
+#define SSL3_CK_ADH_DES_64_CBC_SHA              0x0300001A
+#define SSL3_CK_ADH_DES_192_CBC_SHA             0x0300001B
+
+#define SSL3_CK_FZA_DMS_NULL_SHA                0x0300001C
+#define SSL3_CK_FZA_DMS_FZA_SHA                 0x0300001D
+#if 0 /* Because it clashes with KRB5, is never used any more, and is safe
+         to remove according to David Hopwood <david.hopwood@zetnet.co.uk>
+         of the ietf-tls list */
+#define SSL3_CK_FZA_DMS_RC4_SHA                 0x0300001E
+#endif
+
+/*    VRS Additional Kerberos5 entries
+ */
+#define SSL3_CK_KRB5_DES_64_CBC_SHA             0x0300001E
+#define SSL3_CK_KRB5_DES_192_CBC3_SHA           0x0300001F
+#define SSL3_CK_KRB5_RC4_128_SHA                0x03000020
+#define SSL3_CK_KRB5_IDEA_128_CBC_SHA           0x03000021
+#define SSL3_CK_KRB5_DES_64_CBC_MD5             0x03000022
+#define SSL3_CK_KRB5_DES_192_CBC3_MD5           0x03000023
+#define SSL3_CK_KRB5_RC4_128_MD5                0x03000024
+#define SSL3_CK_KRB5_IDEA_128_CBC_MD5           0x03000025
+
+#define SSL3_CK_KRB5_DES_40_CBC_SHA             0x03000026
+#define SSL3_CK_KRB5_RC2_40_CBC_SHA             0x03000027
+#define SSL3_CK_KRB5_RC4_40_SHA                 0x03000028
+#define SSL3_CK_KRB5_DES_40_CBC_MD5             0x03000029
+#define SSL3_CK_KRB5_RC2_40_CBC_MD5             0x0300002A
+#define SSL3_CK_KRB5_RC4_40_MD5                 0x0300002B
+
+#define SSL3_TXT_RSA_NULL_MD5                   "NULL-MD5"
+#define SSL3_TXT_RSA_NULL_SHA                   "NULL-SHA"
+#define SSL3_TXT_RSA_RC4_40_MD5                 "EXP-RC4-MD5"
+#define SSL3_TXT_RSA_RC4_128_MD5                "RC4-MD5"
+#define SSL3_TXT_RSA_RC4_128_SHA                "RC4-SHA"
+#define SSL3_TXT_RSA_RC2_40_MD5                 "EXP-RC2-CBC-MD5"
+#define SSL3_TXT_RSA_IDEA_128_SHA               "IDEA-CBC-SHA"
+#define SSL3_TXT_RSA_DES_40_CBC_SHA             "EXP-DES-CBC-SHA"
+#define SSL3_TXT_RSA_DES_64_CBC_SHA             "DES-CBC-SHA"
+#define SSL3_TXT_RSA_DES_192_CBC3_SHA           "DES-CBC3-SHA"
+
+#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA          "EXP-DH-DSS-DES-CBC-SHA"
+#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA          "DH-DSS-DES-CBC-SHA"
+#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA        "DH-DSS-DES-CBC3-SHA"
+#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA          "EXP-DH-RSA-DES-CBC-SHA"
+#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA          "DH-RSA-DES-CBC-SHA"
+#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA        "DH-RSA-DES-CBC3-SHA"
+
+#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA         "EXP-EDH-DSS-DES-CBC-SHA"
+#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA         "EDH-DSS-DES-CBC-SHA"
+#define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA       "EDH-DSS-DES-CBC3-SHA"
+#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA         "EXP-EDH-RSA-DES-CBC-SHA"
+#define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA         "EDH-RSA-DES-CBC-SHA"
+#define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA       "EDH-RSA-DES-CBC3-SHA"
+
+#define SSL3_TXT_ADH_RC4_40_MD5                 "EXP-ADH-RC4-MD5"
+#define SSL3_TXT_ADH_RC4_128_MD5                "ADH-RC4-MD5"
+#define SSL3_TXT_ADH_DES_40_CBC_SHA             "EXP-ADH-DES-CBC-SHA"
+#define SSL3_TXT_ADH_DES_64_CBC_SHA             "ADH-DES-CBC-SHA"
+#define SSL3_TXT_ADH_DES_192_CBC_SHA            "ADH-DES-CBC3-SHA"
+
+#define SSL3_TXT_FZA_DMS_NULL_SHA               "FZA-NULL-SHA"
+#define SSL3_TXT_FZA_DMS_FZA_SHA                "FZA-FZA-CBC-SHA"
+#define SSL3_TXT_FZA_DMS_RC4_SHA                "FZA-RC4-SHA"
+
+#define SSL3_TXT_KRB5_DES_64_CBC_SHA            "KRB5-DES-CBC-SHA"
+#define SSL3_TXT_KRB5_DES_192_CBC3_SHA          "KRB5-DES-CBC3-SHA"
+#define SSL3_TXT_KRB5_RC4_128_SHA               "KRB5-RC4-SHA"
+#define SSL3_TXT_KRB5_IDEA_128_CBC_SHA          "KRB5-IDEA-CBC-SHA"
+#define SSL3_TXT_KRB5_DES_64_CBC_MD5            "KRB5-DES-CBC-MD5"
+#define SSL3_TXT_KRB5_DES_192_CBC3_MD5          "KRB5-DES-CBC3-MD5"
+#define SSL3_TXT_KRB5_RC4_128_MD5               "KRB5-RC4-MD5"
+#define SSL3_TXT_KRB5_IDEA_128_CBC_MD5          "KRB5-IDEA-CBC-MD5"
+
+#define SSL3_TXT_KRB5_DES_40_CBC_SHA            "EXP-KRB5-DES-CBC-SHA"
+#define SSL3_TXT_KRB5_RC2_40_CBC_SHA            "EXP-KRB5-RC2-CBC-SHA"
+#define SSL3_TXT_KRB5_RC4_40_SHA                "EXP-KRB5-RC4-SHA"
+#define SSL3_TXT_KRB5_DES_40_CBC_MD5            "EXP-KRB5-DES-CBC-MD5"
+#define SSL3_TXT_KRB5_RC2_40_CBC_MD5            "EXP-KRB5-RC2-CBC-MD5"
+#define SSL3_TXT_KRB5_RC4_40_MD5                "EXP-KRB5-RC4-MD5"
+
+#define SSL3_SSL_SESSION_ID_LENGTH              32
+#define SSL3_MAX_SSL_SESSION_ID_LENGTH          32
+
+#define SSL3_MASTER_SECRET_SIZE                 48
+#define SSL3_RANDOM_SIZE                        32
+#define SSL3_SESSION_ID_SIZE                    32
+#define SSL3_RT_HEADER_LENGTH                   5
+
+/* Due to MS stuffing up, this can change.... */
+#if defined(OPENSSL_SYS_WIN16) || \
+        (defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32))
+#define SSL3_RT_MAX_EXTRA                       (14000)
+#else
+#define SSL3_RT_MAX_EXTRA                       (16384)
+#endif
+
+#define SSL3_RT_MAX_PLAIN_LENGTH                16384
+#define SSL3_RT_MAX_COMPRESSED_LENGTH   (1024+SSL3_RT_MAX_PLAIN_LENGTH)
+#define SSL3_RT_MAX_ENCRYPTED_LENGTH    (1024+SSL3_RT_MAX_COMPRESSED_LENGTH)
+#define SSL3_RT_MAX_PACKET_SIZE         (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
+#define SSL3_RT_MAX_DATA_SIZE                   (1024*1024)
+
+#define SSL3_MD_CLIENT_FINISHED_CONST   "\x43\x4C\x4E\x54"
+#define SSL3_MD_SERVER_FINISHED_CONST   "\x53\x52\x56\x52"
+
+#define SSL3_VERSION                    0x0300
+#define SSL3_VERSION_MAJOR              0x03
+#define SSL3_VERSION_MINOR              0x00
+
+#define SSL3_RT_CHANGE_CIPHER_SPEC      20
+#define SSL3_RT_ALERT                   21
+#define SSL3_RT_HANDSHAKE               22
+#define SSL3_RT_APPLICATION_DATA        23
+
+#define SSL3_AL_WARNING                 1
+#define SSL3_AL_FATAL                   2
+
+#define SSL3_AD_CLOSE_NOTIFY             0
+#define SSL3_AD_UNEXPECTED_MESSAGE      10      /* fatal */
+#define SSL3_AD_BAD_RECORD_MAC          20      /* fatal */
+#define SSL3_AD_DECOMPRESSION_FAILURE   30      /* fatal */
+#define SSL3_AD_HANDSHAKE_FAILURE       40      /* fatal */
+#define SSL3_AD_NO_CERTIFICATE          41
+#define SSL3_AD_BAD_CERTIFICATE         42
+#define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
+#define SSL3_AD_CERTIFICATE_REVOKED     44
+#define SSL3_AD_CERTIFICATE_EXPIRED     45
+#define SSL3_AD_CERTIFICATE_UNKNOWN     46
+#define SSL3_AD_ILLEGAL_PARAMETER       47      /* fatal */
+
+typedef struct ssl3_record_st
+        {
+/*r */  int type;               /* type of record */
+/*rw*/  unsigned int length;    /* How many bytes available */
+/*r */  unsigned int off;       /* read/write offset into 'buf' */
+/*rw*/  unsigned char *data;    /* pointer to the record data */
+/*rw*/  unsigned char *input;   /* where the decode bytes are */
+/*r */  unsigned char *comp;    /* only used with decompression - malloc()ed */
+        } SSL3_RECORD;
+
+typedef struct ssl3_buffer_st
+        {
+        unsigned char *buf;     /* at least SSL3_RT_MAX_PACKET_SIZE bytes,
+                                 * see ssl3_setup_buffers() */
+        size_t len;             /* buffer size */
+        int offset;             /* where to 'copy from' */
+        int left;               /* how many bytes left */
+        } SSL3_BUFFER;
+
+#define SSL3_CT_RSA_SIGN                        1
+#define SSL3_CT_DSS_SIGN                        2
+#define SSL3_CT_RSA_FIXED_DH                    3
+#define SSL3_CT_DSS_FIXED_DH                    4
+#define SSL3_CT_RSA_EPHEMERAL_DH                5
+#define SSL3_CT_DSS_EPHEMERAL_DH                6
+#define SSL3_CT_FORTEZZA_DMS                    20
+#define SSL3_CT_NUMBER                          7
+
+#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS       0x0001
+#define SSL3_FLAGS_DELAY_CLIENT_FINISHED        0x0002
+#define SSL3_FLAGS_POP_BUFFER                   0x0004
+#define TLS1_FLAGS_TLS_PADDING_BUG              0x0008
+
+typedef struct ssl3_state_st
+        {
+        long flags;
+        int delay_buf_pop_ret;
+
+        unsigned char read_sequence[8];
+        unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
+        unsigned char write_sequence[8];
+        unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
+
+        unsigned char server_random[SSL3_RANDOM_SIZE];
+        unsigned char client_random[SSL3_RANDOM_SIZE];
+
+        /* flags for countermeasure against known-IV weakness */
+        int need_empty_fragments;
+        int empty_fragment_done;
+
+        SSL3_BUFFER rbuf;       /* read IO goes into here */
+        SSL3_BUFFER wbuf;       /* write IO goes into here */
+
+        SSL3_RECORD rrec;       /* each decoded record goes in here */
+        SSL3_RECORD wrec;       /* goes out from here */
+
+        /* storage for Alert/Handshake protocol data received but not
+         * yet processed by ssl3_read_bytes: */
+        unsigned char alert_fragment[2];
+        unsigned int alert_fragment_len;
+        unsigned char handshake_fragment[4];
+        unsigned int handshake_fragment_len;
+
+        /* partial write - check the numbers match */
+        unsigned int wnum;      /* number of bytes sent so far */
+        int wpend_tot;          /* number bytes written */
+        int wpend_type;
+        int wpend_ret;          /* number of bytes submitted */
+        const unsigned char *wpend_buf;
+
+        /* used during startup, digest all incoming/outgoing packets */
+        EVP_MD_CTX finish_dgst1;
+        EVP_MD_CTX finish_dgst2;
+
+        /* this is set whenerver we see a change_cipher_spec message
+         * come in when we are not looking for one */
+        int change_cipher_spec;
+
+        int warn_alert;
+        int fatal_alert;
+        /* we allow one fatal and one warning alert to be outstanding,
+         * send close alert via the warning alert */
+        int alert_dispatch;
+        unsigned char send_alert[2];
+
+        /* This flag is set when we should renegotiate ASAP, basically when
+         * there is no more data in the read or write buffers */
+        int renegotiate;
+        int total_renegotiations;
+        int num_renegotiations;
+
+        int in_read_app_data;
+
+        struct  {
+                /* actually only needs to be 16+20 */
+                unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
+
+                /* actually only need to be 16+20 for SSLv3 and 12 for TLS */
+                unsigned char finish_md[EVP_MAX_MD_SIZE*2];
+                int finish_md_len;
+                unsigned char peer_finish_md[EVP_MAX_MD_SIZE*2];
+                int peer_finish_md_len;
+                
+                unsigned long message_size;
+                int message_type;
+
+                /* used to hold the new cipher we are going to use */
+                SSL_CIPHER *new_cipher;
+#ifndef OPENSSL_NO_DH
+                DH *dh;
+#endif
+                /* used when SSL_ST_FLUSH_DATA is entered */
+                int next_state;                 
+
+                int reuse_message;
+
+                /* used for certificate requests */
+                int cert_req;
+                int ctype_num;
+                char ctype[SSL3_CT_NUMBER];
+                STACK_OF(X509_NAME) *ca_names;
+
+                int use_rsa_tmp;
+
+                int key_block_length;
+                unsigned char *key_block;
+
+                const EVP_CIPHER *new_sym_enc;
+                const EVP_MD *new_hash;
+#ifndef OPENSSL_NO_COMP
+                const SSL_COMP *new_compression;
+#else
+                char *new_compression;
+#endif
+                int cert_request;
+                } tmp;
+
+        } SSL3_STATE;
+
+/* SSLv3 */
+/*client */
+/* extra state */
+#define SSL3_ST_CW_FLUSH                (0x100|SSL_ST_CONNECT)
+/* write to server */
+#define SSL3_ST_CW_CLNT_HELLO_A         (0x110|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CLNT_HELLO_B         (0x111|SSL_ST_CONNECT)
+/* read from server */
+#define SSL3_ST_CR_SRVR_HELLO_A         (0x120|SSL_ST_CONNECT)
+#define SSL3_ST_CR_SRVR_HELLO_B         (0x121|SSL_ST_CONNECT)
+#define SSL3_ST_CR_CERT_A               (0x130|SSL_ST_CONNECT)
+#define SSL3_ST_CR_CERT_B               (0x131|SSL_ST_CONNECT)
+#define SSL3_ST_CR_KEY_EXCH_A           (0x140|SSL_ST_CONNECT)
+#define SSL3_ST_CR_KEY_EXCH_B           (0x141|SSL_ST_CONNECT)
+#define SSL3_ST_CR_CERT_REQ_A           (0x150|SSL_ST_CONNECT)
+#define SSL3_ST_CR_CERT_REQ_B           (0x151|SSL_ST_CONNECT)
+#define SSL3_ST_CR_SRVR_DONE_A          (0x160|SSL_ST_CONNECT)
+#define SSL3_ST_CR_SRVR_DONE_B          (0x161|SSL_ST_CONNECT)
+/* write to server */
+#define SSL3_ST_CW_CERT_A               (0x170|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_B               (0x171|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_C               (0x172|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_D               (0x173|SSL_ST_CONNECT)
+#define SSL3_ST_CW_KEY_EXCH_A           (0x180|SSL_ST_CONNECT)
+#define SSL3_ST_CW_KEY_EXCH_B           (0x181|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_VRFY_A          (0x190|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_VRFY_B          (0x191|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CHANGE_A             (0x1A0|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CHANGE_B             (0x1A1|SSL_ST_CONNECT)
+#define SSL3_ST_CW_FINISHED_A           (0x1B0|SSL_ST_CONNECT)
+#define SSL3_ST_CW_FINISHED_B           (0x1B1|SSL_ST_CONNECT)
+/* read from server */
+#define SSL3_ST_CR_CHANGE_A             (0x1C0|SSL_ST_CONNECT)
+#define SSL3_ST_CR_CHANGE_B             (0x1C1|SSL_ST_CONNECT)
+#define SSL3_ST_CR_FINISHED_A           (0x1D0|SSL_ST_CONNECT)
+#define SSL3_ST_CR_FINISHED_B           (0x1D1|SSL_ST_CONNECT)
+
+/* server */
+/* extra state */
+#define SSL3_ST_SW_FLUSH                (0x100|SSL_ST_ACCEPT)
+/* read from client */
+/* Do not change the number values, they do matter */
+#define SSL3_ST_SR_CLNT_HELLO_A         (0x110|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CLNT_HELLO_B         (0x111|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CLNT_HELLO_C         (0x112|SSL_ST_ACCEPT)
+/* write to client */
+#define SSL3_ST_SW_HELLO_REQ_A          (0x120|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_HELLO_REQ_B          (0x121|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_HELLO_REQ_C          (0x122|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SRVR_HELLO_A         (0x130|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SRVR_HELLO_B         (0x131|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CERT_A               (0x140|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CERT_B               (0x141|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_KEY_EXCH_A           (0x150|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_KEY_EXCH_B           (0x151|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CERT_REQ_A           (0x160|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CERT_REQ_B           (0x161|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SRVR_DONE_A          (0x170|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SRVR_DONE_B          (0x171|SSL_ST_ACCEPT)
+/* read from client */
+#define SSL3_ST_SR_CERT_A               (0x180|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CERT_B               (0x181|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_KEY_EXCH_A           (0x190|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_KEY_EXCH_B           (0x191|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CERT_VRFY_A          (0x1A0|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CERT_VRFY_B          (0x1A1|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CHANGE_A             (0x1B0|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CHANGE_B             (0x1B1|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_FINISHED_A           (0x1C0|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_FINISHED_B           (0x1C1|SSL_ST_ACCEPT)
+/* write to client */
+#define SSL3_ST_SW_CHANGE_A             (0x1D0|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CHANGE_B             (0x1D1|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_FINISHED_A           (0x1E0|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_FINISHED_B           (0x1E1|SSL_ST_ACCEPT)
+
+#define SSL3_MT_HELLO_REQUEST                   0
+#define SSL3_MT_CLIENT_HELLO                    1
+#define SSL3_MT_SERVER_HELLO                    2
+#define SSL3_MT_CERTIFICATE                     11
+#define SSL3_MT_SERVER_KEY_EXCHANGE             12
+#define SSL3_MT_CERTIFICATE_REQUEST             13
+#define SSL3_MT_SERVER_DONE                     14
+#define SSL3_MT_CERTIFICATE_VERIFY              15
+#define SSL3_MT_CLIENT_KEY_EXCHANGE             16
+#define SSL3_MT_FINISHED                        20
+
+#define SSL3_MT_CCS                             1
+
+/* These are used when changing over to a new cipher */
+#define SSL3_CC_READ            0x01
+#define SSL3_CC_WRITE           0x02
+#define SSL3_CC_CLIENT          0x10
+#define SSL3_CC_SERVER          0x20
+#define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE)  
+#define SSL3_CHANGE_CIPHER_SERVER_READ  (SSL3_CC_SERVER|SSL3_CC_READ)
+#define SSL3_CHANGE_CIPHER_CLIENT_READ  (SSL3_CC_CLIENT|SSL3_CC_READ)
+#define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE)
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/ssl_algs.c b/src/lib/libssl/ssl_algs.c
new file mode 100644
index 0000000000..3d1299ee7b
--- /dev/null
+++ b/src/lib/libssl/ssl_algs.c
@@ -0,0 +1,111 @@
+/* ssl/ssl_algs.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/objects.h>
+#include <openssl/lhash.h>
+#include "ssl_locl.h"
+
+int SSL_library_init(void)
+        {
+
+#ifndef OPENSSL_NO_DES
+        EVP_add_cipher(EVP_des_cbc());
+        EVP_add_cipher(EVP_des_ede3_cbc());
+#endif
+#ifndef OPENSSL_NO_IDEA
+        EVP_add_cipher(EVP_idea_cbc());
+#endif
+#ifndef OPENSSL_NO_RC4
+        EVP_add_cipher(EVP_rc4());
+#endif  
+#ifndef OPENSSL_NO_RC2
+        EVP_add_cipher(EVP_rc2_cbc());
+#endif
+#ifndef OPENSSL_NO_AES
+        EVP_add_cipher(EVP_aes_128_cbc());
+        EVP_add_cipher(EVP_aes_192_cbc());
+        EVP_add_cipher(EVP_aes_256_cbc());
+#endif
+#ifndef OPENSSL_NO_MD2
+        EVP_add_digest(EVP_md2());
+#endif
+#ifndef OPENSSL_NO_MD5
+        EVP_add_digest(EVP_md5());
+        EVP_add_digest_alias(SN_md5,"ssl2-md5");
+        EVP_add_digest_alias(SN_md5,"ssl3-md5");
+#endif
+#ifndef OPENSSL_NO_SHA
+        EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
+        EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
+        EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
+#endif
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DSA)
+        EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
+        EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
+        EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
+        EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
+#endif
+        /* If you want support for phased out ciphers, add the following */
+#if 0
+        EVP_add_digest(EVP_sha());
+        EVP_add_digest(EVP_dss());
+#endif
+        return(1);
+        }
+
diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c
new file mode 100644
index 0000000000..4d5900ad2f
--- /dev/null
+++ b/src/lib/libssl/ssl_asn1.c
@@ -0,0 +1,398 @@
+/* ssl/ssl_asn1.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "ssl_locl.h"
+#include <openssl/asn1_mac.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+
+typedef struct ssl_session_asn1_st
+        {
+        ASN1_INTEGER version;
+        ASN1_INTEGER ssl_version;
+        ASN1_OCTET_STRING cipher;
+        ASN1_OCTET_STRING master_key;
+        ASN1_OCTET_STRING session_id;
+        ASN1_OCTET_STRING session_id_context;
+        ASN1_OCTET_STRING key_arg;
+#ifndef OPENSSL_NO_KRB5
+        ASN1_OCTET_STRING krb5_princ;
+#endif /* OPENSSL_NO_KRB5 */
+        ASN1_INTEGER time;
+        ASN1_INTEGER timeout;
+        ASN1_INTEGER verify_result;
+        } SSL_SESSION_ASN1;
+
+int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
+        {
+#define LSIZE2 (sizeof(long)*2)
+        int v1=0,v2=0,v3=0,v4=0,v5=0;
+        unsigned char buf[4],ibuf1[LSIZE2],ibuf2[LSIZE2];
+        unsigned char ibuf3[LSIZE2],ibuf4[LSIZE2],ibuf5[LSIZE2];
+        long l;
+        SSL_SESSION_ASN1 a;
+        M_ASN1_I2D_vars(in);
+
+        if ((in == NULL) || ((in->cipher == NULL) && (in->cipher_id == 0)))
+                return(0);
+
+        /* Note that I cheat in the following 2 assignments.  I know
+         * that if the ASN1_INTEGER passed to ASN1_INTEGER_set
+         * is > sizeof(long)+1, the buffer will not be re-OPENSSL_malloc()ed.
+         * This is a bit evil but makes things simple, no dynamic allocation
+         * to clean up :-) */
+        a.version.length=LSIZE2;
+        a.version.type=V_ASN1_INTEGER;
+        a.version.data=ibuf1;
+        ASN1_INTEGER_set(&(a.version),SSL_SESSION_ASN1_VERSION);
+
+        a.ssl_version.length=LSIZE2;
+        a.ssl_version.type=V_ASN1_INTEGER;
+        a.ssl_version.data=ibuf2;
+        ASN1_INTEGER_set(&(a.ssl_version),in->ssl_version);
+
+        a.cipher.type=V_ASN1_OCTET_STRING;
+        a.cipher.data=buf;
+
+        if (in->cipher == NULL)
+                l=in->cipher_id;
+        else
+                l=in->cipher->id;
+        if (in->ssl_version == SSL2_VERSION)
+                {
+                a.cipher.length=3;
+                buf[0]=((unsigned char)(l>>16L))&0xff;
+                buf[1]=((unsigned char)(l>> 8L))&0xff;
+                buf[2]=((unsigned char)(l     ))&0xff;
+                }
+        else
+                {
+                a.cipher.length=2;
+                buf[0]=((unsigned char)(l>>8L))&0xff;
+                buf[1]=((unsigned char)(l    ))&0xff;
+                }
+
+        a.master_key.length=in->master_key_length;
+        a.master_key.type=V_ASN1_OCTET_STRING;
+        a.master_key.data=in->master_key;
+
+        a.session_id.length=in->session_id_length;
+        a.session_id.type=V_ASN1_OCTET_STRING;
+        a.session_id.data=in->session_id;
+
+        a.session_id_context.length=in->sid_ctx_length;
+        a.session_id_context.type=V_ASN1_OCTET_STRING;
+        a.session_id_context.data=in->sid_ctx;
+
+        a.key_arg.length=in->key_arg_length;
+        a.key_arg.type=V_ASN1_OCTET_STRING;
+        a.key_arg.data=in->key_arg;
+
+#ifndef OPENSSL_NO_KRB5
+        if (in->krb5_client_princ_len)
+                {
+                a.krb5_princ.length=in->krb5_client_princ_len;
+                a.krb5_princ.type=V_ASN1_OCTET_STRING;
+                a.krb5_princ.data=in->krb5_client_princ;
+                }
+#endif /* OPENSSL_NO_KRB5 */
+ 
+        if (in->time != 0L)
+                {
+                a.time.length=LSIZE2;
+                a.time.type=V_ASN1_INTEGER;
+                a.time.data=ibuf3;
+                ASN1_INTEGER_set(&(a.time),in->time);
+                }
+
+        if (in->timeout != 0L)
+                {
+                a.timeout.length=LSIZE2;
+                a.timeout.type=V_ASN1_INTEGER;
+                a.timeout.data=ibuf4;
+                ASN1_INTEGER_set(&(a.timeout),in->timeout);
+                }
+
+        if (in->verify_result != X509_V_OK)
+                {
+                a.verify_result.length=LSIZE2;
+                a.verify_result.type=V_ASN1_INTEGER;
+                a.verify_result.data=ibuf5;
+                ASN1_INTEGER_set(&a.verify_result,in->verify_result);
+                }
+
+
+        M_ASN1_I2D_len(&(a.version),            i2d_ASN1_INTEGER);
+        M_ASN1_I2D_len(&(a.ssl_version),        i2d_ASN1_INTEGER);
+        M_ASN1_I2D_len(&(a.cipher),             i2d_ASN1_OCTET_STRING);
+        M_ASN1_I2D_len(&(a.session_id),         i2d_ASN1_OCTET_STRING);
+        M_ASN1_I2D_len(&(a.master_key),         i2d_ASN1_OCTET_STRING);
+#ifndef OPENSSL_NO_KRB5
+        if (in->krb5_client_princ_len)
+                M_ASN1_I2D_len(&(a.krb5_princ), i2d_ASN1_OCTET_STRING);
+#endif /* OPENSSL_NO_KRB5 */
+        if (in->key_arg_length > 0)
+                M_ASN1_I2D_len_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING);
+        if (in->time != 0L)
+                M_ASN1_I2D_len_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
+        if (in->timeout != 0L)
+                M_ASN1_I2D_len_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2);
+        if (in->peer != NULL)
+                M_ASN1_I2D_len_EXP_opt(in->peer,i2d_X509,3,v3);
+        M_ASN1_I2D_len_EXP_opt(&a.session_id_context,i2d_ASN1_OCTET_STRING,4,v4);
+        if (in->verify_result != X509_V_OK)
+                M_ASN1_I2D_len_EXP_opt(&(a.verify_result),i2d_ASN1_INTEGER,5,v5);
+
+        M_ASN1_I2D_seq_total();
+
+        M_ASN1_I2D_put(&(a.version),            i2d_ASN1_INTEGER);
+        M_ASN1_I2D_put(&(a.ssl_version),        i2d_ASN1_INTEGER);
+        M_ASN1_I2D_put(&(a.cipher),             i2d_ASN1_OCTET_STRING);
+        M_ASN1_I2D_put(&(a.session_id),         i2d_ASN1_OCTET_STRING);
+        M_ASN1_I2D_put(&(a.master_key),         i2d_ASN1_OCTET_STRING);
+#ifndef OPENSSL_NO_KRB5
+        if (in->krb5_client_princ_len)
+                M_ASN1_I2D_put(&(a.krb5_princ), i2d_ASN1_OCTET_STRING);
+#endif /* OPENSSL_NO_KRB5 */
+        if (in->key_arg_length > 0)
+                M_ASN1_I2D_put_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING,0);
+        if (in->time != 0L)
+                M_ASN1_I2D_put_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
+        if (in->timeout != 0L)
+                M_ASN1_I2D_put_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2);
+        if (in->peer != NULL)
+                M_ASN1_I2D_put_EXP_opt(in->peer,i2d_X509,3,v3);
+        M_ASN1_I2D_put_EXP_opt(&a.session_id_context,i2d_ASN1_OCTET_STRING,4,
+                               v4);
+        if (in->verify_result != X509_V_OK)
+                M_ASN1_I2D_put_EXP_opt(&a.verify_result,i2d_ASN1_INTEGER,5,v5);
+        M_ASN1_I2D_finish();
+        }
+
+SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char * const *pp,
+             long length)
+        {
+        int version,ssl_version=0,i;
+        long id;
+        ASN1_INTEGER ai,*aip;
+        ASN1_OCTET_STRING os,*osp;
+        M_ASN1_D2I_vars(a,SSL_SESSION *,SSL_SESSION_new);
+
+        aip= &ai;
+        osp= &os;
+
+        M_ASN1_D2I_Init();
+        M_ASN1_D2I_start_sequence();
+
+        ai.data=NULL; ai.length=0;
+        M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
+        version=(int)ASN1_INTEGER_get(aip);
+        if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; }
+
+        /* we don't care about the version right now :-) */
+        M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
+        ssl_version=(int)ASN1_INTEGER_get(aip);
+        ret->ssl_version=ssl_version;
+        if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; }
+
+        os.data=NULL; os.length=0;
+        M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
+        if (ssl_version == SSL2_VERSION)
+                {
+                if (os.length != 3)
+                        {
+                        c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH;
+                        goto err;
+                        }
+                id=0x02000000L|
+                        ((unsigned long)os.data[0]<<16L)|
+                        ((unsigned long)os.data[1]<< 8L)|
+                         (unsigned long)os.data[2];
+                }
+        else if ((ssl_version>>8) == SSL3_VERSION_MAJOR)
+                {
+                if (os.length != 2)
+                        {
+                        c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH;
+                        goto err;
+                        }
+                id=0x03000000L|
+                        ((unsigned long)os.data[0]<<8L)|
+                         (unsigned long)os.data[1];
+                }
+        else
+                {
+                SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNKNOWN_SSL_VERSION);
+                return(NULL);
+                }
+        
+        ret->cipher=NULL;
+        ret->cipher_id=id;
+
+        M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
+        if ((ssl_version>>8) == SSL3_VERSION_MAJOR)
+                i=SSL3_MAX_SSL_SESSION_ID_LENGTH;
+        else /* if (ssl_version == SSL2_VERSION_MAJOR) */
+                i=SSL2_MAX_SSL_SESSION_ID_LENGTH;
+
+        if (os.length > i)
+                os.length = i;
+        if (os.length > sizeof ret->session_id) /* can't happen */
+                os.length = sizeof ret->session_id;
+
+        ret->session_id_length=os.length;
+        OPENSSL_assert(os.length <= sizeof ret->session_id);
+        memcpy(ret->session_id,os.data,os.length);
+
+        M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
+        if (ret->master_key_length > SSL_MAX_MASTER_KEY_LENGTH)
+                ret->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
+        else
+                ret->master_key_length=os.length;
+        memcpy(ret->master_key,os.data,ret->master_key_length);
+
+        os.length=0;
+
+#ifndef OPENSSL_NO_KRB5
+        os.length=0;
+        M_ASN1_D2I_get_opt(osp,d2i_ASN1_OCTET_STRING,V_ASN1_OCTET_STRING);
+        if (os.data)
+                {
+                if (os.length > SSL_MAX_KRB5_PRINCIPAL_LENGTH)
+                        ret->krb5_client_princ_len=0;
+                else
+                        ret->krb5_client_princ_len=os.length;
+                memcpy(ret->krb5_client_princ,os.data,ret->krb5_client_princ_len);
+                OPENSSL_free(os.data);
+                os.data = NULL;
+                os.length = 0;
+                }
+        else
+                ret->krb5_client_princ_len=0;
+#endif /* OPENSSL_NO_KRB5 */
+
+        M_ASN1_D2I_get_IMP_opt(osp,d2i_ASN1_OCTET_STRING,0,V_ASN1_OCTET_STRING);
+        if (os.length > SSL_MAX_KEY_ARG_LENGTH)
+                ret->key_arg_length=SSL_MAX_KEY_ARG_LENGTH;
+        else
+                ret->key_arg_length=os.length;
+        memcpy(ret->key_arg,os.data,ret->key_arg_length);
+        if (os.data != NULL) OPENSSL_free(os.data);
+
+        ai.length=0;
+        M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,1);
+        if (ai.data != NULL)
+                {
+                ret->time=ASN1_INTEGER_get(aip);
+                OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
+                }
+        else
+                ret->time=time(NULL);
+
+        ai.length=0;
+        M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,2);
+        if (ai.data != NULL)
+                {
+                ret->timeout=ASN1_INTEGER_get(aip);
+                OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
+                }
+        else
+                ret->timeout=3;
+
+        if (ret->peer != NULL)
+                {
+                X509_free(ret->peer);
+                ret->peer=NULL;
+                }
+        M_ASN1_D2I_get_EXP_opt(ret->peer,d2i_X509,3);
+
+        os.length=0;
+        os.data=NULL;
+        M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,4);
+
+        if(os.data != NULL)
+            {
+            if (os.length > SSL_MAX_SID_CTX_LENGTH)
+                {
+                ret->sid_ctx_length=os.length;
+                SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_BAD_LENGTH);
+                }
+            else
+                {
+                ret->sid_ctx_length=os.length;
+                memcpy(ret->sid_ctx,os.data,os.length);
+                }
+            OPENSSL_free(os.data); os.data=NULL; os.length=0;
+            }
+        else
+            ret->sid_ctx_length=0;
+
+        ai.length=0;
+        M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,5);
+        if (ai.data != NULL)
+                {
+                ret->verify_result=ASN1_INTEGER_get(aip);
+                OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
+                }
+        else
+                ret->verify_result=X509_V_OK;
+
+        M_ASN1_D2I_Finish(a,SSL_SESSION_free,SSL_F_D2I_SSL_SESSION);
+        }
diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c
new file mode 100644
index 0000000000..b8b9bc2390
--- /dev/null
+++ b/src/lib/libssl/ssl_cert.c
@@ -0,0 +1,888 @@
+/*! \file ssl/ssl_cert.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <stdio.h>
+
+#include "e_os.h"
+#ifndef NO_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+
+#if !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_VMS) && !defined(NeXT) && !defined(MAC_OS_pre_X)
+#include <dirent.h>
+#endif
+
+#if defined(WIN32)
+#include <windows.h>
+#include <tchar.h>
+#endif
+
+#ifdef NeXT
+#include <sys/dir.h>
+#define dirent direct
+#endif
+
+#include <openssl/objects.h>
+#include <openssl/bio.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include "ssl_locl.h"
+#include <openssl/fips.h>
+
+int SSL_get_ex_data_X509_STORE_CTX_idx(void)
+        {
+        static volatile int ssl_x509_store_ctx_idx= -1;
+
+        if (ssl_x509_store_ctx_idx < 0)
+                {
+                /* any write lock will do; usually this branch
+                 * will only be taken once anyway */
+                CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+                
+                if (ssl_x509_store_ctx_idx < 0)
+                        {
+                        ssl_x509_store_ctx_idx=X509_STORE_CTX_get_ex_new_index(
+                                0,"SSL for verify callback",NULL,NULL,NULL);
+                        }
+                
+                CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+                }
+        return ssl_x509_store_ctx_idx;
+        }
+
+CERT *ssl_cert_new(void)
+        {
+        CERT *ret;
+
+        ret=(CERT *)OPENSSL_malloc(sizeof(CERT));
+        if (ret == NULL)
+                {
+                SSLerr(SSL_F_SSL_CERT_NEW,ERR_R_MALLOC_FAILURE);
+                return(NULL);
+                }
+        memset(ret,0,sizeof(CERT));
+
+        ret->key= &(ret->pkeys[SSL_PKEY_RSA_ENC]);
+        ret->references=1;
+
+        return(ret);
+        }
+
+CERT *ssl_cert_dup(CERT *cert)
+        {
+        CERT *ret;
+        int i;
+
+        ret = (CERT *)OPENSSL_malloc(sizeof(CERT));
+        if (ret == NULL)
+                {
+                SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
+                return(NULL);
+                }
+
+        memset(ret, 0, sizeof(CERT));
+
+        ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]];
+        /* or ret->key = ret->pkeys + (cert->key - cert->pkeys),
+         * if you find that more readable */
+
+        ret->valid = cert->valid;
+        ret->mask = cert->mask;
+        ret->export_mask = cert->export_mask;
+
+#ifndef OPENSSL_NO_RSA
+        if (cert->rsa_tmp != NULL)
+                {
+                RSA_up_ref(cert->rsa_tmp);
+                ret->rsa_tmp = cert->rsa_tmp;
+                }
+        ret->rsa_tmp_cb = cert->rsa_tmp_cb;
+#endif
+
+#ifndef OPENSSL_NO_DH
+        if (cert->dh_tmp != NULL)
+                {
+                /* DH parameters don't have a reference count */
+                ret->dh_tmp = DHparams_dup(cert->dh_tmp);
+                if (ret->dh_tmp == NULL)
+                        {
+                        SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_DH_LIB);
+                        goto err;
+                        }
+                if (cert->dh_tmp->priv_key)
+                        {
+                        BIGNUM *b = BN_dup(cert->dh_tmp->priv_key);
+                        if (!b)
+                                {
+                                SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
+                                goto err;
+                                }
+                        ret->dh_tmp->priv_key = b;
+                        }
+                if (cert->dh_tmp->pub_key)
+                        {
+                        BIGNUM *b = BN_dup(cert->dh_tmp->pub_key);
+                        if (!b)
+                                {
+                                SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
+                                goto err;
+                                }
+                        ret->dh_tmp->pub_key = b;
+                        }
+                }
+        ret->dh_tmp_cb = cert->dh_tmp_cb;
+#endif
+
+        for (i = 0; i < SSL_PKEY_NUM; i++)
+                {
+                if (cert->pkeys[i].x509 != NULL)
+                        {
+                        ret->pkeys[i].x509 = cert->pkeys[i].x509;
+                        CRYPTO_add(&ret->pkeys[i].x509->references, 1,
+                                CRYPTO_LOCK_X509);
+                        }
+                
+                if (cert->pkeys[i].privatekey != NULL)
+                        {
+                        ret->pkeys[i].privatekey = cert->pkeys[i].privatekey;
+                        CRYPTO_add(&ret->pkeys[i].privatekey->references, 1,
+                                CRYPTO_LOCK_EVP_PKEY);
+
+                        switch(i) 
+                                {
+                                /* If there was anything special to do for
+                                 * certain types of keys, we'd do it here.
+                                 * (Nothing at the moment, I think.) */
+
+                        case SSL_PKEY_RSA_ENC:
+                        case SSL_PKEY_RSA_SIGN:
+                                /* We have an RSA key. */
+                                break;
+                                
+                        case SSL_PKEY_DSA_SIGN:
+                                /* We have a DSA key. */
+                                break;
+                                
+                        case SSL_PKEY_DH_RSA:
+                        case SSL_PKEY_DH_DSA:
+                                /* We have a DH key. */
+                                break;
+                                
+                        default:
+                                /* Can't happen. */
+                                SSLerr(SSL_F_SSL_CERT_DUP, SSL_R_LIBRARY_BUG);
+                                }
+                        }
+                }
+        
+        /* ret->extra_certs *should* exist, but currently the own certificate
+         * chain is held inside SSL_CTX */
+
+        ret->references=1;
+
+        return(ret);
+        
+#ifndef OPENSSL_NO_DH /* avoid 'unreferenced label' warning if OPENSSL_NO_DH is defined */
+err:
+#endif
+#ifndef OPENSSL_NO_RSA
+        if (ret->rsa_tmp != NULL)
+                RSA_free(ret->rsa_tmp);
+#endif
+#ifndef OPENSSL_NO_DH
+        if (ret->dh_tmp != NULL)
+                DH_free(ret->dh_tmp);
+#endif
+
+        for (i = 0; i < SSL_PKEY_NUM; i++)
+                {
+                if (ret->pkeys[i].x509 != NULL)
+                        X509_free(ret->pkeys[i].x509);
+                if (ret->pkeys[i].privatekey != NULL)
+                        EVP_PKEY_free(ret->pkeys[i].privatekey);
+                }
+
+        return NULL;
+        }
+
+
+void ssl_cert_free(CERT *c)
+        {
+        int i;
+
+        if(c == NULL)
+            return;
+
+        i=CRYPTO_add(&c->references,-1,CRYPTO_LOCK_SSL_CERT);
+#ifdef REF_PRINT
+        REF_PRINT("CERT",c);
+#endif
+        if (i > 0) return;
+#ifdef REF_CHECK
+        if (i < 0)
+                {
+                fprintf(stderr,"ssl_cert_free, bad reference count\n");
+                abort(); /* ok */
+                }
+#endif
+
+#ifndef OPENSSL_NO_RSA
+        if (c->rsa_tmp) RSA_free(c->rsa_tmp);
+#endif
+#ifndef OPENSSL_NO_DH
+        if (c->dh_tmp) DH_free(c->dh_tmp);
+#endif
+
+        for (i=0; i<SSL_PKEY_NUM; i++)
+                {
+                if (c->pkeys[i].x509 != NULL)
+                        X509_free(c->pkeys[i].x509);
+                if (c->pkeys[i].privatekey != NULL)
+                        EVP_PKEY_free(c->pkeys[i].privatekey);
+#if 0
+                if (c->pkeys[i].publickey != NULL)
+                        EVP_PKEY_free(c->pkeys[i].publickey);
+#endif
+                }
+        OPENSSL_free(c);
+        }
+
+int ssl_cert_inst(CERT **o)
+        {
+        /* Create a CERT if there isn't already one
+         * (which cannot really happen, as it is initially created in
+         * SSL_CTX_new; but the earlier code usually allows for that one
+         * being non-existant, so we follow that behaviour, as it might
+         * turn out that there actually is a reason for it -- but I'm
+         * not sure that *all* of the existing code could cope with
+         * s->cert being NULL, otherwise we could do without the
+         * initialization in SSL_CTX_new).
+         */
+        
+        if (o == NULL) 
+                {
+                SSLerr(SSL_F_SSL_CERT_INST, ERR_R_PASSED_NULL_PARAMETER);
+                return(0);
+                }
+        if (*o == NULL)
+                {
+                if ((*o = ssl_cert_new()) == NULL)
+                        {
+                        SSLerr(SSL_F_SSL_CERT_INST, ERR_R_MALLOC_FAILURE);
+                        return(0);
+                        }
+                }
+        return(1);
+        }
+
+
+SESS_CERT *ssl_sess_cert_new(void)
+        {
+        SESS_CERT *ret;
+
+        ret = OPENSSL_malloc(sizeof *ret);
+        if (ret == NULL)
+                {
+                SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE);
+                return NULL;
+                }
+
+        memset(ret, 0 ,sizeof *ret);
+        ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]);
+        ret->references = 1;
+
+        return ret;
+        }
+
+void ssl_sess_cert_free(SESS_CERT *sc)
+        {
+        int i;
+
+        if (sc == NULL)
+                return;
+
+        i = CRYPTO_add(&sc->references, -1, CRYPTO_LOCK_SSL_SESS_CERT);
+#ifdef REF_PRINT
+        REF_PRINT("SESS_CERT", sc);
+#endif
+        if (i > 0)
+                return;
+#ifdef REF_CHECK
+        if (i < 0)
+                {
+                fprintf(stderr,"ssl_sess_cert_free, bad reference count\n");
+                abort(); /* ok */
+                }
+#endif
+
+        /* i == 0 */
+        if (sc->cert_chain != NULL)
+                sk_X509_pop_free(sc->cert_chain, X509_free);
+        for (i = 0; i < SSL_PKEY_NUM; i++)
+                {
+                if (sc->peer_pkeys[i].x509 != NULL)
+                        X509_free(sc->peer_pkeys[i].x509);
+#if 0 /* We don't have the peer's private key.  These lines are just
+           * here as a reminder that we're still using a not-quite-appropriate
+           * data structure. */
+                if (sc->peer_pkeys[i].privatekey != NULL)
+                        EVP_PKEY_free(sc->peer_pkeys[i].privatekey);
+#endif
+                }
+
+#ifndef OPENSSL_NO_RSA
+        if (sc->peer_rsa_tmp != NULL)
+                RSA_free(sc->peer_rsa_tmp);
+#endif
+#ifndef OPENSSL_NO_DH
+        if (sc->peer_dh_tmp != NULL)
+                DH_free(sc->peer_dh_tmp);
+#endif
+
+        OPENSSL_free(sc);
+        }
+
+int ssl_set_peer_cert_type(SESS_CERT *sc,int type)
+        {
+        sc->peer_cert_type = type;
+        return(1);
+        }
+
+int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk)
+        {
+        X509 *x;
+        int i;
+        X509_STORE_CTX ctx;
+
+        if ((sk == NULL) || (sk_X509_num(sk) == 0))
+                return(0);
+
+        x=sk_X509_value(sk,0);
+        if(!X509_STORE_CTX_init(&ctx,s->ctx->cert_store,x,sk))
+                {
+                SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN,ERR_R_X509_LIB);
+                return(0);
+                }
+        if (SSL_get_verify_depth(s) >= 0)
+                X509_STORE_CTX_set_depth(&ctx, SSL_get_verify_depth(s));
+        X509_STORE_CTX_set_ex_data(&ctx,SSL_get_ex_data_X509_STORE_CTX_idx(),s);
+
+        /* We need to set the verify purpose. The purpose can be determined by
+         * the context: if its a server it will verify SSL client certificates
+         * or vice versa.
+         */
+        if (s->server)
+                i = X509_PURPOSE_SSL_CLIENT;
+        else
+                i = X509_PURPOSE_SSL_SERVER;
+
+        X509_STORE_CTX_purpose_inherit(&ctx, i, s->purpose, s->trust);
+
+        if (s->verify_callback)
+                X509_STORE_CTX_set_verify_cb(&ctx, s->verify_callback);
+
+        if (s->ctx->app_verify_callback != NULL)
+#if 1 /* new with OpenSSL 0.9.7 */
+                i=s->ctx->app_verify_callback(&ctx, s->ctx->app_verify_arg); 
+#else
+                i=s->ctx->app_verify_callback(&ctx); /* should pass app_verify_arg */
+#endif
+        else
+                {
+#ifndef OPENSSL_NO_X509_VERIFY
+                i=X509_verify_cert(&ctx);
+#else
+                i=0;
+                ctx.error=X509_V_ERR_APPLICATION_VERIFICATION;
+                SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN,SSL_R_NO_VERIFY_CALLBACK);
+#endif
+                }
+
+        s->verify_result=ctx.error;
+        X509_STORE_CTX_cleanup(&ctx);
+
+        return(i);
+        }
+
+static void set_client_CA_list(STACK_OF(X509_NAME) **ca_list,STACK_OF(X509_NAME) *name_list)
+        {
+        if (*ca_list != NULL)
+                sk_X509_NAME_pop_free(*ca_list,X509_NAME_free);
+
+        *ca_list=name_list;
+        }
+
+STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk)
+        {
+        int i;
+        STACK_OF(X509_NAME) *ret;
+        X509_NAME *name;
+
+        ret=sk_X509_NAME_new_null();
+        for (i=0; i<sk_X509_NAME_num(sk); i++)
+                {
+                name=X509_NAME_dup(sk_X509_NAME_value(sk,i));
+                if ((name == NULL) || !sk_X509_NAME_push(ret,name))
+                        {
+                        sk_X509_NAME_pop_free(ret,X509_NAME_free);
+                        return(NULL);
+                        }
+                }
+        return(ret);
+        }
+
+void SSL_set_client_CA_list(SSL *s,STACK_OF(X509_NAME) *name_list)
+        {
+        set_client_CA_list(&(s->client_CA),name_list);
+        }
+
+void SSL_CTX_set_client_CA_list(SSL_CTX *ctx,STACK_OF(X509_NAME) *name_list)
+        {
+        set_client_CA_list(&(ctx->client_CA),name_list);
+        }
+
+STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx)
+        {
+        return(ctx->client_CA);
+        }
+
+STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s)
+        {
+        if (s->type == SSL_ST_CONNECT)
+                { /* we are in the client */
+                if (((s->version>>8) == SSL3_VERSION_MAJOR) &&
+                        (s->s3 != NULL))
+                        return(s->s3->tmp.ca_names);
+                else
+                        return(NULL);
+                }
+        else
+                {
+                if (s->client_CA != NULL)
+                        return(s->client_CA);
+                else
+                        return(s->ctx->client_CA);
+                }
+        }
+
+static int add_client_CA(STACK_OF(X509_NAME) **sk,X509 *x)
+        {
+        X509_NAME *name;
+
+        if (x == NULL) return(0);
+        if ((*sk == NULL) && ((*sk=sk_X509_NAME_new_null()) == NULL))
+                return(0);
+                
+        if ((name=X509_NAME_dup(X509_get_subject_name(x))) == NULL)
+                return(0);
+
+        if (!sk_X509_NAME_push(*sk,name))
+                {
+                X509_NAME_free(name);
+                return(0);
+                }
+        return(1);
+        }
+
+int SSL_add_client_CA(SSL *ssl,X509 *x)
+        {
+        return(add_client_CA(&(ssl->client_CA),x));
+        }
+
+int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x)
+        {
+        return(add_client_CA(&(ctx->client_CA),x));
+        }
+
+static int xname_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
+        {
+        return(X509_NAME_cmp(*a,*b));
+        }
+
+#ifndef OPENSSL_NO_STDIO
+/*!
+ * Load CA certs from a file into a ::STACK. Note that it is somewhat misnamed;
+ * it doesn't really have anything to do with clients (except that a common use
+ * for a stack of CAs is to send it to the client). Actually, it doesn't have
+ * much to do with CAs, either, since it will load any old cert.
+ * \param file the file containing one or more certs.
+ * \return a ::STACK containing the certs.
+ */
+STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file)
+        {
+        BIO *in;
+        X509 *x=NULL;
+        X509_NAME *xn=NULL;
+        STACK_OF(X509_NAME) *ret,*sk;
+
+        ret=sk_X509_NAME_new_null();
+        sk=sk_X509_NAME_new(xname_cmp);
+
+        in=BIO_new(BIO_s_file_internal());
+
+        if ((ret == NULL) || (sk == NULL) || (in == NULL))
+                {
+                SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE);
+                goto err;
+                }
+        
+        if (!BIO_read_filename(in,file))
+                goto err;
+
+        for (;;)
+                {
+                if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL)
+                        break;
+                if ((xn=X509_get_subject_name(x)) == NULL) goto err;
+                /* check for duplicates */
+                xn=X509_NAME_dup(xn);
+                if (xn == NULL) goto err;
+                if (sk_X509_NAME_find(sk,xn) >= 0)
+                        X509_NAME_free(xn);
+                else
+                        {
+                        sk_X509_NAME_push(sk,xn);
+                        sk_X509_NAME_push(ret,xn);
+                        }
+                }
+
+        if (0)
+                {
+err:
+                if (ret != NULL) sk_X509_NAME_pop_free(ret,X509_NAME_free);
+                ret=NULL;
+                }
+        if (sk != NULL) sk_X509_NAME_free(sk);
+        if (in != NULL) BIO_free(in);
+        if (x != NULL) X509_free(x);
+        return(ret);
+        }
+#endif
+
+/*!
+ * Add a file of certs to a stack.
+ * \param stack the stack to add to.
+ * \param file the file to add from. All certs in this file that are not
+ * already in the stack will be added.
+ * \return 1 for success, 0 for failure. Note that in the case of failure some
+ * certs may have been added to \c stack.
+ */
+
+int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
+                                        const char *file)
+        {
+        BIO *in;
+        X509 *x=NULL;
+        X509_NAME *xn=NULL;
+        int ret=1;
+        int (*oldcmp)(const X509_NAME * const *a, const X509_NAME * const *b);
+        
+        oldcmp=sk_X509_NAME_set_cmp_func(stack,xname_cmp);
+        
+        in=BIO_new(BIO_s_file_internal());
+        
+        if (in == NULL)
+                {
+                SSLerr(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,ERR_R_MALLOC_FAILURE);
+                goto err;
+                }
+        
+        if (!BIO_read_filename(in,file))
+                goto err;
+        
+        for (;;)
+                {
+                if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL)
+                        break;
+                if ((xn=X509_get_subject_name(x)) == NULL) goto err;
+                xn=X509_NAME_dup(xn);
+                if (xn == NULL) goto err;
+                if (sk_X509_NAME_find(stack,xn) >= 0)
+                        X509_NAME_free(xn);
+                else
+                        sk_X509_NAME_push(stack,xn);
+                }
+
+        if (0)
+                {
+err:
+                ret=0;
+                }
+        if(in != NULL)
+                BIO_free(in);
+        if(x != NULL)
+                X509_free(x);
+        
+        sk_X509_NAME_set_cmp_func(stack,oldcmp);
+
+        return ret;
+        }
+
+/*!
+ * Add a directory of certs to a stack.
+ * \param stack the stack to append to.
+ * \param dir the directory to append from. All files in this directory will be
+ * examined as potential certs. Any that are acceptable to
+ * SSL_add_dir_cert_subjects_to_stack() that are not already in the stack will be
+ * included.
+ * \return 1 for success, 0 for failure. Note that in the case of failure some
+ * certs may have been added to \c stack.
+ */
+
+#ifndef OPENSSL_SYS_WIN32
+#ifndef OPENSSL_SYS_VMS         /* XXXX This may be fixed in the future */
+#ifndef OPENSSL_SYS_MACINTOSH_CLASSIC /* XXXXX: Better scheme needed! */
+
+int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
+                                       const char *dir)
+        {
+        DIR *d;
+        struct dirent *dstruct;
+        int ret = 0;
+
+        CRYPTO_w_lock(CRYPTO_LOCK_READDIR);
+        d = opendir(dir);
+
+        /* Note that a side effect is that the CAs will be sorted by name */
+        if(!d)
+                {
+                SYSerr(SYS_F_OPENDIR, get_last_sys_error());
+                ERR_add_error_data(3, "opendir('", dir, "')");
+                SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB);
+                goto err;
+                }
+        
+        while((dstruct=readdir(d)))
+                {
+                char buf[1024];
+                int r;
+                
+                if(strlen(dir)+strlen(dstruct->d_name)+2 > sizeof buf)
+                        {
+                        SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG);
+                        goto err;
+                        }
+                
+                r = BIO_snprintf(buf,sizeof buf,"%s/%s",dir,dstruct->d_name);
+                if (r <= 0 || r >= sizeof buf)
+                        goto err;
+                if(!SSL_add_file_cert_subjects_to_stack(stack,buf))
+                        goto err;
+                }
+        ret = 1;
+
+err:    
+        if (d) closedir(d);
+        CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
+        return ret;
+        }
+
+#endif
+#endif
+
+#else /* OPENSSL_SYS_WIN32 */
+
+#if defined(_WIN32_WCE)
+# ifndef UNICODE
+#  error "WinCE comes in UNICODE flavor only..."
+# endif
+# if _WIN32_WCE<101 && !defined(OPENSSL_NO_MULTIBYTE)
+#  define OPENSSL_NO_MULTIBYTE
+# endif
+# ifndef  FindFirstFile
+#  define FindFirstFile FindFirstFileW
+# endif
+# ifndef  FindNextFile
+#  define FindNextFile FindNextFileW
+# endif
+#endif
+
+int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
+                                       const char *dir)
+        {
+        WIN32_FIND_DATA FindFileData;
+        HANDLE hFind;
+        int    ret = 0;
+        TCHAR *wdir = NULL;
+        size_t i,len_0 = strlen(dir)+1; /* len_0 accounts for trailing 0 */
+        char   buf[1024],*slash;
+
+        if (len_0 > (sizeof(buf)-14))   /* 14 is just some value... */
+                {
+                SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG);
+                return ret;
+                }
+
+        CRYPTO_w_lock(CRYPTO_LOCK_READDIR);
+
+        if (sizeof(TCHAR) != sizeof(char))
+                {
+                wdir = (TCHAR *)malloc(len_0*sizeof(TCHAR));
+                if (wdir == NULL)
+                        goto err_noclose;
+#ifndef OPENSSL_NO_MULTIBYTE
+                if (!MultiByteToWideChar(CP_ACP,0,dir,len_0,
+                                        (WCHAR *)wdir,len_0))
+#endif
+                        for (i=0;i<len_0;i++) wdir[i]=(TCHAR)dir[i];
+
+                hFind = FindFirstFile(wdir, &FindFileData);
+                }
+        else    hFind = FindFirstFile((const TCHAR *)dir, &FindFileData);
+
+        /* Note that a side effect is that the CAs will be sorted by name */
+        if(hFind == INVALID_HANDLE_VALUE)
+                {
+                SYSerr(SYS_F_OPENDIR, get_last_sys_error());
+                ERR_add_error_data(3, "opendir('", dir, "')");
+                SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB);
+                goto err_noclose;
+                }
+
+        strncpy(buf,dir,sizeof(buf));   /* strcpy is safe too... */
+        buf[len_0-1]='/';               /* no trailing zero!     */
+        slash=buf+len_0;
+
+        do      {
+                const TCHAR *fnam=FindFileData.cFileName;
+                size_t flen_0=_tcslen(fnam)+1;
+
+                if (flen_0 > (sizeof(buf)-len_0))
+                        {
+                        SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG);
+                        goto err;
+                        }
+                /* else strcpy would be safe too... */
+
+                if (sizeof(TCHAR) != sizeof(char))
+                        {
+#ifndef OPENSSL_NO_MULTIBYTE
+                        if (!WideCharToMultiByte(CP_ACP,0,
+                                                (WCHAR *)fnam,flen_0,
+                                                slash,sizeof(buf)-len_0,
+                                                NULL,0))
+#endif
+                                for (i=0;i<flen_0;i++) slash[i]=(char)fnam[i];
+                        }
+                else    strncpy(slash,(const char *)fnam,sizeof(buf)-len_0);
+
+                if(!SSL_add_file_cert_subjects_to_stack(stack,buf))
+                        goto err;
+                }
+        while (FindNextFile(hFind, &FindFileData) != FALSE);
+        ret = 1;
+
+err:    
+        FindClose(hFind);
+err_noclose:
+        if (wdir != NULL)
+                free(wdir);
+
+        CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
+        return ret;
+        }
+
+#endif
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c
new file mode 100644
index 0000000000..a7ccefa30c
--- /dev/null
+++ b/src/lib/libssl/ssl_ciph.c
@@ -0,0 +1,1157 @@
+/* ssl/ssl_ciph.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/objects.h>
+#include <openssl/comp.h>
+#include <openssl/fips.h>
+#include "ssl_locl.h"
+
+#define SSL_ENC_DES_IDX         0
+#define SSL_ENC_3DES_IDX        1
+#define SSL_ENC_RC4_IDX         2
+#define SSL_ENC_RC2_IDX         3
+#define SSL_ENC_IDEA_IDX        4
+#define SSL_ENC_eFZA_IDX        5
+#define SSL_ENC_NULL_IDX        6
+#define SSL_ENC_AES128_IDX      7
+#define SSL_ENC_AES256_IDX      8
+#define SSL_ENC_NUM_IDX         9
+
+static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
+        NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL
+        };
+
+static STACK_OF(SSL_COMP) *ssl_comp_methods=NULL;
+
+#define SSL_MD_MD5_IDX  0
+#define SSL_MD_SHA1_IDX 1
+#define SSL_MD_NUM_IDX  2
+static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={
+        NULL,NULL,
+        };
+
+#define CIPHER_ADD      1
+#define CIPHER_KILL     2
+#define CIPHER_DEL      3
+#define CIPHER_ORD      4
+#define CIPHER_SPECIAL  5
+
+typedef struct cipher_order_st
+        {
+        SSL_CIPHER *cipher;
+        int active;
+        int dead;
+        struct cipher_order_st *next,*prev;
+        } CIPHER_ORDER;
+
+static const SSL_CIPHER cipher_aliases[]={
+        /* Don't include eNULL unless specifically enabled. */
+        {0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /* must be first */
+        {0,SSL_TXT_CMPALL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0},  /* COMPLEMENT OF ALL */
+        {0,SSL_TXT_CMPDEF,0,SSL_ADH, 0,0,0,0,SSL_AUTH_MASK,0},
+        {0,SSL_TXT_kKRB5,0,SSL_kKRB5,0,0,0,0,SSL_MKEY_MASK,0},  /* VRS Kerberos5 */
+        {0,SSL_TXT_kRSA,0,SSL_kRSA,  0,0,0,0,SSL_MKEY_MASK,0},
+        {0,SSL_TXT_kDHr,0,SSL_kDHr,  0,0,0,0,SSL_MKEY_MASK,0},
+        {0,SSL_TXT_kDHd,0,SSL_kDHd,  0,0,0,0,SSL_MKEY_MASK,0},
+        {0,SSL_TXT_kEDH,0,SSL_kEDH,  0,0,0,0,SSL_MKEY_MASK,0},
+        {0,SSL_TXT_kFZA,0,SSL_kFZA,  0,0,0,0,SSL_MKEY_MASK,0},
+        {0,SSL_TXT_DH,  0,SSL_DH,    0,0,0,0,SSL_MKEY_MASK,0},
+        {0,SSL_TXT_EDH, 0,SSL_EDH,   0,0,0,0,SSL_MKEY_MASK|SSL_AUTH_MASK,0},
+
+        {0,SSL_TXT_aKRB5,0,SSL_aKRB5,0,0,0,0,SSL_AUTH_MASK,0},  /* VRS Kerberos5 */
+        {0,SSL_TXT_aRSA,0,SSL_aRSA,  0,0,0,0,SSL_AUTH_MASK,0},
+        {0,SSL_TXT_aDSS,0,SSL_aDSS,  0,0,0,0,SSL_AUTH_MASK,0},
+        {0,SSL_TXT_aFZA,0,SSL_aFZA,  0,0,0,0,SSL_AUTH_MASK,0},
+        {0,SSL_TXT_aNULL,0,SSL_aNULL,0,0,0,0,SSL_AUTH_MASK,0},
+        {0,SSL_TXT_aDH, 0,SSL_aDH,   0,0,0,0,SSL_AUTH_MASK,0},
+        {0,SSL_TXT_DSS, 0,SSL_DSS,   0,0,0,0,SSL_AUTH_MASK,0},
+
+        {0,SSL_TXT_DES, 0,SSL_DES,   0,0,0,0,SSL_ENC_MASK,0},
+        {0,SSL_TXT_3DES,0,SSL_3DES,  0,0,0,0,SSL_ENC_MASK,0},
+        {0,SSL_TXT_RC4, 0,SSL_RC4,   0,0,0,0,SSL_ENC_MASK,0},
+        {0,SSL_TXT_RC2, 0,SSL_RC2,   0,0,0,0,SSL_ENC_MASK,0},
+#ifndef OPENSSL_NO_IDEA
+        {0,SSL_TXT_IDEA,0,SSL_IDEA,  0,0,0,0,SSL_ENC_MASK,0},
+#endif
+        {0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0},
+        {0,SSL_TXT_eFZA,0,SSL_eFZA,  0,0,0,0,SSL_ENC_MASK,0},
+        {0,SSL_TXT_AES, 0,SSL_AES,   0,0,0,0,SSL_ENC_MASK,0},
+
+        {0,SSL_TXT_MD5, 0,SSL_MD5,   0,0,0,0,SSL_MAC_MASK,0},
+        {0,SSL_TXT_SHA1,0,SSL_SHA1,  0,0,0,0,SSL_MAC_MASK,0},
+        {0,SSL_TXT_SHA, 0,SSL_SHA,   0,0,0,0,SSL_MAC_MASK,0},
+
+        {0,SSL_TXT_NULL,0,SSL_NULL,  0,0,0,0,SSL_ENC_MASK,0},
+        {0,SSL_TXT_KRB5,0,SSL_KRB5,  0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
+        {0,SSL_TXT_RSA, 0,SSL_RSA,   0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
+        {0,SSL_TXT_ADH, 0,SSL_ADH,   0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
+        {0,SSL_TXT_FZA, 0,SSL_FZA,   0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK|SSL_ENC_MASK,0},
+
+        {0,SSL_TXT_SSLV2, 0,SSL_SSLV2, 0,0,0,0,SSL_SSL_MASK,0},
+        {0,SSL_TXT_SSLV3, 0,SSL_SSLV3, 0,0,0,0,SSL_SSL_MASK,0},
+        {0,SSL_TXT_TLSV1, 0,SSL_TLSV1, 0,0,0,0,SSL_SSL_MASK,0},
+
+        {0,SSL_TXT_EXP   ,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK},
+        {0,SSL_TXT_EXPORT,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK},
+        {0,SSL_TXT_EXP40, 0, 0, SSL_EXP40, 0,0,0,0,SSL_STRONG_MASK},
+        {0,SSL_TXT_EXP56, 0, 0, SSL_EXP56, 0,0,0,0,SSL_STRONG_MASK},
+        {0,SSL_TXT_LOW,   0, 0,   SSL_LOW, 0,0,0,0,SSL_STRONG_MASK},
+        {0,SSL_TXT_MEDIUM,0, 0,SSL_MEDIUM, 0,0,0,0,SSL_STRONG_MASK},
+        {0,SSL_TXT_HIGH,  0, 0,  SSL_HIGH, 0,0,0,0,SSL_STRONG_MASK},
+        {0,SSL_TXT_FIPS,  0, 0,  SSL_FIPS, 0,0,0,0,SSL_FIPS|SSL_STRONG_NONE},
+        };
+
+static int init_ciphers=1;
+
+static void load_ciphers(void)
+        {
+        ssl_cipher_methods[SSL_ENC_DES_IDX]= 
+                EVP_get_cipherbyname(SN_des_cbc);
+        ssl_cipher_methods[SSL_ENC_3DES_IDX]=
+                EVP_get_cipherbyname(SN_des_ede3_cbc);
+        ssl_cipher_methods[SSL_ENC_RC4_IDX]=
+                EVP_get_cipherbyname(SN_rc4);
+        ssl_cipher_methods[SSL_ENC_RC2_IDX]= 
+                EVP_get_cipherbyname(SN_rc2_cbc);
+#ifndef OPENSSL_NO_IDEA
+        ssl_cipher_methods[SSL_ENC_IDEA_IDX]= 
+                EVP_get_cipherbyname(SN_idea_cbc);
+#else
+        ssl_cipher_methods[SSL_ENC_IDEA_IDX]= NULL;
+#endif
+        ssl_cipher_methods[SSL_ENC_AES128_IDX]=
+          EVP_get_cipherbyname(SN_aes_128_cbc);
+        ssl_cipher_methods[SSL_ENC_AES256_IDX]=
+          EVP_get_cipherbyname(SN_aes_256_cbc);
+
+        ssl_digest_methods[SSL_MD_MD5_IDX]=
+                EVP_get_digestbyname(SN_md5);
+        ssl_digest_methods[SSL_MD_SHA1_IDX]=
+                EVP_get_digestbyname(SN_sha1);
+        init_ciphers=0;
+        }
+
+int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
+             const EVP_MD **md, SSL_COMP **comp)
+        {
+        int i;
+        SSL_CIPHER *c;
+
+        c=s->cipher;
+        if (c == NULL) return(0);
+        if (comp != NULL)
+                {
+                SSL_COMP ctmp;
+
+                if (s->compress_meth == 0)
+                        *comp=NULL;
+                else if (ssl_comp_methods == NULL)
+                        {
+                        /* bad */
+                        *comp=NULL;
+                        }
+                else
+                        {
+
+                        ctmp.id=s->compress_meth;
+                        i=sk_SSL_COMP_find(ssl_comp_methods,&ctmp);
+                        if (i >= 0)
+                                *comp=sk_SSL_COMP_value(ssl_comp_methods,i);
+                        else
+                                *comp=NULL;
+                        }
+                }
+
+        if ((enc == NULL) || (md == NULL)) return(0);
+
+        switch (c->algorithms & SSL_ENC_MASK)
+                {
+        case SSL_DES:
+                i=SSL_ENC_DES_IDX;
+                break;
+        case SSL_3DES:
+                i=SSL_ENC_3DES_IDX;
+                break;
+        case SSL_RC4:
+                i=SSL_ENC_RC4_IDX;
+                break;
+        case SSL_RC2:
+                i=SSL_ENC_RC2_IDX;
+                break;
+        case SSL_IDEA:
+                i=SSL_ENC_IDEA_IDX;
+                break;
+        case SSL_eNULL:
+                i=SSL_ENC_NULL_IDX;
+                break;
+        case SSL_AES:
+                switch(c->alg_bits)
+                        {
+                case 128: i=SSL_ENC_AES128_IDX; break;
+                case 256: i=SSL_ENC_AES256_IDX; break;
+                default: i=-1; break;
+                        }
+                break;
+        default:
+                i= -1;
+                break;
+                }
+
+        if ((i < 0) || (i >= SSL_ENC_NUM_IDX))
+                *enc=NULL;
+        else
+                {
+                if (i == SSL_ENC_NULL_IDX)
+                        *enc=EVP_enc_null();
+                else
+                        *enc=ssl_cipher_methods[i];
+                }
+
+        switch (c->algorithms & SSL_MAC_MASK)
+                {
+        case SSL_MD5:
+                i=SSL_MD_MD5_IDX;
+                break;
+        case SSL_SHA1:
+                i=SSL_MD_SHA1_IDX;
+                break;
+        default:
+                i= -1;
+                break;
+                }
+        if ((i < 0) || (i >= SSL_MD_NUM_IDX))
+                *md=NULL;
+        else
+                *md=ssl_digest_methods[i];
+
+        if ((*enc != NULL) && (*md != NULL))
+                return(1);
+        else
+                return(0);
+        }
+
+#define ITEM_SEP(a) \
+        (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ','))
+
+static void ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr,
+             CIPHER_ORDER **tail)
+        {
+        if (curr == *tail) return;
+        if (curr == *head)
+                *head=curr->next;
+        if (curr->prev != NULL)
+                curr->prev->next=curr->next;
+        if (curr->next != NULL) /* should always be true */
+                curr->next->prev=curr->prev;
+        (*tail)->next=curr;
+        curr->prev= *tail;
+        curr->next=NULL;
+        *tail=curr;
+        }
+
+static unsigned long ssl_cipher_get_disabled(void)
+        {
+        unsigned long mask;
+
+        mask = SSL_kFZA;
+#ifdef OPENSSL_NO_RSA
+        mask |= SSL_aRSA|SSL_kRSA;
+#endif
+#ifdef OPENSSL_NO_DSA
+        mask |= SSL_aDSS;
+#endif
+#ifdef OPENSSL_NO_DH
+        mask |= SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH;
+#endif
+#ifdef OPENSSL_NO_KRB5
+        mask |= SSL_kKRB5|SSL_aKRB5;
+#endif
+
+#ifdef SSL_FORBID_ENULL
+        mask |= SSL_eNULL;
+#endif
+
+        mask |= (ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL) ? SSL_DES :0;
+        mask |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES:0;
+        mask |= (ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL) ? SSL_RC4 :0;
+        mask |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0;
+        mask |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0;
+        mask |= (ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL) ? SSL_eFZA:0;
+        mask |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES:0;
+
+        mask |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0;
+        mask |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0;
+
+        return(mask);
+        }
+
+static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
+                int num_of_ciphers, unsigned long mask, CIPHER_ORDER *co_list,
+                CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
+        {
+        int i, co_list_num;
+        SSL_CIPHER *c;
+
+        /*
+         * We have num_of_ciphers descriptions compiled in, depending on the
+         * method selected (SSLv2 and/or SSLv3, TLSv1 etc).
+         * These will later be sorted in a linked list with at most num
+         * entries.
+         */
+
+        /* Get the initial list of ciphers */
+        co_list_num = 0;        /* actual count of ciphers */
+        for (i = 0; i < num_of_ciphers; i++)
+                {
+                c = ssl_method->get_cipher(i);
+                /* drop those that use any of that is not available */
+#ifdef OPENSSL_FIPS
+                if ((c != NULL) && c->valid && !(c->algorithms & mask)
+                        && (!FIPS_mode() || (c->algo_strength & SSL_FIPS)))
+#else
+                if ((c != NULL) && c->valid && !(c->algorithms & mask))
+#endif
+                        {
+                        co_list[co_list_num].cipher = c;
+                        co_list[co_list_num].next = NULL;
+                        co_list[co_list_num].prev = NULL;
+                        co_list[co_list_num].active = 0;
+                        co_list_num++;
+#ifdef KSSL_DEBUG
+                        printf("\t%d: %s %lx %lx\n",i,c->name,c->id,c->algorithms);
+#endif  /* KSSL_DEBUG */
+                        /*
+                        if (!sk_push(ca_list,(char *)c)) goto err;
+                        */
+                        }
+                }
+
+        /*
+         * Prepare linked list from list entries
+         */     
+        for (i = 1; i < co_list_num - 1; i++)
+                {
+                co_list[i].prev = &(co_list[i-1]);
+                co_list[i].next = &(co_list[i+1]);
+                }
+        if (co_list_num > 0)
+                {
+                (*head_p) = &(co_list[0]);
+                (*head_p)->prev = NULL;
+                (*head_p)->next = &(co_list[1]);
+                (*tail_p) = &(co_list[co_list_num - 1]);
+                (*tail_p)->prev = &(co_list[co_list_num - 2]);
+                (*tail_p)->next = NULL;
+                }
+        }
+
+static void ssl_cipher_collect_aliases(SSL_CIPHER **ca_list,
+                        int num_of_group_aliases, unsigned long mask,
+                        CIPHER_ORDER *head)
+        {
+        CIPHER_ORDER *ciph_curr;
+        SSL_CIPHER **ca_curr;
+        int i;
+
+        /*
+         * First, add the real ciphers as already collected
+         */
+        ciph_curr = head;
+        ca_curr = ca_list;
+        while (ciph_curr != NULL)
+                {
+                *ca_curr = ciph_curr->cipher;
+                ca_curr++;
+                ciph_curr = ciph_curr->next;
+                }
+
+        /*
+         * Now we add the available ones from the cipher_aliases[] table.
+         * They represent either an algorithm, that must be fully
+         * supported (not match any bit in mask) or represent a cipher
+         * strength value (will be added in any case because algorithms=0).
+         */
+        for (i = 0; i < num_of_group_aliases; i++)
+                {
+                if ((i == 0) ||         /* always fetch "ALL" */
+                    !(cipher_aliases[i].algorithms & mask))
+                        {
+                        *ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
+                        ca_curr++;
+                        }
+                }
+
+        *ca_curr = NULL;        /* end of list */
+        }
+
+static void ssl_cipher_apply_rule(unsigned long algorithms, unsigned long mask,
+                unsigned long algo_strength, unsigned long mask_strength,
+                int rule, int strength_bits, CIPHER_ORDER *co_list,
+                CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
+        {
+        CIPHER_ORDER *head, *tail, *curr, *curr2, *tail2;
+        SSL_CIPHER *cp;
+        unsigned long ma, ma_s;
+
+#ifdef CIPHER_DEBUG
+        printf("Applying rule %d with %08lx %08lx %08lx %08lx (%d)\n",
+                rule, algorithms, mask, algo_strength, mask_strength,
+                strength_bits);
+#endif
+
+        curr = head = *head_p;
+        curr2 = head;
+        tail2 = tail = *tail_p;
+        for (;;)
+                {
+                if ((curr == NULL) || (curr == tail2)) break;
+                curr = curr2;
+                curr2 = curr->next;
+
+                cp = curr->cipher;
+
+                /*
+                 * Selection criteria is either the number of strength_bits
+                 * or the algorithm used.
+                 */
+                if (strength_bits == -1)
+                        {
+                        ma = mask & cp->algorithms;
+                        ma_s = mask_strength & cp->algo_strength;
+
+#ifdef CIPHER_DEBUG
+                        printf("\nName: %s:\nAlgo = %08lx Algo_strength = %08lx\nMask = %08lx Mask_strength %08lx\n", cp->name, cp->algorithms, cp->algo_strength, mask, mask_strength);
+                        printf("ma = %08lx ma_s %08lx, ma&algo=%08lx, ma_s&algos=%08lx\n", ma, ma_s, ma&algorithms, ma_s&algo_strength);
+#endif
+                        /*
+                         * Select: if none of the mask bit was met from the
+                         * cipher or not all of the bits were met, the
+                         * selection does not apply.
+                         */
+                        if (((ma == 0) && (ma_s == 0)) ||
+                            ((ma & algorithms) != ma) ||
+                            ((ma_s & algo_strength) != ma_s))
+                                continue; /* does not apply */
+                        }
+                else if (strength_bits != cp->strength_bits)
+                        continue;       /* does not apply */
+
+#ifdef CIPHER_DEBUG
+                printf("Action = %d\n", rule);
+#endif
+
+                /* add the cipher if it has not been added yet. */
+                if (rule == CIPHER_ADD)
+                        {
+                        if (!curr->active)
+                                {
+                                ll_append_tail(&head, curr, &tail);
+                                curr->active = 1;
+                                }
+                        }
+                /* Move the added cipher to this location */
+                else if (rule == CIPHER_ORD)
+                        {
+                        if (curr->active)
+                                {
+                                ll_append_tail(&head, curr, &tail);
+                                }
+                        }
+                else if (rule == CIPHER_DEL)
+                        curr->active = 0;
+                else if (rule == CIPHER_KILL)
+                        {
+                        if (head == curr)
+                                head = curr->next;
+                        else
+                                curr->prev->next = curr->next;
+                        if (tail == curr)
+                                tail = curr->prev;
+                        curr->active = 0;
+                        if (curr->next != NULL)
+                                curr->next->prev = curr->prev;
+                        if (curr->prev != NULL)
+                                curr->prev->next = curr->next;
+                        curr->next = NULL;
+                        curr->prev = NULL;
+                        }
+                }
+
+        *head_p = head;
+        *tail_p = tail;
+        }
+
+static int ssl_cipher_strength_sort(CIPHER_ORDER *co_list,
+                                    CIPHER_ORDER **head_p,
+                                    CIPHER_ORDER **tail_p)
+        {
+        int max_strength_bits, i, *number_uses;
+        CIPHER_ORDER *curr;
+
+        /*
+         * This routine sorts the ciphers with descending strength. The sorting
+         * must keep the pre-sorted sequence, so we apply the normal sorting
+         * routine as '+' movement to the end of the list.
+         */
+        max_strength_bits = 0;
+        curr = *head_p;
+        while (curr != NULL)
+                {
+                if (curr->active &&
+                    (curr->cipher->strength_bits > max_strength_bits))
+                    max_strength_bits = curr->cipher->strength_bits;
+                curr = curr->next;
+                }
+
+        number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int));
+        if (!number_uses)
+        {
+                SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT,ERR_R_MALLOC_FAILURE);
+                return(0);
+        }
+        memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int));
+
+        /*
+         * Now find the strength_bits values actually used
+         */
+        curr = *head_p;
+        while (curr != NULL)
+                {
+                if (curr->active)
+                        number_uses[curr->cipher->strength_bits]++;
+                curr = curr->next;
+                }
+        /*
+         * Go through the list of used strength_bits values in descending
+         * order.
+         */
+        for (i = max_strength_bits; i >= 0; i--)
+                if (number_uses[i] > 0)
+                        ssl_cipher_apply_rule(0, 0, 0, 0, CIPHER_ORD, i,
+                                        co_list, head_p, tail_p);
+
+        OPENSSL_free(number_uses);
+        return(1);
+        }
+
+static int ssl_cipher_process_rulestr(const char *rule_str,
+                CIPHER_ORDER *co_list, CIPHER_ORDER **head_p,
+                CIPHER_ORDER **tail_p, SSL_CIPHER **ca_list)
+        {
+        unsigned long algorithms, mask, algo_strength, mask_strength;
+        const char *l, *start, *buf;
+        int j, multi, found, rule, retval, ok, buflen;
+        char ch;
+
+        retval = 1;
+        l = rule_str;
+        for (;;)
+                {
+                ch = *l;
+
+                if (ch == '\0')
+                        break;          /* done */
+                if (ch == '-')
+                        { rule = CIPHER_DEL; l++; }
+                else if (ch == '+')
+                        { rule = CIPHER_ORD; l++; }
+                else if (ch == '!')
+                        { rule = CIPHER_KILL; l++; }
+                else if (ch == '@')
+                        { rule = CIPHER_SPECIAL; l++; }
+                else
+                        { rule = CIPHER_ADD; }
+
+                if (ITEM_SEP(ch))
+                        {
+                        l++;
+                        continue;
+                        }
+
+                algorithms = mask = algo_strength = mask_strength = 0;
+
+                start=l;
+                for (;;)
+                        {
+                        ch = *l;
+                        buf = l;
+                        buflen = 0;
+#ifndef CHARSET_EBCDIC
+                        while ( ((ch >= 'A') && (ch <= 'Z')) ||
+                                ((ch >= '0') && (ch <= '9')) ||
+                                ((ch >= 'a') && (ch <= 'z')) ||
+                                 (ch == '-'))
+#else
+                        while ( isalnum(ch) || (ch == '-'))
+#endif
+                                 {
+                                 ch = *(++l);
+                                 buflen++;
+                                 }
+
+                        if (buflen == 0)
+                                {
+                                /*
+                                 * We hit something we cannot deal with,
+                                 * it is no command or separator nor
+                                 * alphanumeric, so we call this an error.
+                                 */
+                                SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
+                                       SSL_R_INVALID_COMMAND);
+                                retval = found = 0;
+                                l++;
+                                break;
+                                }
+
+                        if (rule == CIPHER_SPECIAL)
+                                {
+                                found = 0; /* unused -- avoid compiler warning */
+                                break;  /* special treatment */
+                                }
+
+                        /* check for multi-part specification */
+                        if (ch == '+')
+                                {
+                                multi=1;
+                                l++;
+                                }
+                        else
+                                multi=0;
+
+                        /*
+                         * Now search for the cipher alias in the ca_list. Be careful
+                         * with the strncmp, because the "buflen" limitation
+                         * will make the rule "ADH:SOME" and the cipher
+                         * "ADH-MY-CIPHER" look like a match for buflen=3.
+                         * So additionally check whether the cipher name found
+                         * has the correct length. We can save a strlen() call:
+                         * just checking for the '\0' at the right place is
+                         * sufficient, we have to strncmp() anyway. (We cannot
+                         * use strcmp(), because buf is not '\0' terminated.)
+                         */
+                         j = found = 0;
+                         while (ca_list[j])
+                                {
+                                if (!strncmp(buf, ca_list[j]->name, buflen) &&
+                                    (ca_list[j]->name[buflen] == '\0'))
+                                        {
+                                        found = 1;
+                                        break;
+                                        }
+                                else
+                                        j++;
+                                }
+                        if (!found)
+                                break;  /* ignore this entry */
+
+                        algorithms |= ca_list[j]->algorithms;
+                        mask |= ca_list[j]->mask;
+                        algo_strength |= ca_list[j]->algo_strength;
+                        mask_strength |= ca_list[j]->mask_strength;
+
+                        if (!multi) break;
+                        }
+
+                /*
+                 * Ok, we have the rule, now apply it
+                 */
+                if (rule == CIPHER_SPECIAL)
+                        {       /* special command */
+                        ok = 0;
+                        if ((buflen == 8) &&
+                                !strncmp(buf, "STRENGTH", 8))
+                                ok = ssl_cipher_strength_sort(co_list,
+                                        head_p, tail_p);
+                        else
+                                SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
+                                        SSL_R_INVALID_COMMAND);
+                        if (ok == 0)
+                                retval = 0;
+                        /*
+                         * We do not support any "multi" options
+                         * together with "@", so throw away the
+                         * rest of the command, if any left, until
+                         * end or ':' is found.
+                         */
+                        while ((*l != '\0') && ITEM_SEP(*l))
+                                l++;
+                        }
+                else if (found)
+                        {
+                        ssl_cipher_apply_rule(algorithms, mask,
+                                algo_strength, mask_strength, rule, -1,
+                                co_list, head_p, tail_p);
+                        }
+                else
+                        {
+                        while ((*l != '\0') && ITEM_SEP(*l))
+                                l++;
+                        }
+                if (*l == '\0') break; /* done */
+                }
+
+        return(retval);
+        }
+
+STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
+                STACK_OF(SSL_CIPHER) **cipher_list,
+                STACK_OF(SSL_CIPHER) **cipher_list_by_id,
+                const char *rule_str)
+        {
+        int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
+        unsigned long disabled_mask;
+        STACK_OF(SSL_CIPHER) *cipherstack;
+        const char *rule_p;
+        CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
+        SSL_CIPHER **ca_list = NULL;
+
+        /*
+         * Return with error if nothing to do.
+         */
+        if (rule_str == NULL) return(NULL);
+
+        if (init_ciphers)
+                {
+                CRYPTO_w_lock(CRYPTO_LOCK_SSL);
+                if (init_ciphers) load_ciphers();
+                CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
+                }
+
+        /*
+         * To reduce the work to do we only want to process the compiled
+         * in algorithms, so we first get the mask of disabled ciphers.
+         */
+        disabled_mask = ssl_cipher_get_disabled();
+
+        /*
+         * Now we have to collect the available ciphers from the compiled
+         * in ciphers. We cannot get more than the number compiled in, so
+         * it is used for allocation.
+         */
+        num_of_ciphers = ssl_method->num_ciphers();
+#ifdef KSSL_DEBUG
+        printf("ssl_create_cipher_list() for %d ciphers\n", num_of_ciphers);
+#endif    /* KSSL_DEBUG */
+        co_list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers);
+        if (co_list == NULL)
+                {
+                SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
+                return(NULL);   /* Failure */
+                }
+
+        ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, disabled_mask,
+                                   co_list, &head, &tail);
+
+        /*
+         * We also need cipher aliases for selecting based on the rule_str.
+         * There might be two types of entries in the rule_str: 1) names
+         * of ciphers themselves 2) aliases for groups of ciphers.
+         * For 1) we need the available ciphers and for 2) the cipher
+         * groups of cipher_aliases added together in one list (otherwise
+         * we would be happy with just the cipher_aliases table).
+         */
+        num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER);
+        num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
+        ca_list =
+                (SSL_CIPHER **)OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max);
+        if (ca_list == NULL)
+                {
+                OPENSSL_free(co_list);
+                SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
+                return(NULL);   /* Failure */
+                }
+        ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, disabled_mask,
+                                   head);
+
+        /*
+         * If the rule_string begins with DEFAULT, apply the default rule
+         * before using the (possibly available) additional rules.
+         */
+        ok = 1;
+        rule_p = rule_str;
+        if (strncmp(rule_str,"DEFAULT",7) == 0)
+                {
+                ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST,
+                        co_list, &head, &tail, ca_list);
+                rule_p += 7;
+                if (*rule_p == ':')
+                        rule_p++;
+                }
+
+        if (ok && (strlen(rule_p) > 0))
+                ok = ssl_cipher_process_rulestr(rule_p, co_list, &head, &tail,
+                                                ca_list);
+
+        OPENSSL_free(ca_list);  /* Not needed anymore */
+
+        if (!ok)
+                {       /* Rule processing failure */
+                OPENSSL_free(co_list);
+                return(NULL);
+                }
+        /*
+         * Allocate new "cipherstack" for the result, return with error
+         * if we cannot get one.
+         */
+        if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL)
+                {
+                OPENSSL_free(co_list);
+                return(NULL);
+                }
+
+        /*
+         * The cipher selection for the list is done. The ciphers are added
+         * to the resulting precedence to the STACK_OF(SSL_CIPHER).
+         */
+        for (curr = head; curr != NULL; curr = curr->next)
+                {
+#ifdef OPENSSL_FIPS
+                if (curr->active && (!FIPS_mode() || curr->cipher->algo_strength & SSL_FIPS))
+#else
+                if (curr->active)
+#endif
+                        {
+                        sk_SSL_CIPHER_push(cipherstack, curr->cipher);
+#ifdef CIPHER_DEBUG
+                        printf("<%s>\n",curr->cipher->name);
+#endif
+                        }
+                }
+        OPENSSL_free(co_list);  /* Not needed any longer */
+
+        /*
+         * The following passage is a little bit odd. If pointer variables
+         * were supplied to hold STACK_OF(SSL_CIPHER) return information,
+         * the old memory pointed to is free()ed. Then, however, the
+         * cipher_list entry will be assigned just a copy of the returned
+         * cipher stack. For cipher_list_by_id a copy of the cipher stack
+         * will be created. See next comment...
+         */
+        if (cipher_list != NULL)
+                {
+                if (*cipher_list != NULL)
+                        sk_SSL_CIPHER_free(*cipher_list);
+                *cipher_list = cipherstack;
+                }
+
+        if (cipher_list_by_id != NULL)
+                {
+                if (*cipher_list_by_id != NULL)
+                        sk_SSL_CIPHER_free(*cipher_list_by_id);
+                *cipher_list_by_id = sk_SSL_CIPHER_dup(cipherstack);
+                }
+
+        /*
+         * Now it is getting really strange. If something failed during
+         * the previous pointer assignment or if one of the pointers was
+         * not requested, the error condition is met. That might be
+         * discussable. The strange thing is however that in this case
+         * the memory "ret" pointed to is "free()ed" and hence the pointer
+         * cipher_list becomes wild. The memory reserved for
+         * cipher_list_by_id however is not "free()ed" and stays intact.
+         */
+        if (    (cipher_list_by_id == NULL) ||
+                (*cipher_list_by_id == NULL) ||
+                (cipher_list == NULL) ||
+                (*cipher_list == NULL))
+                {
+                sk_SSL_CIPHER_free(cipherstack);
+                return(NULL);
+                }
+
+        sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp);
+
+        return(cipherstack);
+        }
+
+char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
+        {
+        int is_export,pkl,kl;
+        char *ver,*exp_str;
+        char *kx,*au,*enc,*mac;
+        unsigned long alg,alg2,alg_s;
+#ifdef KSSL_DEBUG
+        static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx\n";
+#else
+        static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n";
+#endif /* KSSL_DEBUG */
+
+        alg=cipher->algorithms;
+        alg_s=cipher->algo_strength;
+        alg2=cipher->algorithm2;
+
+        is_export=SSL_C_IS_EXPORT(cipher);
+        pkl=SSL_C_EXPORT_PKEYLENGTH(cipher);
+        kl=SSL_C_EXPORT_KEYLENGTH(cipher);
+        exp_str=is_export?" export":"";
+
+        if (alg & SSL_SSLV2)
+                ver="SSLv2";
+        else if (alg & SSL_SSLV3)
+                ver="SSLv3";
+        else
+                ver="unknown";
+
+        switch (alg&SSL_MKEY_MASK)
+                {
+        case SSL_kRSA:
+                kx=is_export?(pkl == 512 ? "RSA(512)" : "RSA(1024)"):"RSA";
+                break;
+        case SSL_kDHr:
+                kx="DH/RSA";
+                break;
+        case SSL_kDHd:
+                kx="DH/DSS";
+                break;
+        case SSL_kKRB5:         /* VRS */
+        case SSL_KRB5:          /* VRS */
+            kx="KRB5";
+            break;
+        case SSL_kFZA:
+                kx="Fortezza";
+                break;
+        case SSL_kEDH:
+                kx=is_export?(pkl == 512 ? "DH(512)" : "DH(1024)"):"DH";
+                break;
+        default:
+                kx="unknown";
+                }
+
+        switch (alg&SSL_AUTH_MASK)
+                {
+        case SSL_aRSA:
+                au="RSA";
+                break;
+        case SSL_aDSS:
+                au="DSS";
+                break;
+        case SSL_aDH:
+                au="DH";
+                break;
+        case SSL_aKRB5:         /* VRS */
+        case SSL_KRB5:          /* VRS */
+            au="KRB5";
+            break;
+        case SSL_aFZA:
+        case SSL_aNULL:
+                au="None";
+                break;
+        default:
+                au="unknown";
+                break;
+                }
+
+        switch (alg&SSL_ENC_MASK)
+                {
+        case SSL_DES:
+                enc=(is_export && kl == 5)?"DES(40)":"DES(56)";
+                break;
+        case SSL_3DES:
+                enc="3DES(168)";
+                break;
+        case SSL_RC4:
+                enc=is_export?(kl == 5 ? "RC4(40)" : "RC4(56)")
+                  :((alg2&SSL2_CF_8_BYTE_ENC)?"RC4(64)":"RC4(128)");
+                break;
+        case SSL_RC2:
+                enc=is_export?(kl == 5 ? "RC2(40)" : "RC2(56)"):"RC2(128)";
+                break;
+        case SSL_IDEA:
+                enc="IDEA(128)";
+                break;
+        case SSL_eFZA:
+                enc="Fortezza";
+                break;
+        case SSL_eNULL:
+                enc="None";
+                break;
+        case SSL_AES:
+                switch(cipher->strength_bits)
+                        {
+                case 128: enc="AES(128)"; break;
+                case 192: enc="AES(192)"; break;
+                case 256: enc="AES(256)"; break;
+                default: enc="AES(?""?""?)"; break;
+                        }
+                break;
+        default:
+                enc="unknown";
+                break;
+                }
+
+        switch (alg&SSL_MAC_MASK)
+                {
+        case SSL_MD5:
+                mac="MD5";
+                break;
+        case SSL_SHA1:
+                mac="SHA1";
+                break;
+        default:
+                mac="unknown";
+                break;
+                }
+
+        if (buf == NULL)
+                {
+                len=128;
+                buf=OPENSSL_malloc(len);
+                if (buf == NULL) return("OPENSSL_malloc Error");
+                }
+        else if (len < 128)
+                return("Buffer too small");
+
+#ifdef KSSL_DEBUG
+        BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp_str,alg);
+#else
+        BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp_str);
+#endif /* KSSL_DEBUG */
+        return(buf);
+        }
+
+char *SSL_CIPHER_get_version(const SSL_CIPHER *c)
+        {
+        int i;
+
+        if (c == NULL) return("(NONE)");
+        i=(int)(c->id>>24L);
+        if (i == 3)
+                return("TLSv1/SSLv3");
+        else if (i == 2)
+                return("SSLv2");
+        else
+                return("unknown");
+        }
+
+/* return the actual cipher being used */
+const char *SSL_CIPHER_get_name(const SSL_CIPHER *c)
+        {
+        if (c != NULL)
+                return(c->name);
+        return("(NONE)");
+        }
+
+/* number of bits for symmetric cipher */
+int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits)
+        {
+        int ret=0;
+
+        if (c != NULL)
+                {
+                if (alg_bits != NULL) *alg_bits = c->alg_bits;
+                ret = c->strength_bits;
+                }
+        return(ret);
+        }
+
+SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n)
+        {
+        SSL_COMP *ctmp;
+        int i,nn;
+
+        if ((n == 0) || (sk == NULL)) return(NULL);
+        nn=sk_SSL_COMP_num(sk);
+        for (i=0; i<nn; i++)
+                {
+                ctmp=sk_SSL_COMP_value(sk,i);
+                if (ctmp->id == n)
+                        return(ctmp);
+                }
+        return(NULL);
+        }
+
+static int sk_comp_cmp(const SSL_COMP * const *a,
+                        const SSL_COMP * const *b)
+        {
+        return((*a)->id-(*b)->id);
+        }
+
+STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void)
+        {
+        return(ssl_comp_methods);
+        }
+
+int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
+        {
+        SSL_COMP *comp;
+        STACK_OF(SSL_COMP) *sk;
+
+        if (cm == NULL || cm->type == NID_undef)
+                return 1;
+
+        MemCheck_off();
+        comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
+        comp->id=id;
+        comp->method=cm;
+        if (ssl_comp_methods == NULL)
+                sk=ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);
+        else
+                sk=ssl_comp_methods;
+        if ((sk == NULL) || !sk_SSL_COMP_push(sk,comp))
+                {
+                MemCheck_on();
+                SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,ERR_R_MALLOC_FAILURE);
+                return(1);
+                }
+        else
+                {
+                MemCheck_on();
+                return(0);
+                }
+        }
diff --git a/src/lib/libssl/ssl_err.c b/src/lib/libssl/ssl_err.c
new file mode 100644
index 0000000000..29b8ff4788
--- /dev/null
+++ b/src/lib/libssl/ssl_err.c
@@ -0,0 +1,463 @@
+/* ssl/ssl_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/ssl.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+static ERR_STRING_DATA SSL_str_functs[]=
+        {
+{ERR_PACK(0,SSL_F_CLIENT_CERTIFICATE,0),        "CLIENT_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_CLIENT_FINISHED,0),   "CLIENT_FINISHED"},
+{ERR_PACK(0,SSL_F_CLIENT_HELLO,0),      "CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_CLIENT_MASTER_KEY,0), "CLIENT_MASTER_KEY"},
+{ERR_PACK(0,SSL_F_D2I_SSL_SESSION,0),   "d2i_SSL_SESSION"},
+{ERR_PACK(0,SSL_F_DO_SSL3_WRITE,0),     "DO_SSL3_WRITE"},
+{ERR_PACK(0,SSL_F_GET_CLIENT_FINISHED,0),       "GET_CLIENT_FINISHED"},
+{ERR_PACK(0,SSL_F_GET_CLIENT_HELLO,0),  "GET_CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_GET_CLIENT_MASTER_KEY,0),     "GET_CLIENT_MASTER_KEY"},
+{ERR_PACK(0,SSL_F_GET_SERVER_FINISHED,0),       "GET_SERVER_FINISHED"},
+{ERR_PACK(0,SSL_F_GET_SERVER_HELLO,0),  "GET_SERVER_HELLO"},
+{ERR_PACK(0,SSL_F_GET_SERVER_VERIFY,0), "GET_SERVER_VERIFY"},
+{ERR_PACK(0,SSL_F_I2D_SSL_SESSION,0),   "i2d_SSL_SESSION"},
+{ERR_PACK(0,SSL_F_READ_N,0),    "READ_N"},
+{ERR_PACK(0,SSL_F_REQUEST_CERTIFICATE,0),       "REQUEST_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SERVER_FINISH,0),     "SERVER_FINISH"},
+{ERR_PACK(0,SSL_F_SERVER_HELLO,0),      "SERVER_HELLO"},
+{ERR_PACK(0,SSL_F_SERVER_VERIFY,0),     "SERVER_VERIFY"},
+{ERR_PACK(0,SSL_F_SSL23_ACCEPT,0),      "SSL23_ACCEPT"},
+{ERR_PACK(0,SSL_F_SSL23_CLIENT_HELLO,0),        "SSL23_CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_SSL23_CONNECT,0),     "SSL23_CONNECT"},
+{ERR_PACK(0,SSL_F_SSL23_GET_CLIENT_HELLO,0),    "SSL23_GET_CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_SSL23_GET_SERVER_HELLO,0),    "SSL23_GET_SERVER_HELLO"},
+{ERR_PACK(0,SSL_F_SSL23_PEEK,0),        "SSL23_PEEK"},
+{ERR_PACK(0,SSL_F_SSL23_READ,0),        "SSL23_READ"},
+{ERR_PACK(0,SSL_F_SSL23_WRITE,0),       "SSL23_WRITE"},
+{ERR_PACK(0,SSL_F_SSL2_ACCEPT,0),       "SSL2_ACCEPT"},
+{ERR_PACK(0,SSL_F_SSL2_CONNECT,0),      "SSL2_CONNECT"},
+{ERR_PACK(0,SSL_F_SSL2_ENC_INIT,0),     "SSL2_ENC_INIT"},
+{ERR_PACK(0,SSL_F_SSL2_GENERATE_KEY_MATERIAL,0),        "SSL2_GENERATE_KEY_MATERIAL"},
+{ERR_PACK(0,SSL_F_SSL2_PEEK,0), "SSL2_PEEK"},
+{ERR_PACK(0,SSL_F_SSL2_READ,0), "SSL2_READ"},
+{ERR_PACK(0,SSL_F_SSL2_READ_INTERNAL,0),        "SSL2_READ_INTERNAL"},
+{ERR_PACK(0,SSL_F_SSL2_SET_CERTIFICATE,0),      "SSL2_SET_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SSL2_WRITE,0),        "SSL2_WRITE"},
+{ERR_PACK(0,SSL_F_SSL3_ACCEPT,0),       "SSL3_ACCEPT"},
+{ERR_PACK(0,SSL_F_SSL3_CALLBACK_CTRL,0),        "SSL3_CALLBACK_CTRL"},
+{ERR_PACK(0,SSL_F_SSL3_CHANGE_CIPHER_STATE,0),  "SSL3_CHANGE_CIPHER_STATE"},
+{ERR_PACK(0,SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,0),     "SSL3_CHECK_CERT_AND_ALGORITHM"},
+{ERR_PACK(0,SSL_F_SSL3_CLIENT_HELLO,0), "SSL3_CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_SSL3_CONNECT,0),      "SSL3_CONNECT"},
+{ERR_PACK(0,SSL_F_SSL3_CTRL,0), "SSL3_CTRL"},
+{ERR_PACK(0,SSL_F_SSL3_CTX_CTRL,0),     "SSL3_CTX_CTRL"},
+{ERR_PACK(0,SSL_F_SSL3_ENC,0),  "SSL3_ENC"},
+{ERR_PACK(0,SSL_F_SSL3_GENERATE_KEY_BLOCK,0),   "SSL3_GENERATE_KEY_BLOCK"},
+{ERR_PACK(0,SSL_F_SSL3_GET_CERTIFICATE_REQUEST,0),      "SSL3_GET_CERTIFICATE_REQUEST"},
+{ERR_PACK(0,SSL_F_SSL3_GET_CERT_VERIFY,0),      "SSL3_GET_CERT_VERIFY"},
+{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_CERTIFICATE,0),       "SSL3_GET_CLIENT_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_HELLO,0),     "SSL3_GET_CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,0),      "SSL3_GET_CLIENT_KEY_EXCHANGE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_FINISHED,0), "SSL3_GET_FINISHED"},
+{ERR_PACK(0,SSL_F_SSL3_GET_KEY_EXCHANGE,0),     "SSL3_GET_KEY_EXCHANGE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_MESSAGE,0),  "SSL3_GET_MESSAGE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_RECORD,0),   "SSL3_GET_RECORD"},
+{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_CERTIFICATE,0),       "SSL3_GET_SERVER_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_DONE,0),      "SSL3_GET_SERVER_DONE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_HELLO,0),     "SSL3_GET_SERVER_HELLO"},
+{ERR_PACK(0,SSL_F_SSL3_OUTPUT_CERT_CHAIN,0),    "SSL3_OUTPUT_CERT_CHAIN"},
+{ERR_PACK(0,SSL_F_SSL3_PEEK,0), "SSL3_PEEK"},
+{ERR_PACK(0,SSL_F_SSL3_READ_BYTES,0),   "SSL3_READ_BYTES"},
+{ERR_PACK(0,SSL_F_SSL3_READ_N,0),       "SSL3_READ_N"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,0),     "SSL3_SEND_CERTIFICATE_REQUEST"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,0),      "SSL3_SEND_CLIENT_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,0),     "SSL3_SEND_CLIENT_KEY_EXCHANGE"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_VERIFY,0),   "SSL3_SEND_CLIENT_VERIFY"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_CERTIFICATE,0),      "SSL3_SEND_SERVER_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_HELLO,0),    "SSL3_SEND_SERVER_HELLO"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,0),     "SSL3_SEND_SERVER_KEY_EXCHANGE"},
+{ERR_PACK(0,SSL_F_SSL3_SETUP_BUFFERS,0),        "SSL3_SETUP_BUFFERS"},
+{ERR_PACK(0,SSL_F_SSL3_SETUP_KEY_BLOCK,0),      "SSL3_SETUP_KEY_BLOCK"},
+{ERR_PACK(0,SSL_F_SSL3_WRITE_BYTES,0),  "SSL3_WRITE_BYTES"},
+{ERR_PACK(0,SSL_F_SSL3_WRITE_PENDING,0),        "SSL3_WRITE_PENDING"},
+{ERR_PACK(0,SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,0),        "SSL_add_dir_cert_subjects_to_stack"},
+{ERR_PACK(0,SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,0),       "SSL_add_file_cert_subjects_to_stack"},
+{ERR_PACK(0,SSL_F_SSL_BAD_METHOD,0),    "SSL_BAD_METHOD"},
+{ERR_PACK(0,SSL_F_SSL_BYTES_TO_CIPHER_LIST,0),  "SSL_BYTES_TO_CIPHER_LIST"},
+{ERR_PACK(0,SSL_F_SSL_CERT_DUP,0),      "SSL_CERT_DUP"},
+{ERR_PACK(0,SSL_F_SSL_CERT_INST,0),     "SSL_CERT_INST"},
+{ERR_PACK(0,SSL_F_SSL_CERT_INSTANTIATE,0),      "SSL_CERT_INSTANTIATE"},
+{ERR_PACK(0,SSL_F_SSL_CERT_NEW,0),      "SSL_CERT_NEW"},
+{ERR_PACK(0,SSL_F_SSL_CHECK_PRIVATE_KEY,0),     "SSL_check_private_key"},
+{ERR_PACK(0,SSL_F_SSL_CIPHER_PROCESS_RULESTR,0),        "SSL_CIPHER_PROCESS_RULESTR"},
+{ERR_PACK(0,SSL_F_SSL_CIPHER_STRENGTH_SORT,0),  "SSL_CIPHER_STRENGTH_SORT"},
+{ERR_PACK(0,SSL_F_SSL_CLEAR,0), "SSL_clear"},
+{ERR_PACK(0,SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,0),   "SSL_COMP_add_compression_method"},
+{ERR_PACK(0,SSL_F_SSL_CREATE_CIPHER_LIST,0),    "SSL_CREATE_CIPHER_LIST"},
+{ERR_PACK(0,SSL_F_SSL_CTRL,0),  "SSL_ctrl"},
+{ERR_PACK(0,SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,0), "SSL_CTX_check_private_key"},
+{ERR_PACK(0,SSL_F_SSL_CTX_NEW,0),       "SSL_CTX_new"},
+{ERR_PACK(0,SSL_F_SSL_CTX_SET_PURPOSE,0),       "SSL_CTX_set_purpose"},
+{ERR_PACK(0,SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,0),    "SSL_CTX_set_session_id_context"},
+{ERR_PACK(0,SSL_F_SSL_CTX_SET_SSL_VERSION,0),   "SSL_CTX_set_ssl_version"},
+{ERR_PACK(0,SSL_F_SSL_CTX_SET_TRUST,0), "SSL_CTX_set_trust"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE,0),   "SSL_CTX_use_certificate"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,0),      "SSL_CTX_use_certificate_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,0),        "SSL_CTX_use_certificate_chain_file"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,0),      "SSL_CTX_use_certificate_file"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY,0),    "SSL_CTX_use_PrivateKey"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,0),       "SSL_CTX_use_PrivateKey_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,0),       "SSL_CTX_use_PrivateKey_file"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,0), "SSL_CTX_use_RSAPrivateKey"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,0),    "SSL_CTX_use_RSAPrivateKey_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,0),    "SSL_CTX_use_RSAPrivateKey_file"},
+{ERR_PACK(0,SSL_F_SSL_DO_HANDSHAKE,0),  "SSL_do_handshake"},
+{ERR_PACK(0,SSL_F_SSL_GET_NEW_SESSION,0),       "SSL_GET_NEW_SESSION"},
+{ERR_PACK(0,SSL_F_SSL_GET_PREV_SESSION,0),      "SSL_GET_PREV_SESSION"},
+{ERR_PACK(0,SSL_F_SSL_GET_SERVER_SEND_CERT,0),  "SSL_GET_SERVER_SEND_CERT"},
+{ERR_PACK(0,SSL_F_SSL_GET_SIGN_PKEY,0), "SSL_GET_SIGN_PKEY"},
+{ERR_PACK(0,SSL_F_SSL_INIT_WBIO_BUFFER,0),      "SSL_INIT_WBIO_BUFFER"},
+{ERR_PACK(0,SSL_F_SSL_LOAD_CLIENT_CA_FILE,0),   "SSL_load_client_CA_file"},
+{ERR_PACK(0,SSL_F_SSL_NEW,0),   "SSL_new"},
+{ERR_PACK(0,SSL_F_SSL_READ,0),  "SSL_read"},
+{ERR_PACK(0,SSL_F_SSL_RSA_PRIVATE_DECRYPT,0),   "SSL_RSA_PRIVATE_DECRYPT"},
+{ERR_PACK(0,SSL_F_SSL_RSA_PUBLIC_ENCRYPT,0),    "SSL_RSA_PUBLIC_ENCRYPT"},
+{ERR_PACK(0,SSL_F_SSL_SESSION_NEW,0),   "SSL_SESSION_new"},
+{ERR_PACK(0,SSL_F_SSL_SESSION_PRINT_FP,0),      "SSL_SESSION_print_fp"},
+{ERR_PACK(0,SSL_F_SSL_SESS_CERT_NEW,0), "SSL_SESS_CERT_NEW"},
+{ERR_PACK(0,SSL_F_SSL_SET_CERT,0),      "SSL_SET_CERT"},
+{ERR_PACK(0,SSL_F_SSL_SET_FD,0),        "SSL_set_fd"},
+{ERR_PACK(0,SSL_F_SSL_SET_PKEY,0),      "SSL_SET_PKEY"},
+{ERR_PACK(0,SSL_F_SSL_SET_PURPOSE,0),   "SSL_set_purpose"},
+{ERR_PACK(0,SSL_F_SSL_SET_RFD,0),       "SSL_set_rfd"},
+{ERR_PACK(0,SSL_F_SSL_SET_SESSION,0),   "SSL_set_session"},
+{ERR_PACK(0,SSL_F_SSL_SET_SESSION_ID_CONTEXT,0),        "SSL_set_session_id_context"},
+{ERR_PACK(0,SSL_F_SSL_SET_TRUST,0),     "SSL_set_trust"},
+{ERR_PACK(0,SSL_F_SSL_SET_WFD,0),       "SSL_set_wfd"},
+{ERR_PACK(0,SSL_F_SSL_SHUTDOWN,0),      "SSL_shutdown"},
+{ERR_PACK(0,SSL_F_SSL_UNDEFINED_CONST_FUNCTION,0),      "SSL_UNDEFINED_CONST_FUNCTION"},
+{ERR_PACK(0,SSL_F_SSL_UNDEFINED_FUNCTION,0),    "SSL_UNDEFINED_FUNCTION"},
+{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE,0),       "SSL_use_certificate"},
+{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_ASN1,0),  "SSL_use_certificate_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_FILE,0),  "SSL_use_certificate_file"},
+{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY,0),        "SSL_use_PrivateKey"},
+{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_ASN1,0),   "SSL_use_PrivateKey_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_FILE,0),   "SSL_use_PrivateKey_file"},
+{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY,0),     "SSL_use_RSAPrivateKey"},
+{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,0),        "SSL_use_RSAPrivateKey_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,0),        "SSL_use_RSAPrivateKey_file"},
+{ERR_PACK(0,SSL_F_SSL_VERIFY_CERT_CHAIN,0),     "SSL_VERIFY_CERT_CHAIN"},
+{ERR_PACK(0,SSL_F_SSL_WRITE,0), "SSL_write"},
+{ERR_PACK(0,SSL_F_TLS1_CHANGE_CIPHER_STATE,0),  "TLS1_CHANGE_CIPHER_STATE"},
+{ERR_PACK(0,SSL_F_TLS1_ENC,0),  "TLS1_ENC"},
+{ERR_PACK(0,SSL_F_TLS1_SETUP_KEY_BLOCK,0),      "TLS1_SETUP_KEY_BLOCK"},
+{ERR_PACK(0,SSL_F_WRITE_PENDING,0),     "WRITE_PENDING"},
+{0,NULL}
+        };
+
+static ERR_STRING_DATA SSL_str_reasons[]=
+        {
+{SSL_R_APP_DATA_IN_HANDSHAKE             ,"app data in handshake"},
+{SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT,"attempt to reuse session in different context"},
+{SSL_R_BAD_ALERT_RECORD                  ,"bad alert record"},
+{SSL_R_BAD_AUTHENTICATION_TYPE           ,"bad authentication type"},
+{SSL_R_BAD_CHANGE_CIPHER_SPEC            ,"bad change cipher spec"},
+{SSL_R_BAD_CHECKSUM                      ,"bad checksum"},
+{SSL_R_BAD_DATA_RETURNED_BY_CALLBACK     ,"bad data returned by callback"},
+{SSL_R_BAD_DECOMPRESSION                 ,"bad decompression"},
+{SSL_R_BAD_DH_G_LENGTH                   ,"bad dh g length"},
+{SSL_R_BAD_DH_PUB_KEY_LENGTH             ,"bad dh pub key length"},
+{SSL_R_BAD_DH_P_LENGTH                   ,"bad dh p length"},
+{SSL_R_BAD_DIGEST_LENGTH                 ,"bad digest length"},
+{SSL_R_BAD_DSA_SIGNATURE                 ,"bad dsa signature"},
+{SSL_R_BAD_HELLO_REQUEST                 ,"bad hello request"},
+{SSL_R_BAD_LENGTH                        ,"bad length"},
+{SSL_R_BAD_MAC_DECODE                    ,"bad mac decode"},
+{SSL_R_BAD_MESSAGE_TYPE                  ,"bad message type"},
+{SSL_R_BAD_PACKET_LENGTH                 ,"bad packet length"},
+{SSL_R_BAD_PROTOCOL_VERSION_NUMBER       ,"bad protocol version number"},
+{SSL_R_BAD_RESPONSE_ARGUMENT             ,"bad response argument"},
+{SSL_R_BAD_RSA_DECRYPT                   ,"bad rsa decrypt"},
+{SSL_R_BAD_RSA_ENCRYPT                   ,"bad rsa encrypt"},
+{SSL_R_BAD_RSA_E_LENGTH                  ,"bad rsa e length"},
+{SSL_R_BAD_RSA_MODULUS_LENGTH            ,"bad rsa modulus length"},
+{SSL_R_BAD_RSA_SIGNATURE                 ,"bad rsa signature"},
+{SSL_R_BAD_SIGNATURE                     ,"bad signature"},
+{SSL_R_BAD_SSL_FILETYPE                  ,"bad ssl filetype"},
+{SSL_R_BAD_SSL_SESSION_ID_LENGTH         ,"bad ssl session id length"},
+{SSL_R_BAD_STATE                         ,"bad state"},
+{SSL_R_BAD_WRITE_RETRY                   ,"bad write retry"},
+{SSL_R_BIO_NOT_SET                       ,"bio not set"},
+{SSL_R_BLOCK_CIPHER_PAD_IS_WRONG         ,"block cipher pad is wrong"},
+{SSL_R_BN_LIB                            ,"bn lib"},
+{SSL_R_CA_DN_LENGTH_MISMATCH             ,"ca dn length mismatch"},
+{SSL_R_CA_DN_TOO_LONG                    ,"ca dn too long"},
+{SSL_R_CCS_RECEIVED_EARLY                ,"ccs received early"},
+{SSL_R_CERTIFICATE_VERIFY_FAILED         ,"certificate verify failed"},
+{SSL_R_CERT_LENGTH_MISMATCH              ,"cert length mismatch"},
+{SSL_R_CHALLENGE_IS_DIFFERENT            ,"challenge is different"},
+{SSL_R_CIPHER_CODE_WRONG_LENGTH          ,"cipher code wrong length"},
+{SSL_R_CIPHER_OR_HASH_UNAVAILABLE        ,"cipher or hash unavailable"},
+{SSL_R_CIPHER_TABLE_SRC_ERROR            ,"cipher table src error"},
+{SSL_R_COMPRESSED_LENGTH_TOO_LONG        ,"compressed length too long"},
+{SSL_R_COMPRESSION_FAILURE               ,"compression failure"},
+{SSL_R_COMPRESSION_LIBRARY_ERROR         ,"compression library error"},
+{SSL_R_CONNECTION_ID_IS_DIFFERENT        ,"connection id is different"},
+{SSL_R_CONNECTION_TYPE_NOT_SET           ,"connection type not set"},
+{SSL_R_DATA_BETWEEN_CCS_AND_FINISHED     ,"data between ccs and finished"},
+{SSL_R_DATA_LENGTH_TOO_LONG              ,"data length too long"},
+{SSL_R_DECRYPTION_FAILED                 ,"decryption failed"},
+{SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC,"decryption failed or bad record mac"},
+{SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG   ,"dh public value length is wrong"},
+{SSL_R_DIGEST_CHECK_FAILED               ,"digest check failed"},
+{SSL_R_ENCRYPTED_LENGTH_TOO_LONG         ,"encrypted length too long"},
+{SSL_R_ERROR_GENERATING_TMP_RSA_KEY      ,"error generating tmp rsa key"},
+{SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST     ,"error in received cipher list"},
+{SSL_R_EXCESSIVE_MESSAGE_SIZE            ,"excessive message size"},
+{SSL_R_EXTRA_DATA_IN_MESSAGE             ,"extra data in message"},
+{SSL_R_GOT_A_FIN_BEFORE_A_CCS            ,"got a fin before a ccs"},
+{SSL_R_HTTPS_PROXY_REQUEST               ,"https proxy request"},
+{SSL_R_HTTP_REQUEST                      ,"http request"},
+{SSL_R_ILLEGAL_PADDING                   ,"illegal padding"},
+{SSL_R_INVALID_CHALLENGE_LENGTH          ,"invalid challenge length"},
+{SSL_R_INVALID_COMMAND                   ,"invalid command"},
+{SSL_R_INVALID_PURPOSE                   ,"invalid purpose"},
+{SSL_R_INVALID_TRUST                     ,"invalid trust"},
+{SSL_R_KEY_ARG_TOO_LONG                  ,"key arg too long"},
+{SSL_R_KRB5                              ,"krb5"},
+{SSL_R_KRB5_C_CC_PRINC                   ,"krb5 client cc principal (no tkt?)"},
+{SSL_R_KRB5_C_GET_CRED                   ,"krb5 client get cred"},
+{SSL_R_KRB5_C_INIT                       ,"krb5 client init"},
+{SSL_R_KRB5_C_MK_REQ                     ,"krb5 client mk_req (expired tkt?)"},
+{SSL_R_KRB5_S_BAD_TICKET                 ,"krb5 server bad ticket"},
+{SSL_R_KRB5_S_INIT                       ,"krb5 server init"},
+{SSL_R_KRB5_S_RD_REQ                     ,"krb5 server rd_req (keytab perms?)"},
+{SSL_R_KRB5_S_TKT_EXPIRED                ,"krb5 server tkt expired"},
+{SSL_R_KRB5_S_TKT_NYV                    ,"krb5 server tkt not yet valid"},
+{SSL_R_KRB5_S_TKT_SKEW                   ,"krb5 server tkt skew"},
+{SSL_R_LENGTH_MISMATCH                   ,"length mismatch"},
+{SSL_R_LENGTH_TOO_SHORT                  ,"length too short"},
+{SSL_R_LIBRARY_BUG                       ,"library bug"},
+{SSL_R_LIBRARY_HAS_NO_CIPHERS            ,"library has no ciphers"},
+{SSL_R_MASTER_KEY_TOO_LONG               ,"master key too long"},
+{SSL_R_MESSAGE_TOO_LONG                  ,"message too long"},
+{SSL_R_MISSING_DH_DSA_CERT               ,"missing dh dsa cert"},
+{SSL_R_MISSING_DH_KEY                    ,"missing dh key"},
+{SSL_R_MISSING_DH_RSA_CERT               ,"missing dh rsa cert"},
+{SSL_R_MISSING_DSA_SIGNING_CERT          ,"missing dsa signing cert"},
+{SSL_R_MISSING_EXPORT_TMP_DH_KEY         ,"missing export tmp dh key"},
+{SSL_R_MISSING_EXPORT_TMP_RSA_KEY        ,"missing export tmp rsa key"},
+{SSL_R_MISSING_RSA_CERTIFICATE           ,"missing rsa certificate"},
+{SSL_R_MISSING_RSA_ENCRYPTING_CERT       ,"missing rsa encrypting cert"},
+{SSL_R_MISSING_RSA_SIGNING_CERT          ,"missing rsa signing cert"},
+{SSL_R_MISSING_TMP_DH_KEY                ,"missing tmp dh key"},
+{SSL_R_MISSING_TMP_RSA_KEY               ,"missing tmp rsa key"},
+{SSL_R_MISSING_TMP_RSA_PKEY              ,"missing tmp rsa pkey"},
+{SSL_R_MISSING_VERIFY_MESSAGE            ,"missing verify message"},
+{SSL_R_NON_SSLV2_INITIAL_PACKET          ,"non sslv2 initial packet"},
+{SSL_R_NO_CERTIFICATES_RETURNED          ,"no certificates returned"},
+{SSL_R_NO_CERTIFICATE_ASSIGNED           ,"no certificate assigned"},
+{SSL_R_NO_CERTIFICATE_RETURNED           ,"no certificate returned"},
+{SSL_R_NO_CERTIFICATE_SET                ,"no certificate set"},
+{SSL_R_NO_CERTIFICATE_SPECIFIED          ,"no certificate specified"},
+{SSL_R_NO_CIPHERS_AVAILABLE              ,"no ciphers available"},
+{SSL_R_NO_CIPHERS_PASSED                 ,"no ciphers passed"},
+{SSL_R_NO_CIPHERS_SPECIFIED              ,"no ciphers specified"},
+{SSL_R_NO_CIPHER_LIST                    ,"no cipher list"},
+{SSL_R_NO_CIPHER_MATCH                   ,"no cipher match"},
+{SSL_R_NO_CLIENT_CERT_RECEIVED           ,"no client cert received"},
+{SSL_R_NO_COMPRESSION_SPECIFIED          ,"no compression specified"},
+{SSL_R_NO_METHOD_SPECIFIED               ,"no method specified"},
+{SSL_R_NO_PRIVATEKEY                     ,"no privatekey"},
+{SSL_R_NO_PRIVATE_KEY_ASSIGNED           ,"no private key assigned"},
+{SSL_R_NO_PROTOCOLS_AVAILABLE            ,"no protocols available"},
+{SSL_R_NO_PUBLICKEY                      ,"no publickey"},
+{SSL_R_NO_SHARED_CIPHER                  ,"no shared cipher"},
+{SSL_R_NO_VERIFY_CALLBACK                ,"no verify callback"},
+{SSL_R_NULL_SSL_CTX                      ,"null ssl ctx"},
+{SSL_R_NULL_SSL_METHOD_PASSED            ,"null ssl method passed"},
+{SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED   ,"old session cipher not returned"},
+{SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE     ,"only tls allowed in fips mode"},
+{SSL_R_PACKET_LENGTH_TOO_LONG            ,"packet length too long"},
+{SSL_R_PATH_TOO_LONG                     ,"path too long"},
+{SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE ,"peer did not return a certificate"},
+{SSL_R_PEER_ERROR                        ,"peer error"},
+{SSL_R_PEER_ERROR_CERTIFICATE            ,"peer error certificate"},
+{SSL_R_PEER_ERROR_NO_CERTIFICATE         ,"peer error no certificate"},
+{SSL_R_PEER_ERROR_NO_CIPHER              ,"peer error no cipher"},
+{SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"peer error unsupported certificate type"},
+{SSL_R_PRE_MAC_LENGTH_TOO_LONG           ,"pre mac length too long"},
+{SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS ,"problems mapping cipher functions"},
+{SSL_R_PROTOCOL_IS_SHUTDOWN              ,"protocol is shutdown"},
+{SSL_R_PUBLIC_KEY_ENCRYPT_ERROR          ,"public key encrypt error"},
+{SSL_R_PUBLIC_KEY_IS_NOT_RSA             ,"public key is not rsa"},
+{SSL_R_PUBLIC_KEY_NOT_RSA                ,"public key not rsa"},
+{SSL_R_READ_BIO_NOT_SET                  ,"read bio not set"},
+{SSL_R_READ_WRONG_PACKET_TYPE            ,"read wrong packet type"},
+{SSL_R_RECORD_LENGTH_MISMATCH            ,"record length mismatch"},
+{SSL_R_RECORD_TOO_LARGE                  ,"record too large"},
+{SSL_R_RECORD_TOO_SMALL                  ,"record too small"},
+{SSL_R_REQUIRED_CIPHER_MISSING           ,"required cipher missing"},
+{SSL_R_REUSE_CERT_LENGTH_NOT_ZERO        ,"reuse cert length not zero"},
+{SSL_R_REUSE_CERT_TYPE_NOT_ZERO          ,"reuse cert type not zero"},
+{SSL_R_REUSE_CIPHER_LIST_NOT_ZERO        ,"reuse cipher list not zero"},
+{SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED  ,"session id context uninitialized"},
+{SSL_R_SHORT_READ                        ,"short read"},
+{SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"},
+{SSL_R_SSL23_DOING_SESSION_ID_REUSE      ,"ssl23 doing session id reuse"},
+{SSL_R_SSL2_CONNECTION_ID_TOO_LONG       ,"ssl2 connection id too long"},
+{SSL_R_SSL3_SESSION_ID_TOO_LONG          ,"ssl3 session id too long"},
+{SSL_R_SSL3_SESSION_ID_TOO_SHORT         ,"ssl3 session id too short"},
+{SSL_R_SSLV3_ALERT_BAD_CERTIFICATE       ,"sslv3 alert bad certificate"},
+{SSL_R_SSLV3_ALERT_BAD_RECORD_MAC        ,"sslv3 alert bad record mac"},
+{SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED   ,"sslv3 alert certificate expired"},
+{SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED   ,"sslv3 alert certificate revoked"},
+{SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN   ,"sslv3 alert certificate unknown"},
+{SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE ,"sslv3 alert decompression failure"},
+{SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE     ,"sslv3 alert handshake failure"},
+{SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER     ,"sslv3 alert illegal parameter"},
+{SSL_R_SSLV3_ALERT_NO_CERTIFICATE        ,"sslv3 alert no certificate"},
+{SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE,"sslv3 alert peer error certificate"},
+{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE,"sslv3 alert peer error no certificate"},
+{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER  ,"sslv3 alert peer error no cipher"},
+{SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"sslv3 alert peer error unsupported certificate type"},
+{SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE    ,"sslv3 alert unexpected message"},
+{SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE,"sslv3 alert unknown remote error type"},
+{SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE,"sslv3 alert unsupported certificate"},
+{SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION,"ssl ctx has no default ssl version"},
+{SSL_R_SSL_HANDSHAKE_FAILURE             ,"ssl handshake failure"},
+{SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS        ,"ssl library has no ciphers"},
+{SSL_R_SSL_SESSION_ID_CALLBACK_FAILED    ,"ssl session id callback failed"},
+{SSL_R_SSL_SESSION_ID_CONFLICT           ,"ssl session id conflict"},
+{SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG   ,"ssl session id context too long"},
+{SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH     ,"ssl session id has bad length"},
+{SSL_R_SSL_SESSION_ID_IS_DIFFERENT       ,"ssl session id is different"},
+{SSL_R_TLSV1_ALERT_ACCESS_DENIED         ,"tlsv1 alert access denied"},
+{SSL_R_TLSV1_ALERT_DECODE_ERROR          ,"tlsv1 alert decode error"},
+{SSL_R_TLSV1_ALERT_DECRYPTION_FAILED     ,"tlsv1 alert decryption failed"},
+{SSL_R_TLSV1_ALERT_DECRYPT_ERROR         ,"tlsv1 alert decrypt error"},
+{SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION    ,"tlsv1 alert export restriction"},
+{SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY ,"tlsv1 alert insufficient security"},
+{SSL_R_TLSV1_ALERT_INTERNAL_ERROR        ,"tlsv1 alert internal error"},
+{SSL_R_TLSV1_ALERT_NO_RENEGOTIATION      ,"tlsv1 alert no renegotiation"},
+{SSL_R_TLSV1_ALERT_PROTOCOL_VERSION      ,"tlsv1 alert protocol version"},
+{SSL_R_TLSV1_ALERT_RECORD_OVERFLOW       ,"tlsv1 alert record overflow"},
+{SSL_R_TLSV1_ALERT_UNKNOWN_CA            ,"tlsv1 alert unknown ca"},
+{SSL_R_TLSV1_ALERT_USER_CANCELLED        ,"tlsv1 alert user cancelled"},
+{SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER,"tls client cert req with anon cipher"},
+{SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST,"tls peer did not respond with certificate list"},
+{SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG,"tls rsa encrypted value length is wrong"},
+{SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER   ,"tried to use unsupported cipher"},
+{SSL_R_UNABLE_TO_DECODE_DH_CERTS         ,"unable to decode dh certs"},
+{SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY      ,"unable to extract public key"},
+{SSL_R_UNABLE_TO_FIND_DH_PARAMETERS      ,"unable to find dh parameters"},
+{SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS,"unable to find public key parameters"},
+{SSL_R_UNABLE_TO_FIND_SSL_METHOD         ,"unable to find ssl method"},
+{SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES  ,"unable to load ssl2 md5 routines"},
+{SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES  ,"unable to load ssl3 md5 routines"},
+{SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES ,"unable to load ssl3 sha1 routines"},
+{SSL_R_UNEXPECTED_MESSAGE                ,"unexpected message"},
+{SSL_R_UNEXPECTED_RECORD                 ,"unexpected record"},
+{SSL_R_UNINITIALIZED                     ,"uninitialized"},
+{SSL_R_UNKNOWN_ALERT_TYPE                ,"unknown alert type"},
+{SSL_R_UNKNOWN_CERTIFICATE_TYPE          ,"unknown certificate type"},
+{SSL_R_UNKNOWN_CIPHER_RETURNED           ,"unknown cipher returned"},
+{SSL_R_UNKNOWN_CIPHER_TYPE               ,"unknown cipher type"},
+{SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE         ,"unknown key exchange type"},
+{SSL_R_UNKNOWN_PKEY_TYPE                 ,"unknown pkey type"},
+{SSL_R_UNKNOWN_PROTOCOL                  ,"unknown protocol"},
+{SSL_R_UNKNOWN_REMOTE_ERROR_TYPE         ,"unknown remote error type"},
+{SSL_R_UNKNOWN_SSL_VERSION               ,"unknown ssl version"},
+{SSL_R_UNKNOWN_STATE                     ,"unknown state"},
+{SSL_R_UNSUPPORTED_CIPHER                ,"unsupported cipher"},
+{SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM ,"unsupported compression algorithm"},
+{SSL_R_UNSUPPORTED_OPTION                ,"unsupported option"},
+{SSL_R_UNSUPPORTED_PROTOCOL              ,"unsupported protocol"},
+{SSL_R_UNSUPPORTED_SSL_VERSION           ,"unsupported ssl version"},
+{SSL_R_WRITE_BIO_NOT_SET                 ,"write bio not set"},
+{SSL_R_WRONG_CIPHER_RETURNED             ,"wrong cipher returned"},
+{SSL_R_WRONG_MESSAGE_TYPE                ,"wrong message type"},
+{SSL_R_WRONG_NUMBER_OF_KEY_BITS          ,"wrong number of key bits"},
+{SSL_R_WRONG_SIGNATURE_LENGTH            ,"wrong signature length"},
+{SSL_R_WRONG_SIGNATURE_SIZE              ,"wrong signature size"},
+{SSL_R_WRONG_SSL_VERSION                 ,"wrong ssl version"},
+{SSL_R_WRONG_VERSION_NUMBER              ,"wrong version number"},
+{SSL_R_X509_LIB                          ,"x509 lib"},
+{SSL_R_X509_VERIFICATION_SETUP_PROBLEMS  ,"x509 verification setup problems"},
+{0,NULL}
+        };
+
+#endif
+
+void ERR_load_SSL_strings(void)
+        {
+        static int init=1;
+
+        if (init)
+                {
+                init=0;
+#ifndef OPENSSL_NO_ERR
+                ERR_load_strings(ERR_LIB_SSL,SSL_str_functs);
+                ERR_load_strings(ERR_LIB_SSL,SSL_str_reasons);
+#endif
+
+                }
+        }
diff --git a/src/lib/libssl/ssl_err2.c b/src/lib/libssl/ssl_err2.c
new file mode 100644
index 0000000000..ea95a5f983
--- /dev/null
+++ b/src/lib/libssl/ssl_err2.c
@@ -0,0 +1,70 @@
+/* ssl/ssl_err2.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/ssl.h>
+
+void SSL_load_error_strings(void)
+        {
+#ifndef OPENSSL_NO_ERR
+        ERR_load_crypto_strings();
+        ERR_load_SSL_strings();
+#endif
+        }
+
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
new file mode 100644
index 0000000000..631229558f
--- /dev/null
+++ b/src/lib/libssl/ssl_lib.c
@@ -0,0 +1,2336 @@
+/*! \file ssl/ssl_lib.c
+ *  \brief Version independent SSL functions.
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#ifdef REF_CHECK
+#  include <assert.h>
+#endif
+#include <stdio.h>
+#include "ssl_locl.h"
+#include "kssl_lcl.h"
+#include <openssl/objects.h>
+#include <openssl/lhash.h>
+#include <openssl/x509v3.h>
+#include <openssl/fips.h>
+
+const char *SSL_version_str=OPENSSL_VERSION_TEXT;
+
+OPENSSL_GLOBAL SSL3_ENC_METHOD ssl3_undef_enc_method={
+        /* evil casts, but these functions are only called if there's a library bug */
+        (int (*)(SSL *,int))ssl_undefined_function,
+        (int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
+        ssl_undefined_function,
+        (int (*)(SSL *, unsigned char *, unsigned char *, int))ssl_undefined_function,
+        (int (*)(SSL*, int))ssl_undefined_function,
+        (int (*)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char*, int, unsigned char *))ssl_undefined_function
+        };
+
+int SSL_clear(SSL *s)
+        {
+
+        if (s->method == NULL)
+                {
+                SSLerr(SSL_F_SSL_CLEAR,SSL_R_NO_METHOD_SPECIFIED);
+                return(0);
+                }
+
+        if (ssl_clear_bad_session(s))
+                {
+                SSL_SESSION_free(s->session);
+                s->session=NULL;
+                }
+
+        s->error=0;
+        s->hit=0;
+        s->shutdown=0;
+
+#if 0 /* Disabled since version 1.10 of this file (early return not
+       * needed because SSL_clear is not called when doing renegotiation) */
+        /* This is set if we are doing dynamic renegotiation so keep
+         * the old cipher.  It is sort of a SSL_clear_lite :-) */
+        if (s->new_session) return(1);
+#else
+        if (s->new_session)
+                {
+                SSLerr(SSL_F_SSL_CLEAR,ERR_R_INTERNAL_ERROR);
+                return 0;
+                }
+#endif
+
+        s->type=0;
+
+        s->state=SSL_ST_BEFORE|((s->server)?SSL_ST_ACCEPT:SSL_ST_CONNECT);
+
+        s->version=s->method->version;
+        s->client_version=s->version;
+        s->rwstate=SSL_NOTHING;
+        s->rstate=SSL_ST_READ_HEADER;
+#if 0
+        s->read_ahead=s->ctx->read_ahead;
+#endif
+
+        if (s->init_buf != NULL)
+                {
+                BUF_MEM_free(s->init_buf);
+                s->init_buf=NULL;
+                }
+
+        ssl_clear_cipher_ctx(s);
+
+        s->first_packet=0;
+
+#if 1
+        /* Check to see if we were changed into a different method, if
+         * so, revert back if we are not doing session-id reuse. */
+        if (!s->in_handshake && (s->session == NULL) && (s->method != s->ctx->method))
+                {
+                s->method->ssl_free(s);
+                s->method=s->ctx->method;
+                if (!s->method->ssl_new(s))
+                        return(0);
+                }
+        else
+#endif
+                s->method->ssl_clear(s);
+        return(1);
+        }
+
+/** Used to change an SSL_CTXs default SSL method type */
+int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth)
+        {
+        STACK_OF(SSL_CIPHER) *sk;
+
+        ctx->method=meth;
+
+        sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list),
+                &(ctx->cipher_list_by_id),SSL_DEFAULT_CIPHER_LIST);
+        if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0))
+                {
+                SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
+                return(0);
+                }
+        return(1);
+        }
+
+SSL *SSL_new(SSL_CTX *ctx)
+        {
+        SSL *s;
+
+        if (ctx == NULL)
+                {
+                SSLerr(SSL_F_SSL_NEW,SSL_R_NULL_SSL_CTX);
+                return(NULL);
+                }
+        if (ctx->method == NULL)
+                {
+                SSLerr(SSL_F_SSL_NEW,SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
+                return(NULL);
+                }
+
+        s=(SSL *)OPENSSL_malloc(sizeof(SSL));
+        if (s == NULL) goto err;
+        memset(s,0,sizeof(SSL));
+
+#ifndef OPENSSL_NO_KRB5
+        s->kssl_ctx = kssl_ctx_new();
+#endif  /* OPENSSL_NO_KRB5 */
+
+        s->options=ctx->options;
+        s->mode=ctx->mode;
+        s->max_cert_list=ctx->max_cert_list;
+
+        if (ctx->cert != NULL)
+                {
+                /* Earlier library versions used to copy the pointer to
+                 * the CERT, not its contents; only when setting new
+                 * parameters for the per-SSL copy, ssl_cert_new would be
+                 * called (and the direct reference to the per-SSL_CTX
+                 * settings would be lost, but those still were indirectly
+                 * accessed for various purposes, and for that reason they
+                 * used to be known as s->ctx->default_cert).
+                 * Now we don't look at the SSL_CTX's CERT after having
+                 * duplicated it once. */
+
+                s->cert = ssl_cert_dup(ctx->cert);
+                if (s->cert == NULL)
+                        goto err;
+                }
+        else
+                s->cert=NULL; /* Cannot really happen (see SSL_CTX_new) */
+
+        s->read_ahead=ctx->read_ahead;
+        s->msg_callback=ctx->msg_callback;
+        s->msg_callback_arg=ctx->msg_callback_arg;
+        s->verify_mode=ctx->verify_mode;
+        s->verify_depth=ctx->verify_depth;
+        s->sid_ctx_length=ctx->sid_ctx_length;
+        OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
+        memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx));
+        s->verify_callback=ctx->default_verify_callback;
+        s->generate_session_id=ctx->generate_session_id;
+        s->purpose = ctx->purpose;
+        s->trust = ctx->trust;
+        s->quiet_shutdown=ctx->quiet_shutdown;
+
+        CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
+        s->ctx=ctx;
+
+        s->verify_result=X509_V_OK;
+
+        s->method=ctx->method;
+
+        if (!s->method->ssl_new(s))
+                goto err;
+
+        s->references=1;
+        s->server=(ctx->method->ssl_accept == ssl_undefined_function)?0:1;
+
+        SSL_clear(s);
+
+        CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
+
+        return(s);
+err:
+        if (s != NULL)
+                {
+                if (s->cert != NULL)
+                        ssl_cert_free(s->cert);
+                if (s->ctx != NULL)
+                        SSL_CTX_free(s->ctx); /* decrement reference count */
+                OPENSSL_free(s);
+                }
+        SSLerr(SSL_F_SSL_NEW,ERR_R_MALLOC_FAILURE);
+        return(NULL);
+        }
+
+int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,
+                                   unsigned int sid_ctx_len)
+    {
+    if(sid_ctx_len > sizeof ctx->sid_ctx)
+        {
+        SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
+        return 0;
+        }
+    ctx->sid_ctx_length=sid_ctx_len;
+    memcpy(ctx->sid_ctx,sid_ctx,sid_ctx_len);
+
+    return 1;
+    }
+
+int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
+                               unsigned int sid_ctx_len)
+    {
+    if(sid_ctx_len > SSL_MAX_SID_CTX_LENGTH)
+        {
+        SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
+        return 0;
+        }
+    ssl->sid_ctx_length=sid_ctx_len;
+    memcpy(ssl->sid_ctx,sid_ctx,sid_ctx_len);
+
+    return 1;
+    }
+
+int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
+        {
+        CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+        ctx->generate_session_id = cb;
+        CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+        return 1;
+        }
+
+int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
+        {
+        CRYPTO_w_lock(CRYPTO_LOCK_SSL);
+        ssl->generate_session_id = cb;
+        CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
+        return 1;
+        }
+
+int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
+                                unsigned int id_len)
+        {
+        /* A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how
+         * we can "construct" a session to give us the desired check - ie. to
+         * find if there's a session in the hash table that would conflict with
+         * any new session built out of this id/id_len and the ssl_version in
+         * use by this SSL. */
+        SSL_SESSION r, *p;
+
+        if(id_len > sizeof r.session_id)
+                return 0;
+
+        r.ssl_version = ssl->version;
+        r.session_id_length = id_len;
+        memcpy(r.session_id, id, id_len);
+        /* NB: SSLv2 always uses a fixed 16-byte session ID, so even if a
+         * callback is calling us to check the uniqueness of a shorter ID, it
+         * must be compared as a padded-out ID because that is what it will be
+         * converted to when the callback has finished choosing it. */
+        if((r.ssl_version == SSL2_VERSION) &&
+                        (id_len < SSL2_SSL_SESSION_ID_LENGTH))
+                {
+                memset(r.session_id + id_len, 0,
+                        SSL2_SSL_SESSION_ID_LENGTH - id_len);
+                r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
+                }
+
+        CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
+        p = (SSL_SESSION *)lh_retrieve(ssl->ctx->sessions, &r);
+        CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
+        return (p != NULL);
+        }
+
+int SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
+        {
+        return X509_PURPOSE_set(&s->purpose, purpose);
+        }
+
+int SSL_set_purpose(SSL *s, int purpose)
+        {
+        return X509_PURPOSE_set(&s->purpose, purpose);
+        }
+
+int SSL_CTX_set_trust(SSL_CTX *s, int trust)
+        {
+        return X509_TRUST_set(&s->trust, trust);
+        }
+
+int SSL_set_trust(SSL *s, int trust)
+        {
+        return X509_TRUST_set(&s->trust, trust);
+        }
+
+void SSL_free(SSL *s)
+        {
+        int i;
+
+        if(s == NULL)
+            return;
+
+        i=CRYPTO_add(&s->references,-1,CRYPTO_LOCK_SSL);
+#ifdef REF_PRINT
+        REF_PRINT("SSL",s);
+#endif
+        if (i > 0) return;
+#ifdef REF_CHECK
+        if (i < 0)
+                {
+                fprintf(stderr,"SSL_free, bad reference count\n");
+                abort(); /* ok */
+                }
+#endif
+
+        CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
+
+        if (s->bbio != NULL)
+                {
+                /* If the buffering BIO is in place, pop it off */
+                if (s->bbio == s->wbio)
+                        {
+                        s->wbio=BIO_pop(s->wbio);
+                        }
+                BIO_free(s->bbio);
+                s->bbio=NULL;
+                }
+        if (s->rbio != NULL)
+                BIO_free_all(s->rbio);
+        if ((s->wbio != NULL) && (s->wbio != s->rbio))
+                BIO_free_all(s->wbio);
+
+        if (s->init_buf != NULL) BUF_MEM_free(s->init_buf);
+
+        /* add extra stuff */
+        if (s->cipher_list != NULL) sk_SSL_CIPHER_free(s->cipher_list);
+        if (s->cipher_list_by_id != NULL) sk_SSL_CIPHER_free(s->cipher_list_by_id);
+
+        /* Make the next call work :-) */
+        if (s->session != NULL)
+                {
+                ssl_clear_bad_session(s);
+                SSL_SESSION_free(s->session);
+                }
+
+        ssl_clear_cipher_ctx(s);
+
+        if (s->cert != NULL) ssl_cert_free(s->cert);
+        /* Free up if allocated */
+
+        if (s->ctx) SSL_CTX_free(s->ctx);
+
+        if (s->client_CA != NULL)
+                sk_X509_NAME_pop_free(s->client_CA,X509_NAME_free);
+
+        if (s->method != NULL) s->method->ssl_free(s);
+
+#ifndef OPENSSL_NO_KRB5
+        if (s->kssl_ctx != NULL)
+                kssl_ctx_free(s->kssl_ctx);
+#endif  /* OPENSSL_NO_KRB5 */
+
+        OPENSSL_free(s);
+        }
+
+void SSL_set_bio(SSL *s,BIO *rbio,BIO *wbio)
+        {
+        /* If the output buffering BIO is still in place, remove it
+         */
+        if (s->bbio != NULL)
+                {
+                if (s->wbio == s->bbio)
+                        {
+                        s->wbio=s->wbio->next_bio;
+                        s->bbio->next_bio=NULL;
+                        }
+                }
+        if ((s->rbio != NULL) && (s->rbio != rbio))
+                BIO_free_all(s->rbio);
+        if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
+                BIO_free_all(s->wbio);
+        s->rbio=rbio;
+        s->wbio=wbio;
+        }
+
+BIO *SSL_get_rbio(const SSL *s)
+        { return(s->rbio); }
+
+BIO *SSL_get_wbio(const SSL *s)
+        { return(s->wbio); }
+
+int SSL_get_fd(const SSL *s)
+        {
+        return(SSL_get_rfd(s));
+        }
+
+int SSL_get_rfd(const SSL *s)
+        {
+        int ret= -1;
+        BIO *b,*r;
+
+        b=SSL_get_rbio(s);
+        r=BIO_find_type(b,BIO_TYPE_DESCRIPTOR);
+        if (r != NULL)
+                BIO_get_fd(r,&ret);
+        return(ret);
+        }
+
+int SSL_get_wfd(const SSL *s)
+        {
+        int ret= -1;
+        BIO *b,*r;
+
+        b=SSL_get_wbio(s);
+        r=BIO_find_type(b,BIO_TYPE_DESCRIPTOR);
+        if (r != NULL)
+                BIO_get_fd(r,&ret);
+        return(ret);
+        }
+
+#ifndef OPENSSL_NO_SOCK
+int SSL_set_fd(SSL *s,int fd)
+        {
+        int ret=0;
+        BIO *bio=NULL;
+
+        bio=BIO_new(BIO_s_socket());
+
+        if (bio == NULL)
+                {
+                SSLerr(SSL_F_SSL_SET_FD,ERR_R_BUF_LIB);
+                goto err;
+                }
+        BIO_set_fd(bio,fd,BIO_NOCLOSE);
+        SSL_set_bio(s,bio,bio);
+        ret=1;
+err:
+        return(ret);
+        }
+
+int SSL_set_wfd(SSL *s,int fd)
+        {
+        int ret=0;
+        BIO *bio=NULL;
+
+        if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
+                || ((int)BIO_get_fd(s->rbio,NULL) != fd))
+                {
+                bio=BIO_new(BIO_s_socket());
+
+                if (bio == NULL)
+                        { SSLerr(SSL_F_SSL_SET_WFD,ERR_R_BUF_LIB); goto err; }
+                BIO_set_fd(bio,fd,BIO_NOCLOSE);
+                SSL_set_bio(s,SSL_get_rbio(s),bio);
+                }
+        else
+                SSL_set_bio(s,SSL_get_rbio(s),SSL_get_rbio(s));
+        ret=1;
+err:
+        return(ret);
+        }
+
+int SSL_set_rfd(SSL *s,int fd)
+        {
+        int ret=0;
+        BIO *bio=NULL;
+
+        if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
+                || ((int)BIO_get_fd(s->wbio,NULL) != fd))
+                {
+                bio=BIO_new(BIO_s_socket());
+
+                if (bio == NULL)
+                        {
+                        SSLerr(SSL_F_SSL_SET_RFD,ERR_R_BUF_LIB);
+                        goto err;
+                        }
+                BIO_set_fd(bio,fd,BIO_NOCLOSE);
+                SSL_set_bio(s,bio,SSL_get_wbio(s));
+                }
+        else
+                SSL_set_bio(s,SSL_get_wbio(s),SSL_get_wbio(s));
+        ret=1;
+err:
+        return(ret);
+        }
+#endif
+
+
+/* return length of latest Finished message we sent, copy to 'buf' */
+size_t SSL_get_finished(const SSL *s, void *buf, size_t count)
+        {
+        size_t ret = 0;
+        
+        if (s->s3 != NULL)
+                {
+                ret = s->s3->tmp.finish_md_len;
+                if (count > ret)
+                        count = ret;
+                memcpy(buf, s->s3->tmp.finish_md, count);
+                }
+        return ret;
+        }
+
+/* return length of latest Finished message we expected, copy to 'buf' */
+size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
+        {
+        size_t ret = 0;
+        
+        if (s->s3 != NULL)
+                {
+                ret = s->s3->tmp.peer_finish_md_len;
+                if (count > ret)
+                        count = ret;
+                memcpy(buf, s->s3->tmp.peer_finish_md, count);
+                }
+        return ret;
+        }
+
+
+int SSL_get_verify_mode(const SSL *s)
+        {
+        return(s->verify_mode);
+        }
+
+int SSL_get_verify_depth(const SSL *s)
+        {
+        return(s->verify_depth);
+        }
+
+int (*SSL_get_verify_callback(const SSL *s))(int,X509_STORE_CTX *)
+        {
+        return(s->verify_callback);
+        }
+
+int SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
+        {
+        return(ctx->verify_mode);
+        }
+
+int SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
+        {
+        return(ctx->verify_depth);
+        }
+
+int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int,X509_STORE_CTX *)
+        {
+        return(ctx->default_verify_callback);
+        }
+
+void SSL_set_verify(SSL *s,int mode,
+                    int (*callback)(int ok,X509_STORE_CTX *ctx))
+        {
+        s->verify_mode=mode;
+        if (callback != NULL)
+                s->verify_callback=callback;
+        }
+
+void SSL_set_verify_depth(SSL *s,int depth)
+        {
+        s->verify_depth=depth;
+        }
+
+void SSL_set_read_ahead(SSL *s,int yes)
+        {
+        s->read_ahead=yes;
+        }
+
+int SSL_get_read_ahead(const SSL *s)
+        {
+        return(s->read_ahead);
+        }
+
+int SSL_pending(const SSL *s)
+        {
+        /* SSL_pending cannot work properly if read-ahead is enabled
+         * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)),
+         * and it is impossible to fix since SSL_pending cannot report
+         * errors that may be observed while scanning the new data.
+         * (Note that SSL_pending() is often used as a boolean value,
+         * so we'd better not return -1.)
+         */
+        return(s->method->ssl_pending(s));
+        }
+
+X509 *SSL_get_peer_certificate(const SSL *s)
+        {
+        X509 *r;
+        
+        if ((s == NULL) || (s->session == NULL))
+                r=NULL;
+        else
+                r=s->session->peer;
+
+        if (r == NULL) return(r);
+
+        CRYPTO_add(&r->references,1,CRYPTO_LOCK_X509);
+
+        return(r);
+        }
+
+STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s)
+        {
+        STACK_OF(X509) *r;
+        
+        if ((s == NULL) || (s->session == NULL) || (s->session->sess_cert == NULL))
+                r=NULL;
+        else
+                r=s->session->sess_cert->cert_chain;
+
+        /* If we are a client, cert_chain includes the peer's own
+         * certificate; if we are a server, it does not. */
+        
+        return(r);
+        }
+
+/* Now in theory, since the calling process own 't' it should be safe to
+ * modify.  We need to be able to read f without being hassled */
+void SSL_copy_session_id(SSL *t,const SSL *f)
+        {
+        CERT *tmp;
+
+        /* Do we need to to SSL locking? */
+        SSL_set_session(t,SSL_get_session(f));
+
+        /* what if we are setup as SSLv2 but want to talk SSLv3 or
+         * vice-versa */
+        if (t->method != f->method)
+                {
+                t->method->ssl_free(t); /* cleanup current */
+                t->method=f->method;    /* change method */
+                t->method->ssl_new(t);  /* setup new */
+                }
+
+        tmp=t->cert;
+        if (f->cert != NULL)
+                {
+                CRYPTO_add(&f->cert->references,1,CRYPTO_LOCK_SSL_CERT);
+                t->cert=f->cert;
+                }
+        else
+                t->cert=NULL;
+        if (tmp != NULL) ssl_cert_free(tmp);
+        SSL_set_session_id_context(t,f->sid_ctx,f->sid_ctx_length);
+        }
+
+/* Fix this so it checks all the valid key/cert options */
+int SSL_CTX_check_private_key(const SSL_CTX *ctx)
+        {
+        if (    (ctx == NULL) ||
+                (ctx->cert == NULL) ||
+                (ctx->cert->key->x509 == NULL))
+                {
+                SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
+                return(0);
+                }
+        if      (ctx->cert->key->privatekey == NULL)
+                {
+                SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
+                return(0);
+                }
+        return(X509_check_private_key(ctx->cert->key->x509, ctx->cert->key->privatekey));
+        }
+
+/* Fix this function so that it takes an optional type parameter */
+int SSL_check_private_key(const SSL *ssl)
+        {
+        if (ssl == NULL)
+                {
+                SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,ERR_R_PASSED_NULL_PARAMETER);
+                return(0);
+                }
+        if (ssl->cert == NULL)
+                {
+                SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
+                return 0;
+                }
+        if (ssl->cert->key->x509 == NULL)
+                {
+                SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
+                return(0);
+                }
+        if (ssl->cert->key->privatekey == NULL)
+                {
+                SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
+                return(0);
+                }
+        return(X509_check_private_key(ssl->cert->key->x509,
+                ssl->cert->key->privatekey));
+        }
+
+int SSL_accept(SSL *s)
+        {
+        if (s->handshake_func == 0)
+                /* Not properly initialized yet */
+                SSL_set_accept_state(s);
+
+        return(s->method->ssl_accept(s));
+        }
+
+int SSL_connect(SSL *s)
+        {
+        if (s->handshake_func == 0)
+                /* Not properly initialized yet */
+                SSL_set_connect_state(s);
+
+        return(s->method->ssl_connect(s));
+        }
+
+long SSL_get_default_timeout(const SSL *s)
+        {
+        return(s->method->get_timeout());
+        }
+
+int SSL_read(SSL *s,void *buf,int num)
+        {
+        if (s->handshake_func == 0)
+                {
+                SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
+                return -1;
+                }
+
+        if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
+                {
+                s->rwstate=SSL_NOTHING;
+                return(0);
+                }
+        return(s->method->ssl_read(s,buf,num));
+        }
+
+int SSL_peek(SSL *s,void *buf,int num)
+        {
+        if (s->handshake_func == 0)
+                {
+                SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
+                return -1;
+                }
+
+        if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
+                {
+                return(0);
+                }
+        return(s->method->ssl_peek(s,buf,num));
+        }
+
+int SSL_write(SSL *s,const void *buf,int num)
+        {
+        if (s->handshake_func == 0)
+                {
+                SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);
+                return -1;
+                }
+
+        if (s->shutdown & SSL_SENT_SHUTDOWN)
+                {
+                s->rwstate=SSL_NOTHING;
+                SSLerr(SSL_F_SSL_WRITE,SSL_R_PROTOCOL_IS_SHUTDOWN);
+                return(-1);
+                }
+        return(s->method->ssl_write(s,buf,num));
+        }
+
+int SSL_shutdown(SSL *s)
+        {
+        /* Note that this function behaves differently from what one might
+         * expect.  Return values are 0 for no success (yet),
+         * 1 for success; but calling it once is usually not enough,
+         * even if blocking I/O is used (see ssl3_shutdown).
+         */
+
+        if (s->handshake_func == 0)
+                {
+                SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
+                return -1;
+                }
+
+        if ((s != NULL) && !SSL_in_init(s))
+                return(s->method->ssl_shutdown(s));
+        else
+                return(1);
+        }
+
+int SSL_renegotiate(SSL *s)
+        {
+        if (s->new_session == 0)
+                {
+                s->new_session=1;
+                }
+        return(s->method->ssl_renegotiate(s));
+        }
+
+int SSL_renegotiate_pending(SSL *s)
+        {
+        /* becomes true when negotiation is requested;
+         * false again once a handshake has finished */
+        return (s->new_session != 0);
+        }
+
+long SSL_ctrl(SSL *s,int cmd,long larg,void *parg)
+        {
+        long l;
+
+        switch (cmd)
+                {
+        case SSL_CTRL_GET_READ_AHEAD:
+                return(s->read_ahead);
+        case SSL_CTRL_SET_READ_AHEAD:
+                l=s->read_ahead;
+                s->read_ahead=larg;
+                return(l);
+
+        case SSL_CTRL_SET_MSG_CALLBACK_ARG:
+                s->msg_callback_arg = parg;
+                return 1;
+
+        case SSL_CTRL_OPTIONS:
+                return(s->options|=larg);
+        case SSL_CTRL_MODE:
+                return(s->mode|=larg);
+        case SSL_CTRL_GET_MAX_CERT_LIST:
+                return(s->max_cert_list);
+        case SSL_CTRL_SET_MAX_CERT_LIST:
+                l=s->max_cert_list;
+                s->max_cert_list=larg;
+                return(l);
+        default:
+                return(s->method->ssl_ctrl(s,cmd,larg,parg));
+                }
+        }
+
+long SSL_callback_ctrl(SSL *s, int cmd, void (*fp)())
+        {
+        switch(cmd)
+                {
+        case SSL_CTRL_SET_MSG_CALLBACK:
+                s->msg_callback = (void (*)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))(fp);
+                return 1;
+                
+        default:
+                return(s->method->ssl_callback_ctrl(s,cmd,fp));
+                }
+        }
+
+struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx)
+        {
+        return ctx->sessions;
+        }
+
+long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,void *parg)
+        {
+        long l;
+
+        switch (cmd)
+                {
+        case SSL_CTRL_GET_READ_AHEAD:
+                return(ctx->read_ahead);
+        case SSL_CTRL_SET_READ_AHEAD:
+                l=ctx->read_ahead;
+                ctx->read_ahead=larg;
+                return(l);
+                
+        case SSL_CTRL_SET_MSG_CALLBACK_ARG:
+                ctx->msg_callback_arg = parg;
+                return 1;
+
+        case SSL_CTRL_GET_MAX_CERT_LIST:
+                return(ctx->max_cert_list);
+        case SSL_CTRL_SET_MAX_CERT_LIST:
+                l=ctx->max_cert_list;
+                ctx->max_cert_list=larg;
+                return(l);
+
+        case SSL_CTRL_SET_SESS_CACHE_SIZE:
+                l=ctx->session_cache_size;
+                ctx->session_cache_size=larg;
+                return(l);
+        case SSL_CTRL_GET_SESS_CACHE_SIZE:
+                return(ctx->session_cache_size);
+        case SSL_CTRL_SET_SESS_CACHE_MODE:
+                l=ctx->session_cache_mode;
+                ctx->session_cache_mode=larg;
+                return(l);
+        case SSL_CTRL_GET_SESS_CACHE_MODE:
+                return(ctx->session_cache_mode);
+
+        case SSL_CTRL_SESS_NUMBER:
+                return(ctx->sessions->num_items);
+        case SSL_CTRL_SESS_CONNECT:
+                return(ctx->stats.sess_connect);
+        case SSL_CTRL_SESS_CONNECT_GOOD:
+                return(ctx->stats.sess_connect_good);
+        case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
+                return(ctx->stats.sess_connect_renegotiate);
+        case SSL_CTRL_SESS_ACCEPT:
+                return(ctx->stats.sess_accept);
+        case SSL_CTRL_SESS_ACCEPT_GOOD:
+                return(ctx->stats.sess_accept_good);
+        case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
+                return(ctx->stats.sess_accept_renegotiate);
+        case SSL_CTRL_SESS_HIT:
+                return(ctx->stats.sess_hit);
+        case SSL_CTRL_SESS_CB_HIT:
+                return(ctx->stats.sess_cb_hit);
+        case SSL_CTRL_SESS_MISSES:
+                return(ctx->stats.sess_miss);
+        case SSL_CTRL_SESS_TIMEOUTS:
+                return(ctx->stats.sess_timeout);
+        case SSL_CTRL_SESS_CACHE_FULL:
+                return(ctx->stats.sess_cache_full);
+        case SSL_CTRL_OPTIONS:
+                return(ctx->options|=larg);
+        case SSL_CTRL_MODE:
+                return(ctx->mode|=larg);
+        default:
+                return(ctx->method->ssl_ctx_ctrl(ctx,cmd,larg,parg));
+                }
+        }
+
+long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
+        {
+        switch(cmd)
+                {
+        case SSL_CTRL_SET_MSG_CALLBACK:
+                ctx->msg_callback = (void (*)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))(fp);
+                return 1;
+
+        default:
+                return(ctx->method->ssl_ctx_callback_ctrl(ctx,cmd,fp));
+                }
+        }
+
+int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
+        {
+        long l;
+
+        l=a->id-b->id;
+        if (l == 0L)
+                return(0);
+        else
+                return((l > 0)?1:-1);
+        }
+
+int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
+                        const SSL_CIPHER * const *bp)
+        {
+        long l;
+
+        l=(*ap)->id-(*bp)->id;
+        if (l == 0L)
+                return(0);
+        else
+                return((l > 0)?1:-1);
+        }
+
+/** return a STACK of the ciphers available for the SSL and in order of
+ * preference */
+STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
+        {
+        if (s != NULL)
+                {
+                if (s->cipher_list != NULL)
+                        {
+                        return(s->cipher_list);
+                        }
+                else if ((s->ctx != NULL) &&
+                        (s->ctx->cipher_list != NULL))
+                        {
+                        return(s->ctx->cipher_list);
+                        }
+                }
+        return(NULL);
+        }
+
+/** return a STACK of the ciphers available for the SSL and in order of
+ * algorithm id */
+STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
+        {
+        if (s != NULL)
+                {
+                if (s->cipher_list_by_id != NULL)
+                        {
+                        return(s->cipher_list_by_id);
+                        }
+                else if ((s->ctx != NULL) &&
+                        (s->ctx->cipher_list_by_id != NULL))
+                        {
+                        return(s->ctx->cipher_list_by_id);
+                        }
+                }
+        return(NULL);
+        }
+
+/** The old interface to get the same thing as SSL_get_ciphers() */
+const char *SSL_get_cipher_list(const SSL *s,int n)
+        {
+        SSL_CIPHER *c;
+        STACK_OF(SSL_CIPHER) *sk;
+
+        if (s == NULL) return(NULL);
+        sk=SSL_get_ciphers(s);
+        if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
+                return(NULL);
+        c=sk_SSL_CIPHER_value(sk,n);
+        if (c == NULL) return(NULL);
+        return(c->name);
+        }
+
+/** specify the ciphers to be used by default by the SSL_CTX */
+int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
+        {
+        STACK_OF(SSL_CIPHER) *sk;
+        
+        sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list,
+                &ctx->cipher_list_by_id,str);
+/* XXXX */
+        return((sk == NULL)?0:1);
+        }
+
+/** specify the ciphers to be used by the SSL */
+int SSL_set_cipher_list(SSL *s,const char *str)
+        {
+        STACK_OF(SSL_CIPHER) *sk;
+        
+        sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list,
+                &s->cipher_list_by_id,str);
+/* XXXX */
+        return((sk == NULL)?0:1);
+        }
+
+/* works well for SSLv2, not so good for SSLv3 */
+char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
+        {
+        char *p;
+        const char *cp;
+        STACK_OF(SSL_CIPHER) *sk;
+        SSL_CIPHER *c;
+        int i;
+
+        if ((s->session == NULL) || (s->session->ciphers == NULL) ||
+                (len < 2))
+                return(NULL);
+
+        p=buf;
+        sk=s->session->ciphers;
+        for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
+                {
+                /* Decrement for either the ':' or a '\0' */
+                len--;
+                c=sk_SSL_CIPHER_value(sk,i);
+                for (cp=c->name; *cp; )
+                        {
+                        if (len-- == 0)
+                                {
+                                *p='\0';
+                                return(buf);
+                                }
+                        else
+                                *(p++)= *(cp++);
+                        }
+                *(p++)=':';
+                }
+        p[-1]='\0';
+        return(buf);
+        }
+
+int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p)
+        {
+        int i,j=0;
+        SSL_CIPHER *c;
+        unsigned char *q;
+#ifndef OPENSSL_NO_KRB5
+        int nokrb5 = !kssl_tgt_is_available(s->kssl_ctx);
+#endif /* OPENSSL_NO_KRB5 */
+
+        if (sk == NULL) return(0);
+        q=p;
+
+        for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
+                {
+                c=sk_SSL_CIPHER_value(sk,i);
+#ifndef OPENSSL_NO_KRB5
+                if ((c->algorithms & SSL_KRB5) && nokrb5)
+                    continue;
+#endif /* OPENSSL_NO_KRB5 */                    
+                j=ssl_put_cipher_by_char(s,c,p);
+                p+=j;
+                }
+        return(p-q);
+        }
+
+STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
+                                               STACK_OF(SSL_CIPHER) **skp)
+        {
+        SSL_CIPHER *c;
+        STACK_OF(SSL_CIPHER) *sk;
+        int i,n;
+
+        n=ssl_put_cipher_by_char(s,NULL,NULL);
+        if ((num%n) != 0)
+                {
+                SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
+                return(NULL);
+                }
+        if ((skp == NULL) || (*skp == NULL))
+                sk=sk_SSL_CIPHER_new_null(); /* change perhaps later */
+        else
+                {
+                sk= *skp;
+                sk_SSL_CIPHER_zero(sk);
+                }
+
+        for (i=0; i<num; i+=n)
+                {
+                c=ssl_get_cipher_by_char(s,p);
+                p+=n;
+                if (c != NULL)
+                        {
+                        if (!sk_SSL_CIPHER_push(sk,c))
+                                {
+                                SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
+                                goto err;
+                                }
+                        }
+                }
+
+        if (skp != NULL)
+                *skp=sk;
+        return(sk);
+err:
+        if ((skp == NULL) || (*skp == NULL))
+                sk_SSL_CIPHER_free(sk);
+        return(NULL);
+        }
+
+unsigned long SSL_SESSION_hash(const SSL_SESSION *a)
+        {
+        unsigned long l;
+
+        l=(unsigned long)
+                ((unsigned int) a->session_id[0]     )|
+                ((unsigned int) a->session_id[1]<< 8L)|
+                ((unsigned long)a->session_id[2]<<16L)|
+                ((unsigned long)a->session_id[3]<<24L);
+        return(l);
+        }
+
+/* NB: If this function (or indeed the hash function which uses a sort of
+ * coarser function than this one) is changed, ensure
+ * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on being
+ * able to construct an SSL_SESSION that will collide with any existing session
+ * with a matching session ID. */
+int SSL_SESSION_cmp(const SSL_SESSION *a,const SSL_SESSION *b)
+        {
+        if (a->ssl_version != b->ssl_version)
+                return(1);
+        if (a->session_id_length != b->session_id_length)
+                return(1);
+        return(memcmp(a->session_id,b->session_id,a->session_id_length));
+        }
+
+/* These wrapper functions should remain rather than redeclaring
+ * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
+ * variable. The reason is that the functions aren't static, they're exposed via
+ * ssl.h. */
+static IMPLEMENT_LHASH_HASH_FN(SSL_SESSION_hash, SSL_SESSION *)
+static IMPLEMENT_LHASH_COMP_FN(SSL_SESSION_cmp, SSL_SESSION *)
+
+SSL_CTX *SSL_CTX_new(SSL_METHOD *meth)
+        {
+        SSL_CTX *ret=NULL;
+        
+        if (meth == NULL)
+                {
+                SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_NULL_SSL_METHOD_PASSED);
+                return(NULL);
+                }
+
+#ifdef OPENSSL_FIPS
+        if (FIPS_mode() && (meth->version < TLS1_VERSION))      
+                {
+                SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
+                return NULL;
+                }
+#endif
+
+        if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0)
+                {
+                SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
+                goto err;
+                }
+        ret=(SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX));
+        if (ret == NULL)
+                goto err;
+
+        memset(ret,0,sizeof(SSL_CTX));
+
+        ret->method=meth;
+
+        ret->cert_store=NULL;
+        ret->session_cache_mode=SSL_SESS_CACHE_SERVER;
+        ret->session_cache_size=SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
+        ret->session_cache_head=NULL;
+        ret->session_cache_tail=NULL;
+
+        /* We take the system default */
+        ret->session_timeout=meth->get_timeout();
+
+        ret->new_session_cb=0;
+        ret->remove_session_cb=0;
+        ret->get_session_cb=0;
+        ret->generate_session_id=0;
+
+        memset((char *)&ret->stats,0,sizeof(ret->stats));
+
+        ret->references=1;
+        ret->quiet_shutdown=0;
+
+/*      ret->cipher=NULL;*/
+/*      ret->s2->challenge=NULL;
+        ret->master_key=NULL;
+        ret->key_arg=NULL;
+        ret->s2->conn_id=NULL; */
+
+        ret->info_callback=NULL;
+
+        ret->app_verify_callback=0;
+        ret->app_verify_arg=NULL;
+
+        ret->max_cert_list=SSL_MAX_CERT_LIST_DEFAULT;
+        ret->read_ahead=0;
+        ret->msg_callback=0;
+        ret->msg_callback_arg=NULL;
+        ret->verify_mode=SSL_VERIFY_NONE;
+        ret->verify_depth=-1; /* Don't impose a limit (but x509_lu.c does) */
+        ret->sid_ctx_length=0;
+        ret->default_verify_callback=NULL;
+        if ((ret->cert=ssl_cert_new()) == NULL)
+                goto err;
+
+        ret->default_passwd_callback=0;
+        ret->default_passwd_callback_userdata=NULL;
+        ret->client_cert_cb=0;
+
+        ret->sessions=lh_new(LHASH_HASH_FN(SSL_SESSION_hash),
+                        LHASH_COMP_FN(SSL_SESSION_cmp));
+        if (ret->sessions == NULL) goto err;
+        ret->cert_store=X509_STORE_new();
+        if (ret->cert_store == NULL) goto err;
+
+        ssl_create_cipher_list(ret->method,
+                &ret->cipher_list,&ret->cipher_list_by_id,
+                SSL_DEFAULT_CIPHER_LIST);
+        if (ret->cipher_list == NULL
+            || sk_SSL_CIPHER_num(ret->cipher_list) <= 0)
+                {
+                SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_LIBRARY_HAS_NO_CIPHERS);
+                goto err2;
+                }
+
+        if ((ret->rsa_md5=EVP_get_digestbyname("ssl2-md5")) == NULL)
+                {
+                SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
+                goto err2;
+                }
+        if ((ret->md5=EVP_get_digestbyname("ssl3-md5")) == NULL)
+                {
+                SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
+                goto err2;
+                }
+        if ((ret->sha1=EVP_get_digestbyname("ssl3-sha1")) == NULL)
+                {
+                SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
+                goto err2;
+                }
+
+        if ((ret->client_CA=sk_X509_NAME_new_null()) == NULL)
+                goto err;
+
+        CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
+
+        ret->extra_certs=NULL;
+        ret->comp_methods=SSL_COMP_get_compression_methods();
+
+        return(ret);
+err:
+        SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE);
+err2:
+        if (ret != NULL) SSL_CTX_free(ret);
+        return(NULL);
+        }
+
+#if 0
+static void SSL_COMP_free(SSL_COMP *comp)
+    { OPENSSL_free(comp); }
+#endif
+
+void SSL_CTX_free(SSL_CTX *a)
+        {
+        int i;
+
+        if (a == NULL) return;
+
+        i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_SSL_CTX);
+#ifdef REF_PRINT
+        REF_PRINT("SSL_CTX",a);
+#endif
+        if (i > 0) return;
+#ifdef REF_CHECK
+        if (i < 0)
+                {
+                fprintf(stderr,"SSL_CTX_free, bad reference count\n");
+                abort(); /* ok */
+                }
+#endif
+
+        /*
+         * Free internal session cache. However: the remove_cb() may reference
+         * the ex_data of SSL_CTX, thus the ex_data store can only be removed
+         * after the sessions were flushed.
+         * As the ex_data handling routines might also touch the session cache,
+         * the most secure solution seems to be: empty (flush) the cache, then
+         * free ex_data, then finally free the cache.
+         * (See ticket [openssl.org #212].)
+         */
+        if (a->sessions != NULL)
+                SSL_CTX_flush_sessions(a,0);
+
+        CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
+
+        if (a->sessions != NULL)
+                lh_free(a->sessions);
+
+        if (a->cert_store != NULL)
+                X509_STORE_free(a->cert_store);
+        if (a->cipher_list != NULL)
+                sk_SSL_CIPHER_free(a->cipher_list);
+        if (a->cipher_list_by_id != NULL)
+                sk_SSL_CIPHER_free(a->cipher_list_by_id);
+        if (a->cert != NULL)
+                ssl_cert_free(a->cert);
+        if (a->client_CA != NULL)
+                sk_X509_NAME_pop_free(a->client_CA,X509_NAME_free);
+        if (a->extra_certs != NULL)
+                sk_X509_pop_free(a->extra_certs,X509_free);
+#if 0 /* This should never be done, since it removes a global database */
+        if (a->comp_methods != NULL)
+                sk_SSL_COMP_pop_free(a->comp_methods,SSL_COMP_free);
+#else
+        a->comp_methods = NULL;
+#endif
+        OPENSSL_free(a);
+        }
+
+void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
+        {
+        ctx->default_passwd_callback=cb;
+        }
+
+void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx,void *u)
+        {
+        ctx->default_passwd_callback_userdata=u;
+        }
+
+void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,void *), void *arg)
+        {
+        ctx->app_verify_callback=cb;
+        ctx->app_verify_arg=arg;
+        }
+
+void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*cb)(int, X509_STORE_CTX *))
+        {
+        ctx->verify_mode=mode;
+        ctx->default_verify_callback=cb;
+        }
+
+void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth)
+        {
+        ctx->verify_depth=depth;
+        }
+
+void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
+        {
+        CERT_PKEY *cpk;
+        int rsa_enc,rsa_tmp,rsa_sign,dh_tmp,dh_rsa,dh_dsa,dsa_sign;
+        int rsa_enc_export,dh_rsa_export,dh_dsa_export;
+        int rsa_tmp_export,dh_tmp_export,kl;
+        unsigned long mask,emask;
+
+        if (c == NULL) return;
+
+        kl=SSL_C_EXPORT_PKEYLENGTH(cipher);
+
+#ifndef OPENSSL_NO_RSA
+        rsa_tmp=(c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
+        rsa_tmp_export=(c->rsa_tmp_cb != NULL ||
+                (rsa_tmp && RSA_size(c->rsa_tmp)*8 <= kl));
+#else
+        rsa_tmp=rsa_tmp_export=0;
+#endif
+#ifndef OPENSSL_NO_DH
+        dh_tmp=(c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
+        dh_tmp_export=(c->dh_tmp_cb != NULL ||
+                (dh_tmp && DH_size(c->dh_tmp)*8 <= kl));
+#else
+        dh_tmp=dh_tmp_export=0;
+#endif
+
+        cpk= &(c->pkeys[SSL_PKEY_RSA_ENC]);
+        rsa_enc= (cpk->x509 != NULL && cpk->privatekey != NULL);
+        rsa_enc_export=(rsa_enc && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
+        cpk= &(c->pkeys[SSL_PKEY_RSA_SIGN]);
+        rsa_sign=(cpk->x509 != NULL && cpk->privatekey != NULL);
+        cpk= &(c->pkeys[SSL_PKEY_DSA_SIGN]);
+        dsa_sign=(cpk->x509 != NULL && cpk->privatekey != NULL);
+        cpk= &(c->pkeys[SSL_PKEY_DH_RSA]);
+        dh_rsa=  (cpk->x509 != NULL && cpk->privatekey != NULL);
+        dh_rsa_export=(dh_rsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
+        cpk= &(c->pkeys[SSL_PKEY_DH_DSA]);
+/* FIX THIS EAY EAY EAY */
+        dh_dsa=  (cpk->x509 != NULL && cpk->privatekey != NULL);
+        dh_dsa_export=(dh_dsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
+
+        mask=0;
+        emask=0;
+
+#ifdef CIPHER_DEBUG
+        printf("rt=%d rte=%d dht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
+                rsa_tmp,rsa_tmp_export,dh_tmp,
+                rsa_enc,rsa_enc_export,rsa_sign,dsa_sign,dh_rsa,dh_dsa);
+#endif
+
+        if (rsa_enc || (rsa_tmp && rsa_sign))
+                mask|=SSL_kRSA;
+        if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
+                emask|=SSL_kRSA;
+
+#if 0
+        /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
+        if (    (dh_tmp || dh_rsa || dh_dsa) && 
+                (rsa_enc || rsa_sign || dsa_sign))
+                mask|=SSL_kEDH;
+        if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
+                (rsa_enc || rsa_sign || dsa_sign))
+                emask|=SSL_kEDH;
+#endif
+
+        if (dh_tmp_export) 
+                emask|=SSL_kEDH;
+
+        if (dh_tmp)
+                mask|=SSL_kEDH;
+
+        if (dh_rsa) mask|=SSL_kDHr;
+        if (dh_rsa_export) emask|=SSL_kDHr;
+
+        if (dh_dsa) mask|=SSL_kDHd;
+        if (dh_dsa_export) emask|=SSL_kDHd;
+
+        if (rsa_enc || rsa_sign)
+                {
+                mask|=SSL_aRSA;
+                emask|=SSL_aRSA;
+                }
+
+        if (dsa_sign)
+                {
+                mask|=SSL_aDSS;
+                emask|=SSL_aDSS;
+                }
+
+        mask|=SSL_aNULL;
+        emask|=SSL_aNULL;
+
+#ifndef OPENSSL_NO_KRB5
+        mask|=SSL_kKRB5|SSL_aKRB5;
+        emask|=SSL_kKRB5|SSL_aKRB5;
+#endif
+
+        c->mask=mask;
+        c->export_mask=emask;
+        c->valid=1;
+        }
+
+/* THIS NEEDS CLEANING UP */
+X509 *ssl_get_server_send_cert(SSL *s)
+        {
+        unsigned long alg,mask,kalg;
+        CERT *c;
+        int i,is_export;
+
+        c=s->cert;
+        ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
+        alg=s->s3->tmp.new_cipher->algorithms;
+        is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
+        mask=is_export?c->export_mask:c->mask;
+        kalg=alg&(SSL_MKEY_MASK|SSL_AUTH_MASK);
+
+        if      (kalg & SSL_kDHr)
+                i=SSL_PKEY_DH_RSA;
+        else if (kalg & SSL_kDHd)
+                i=SSL_PKEY_DH_DSA;
+        else if (kalg & SSL_aDSS)
+                i=SSL_PKEY_DSA_SIGN;
+        else if (kalg & SSL_aRSA)
+                {
+                if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
+                        i=SSL_PKEY_RSA_SIGN;
+                else
+                        i=SSL_PKEY_RSA_ENC;
+                }
+        else if (kalg & SSL_aKRB5)
+                {
+                /* VRS something else here? */
+                return(NULL);
+                }
+        else /* if (kalg & SSL_aNULL) */
+                {
+                SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,ERR_R_INTERNAL_ERROR);
+                return(NULL);
+                }
+        if (c->pkeys[i].x509 == NULL) return(NULL);
+        return(c->pkeys[i].x509);
+        }
+
+EVP_PKEY *ssl_get_sign_pkey(SSL *s,SSL_CIPHER *cipher)
+        {
+        unsigned long alg;
+        CERT *c;
+
+        alg=cipher->algorithms;
+        c=s->cert;
+
+        if ((alg & SSL_aDSS) &&
+                (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
+                return(c->pkeys[SSL_PKEY_DSA_SIGN].privatekey);
+        else if (alg & SSL_aRSA)
+                {
+                if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
+                        return(c->pkeys[SSL_PKEY_RSA_SIGN].privatekey);
+                else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
+                        return(c->pkeys[SSL_PKEY_RSA_ENC].privatekey);
+                else
+                        return(NULL);
+                }
+        else /* if (alg & SSL_aNULL) */
+                {
+                SSLerr(SSL_F_SSL_GET_SIGN_PKEY,ERR_R_INTERNAL_ERROR);
+                return(NULL);
+                }
+        }
+
+void ssl_update_cache(SSL *s,int mode)
+        {
+        int i;
+
+        /* If the session_id_length is 0, we are not supposed to cache it,
+         * and it would be rather hard to do anyway :-) */
+        if (s->session->session_id_length == 0) return;
+
+        i=s->ctx->session_cache_mode;
+        if ((i & mode) && (!s->hit)
+                && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
+                    || SSL_CTX_add_session(s->ctx,s->session))
+                && (s->ctx->new_session_cb != NULL))
+                {
+                CRYPTO_add(&s->session->references,1,CRYPTO_LOCK_SSL_SESSION);
+                if (!s->ctx->new_session_cb(s,s->session))
+                        SSL_SESSION_free(s->session);
+                }
+
+        /* auto flush every 255 connections */
+        if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
+                ((i & mode) == mode))
+                {
+                if (  (((mode & SSL_SESS_CACHE_CLIENT)
+                        ?s->ctx->stats.sess_connect_good
+                        :s->ctx->stats.sess_accept_good) & 0xff) == 0xff)
+                        {
+                        SSL_CTX_flush_sessions(s->ctx,time(NULL));
+                        }
+                }
+        }
+
+SSL_METHOD *SSL_get_ssl_method(SSL *s)
+        {
+        return(s->method);
+        }
+
+int SSL_set_ssl_method(SSL *s,SSL_METHOD *meth)
+        {
+        int conn= -1;
+        int ret=1;
+
+        if (s->method != meth)
+                {
+                if (s->handshake_func != NULL)
+                        conn=(s->handshake_func == s->method->ssl_connect);
+
+                if (s->method->version == meth->version)
+                        s->method=meth;
+                else
+                        {
+                        s->method->ssl_free(s);
+                        s->method=meth;
+                        ret=s->method->ssl_new(s);
+                        }
+
+                if (conn == 1)
+                        s->handshake_func=meth->ssl_connect;
+                else if (conn == 0)
+                        s->handshake_func=meth->ssl_accept;
+                }
+        return(ret);
+        }
+
+int SSL_get_error(const SSL *s,int i)
+        {
+        int reason;
+        unsigned long l;
+        BIO *bio;
+
+        if (i > 0) return(SSL_ERROR_NONE);
+
+        /* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake
+         * etc, where we do encode the error */
+        if ((l=ERR_peek_error()) != 0)
+                {
+                if (ERR_GET_LIB(l) == ERR_LIB_SYS)
+                        return(SSL_ERROR_SYSCALL);
+                else
+                        return(SSL_ERROR_SSL);
+                }
+
+        if ((i < 0) && SSL_want_read(s))
+                {
+                bio=SSL_get_rbio(s);
+                if (BIO_should_read(bio))
+                        return(SSL_ERROR_WANT_READ);
+                else if (BIO_should_write(bio))
+                        /* This one doesn't make too much sense ... We never try
+                         * to write to the rbio, and an application program where
+                         * rbio and wbio are separate couldn't even know what it
+                         * should wait for.
+                         * However if we ever set s->rwstate incorrectly
+                         * (so that we have SSL_want_read(s) instead of
+                         * SSL_want_write(s)) and rbio and wbio *are* the same,
+                         * this test works around that bug; so it might be safer
+                         * to keep it. */
+                        return(SSL_ERROR_WANT_WRITE);
+                else if (BIO_should_io_special(bio))
+                        {
+                        reason=BIO_get_retry_reason(bio);
+                        if (reason == BIO_RR_CONNECT)
+                                return(SSL_ERROR_WANT_CONNECT);
+                        else if (reason == BIO_RR_ACCEPT)
+                                return(SSL_ERROR_WANT_ACCEPT);
+                        else
+                                return(SSL_ERROR_SYSCALL); /* unknown */
+                        }
+                }
+
+        if ((i < 0) && SSL_want_write(s))
+                {
+                bio=SSL_get_wbio(s);
+                if (BIO_should_write(bio))
+                        return(SSL_ERROR_WANT_WRITE);
+                else if (BIO_should_read(bio))
+                        /* See above (SSL_want_read(s) with BIO_should_write(bio)) */
+                        return(SSL_ERROR_WANT_READ);
+                else if (BIO_should_io_special(bio))
+                        {
+                        reason=BIO_get_retry_reason(bio);
+                        if (reason == BIO_RR_CONNECT)
+                                return(SSL_ERROR_WANT_CONNECT);
+                        else if (reason == BIO_RR_ACCEPT)
+                                return(SSL_ERROR_WANT_ACCEPT);
+                        else
+                                return(SSL_ERROR_SYSCALL);
+                        }
+                }
+        if ((i < 0) && SSL_want_x509_lookup(s))
+                {
+                return(SSL_ERROR_WANT_X509_LOOKUP);
+                }
+
+        if (i == 0)
+                {
+                if (s->version == SSL2_VERSION)
+                        {
+                        /* assume it is the socket being closed */
+                        return(SSL_ERROR_ZERO_RETURN);
+                        }
+                else
+                        {
+                        if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
+                                (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
+                                return(SSL_ERROR_ZERO_RETURN);
+                        }
+                }
+        return(SSL_ERROR_SYSCALL);
+        }
+
+int SSL_do_handshake(SSL *s)
+        {
+        int ret=1;
+
+        if (s->handshake_func == NULL)
+                {
+                SSLerr(SSL_F_SSL_DO_HANDSHAKE,SSL_R_CONNECTION_TYPE_NOT_SET);
+                return(-1);
+                }
+
+        s->method->ssl_renegotiate_check(s);
+
+        if (SSL_in_init(s) || SSL_in_before(s))
+                {
+                ret=s->handshake_func(s);
+                }
+        return(ret);
+        }
+
+/* For the next 2 functions, SSL_clear() sets shutdown and so
+ * one of these calls will reset it */
+void SSL_set_accept_state(SSL *s)
+        {
+        s->server=1;
+        s->shutdown=0;
+        s->state=SSL_ST_ACCEPT|SSL_ST_BEFORE;
+        s->handshake_func=s->method->ssl_accept;
+        /* clear the current cipher */
+        ssl_clear_cipher_ctx(s);
+        }
+
+void SSL_set_connect_state(SSL *s)
+        {
+        s->server=0;
+        s->shutdown=0;
+        s->state=SSL_ST_CONNECT|SSL_ST_BEFORE;
+        s->handshake_func=s->method->ssl_connect;
+        /* clear the current cipher */
+        ssl_clear_cipher_ctx(s);
+        }
+
+int ssl_undefined_function(SSL *s)
+        {
+        SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return(0);
+        }
+
+int ssl_undefined_const_function(const SSL *s)
+        {
+        SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return(0);
+        }
+
+SSL_METHOD *ssl_bad_method(int ver)
+        {
+        SSLerr(SSL_F_SSL_BAD_METHOD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return(NULL);
+        }
+
+const char *SSL_get_version(const SSL *s)
+        {
+        if (s->version == TLS1_VERSION)
+                return("TLSv1");
+        else if (s->version == SSL3_VERSION)
+                return("SSLv3");
+        else if (s->version == SSL2_VERSION)
+                return("SSLv2");
+        else
+                return("unknown");
+        }
+
+SSL *SSL_dup(SSL *s)
+        {
+        STACK_OF(X509_NAME) *sk;
+        X509_NAME *xn;
+        SSL *ret;
+        int i;
+                 
+        if ((ret=SSL_new(SSL_get_SSL_CTX(s))) == NULL)
+            return(NULL);
+
+        ret->version = s->version;
+        ret->type = s->type;
+        ret->method = s->method;
+
+        if (s->session != NULL)
+                {
+                /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
+                SSL_copy_session_id(ret,s);
+                }
+        else
+                {
+                /* No session has been established yet, so we have to expect
+                 * that s->cert or ret->cert will be changed later --
+                 * they should not both point to the same object,
+                 * and thus we can't use SSL_copy_session_id. */
+
+                ret->method->ssl_free(ret);
+                ret->method = s->method;
+                ret->method->ssl_new(ret);
+
+                if (s->cert != NULL)
+                        {
+                        if (ret->cert != NULL)
+                                {
+                                ssl_cert_free(ret->cert);
+                                }
+                        ret->cert = ssl_cert_dup(s->cert);
+                        if (ret->cert == NULL)
+                                goto err;
+                        }
+                                
+                SSL_set_session_id_context(ret,
+                        s->sid_ctx, s->sid_ctx_length);
+                }
+
+        ret->options=s->options;
+        ret->mode=s->mode;
+        SSL_set_max_cert_list(ret,SSL_get_max_cert_list(s));
+        SSL_set_read_ahead(ret,SSL_get_read_ahead(s));
+        ret->msg_callback = s->msg_callback;
+        ret->msg_callback_arg = s->msg_callback_arg;
+        SSL_set_verify(ret,SSL_get_verify_mode(s),
+                SSL_get_verify_callback(s));
+        SSL_set_verify_depth(ret,SSL_get_verify_depth(s));
+        ret->generate_session_id = s->generate_session_id;
+
+        SSL_set_info_callback(ret,SSL_get_info_callback(s));
+        
+        ret->debug=s->debug;
+
+        /* copy app data, a little dangerous perhaps */
+        if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, &ret->ex_data, &s->ex_data))
+                goto err;
+
+        /* setup rbio, and wbio */
+        if (s->rbio != NULL)
+                {
+                if (!BIO_dup_state(s->rbio,(char *)&ret->rbio))
+                        goto err;
+                }
+        if (s->wbio != NULL)
+                {
+                if (s->wbio != s->rbio)
+                        {
+                        if (!BIO_dup_state(s->wbio,(char *)&ret->wbio))
+                                goto err;
+                        }
+                else
+                        ret->wbio=ret->rbio;
+                }
+        ret->rwstate = s->rwstate;
+        ret->in_handshake = s->in_handshake;
+        ret->handshake_func = s->handshake_func;
+        ret->server = s->server;
+        ret->new_session = s->new_session;
+        ret->quiet_shutdown = s->quiet_shutdown;
+        ret->shutdown=s->shutdown;
+        ret->state=s->state; /* SSL_dup does not really work at any state, though */
+        ret->rstate=s->rstate;
+        ret->init_num = 0; /* would have to copy ret->init_buf, ret->init_msg, ret->init_num, ret->init_off */
+        ret->hit=s->hit;
+        ret->purpose=s->purpose;
+        ret->trust=s->trust;
+
+        /* dup the cipher_list and cipher_list_by_id stacks */
+        if (s->cipher_list != NULL)
+                {
+                if ((ret->cipher_list=sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
+                        goto err;
+                }
+        if (s->cipher_list_by_id != NULL)
+                if ((ret->cipher_list_by_id=sk_SSL_CIPHER_dup(s->cipher_list_by_id))
+                        == NULL)
+                        goto err;
+
+        /* Dup the client_CA list */
+        if (s->client_CA != NULL)
+                {
+                if ((sk=sk_X509_NAME_dup(s->client_CA)) == NULL) goto err;
+                ret->client_CA=sk;
+                for (i=0; i<sk_X509_NAME_num(sk); i++)
+                        {
+                        xn=sk_X509_NAME_value(sk,i);
+                        if (sk_X509_NAME_set(sk,i,X509_NAME_dup(xn)) == NULL)
+                                {
+                                X509_NAME_free(xn);
+                                goto err;
+                                }
+                        }
+                }
+
+        if (0)
+                {
+err:
+                if (ret != NULL) SSL_free(ret);
+                ret=NULL;
+                }
+        return(ret);
+        }
+
+void ssl_clear_cipher_ctx(SSL *s)
+        {
+        if (s->enc_read_ctx != NULL)
+                {
+                EVP_CIPHER_CTX_cleanup(s->enc_read_ctx);
+                OPENSSL_free(s->enc_read_ctx);
+                s->enc_read_ctx=NULL;
+                }
+        if (s->enc_write_ctx != NULL)
+                {
+                EVP_CIPHER_CTX_cleanup(s->enc_write_ctx);
+                OPENSSL_free(s->enc_write_ctx);
+                s->enc_write_ctx=NULL;
+                }
+        if (s->expand != NULL)
+                {
+                COMP_CTX_free(s->expand);
+                s->expand=NULL;
+                }
+        if (s->compress != NULL)
+                {
+                COMP_CTX_free(s->compress);
+                s->compress=NULL;
+                }
+        }
+
+/* Fix this function so that it takes an optional type parameter */
+X509 *SSL_get_certificate(const SSL *s)
+        {
+        if (s->cert != NULL)
+                return(s->cert->key->x509);
+        else
+                return(NULL);
+        }
+
+/* Fix this function so that it takes an optional type parameter */
+EVP_PKEY *SSL_get_privatekey(SSL *s)
+        {
+        if (s->cert != NULL)
+                return(s->cert->key->privatekey);
+        else
+                return(NULL);
+        }
+
+SSL_CIPHER *SSL_get_current_cipher(const SSL *s)
+        {
+        if ((s->session != NULL) && (s->session->cipher != NULL))
+                return(s->session->cipher);
+        return(NULL);
+        }
+
+int ssl_init_wbio_buffer(SSL *s,int push)
+        {
+        BIO *bbio;
+
+        if (s->bbio == NULL)
+                {
+                bbio=BIO_new(BIO_f_buffer());
+                if (bbio == NULL) return(0);
+                s->bbio=bbio;
+                }
+        else
+                {
+                bbio=s->bbio;
+                if (s->bbio == s->wbio)
+                        s->wbio=BIO_pop(s->wbio);
+                }
+        (void)BIO_reset(bbio);
+/*      if (!BIO_set_write_buffer_size(bbio,16*1024)) */
+        if (!BIO_set_read_buffer_size(bbio,1))
+                {
+                SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER,ERR_R_BUF_LIB);
+                return(0);
+                }
+        if (push)
+                {
+                if (s->wbio != bbio)
+                        s->wbio=BIO_push(bbio,s->wbio);
+                }
+        else
+                {
+                if (s->wbio == bbio)
+                        s->wbio=BIO_pop(bbio);
+                }
+        return(1);
+        }
+
+void ssl_free_wbio_buffer(SSL *s)
+        {
+        if (s->bbio == NULL) return;
+
+        if (s->bbio == s->wbio)
+                {
+                /* remove buffering */
+                s->wbio=BIO_pop(s->wbio);
+#ifdef REF_CHECK /* not the usual REF_CHECK, but this avoids adding one more preprocessor symbol */
+                assert(s->wbio != NULL);
+#endif  
+        }
+        BIO_free(s->bbio);
+        s->bbio=NULL;
+        }
+        
+void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode)
+        {
+        ctx->quiet_shutdown=mode;
+        }
+
+int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
+        {
+        return(ctx->quiet_shutdown);
+        }
+
+void SSL_set_quiet_shutdown(SSL *s,int mode)
+        {
+        s->quiet_shutdown=mode;
+        }
+
+int SSL_get_quiet_shutdown(const SSL *s)
+        {
+        return(s->quiet_shutdown);
+        }
+
+void SSL_set_shutdown(SSL *s,int mode)
+        {
+        s->shutdown=mode;
+        }
+
+int SSL_get_shutdown(const SSL *s)
+        {
+        return(s->shutdown);
+        }
+
+int SSL_version(const SSL *s)
+        {
+        return(s->version);
+        }
+
+SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl)
+        {
+        return(ssl->ctx);
+        }
+
+#ifndef OPENSSL_NO_STDIO
+int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
+        {
+        return(X509_STORE_set_default_paths(ctx->cert_store));
+        }
+
+int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
+                const char *CApath)
+        {
+        int r;
+        r=X509_STORE_load_locations(ctx->cert_store,CAfile,CApath);
+        return r;
+        }
+#endif
+
+void SSL_set_info_callback(SSL *ssl,
+                           void (*cb)(const SSL *ssl,int type,int val))
+        {
+        ssl->info_callback=cb;
+        }
+
+void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl,int type,int val)
+        {
+        return ssl->info_callback;
+        }
+
+int SSL_state(const SSL *ssl)
+        {
+        return(ssl->state);
+        }
+
+void SSL_set_verify_result(SSL *ssl,long arg)
+        {
+        ssl->verify_result=arg;
+        }
+
+long SSL_get_verify_result(const SSL *ssl)
+        {
+        return(ssl->verify_result);
+        }
+
+int SSL_get_ex_new_index(long argl,void *argp,CRYPTO_EX_new *new_func,
+                         CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func)
+        {
+        return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
+                                new_func, dup_func, free_func);
+        }
+
+int SSL_set_ex_data(SSL *s,int idx,void *arg)
+        {
+        return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
+        }
+
+void *SSL_get_ex_data(const SSL *s,int idx)
+        {
+        return(CRYPTO_get_ex_data(&s->ex_data,idx));
+        }
+
+int SSL_CTX_get_ex_new_index(long argl,void *argp,CRYPTO_EX_new *new_func,
+                             CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func)
+        {
+        return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
+                                new_func, dup_func, free_func);
+        }
+
+int SSL_CTX_set_ex_data(SSL_CTX *s,int idx,void *arg)
+        {
+        return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
+        }
+
+void *SSL_CTX_get_ex_data(const SSL_CTX *s,int idx)
+        {
+        return(CRYPTO_get_ex_data(&s->ex_data,idx));
+        }
+
+int ssl_ok(SSL *s)
+        {
+        return(1);
+        }
+
+X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx)
+        {
+        return(ctx->cert_store);
+        }
+
+void SSL_CTX_set_cert_store(SSL_CTX *ctx,X509_STORE *store)
+        {
+        if (ctx->cert_store != NULL)
+                X509_STORE_free(ctx->cert_store);
+        ctx->cert_store=store;
+        }
+
+int SSL_want(const SSL *s)
+        {
+        return(s->rwstate);
+        }
+
+/*!
+ * \brief Set the callback for generating temporary RSA keys.
+ * \param ctx the SSL context.
+ * \param cb the callback
+ */
+
+#ifndef OPENSSL_NO_RSA
+void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,RSA *(*cb)(SSL *ssl,
+                                                          int is_export,
+                                                          int keylength))
+    {
+    SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb);
+    }
+
+void SSL_set_tmp_rsa_callback(SSL *ssl,RSA *(*cb)(SSL *ssl,
+                                                  int is_export,
+                                                  int keylength))
+    {
+    SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb);
+    }
+#endif
+
+#ifdef DOXYGEN
+/*!
+ * \brief The RSA temporary key callback function.
+ * \param ssl the SSL session.
+ * \param is_export \c TRUE if the temp RSA key is for an export ciphersuite.
+ * \param keylength if \c is_export is \c TRUE, then \c keylength is the size
+ * of the required key in bits.
+ * \return the temporary RSA key.
+ * \sa SSL_CTX_set_tmp_rsa_callback, SSL_set_tmp_rsa_callback
+ */
+
+RSA *cb(SSL *ssl,int is_export,int keylength)
+    {}
+#endif
+
+/*!
+ * \brief Set the callback for generating temporary DH keys.
+ * \param ctx the SSL context.
+ * \param dh the callback
+ */
+
+#ifndef OPENSSL_NO_DH
+void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,DH *(*dh)(SSL *ssl,int is_export,
+                                                        int keylength))
+        {
+        SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh);
+        }
+
+void SSL_set_tmp_dh_callback(SSL *ssl,DH *(*dh)(SSL *ssl,int is_export,
+                                                int keylength))
+        {
+        SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh);
+        }
+#endif
+
+
+void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
+        {
+        SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)())cb);
+        }
+void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
+        {
+        SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)())cb);
+        }
+
+
+
+#if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16)
+#include "../crypto/bio/bss_file.c"
+#endif
+
+IMPLEMENT_STACK_OF(SSL_CIPHER)
+IMPLEMENT_STACK_OF(SSL_COMP)
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
new file mode 100644
index 0000000000..25a144a0d0
--- /dev/null
+++ b/src/lib/libssl/ssl_locl.h
@@ -0,0 +1,622 @@
+/* ssl/ssl_locl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_SSL_LOCL_H
+#define HEADER_SSL_LOCL_H
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+
+#include "e_os.h"
+
+#include <openssl/buffer.h>
+#include <openssl/comp.h>
+#include <openssl/bio.h>
+#include <openssl/crypto.h>
+#include <openssl/evp.h>
+#include <openssl/stack.h>
+#include <openssl/x509.h>
+#include <openssl/err.h>
+#include <openssl/ssl.h>
+#include <openssl/symhacks.h>
+
+#ifdef OPENSSL_BUILD_SHLIBSSL
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+#endif
+
+#define PKCS1_CHECK
+
+#define c2l(c,l)        (l = ((unsigned long)(*((c)++)))     , \
+                         l|=(((unsigned long)(*((c)++)))<< 8), \
+                         l|=(((unsigned long)(*((c)++)))<<16), \
+                         l|=(((unsigned long)(*((c)++)))<<24))
+
+/* NOTE - c is not incremented as per c2l */
+#define c2ln(c,l1,l2,n) { \
+                        c+=n; \
+                        l1=l2=0; \
+                        switch (n) { \
+                        case 8: l2 =((unsigned long)(*(--(c))))<<24; \
+                        case 7: l2|=((unsigned long)(*(--(c))))<<16; \
+                        case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
+                        case 5: l2|=((unsigned long)(*(--(c))));     \
+                        case 4: l1 =((unsigned long)(*(--(c))))<<24; \
+                        case 3: l1|=((unsigned long)(*(--(c))))<<16; \
+                        case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
+                        case 1: l1|=((unsigned long)(*(--(c))));     \
+                                } \
+                        }
+
+#define l2c(l,c)        (*((c)++)=(unsigned char)(((l)    )&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>24)&0xff))
+
+#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24, \
+                         l|=((unsigned long)(*((c)++)))<<16, \
+                         l|=((unsigned long)(*((c)++)))<< 8, \
+                         l|=((unsigned long)(*((c)++))))
+
+#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+                         *((c)++)=(unsigned char)(((l)    )&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#define l2cn(l1,l2,c,n) { \
+                        c+=n; \
+                        switch (n) { \
+                        case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+                        case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+                        case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+                        case 5: *(--(c))=(unsigned char)(((l2)    )&0xff); \
+                        case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+                        case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+                        case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+                        case 1: *(--(c))=(unsigned char)(((l1)    )&0xff); \
+                                } \
+                        }
+
+#define n2s(c,s)        ((s=(((unsigned int)(c[0]))<< 8)| \
+                            (((unsigned int)(c[1]))    )),c+=2)
+#define s2n(s,c)        ((c[0]=(unsigned char)(((s)>> 8)&0xff), \
+                          c[1]=(unsigned char)(((s)    )&0xff)),c+=2)
+
+#define n2l3(c,l)       ((l =(((unsigned long)(c[0]))<<16)| \
+                             (((unsigned long)(c[1]))<< 8)| \
+                             (((unsigned long)(c[2]))    )),c+=3)
+
+#define l2n3(l,c)       ((c[0]=(unsigned char)(((l)>>16)&0xff), \
+                          c[1]=(unsigned char)(((l)>> 8)&0xff), \
+                          c[2]=(unsigned char)(((l)    )&0xff)),c+=3)
+
+/* LOCAL STUFF */
+
+#define SSL_DECRYPT     0
+#define SSL_ENCRYPT     1
+
+#define TWO_BYTE_BIT    0x80
+#define SEC_ESC_BIT     0x40
+#define TWO_BYTE_MASK   0x7fff
+#define THREE_BYTE_MASK 0x3fff
+
+#define INC32(a)        ((a)=((a)+1)&0xffffffffL)
+#define DEC32(a)        ((a)=((a)-1)&0xffffffffL)
+#define MAX_MAC_SIZE    20 /* up from 16 for SSLv3 */
+
+/*
+ * Define the Bitmasks for SSL_CIPHER.algorithms.
+ * This bits are used packed as dense as possible. If new methods/ciphers
+ * etc will be added, the bits a likely to change, so this information
+ * is for internal library use only, even though SSL_CIPHER.algorithms
+ * can be publicly accessed.
+ * Use the according functions for cipher management instead.
+ *
+ * The bit mask handling in the selection and sorting scheme in
+ * ssl_create_cipher_list() has only limited capabilities, reflecting
+ * that the different entities within are mutually exclusive:
+ * ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
+ */
+#define SSL_MKEY_MASK           0x0000003FL
+#define SSL_kRSA                0x00000001L /* RSA key exchange */
+#define SSL_kDHr                0x00000002L /* DH cert RSA CA cert */
+#define SSL_kDHd                0x00000004L /* DH cert DSA CA cert */
+#define SSL_kFZA                0x00000008L
+#define SSL_kEDH                0x00000010L /* tmp DH key no DH cert */
+#define SSL_kKRB5               0x00000020L /* Kerberos5 key exchange */
+#define SSL_EDH                 (SSL_kEDH|(SSL_AUTH_MASK^SSL_aNULL))
+
+#define SSL_AUTH_MASK           0x00000FC0L
+#define SSL_aRSA                0x00000040L /* Authenticate with RSA */
+#define SSL_aDSS                0x00000080L /* Authenticate with DSS */
+#define SSL_DSS                 SSL_aDSS
+#define SSL_aFZA                0x00000100L
+#define SSL_aNULL               0x00000200L /* no Authenticate, ADH */
+#define SSL_aDH                 0x00000400L /* no Authenticate, ADH */
+#define SSL_aKRB5               0x00000800L /* Authenticate with KRB5 */
+
+#define SSL_NULL                (SSL_eNULL)
+#define SSL_ADH                 (SSL_kEDH|SSL_aNULL)
+#define SSL_RSA                 (SSL_kRSA|SSL_aRSA)
+#define SSL_DH                  (SSL_kDHr|SSL_kDHd|SSL_kEDH)
+#define SSL_FZA                 (SSL_aFZA|SSL_kFZA|SSL_eFZA)
+#define SSL_KRB5                (SSL_kKRB5|SSL_aKRB5)
+
+#define SSL_ENC_MASK            0x0087F000L
+#define SSL_DES                 0x00001000L
+#define SSL_3DES                0x00002000L
+#define SSL_RC4                 0x00004000L
+#define SSL_RC2                 0x00008000L
+#define SSL_IDEA                0x00010000L
+#define SSL_eFZA                0x00020000L
+#define SSL_eNULL               0x00040000L
+#define SSL_AES                 0x00800000L
+
+#define SSL_MAC_MASK            0x00180000L
+#define SSL_MD5                 0x00080000L
+#define SSL_SHA1                0x00100000L
+#define SSL_SHA                 (SSL_SHA1)
+
+#define SSL_SSL_MASK            0x00600000L
+#define SSL_SSLV2               0x00200000L
+#define SSL_SSLV3               0x00400000L
+#define SSL_TLSV1               SSL_SSLV3       /* for now */
+
+/* we have used 007fffff - 9 bits left to go */
+
+/*
+ * Export and cipher strength information. For each cipher we have to decide
+ * whether it is exportable or not. This information is likely to change
+ * over time, since the export control rules are no static technical issue.
+ *
+ * Independent of the export flag the cipher strength is sorted into classes.
+ * SSL_EXP40 was denoting the 40bit US export limit of past times, which now
+ * is at 56bit (SSL_EXP56). If the exportable cipher class is going to change
+ * again (eg. to 64bit) the use of "SSL_EXP*" becomes blurred even more,
+ * since SSL_EXP64 could be similar to SSL_LOW.
+ * For this reason SSL_MICRO and SSL_MINI macros are included to widen the
+ * namespace of SSL_LOW-SSL_HIGH to lower values. As development of speed
+ * and ciphers goes, another extension to SSL_SUPER and/or SSL_ULTRA would
+ * be possible.
+ */
+#define SSL_EXP_MASK            0x00000003L
+#define SSL_NOT_EXP             0x00000001L
+#define SSL_EXPORT              0x00000002L
+
+#define SSL_STRONG_MASK         0x000000fcL
+#define SSL_STRONG_NONE         0x00000004L
+#define SSL_EXP40               0x00000008L
+#define SSL_MICRO               (SSL_EXP40)
+#define SSL_EXP56               0x00000010L
+#define SSL_MINI                (SSL_EXP56)
+#define SSL_LOW                 0x00000020L
+#define SSL_MEDIUM              0x00000040L
+#define SSL_HIGH                0x00000080L
+#define SSL_FIPS                0x00000100L
+
+/* we have used 000001ff - 23 bits left to go */
+
+/*
+ * Macros to check the export status and cipher strength for export ciphers.
+ * Even though the macros for EXPORT and EXPORT40/56 have similar names,
+ * their meaning is different:
+ * *_EXPORT macros check the 'exportable' status.
+ * *_EXPORT40/56 macros are used to check whether a certain cipher strength
+ *          is given.
+ * Since the SSL_IS_EXPORT* and SSL_EXPORT* macros depend on the correct
+ * algorithm structure element to be passed (algorithms, algo_strength) and no
+ * typechecking can be done as they are all of type unsigned long, their
+ * direct usage is discouraged.
+ * Use the SSL_C_* macros instead.
+ */
+#define SSL_IS_EXPORT(a)        ((a)&SSL_EXPORT)
+#define SSL_IS_EXPORT56(a)      ((a)&SSL_EXP56)
+#define SSL_IS_EXPORT40(a)      ((a)&SSL_EXP40)
+#define SSL_C_IS_EXPORT(c)      SSL_IS_EXPORT((c)->algo_strength)
+#define SSL_C_IS_EXPORT56(c)    SSL_IS_EXPORT56((c)->algo_strength)
+#define SSL_C_IS_EXPORT40(c)    SSL_IS_EXPORT40((c)->algo_strength)
+
+#define SSL_EXPORT_KEYLENGTH(a,s)       (SSL_IS_EXPORT40(s) ? 5 : \
+                                 ((a)&SSL_ENC_MASK) == SSL_DES ? 8 : 7)
+#define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024)
+#define SSL_C_EXPORT_KEYLENGTH(c)       SSL_EXPORT_KEYLENGTH((c)->algorithms, \
+                                (c)->algo_strength)
+#define SSL_C_EXPORT_PKEYLENGTH(c)      SSL_EXPORT_PKEYLENGTH((c)->algo_strength)
+
+
+#define SSL_ALL                 0xffffffffL
+#define SSL_ALL_CIPHERS         (SSL_MKEY_MASK|SSL_AUTH_MASK|SSL_ENC_MASK|\
+                                SSL_MAC_MASK)
+#define SSL_ALL_STRENGTHS       (SSL_EXP_MASK|SSL_STRONG_MASK)
+
+/* Mostly for SSLv3 */
+#define SSL_PKEY_RSA_ENC        0
+#define SSL_PKEY_RSA_SIGN       1
+#define SSL_PKEY_DSA_SIGN       2
+#define SSL_PKEY_DH_RSA         3
+#define SSL_PKEY_DH_DSA         4
+#define SSL_PKEY_NUM            5
+
+/* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) |
+ *          <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN)
+ * SSL_kDH  <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN)
+ * SSL_kEDH <- RSA_ENC | RSA_SIGN | DSA_SIGN
+ * SSL_aRSA <- RSA_ENC | RSA_SIGN
+ * SSL_aDSS <- DSA_SIGN
+ */
+
+/*
+#define CERT_INVALID            0
+#define CERT_PUBLIC_KEY         1
+#define CERT_PRIVATE_KEY        2
+*/
+
+typedef struct cert_pkey_st
+        {
+        X509 *x509;
+        EVP_PKEY *privatekey;
+        } CERT_PKEY;
+
+typedef struct cert_st
+        {
+        /* Current active set */
+        CERT_PKEY *key; /* ALWAYS points to an element of the pkeys array
+                         * Probably it would make more sense to store
+                         * an index, not a pointer. */
+ 
+        /* The following masks are for the key and auth
+         * algorithms that are supported by the certs below */
+        int valid;
+        unsigned long mask;
+        unsigned long export_mask;
+#ifndef OPENSSL_NO_RSA
+        RSA *rsa_tmp;
+        RSA *(*rsa_tmp_cb)(SSL *ssl,int is_export,int keysize);
+#endif
+#ifndef OPENSSL_NO_DH
+        DH *dh_tmp;
+        DH *(*dh_tmp_cb)(SSL *ssl,int is_export,int keysize);
+#endif
+
+        CERT_PKEY pkeys[SSL_PKEY_NUM];
+
+        int references; /* >1 only if SSL_copy_session_id is used */
+        } CERT;
+
+
+typedef struct sess_cert_st
+        {
+        STACK_OF(X509) *cert_chain; /* as received from peer (not for SSL2) */
+
+        /* The 'peer_...' members are used only by clients. */
+        int peer_cert_type;
+
+        CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */
+        CERT_PKEY peer_pkeys[SSL_PKEY_NUM];
+        /* Obviously we don't have the private keys of these,
+         * so maybe we shouldn't even use the CERT_PKEY type here. */
+
+#ifndef OPENSSL_NO_RSA
+        RSA *peer_rsa_tmp; /* not used for SSL 2 */
+#endif
+#ifndef OPENSSL_NO_DH
+        DH *peer_dh_tmp; /* not used for SSL 2 */
+#endif
+
+        int references; /* actually always 1 at the moment */
+        } SESS_CERT;
+
+
+/*#define MAC_DEBUG     */
+
+/*#define ERR_DEBUG     */
+/*#define ABORT_DEBUG   */
+/*#define PKT_DEBUG 1   */
+/*#define DES_DEBUG     */
+/*#define DES_OFB_DEBUG */
+/*#define SSL_DEBUG     */
+/*#define RSA_DEBUG     */ 
+/*#define IDEA_DEBUG    */ 
+
+#define FP_ICC  (int (*)(const void *,const void *))
+#define ssl_put_cipher_by_char(ssl,ciph,ptr) \
+                ((ssl)->method->put_cipher_by_char((ciph),(ptr)))
+#define ssl_get_cipher_by_char(ssl,ptr) \
+                ((ssl)->method->get_cipher_by_char(ptr))
+
+/* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff
+ * It is a bit of a mess of functions, but hell, think of it as
+ * an opaque structure :-) */
+typedef struct ssl3_enc_method
+        {
+        int (*enc)(SSL *, int);
+        int (*mac)(SSL *, unsigned char *, int);
+        int (*setup_key_block)(SSL *);
+        int (*generate_master_secret)(SSL *, unsigned char *, unsigned char *, int);
+        int (*change_cipher_state)(SSL *, int);
+        int (*final_finish_mac)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char *, int, unsigned char *);
+        int finish_mac_length;
+        int (*cert_verify_mac)(SSL *, EVP_MD_CTX *, unsigned char *);
+        const char *client_finished_label;
+        int client_finished_label_len;
+        const char *server_finished_label;
+        int server_finished_label_len;
+        int (*alert_value)(int);
+        } SSL3_ENC_METHOD;
+
+/* Used for holding the relevant compression methods loaded into SSL_CTX */
+typedef struct ssl3_comp_st
+        {
+        int comp_id;    /* The identifier byte for this compression type */
+        char *name;     /* Text name used for the compression type */
+        COMP_METHOD *method; /* The method :-) */
+        } SSL3_COMP;
+
+OPENSSL_EXTERN SSL3_ENC_METHOD ssl3_undef_enc_method;
+OPENSSL_EXTERN SSL_CIPHER ssl2_ciphers[];
+OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[];
+
+#ifdef OPENSSL_SYS_VMS
+#undef SSL_COMP_get_compression_methods
+#define SSL_COMP_get_compression_methods        SSL_COMP_get_compress_methods
+#endif
+
+
+SSL_METHOD *ssl_bad_method(int ver);
+SSL_METHOD *sslv2_base_method(void);
+SSL_METHOD *sslv23_base_method(void);
+SSL_METHOD *sslv3_base_method(void);
+
+void ssl_clear_cipher_ctx(SSL *s);
+int ssl_clear_bad_session(SSL *s);
+CERT *ssl_cert_new(void);
+CERT *ssl_cert_dup(CERT *cert);
+int ssl_cert_inst(CERT **o);
+void ssl_cert_free(CERT *c);
+SESS_CERT *ssl_sess_cert_new(void);
+void ssl_sess_cert_free(SESS_CERT *sc);
+int ssl_set_peer_cert_type(SESS_CERT *c, int type);
+int ssl_get_new_session(SSL *s, int session);
+int ssl_get_prev_session(SSL *s, unsigned char *session,int len);
+int ssl_cipher_id_cmp(const SSL_CIPHER *a,const SSL_CIPHER *b);
+int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
+                        const SSL_CIPHER * const *bp);
+STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
+                                               STACK_OF(SSL_CIPHER) **skp);
+int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p);
+STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
+                                             STACK_OF(SSL_CIPHER) **pref,
+                                             STACK_OF(SSL_CIPHER) **sorted,
+                                             const char *rule_str);
+void ssl_update_cache(SSL *s, int mode);
+int ssl_cipher_get_evp(const SSL_SESSION *s,const EVP_CIPHER **enc,
+                       const EVP_MD **md,SSL_COMP **comp);
+int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk);
+int ssl_undefined_function(SSL *s);
+int ssl_undefined_const_function(const SSL *s);
+X509 *ssl_get_server_send_cert(SSL *);
+EVP_PKEY *ssl_get_sign_pkey(SSL *,SSL_CIPHER *);
+int ssl_cert_type(X509 *x,EVP_PKEY *pkey);
+void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher);
+STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
+int ssl_verify_alarm_type(long type);
+
+int ssl2_enc_init(SSL *s, int client);
+int ssl2_generate_key_material(SSL *s);
+void ssl2_enc(SSL *s,int send_data);
+void ssl2_mac(SSL *s,unsigned char *mac,int send_data);
+SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p);
+int ssl2_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p);
+int ssl2_part_read(SSL *s, unsigned long f, int i);
+int ssl2_do_write(SSL *s);
+int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data);
+void ssl2_return_error(SSL *s,int reason);
+void ssl2_write_error(SSL *s);
+int ssl2_num_ciphers(void);
+SSL_CIPHER *ssl2_get_cipher(unsigned int u);
+int     ssl2_new(SSL *s);
+void    ssl2_free(SSL *s);
+int     ssl2_accept(SSL *s);
+int     ssl2_connect(SSL *s);
+int     ssl2_read(SSL *s, void *buf, int len);
+int     ssl2_peek(SSL *s, void *buf, int len);
+int     ssl2_write(SSL *s, const void *buf, int len);
+int     ssl2_shutdown(SSL *s);
+void    ssl2_clear(SSL *s);
+long    ssl2_ctrl(SSL *s,int cmd, long larg, void *parg);
+long    ssl2_ctx_ctrl(SSL_CTX *s,int cmd, long larg, void *parg);
+long    ssl2_callback_ctrl(SSL *s,int cmd, void (*fp)());
+long    ssl2_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)());
+int     ssl2_pending(const SSL *s);
+
+SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
+int ssl3_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p);
+void ssl3_init_finished_mac(SSL *s);
+int ssl3_send_server_certificate(SSL *s);
+int ssl3_get_finished(SSL *s,int state_a,int state_b);
+int ssl3_setup_key_block(SSL *s);
+int ssl3_send_change_cipher_spec(SSL *s,int state_a,int state_b);
+int ssl3_change_cipher_state(SSL *s,int which);
+void ssl3_cleanup_key_block(SSL *s);
+int ssl3_do_write(SSL *s,int type);
+void ssl3_send_alert(SSL *s,int level, int desc);
+int ssl3_generate_master_secret(SSL *s, unsigned char *out,
+        unsigned char *p, int len);
+int ssl3_get_req_cert_type(SSL *s,unsigned char *p);
+long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
+int ssl3_send_finished(SSL *s, int a, int b, const char *sender,int slen);
+int ssl3_num_ciphers(void);
+SSL_CIPHER *ssl3_get_cipher(unsigned int u);
+int ssl3_renegotiate(SSL *ssl); 
+int ssl3_renegotiate_check(SSL *ssl); 
+int ssl3_dispatch_alert(SSL *s);
+int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
+int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
+int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1, EVP_MD_CTX *ctx2,
+        const char *sender, int slen,unsigned char *p);
+int ssl3_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
+void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);
+int ssl3_enc(SSL *s, int send_data);
+int ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
+unsigned long ssl3_output_cert_chain(SSL *s, X509 *x);
+SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,STACK_OF(SSL_CIPHER) *clnt,
+                               STACK_OF(SSL_CIPHER) *srvr);
+int     ssl3_setup_buffers(SSL *s);
+int     ssl3_new(SSL *s);
+void    ssl3_free(SSL *s);
+int     ssl3_accept(SSL *s);
+int     ssl3_connect(SSL *s);
+int     ssl3_read(SSL *s, void *buf, int len);
+int     ssl3_peek(SSL *s, void *buf, int len);
+int     ssl3_write(SSL *s, const void *buf, int len);
+int     ssl3_shutdown(SSL *s);
+void    ssl3_clear(SSL *s);
+long    ssl3_ctrl(SSL *s,int cmd, long larg, void *parg);
+long    ssl3_ctx_ctrl(SSL_CTX *s,int cmd, long larg, void *parg);
+long    ssl3_callback_ctrl(SSL *s,int cmd, void (*fp)());
+long    ssl3_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)());
+int     ssl3_pending(const SSL *s);
+
+int ssl23_accept(SSL *s);
+int ssl23_connect(SSL *s);
+int ssl23_read_bytes(SSL *s, int n);
+int ssl23_write_bytes(SSL *s);
+
+int tls1_new(SSL *s);
+void tls1_free(SSL *s);
+void tls1_clear(SSL *s);
+long tls1_ctrl(SSL *s,int cmd, long larg, void *parg);
+long tls1_callback_ctrl(SSL *s,int cmd, void (*fp)());
+SSL_METHOD *tlsv1_base_method(void );
+
+int ssl_init_wbio_buffer(SSL *s, int push);
+void ssl_free_wbio_buffer(SSL *s);
+
+int tls1_change_cipher_state(SSL *s, int which);
+int tls1_setup_key_block(SSL *s);
+int tls1_enc(SSL *s, int snd);
+int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx,
+        const char *str, int slen, unsigned char *p);
+int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
+int tls1_mac(SSL *ssl, unsigned char *md, int snd);
+int tls1_generate_master_secret(SSL *s, unsigned char *out,
+        unsigned char *p, int len);
+int tls1_alert_code(int code);
+int ssl3_alert_code(int code);
+int ssl_ok(SSL *s);
+
+SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
+STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
+
+
+#endif
diff --git a/src/lib/libssl/ssl_rsa.c b/src/lib/libssl/ssl_rsa.c
new file mode 100644
index 0000000000..fb0bd4d045
--- /dev/null
+++ b/src/lib/libssl/ssl_rsa.c
@@ -0,0 +1,817 @@
+/* ssl/ssl_rsa.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/bio.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+
+static int ssl_set_cert(CERT *c, X509 *x509);
+static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
+int SSL_use_certificate(SSL *ssl, X509 *x)
+        {
+        if (x == NULL)
+                {
+                SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER);
+                return(0);
+                }
+        if (!ssl_cert_inst(&ssl->cert))
+                {
+                SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+                return(0);
+                }
+        return(ssl_set_cert(ssl->cert,x));
+        }
+
+#ifndef OPENSSL_NO_STDIO
+int SSL_use_certificate_file(SSL *ssl, const char *file, int type)
+        {
+        int j;
+        BIO *in;
+        int ret=0;
+        X509 *x=NULL;
+
+        in=BIO_new(BIO_s_file_internal());
+        if (in == NULL)
+                {
+                SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB);
+                goto end;
+                }
+
+        if (BIO_read_filename(in,file) <= 0)
+                {
+                SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB);
+                goto end;
+                }
+        if (type == SSL_FILETYPE_ASN1)
+                {
+                j=ERR_R_ASN1_LIB;
+                x=d2i_X509_bio(in,NULL);
+                }
+        else if (type == SSL_FILETYPE_PEM)
+                {
+                j=ERR_R_PEM_LIB;
+                x=PEM_read_bio_X509(in,NULL,ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata);
+                }
+        else
+                {
+                SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE);
+                goto end;
+                }
+
+        if (x == NULL)
+                {
+                SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,j);
+                goto end;
+                }
+
+        ret=SSL_use_certificate(ssl,x);
+end:
+        if (x != NULL) X509_free(x);
+        if (in != NULL) BIO_free(in);
+        return(ret);
+        }
+#endif
+
+int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len)
+        {
+        X509 *x;
+        int ret;
+
+        x=d2i_X509(NULL,&d,(long)len);
+        if (x == NULL)
+                {
+                SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB);
+                return(0);
+                }
+
+        ret=SSL_use_certificate(ssl,x);
+        X509_free(x);
+        return(ret);
+        }
+
+#ifndef OPENSSL_NO_RSA
+int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
+        {
+        EVP_PKEY *pkey;
+        int ret;
+
+        if (rsa == NULL)
+                {
+                SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
+                return(0);
+                }
+        if (!ssl_cert_inst(&ssl->cert))
+                {
+                SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
+                return(0);
+                }
+        if ((pkey=EVP_PKEY_new()) == NULL)
+                {
+                SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB);
+                return(0);
+                }
+
+        RSA_up_ref(rsa);
+        EVP_PKEY_assign_RSA(pkey,rsa);
+
+        ret=ssl_set_pkey(ssl->cert,pkey);
+        EVP_PKEY_free(pkey);
+        return(ret);
+        }
+#endif
+
+static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
+        {
+        int i,ok=0,bad=0;
+
+        i=ssl_cert_type(NULL,pkey);
+        if (i < 0)
+                {
+                SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
+                return(0);
+                }
+
+        if (c->pkeys[i].x509 != NULL)
+                {
+                EVP_PKEY *pktmp;
+                pktmp = X509_get_pubkey(c->pkeys[i].x509);
+                EVP_PKEY_copy_parameters(pktmp,pkey);
+                EVP_PKEY_free(pktmp);
+                ERR_clear_error();
+
+#ifndef OPENSSL_NO_RSA
+                /* Don't check the public/private key, this is mostly
+                 * for smart cards. */
+                if ((pkey->type == EVP_PKEY_RSA) &&
+                        (RSA_flags(pkey->pkey.rsa) &
+                         RSA_METHOD_FLAG_NO_CHECK))
+                         ok=1;
+                else
+#endif
+                     if (!X509_check_private_key(c->pkeys[i].x509,pkey))
+                        {
+                        if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
+                                {
+                                i=(i == SSL_PKEY_DH_RSA)?
+                                        SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA;
+
+                                if (c->pkeys[i].x509 == NULL)
+                                        ok=1;
+                                else
+                                        {
+                                        if (!X509_check_private_key(
+                                                c->pkeys[i].x509,pkey))
+                                                bad=1;
+                                        else
+                                                ok=1;
+                                        }
+                                }
+                        else
+                                bad=1;
+                        }
+                else
+                        ok=1;
+                }
+        else
+                ok=1;
+
+        if (bad)
+                {
+                X509_free(c->pkeys[i].x509);
+                c->pkeys[i].x509=NULL;
+                return(0);
+                }
+
+        ERR_clear_error(); /* make sure no error from X509_check_private_key()
+                            * is left if we have chosen to ignore it */
+        if (c->pkeys[i].privatekey != NULL)
+                EVP_PKEY_free(c->pkeys[i].privatekey);
+        CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
+        c->pkeys[i].privatekey=pkey;
+        c->key= &(c->pkeys[i]);
+
+        c->valid=0;
+        return(1);
+        }
+
+#ifndef OPENSSL_NO_RSA
+#ifndef OPENSSL_NO_STDIO
+int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
+        {
+        int j,ret=0;
+        BIO *in;
+        RSA *rsa=NULL;
+
+        in=BIO_new(BIO_s_file_internal());
+        if (in == NULL)
+                {
+                SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB);
+                goto end;
+                }
+
+        if (BIO_read_filename(in,file) <= 0)
+                {
+                SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB);
+                goto end;
+                }
+        if      (type == SSL_FILETYPE_ASN1)
+                {
+                j=ERR_R_ASN1_LIB;
+                rsa=d2i_RSAPrivateKey_bio(in,NULL);
+                }
+        else if (type == SSL_FILETYPE_PEM)
+                {
+                j=ERR_R_PEM_LIB;
+                rsa=PEM_read_bio_RSAPrivateKey(in,NULL,
+                        ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata);
+                }
+        else
+                {
+                SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
+                goto end;
+                }
+        if (rsa == NULL)
+                {
+                SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,j);
+                goto end;
+                }
+        ret=SSL_use_RSAPrivateKey(ssl,rsa);
+        RSA_free(rsa);
+end:
+        if (in != NULL) BIO_free(in);
+        return(ret);
+        }
+#endif
+
+int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len)
+        {
+        int ret;
+        const unsigned char *p;
+        RSA *rsa;
+
+        p=d;
+        if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL)
+                {
+                SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
+                return(0);
+                }
+
+        ret=SSL_use_RSAPrivateKey(ssl,rsa);
+        RSA_free(rsa);
+        return(ret);
+        }
+#endif /* !OPENSSL_NO_RSA */
+
+int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
+        {
+        int ret;
+
+        if (pkey == NULL)
+                {
+                SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
+                return(0);
+                }
+        if (!ssl_cert_inst(&ssl->cert))
+                {
+                SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE);
+                return(0);
+                }
+        ret=ssl_set_pkey(ssl->cert,pkey);
+        return(ret);
+        }
+
+#ifndef OPENSSL_NO_STDIO
+int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
+        {
+        int j,ret=0;
+        BIO *in;
+        EVP_PKEY *pkey=NULL;
+
+        in=BIO_new(BIO_s_file_internal());
+        if (in == NULL)
+                {
+                SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB);
+                goto end;
+                }
+
+        if (BIO_read_filename(in,file) <= 0)
+                {
+                SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB);
+                goto end;
+                }
+        if (type == SSL_FILETYPE_PEM)
+                {
+                j=ERR_R_PEM_LIB;
+                pkey=PEM_read_bio_PrivateKey(in,NULL,
+                        ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata);
+                }
+        else
+                {
+                SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
+                goto end;
+                }
+        if (pkey == NULL)
+                {
+                SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,j);
+                goto end;
+                }
+        ret=SSL_use_PrivateKey(ssl,pkey);
+        EVP_PKEY_free(pkey);
+end:
+        if (in != NULL) BIO_free(in);
+        return(ret);
+        }
+#endif
+
+int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, unsigned char *d, long len)
+        {
+        int ret;
+        unsigned char *p;
+        EVP_PKEY *pkey;
+
+        p=d;
+        if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL)
+                {
+                SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
+                return(0);
+                }
+
+        ret=SSL_use_PrivateKey(ssl,pkey);
+        EVP_PKEY_free(pkey);
+        return(ret);
+        }
+
+int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
+        {
+        if (x == NULL)
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER);
+                return(0);
+                }
+        if (!ssl_cert_inst(&ctx->cert))
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+                return(0);
+                }
+        return(ssl_set_cert(ctx->cert, x));
+        }
+
+static int ssl_set_cert(CERT *c, X509 *x)
+        {
+        EVP_PKEY *pkey;
+        int i,ok=0,bad=0;
+
+        pkey=X509_get_pubkey(x);
+        if (pkey == NULL)
+                {
+                SSLerr(SSL_F_SSL_SET_CERT,SSL_R_X509_LIB);
+                return(0);
+                }
+
+        i=ssl_cert_type(x,pkey);
+        if (i < 0)
+                {
+                SSLerr(SSL_F_SSL_SET_CERT,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
+                EVP_PKEY_free(pkey);
+                return(0);
+                }
+
+        if (c->pkeys[i].privatekey != NULL)
+                {
+                EVP_PKEY_copy_parameters(pkey,c->pkeys[i].privatekey);
+                ERR_clear_error();
+
+#ifndef OPENSSL_NO_RSA
+                /* Don't check the public/private key, this is mostly
+                 * for smart cards. */
+                if ((c->pkeys[i].privatekey->type == EVP_PKEY_RSA) &&
+                        (RSA_flags(c->pkeys[i].privatekey->pkey.rsa) &
+                         RSA_METHOD_FLAG_NO_CHECK))
+                         ok=1;
+                else
+#endif
+                {
+                if (!X509_check_private_key(x,c->pkeys[i].privatekey))
+                        {
+                        if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
+                                {
+                                i=(i == SSL_PKEY_DH_RSA)?
+                                        SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA;
+
+                                if (c->pkeys[i].privatekey == NULL)
+                                        ok=1;
+                                else
+                                        {
+                                        if (!X509_check_private_key(x,
+                                                c->pkeys[i].privatekey))
+                                                bad=1;
+                                        else
+                                                ok=1;
+                                        }
+                                }
+                        else
+                                bad=1;
+                        }
+                else
+                        ok=1;
+                } /* OPENSSL_NO_RSA */
+                }
+        else
+                ok=1;
+
+        EVP_PKEY_free(pkey);
+        if (bad)
+                {
+                EVP_PKEY_free(c->pkeys[i].privatekey);
+                c->pkeys[i].privatekey=NULL;
+                }
+
+        if (c->pkeys[i].x509 != NULL)
+                X509_free(c->pkeys[i].x509);
+        CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
+        c->pkeys[i].x509=x;
+        c->key= &(c->pkeys[i]);
+
+        c->valid=0;
+        return(1);
+        }
+
+#ifndef OPENSSL_NO_STDIO
+int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
+        {
+        int j;
+        BIO *in;
+        int ret=0;
+        X509 *x=NULL;
+
+        in=BIO_new(BIO_s_file_internal());
+        if (in == NULL)
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB);
+                goto end;
+                }
+
+        if (BIO_read_filename(in,file) <= 0)
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB);
+                goto end;
+                }
+        if (type == SSL_FILETYPE_ASN1)
+                {
+                j=ERR_R_ASN1_LIB;
+                x=d2i_X509_bio(in,NULL);
+                }
+        else if (type == SSL_FILETYPE_PEM)
+                {
+                j=ERR_R_PEM_LIB;
+                x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
+                }
+        else
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE);
+                goto end;
+                }
+
+        if (x == NULL)
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,j);
+                goto end;
+                }
+
+        ret=SSL_CTX_use_certificate(ctx,x);
+end:
+        if (x != NULL) X509_free(x);
+        if (in != NULL) BIO_free(in);
+        return(ret);
+        }
+#endif
+
+int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d)
+        {
+        X509 *x;
+        int ret;
+
+        x=d2i_X509(NULL,&d,(long)len);
+        if (x == NULL)
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB);
+                return(0);
+                }
+
+        ret=SSL_CTX_use_certificate(ctx,x);
+        X509_free(x);
+        return(ret);
+        }
+
+#ifndef OPENSSL_NO_RSA
+int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
+        {
+        int ret;
+        EVP_PKEY *pkey;
+
+        if (rsa == NULL)
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
+                return(0);
+                }
+        if (!ssl_cert_inst(&ctx->cert))
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
+                return(0);
+                }
+        if ((pkey=EVP_PKEY_new()) == NULL)
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB);
+                return(0);
+                }
+
+        RSA_up_ref(rsa);
+        EVP_PKEY_assign_RSA(pkey,rsa);
+
+        ret=ssl_set_pkey(ctx->cert, pkey);
+        EVP_PKEY_free(pkey);
+        return(ret);
+        }
+
+#ifndef OPENSSL_NO_STDIO
+int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
+        {
+        int j,ret=0;
+        BIO *in;
+        RSA *rsa=NULL;
+
+        in=BIO_new(BIO_s_file_internal());
+        if (in == NULL)
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB);
+                goto end;
+                }
+
+        if (BIO_read_filename(in,file) <= 0)
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB);
+                goto end;
+                }
+        if      (type == SSL_FILETYPE_ASN1)
+                {
+                j=ERR_R_ASN1_LIB;
+                rsa=d2i_RSAPrivateKey_bio(in,NULL);
+                }
+        else if (type == SSL_FILETYPE_PEM)
+                {
+                j=ERR_R_PEM_LIB;
+                rsa=PEM_read_bio_RSAPrivateKey(in,NULL,
+                        ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
+                }
+        else
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
+                goto end;
+                }
+        if (rsa == NULL)
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,j);
+                goto end;
+                }
+        ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa);
+        RSA_free(rsa);
+end:
+        if (in != NULL) BIO_free(in);
+        return(ret);
+        }
+#endif
+
+int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len)
+        {
+        int ret;
+        const unsigned char *p;
+        RSA *rsa;
+
+        p=d;
+        if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL)
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
+                return(0);
+                }
+
+        ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa);
+        RSA_free(rsa);
+        return(ret);
+        }
+#endif /* !OPENSSL_NO_RSA */
+
+int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
+        {
+        if (pkey == NULL)
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
+                return(0);
+                }
+        if (!ssl_cert_inst(&ctx->cert))
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE);
+                return(0);
+                }
+        return(ssl_set_pkey(ctx->cert,pkey));
+        }
+
+#ifndef OPENSSL_NO_STDIO
+int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
+        {
+        int j,ret=0;
+        BIO *in;
+        EVP_PKEY *pkey=NULL;
+
+        in=BIO_new(BIO_s_file_internal());
+        if (in == NULL)
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB);
+                goto end;
+                }
+
+        if (BIO_read_filename(in,file) <= 0)
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB);
+                goto end;
+                }
+        if (type == SSL_FILETYPE_PEM)
+                {
+                j=ERR_R_PEM_LIB;
+                pkey=PEM_read_bio_PrivateKey(in,NULL,
+                        ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
+                }
+        else
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
+                goto end;
+                }
+        if (pkey == NULL)
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,j);
+                goto end;
+                }
+        ret=SSL_CTX_use_PrivateKey(ctx,pkey);
+        EVP_PKEY_free(pkey);
+end:
+        if (in != NULL) BIO_free(in);
+        return(ret);
+        }
+#endif
+
+int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, unsigned char *d,
+             long len)
+        {
+        int ret;
+        unsigned char *p;
+        EVP_PKEY *pkey;
+
+        p=d;
+        if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL)
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
+                return(0);
+                }
+
+        ret=SSL_CTX_use_PrivateKey(ctx,pkey);
+        EVP_PKEY_free(pkey);
+        return(ret);
+        }
+
+
+#ifndef OPENSSL_NO_STDIO
+/* Read a file that contains our certificate in "PEM" format,
+ * possibly followed by a sequence of CA certificates that should be
+ * sent to the peer in the Certificate message.
+ */
+int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
+        {
+        BIO *in;
+        int ret=0;
+        X509 *x=NULL;
+
+        in=BIO_new(BIO_s_file_internal());
+        if (in == NULL)
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_BUF_LIB);
+                goto end;
+                }
+
+        if (BIO_read_filename(in,file) <= 0)
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_SYS_LIB);
+                goto end;
+                }
+
+        x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
+        if (x == NULL)
+                {
+                SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_PEM_LIB);
+                goto end;
+                }
+
+        ret=SSL_CTX_use_certificate(ctx,x);
+        if (ERR_peek_error() != 0)
+                ret = 0;  /* Key/certificate mismatch doesn't imply ret==0 ... */
+        if (ret)
+                {
+                /* If we could set up our certificate, now proceed to
+                 * the CA certificates.
+                 */
+                X509 *ca;
+                int r;
+                unsigned long err;
+                
+                if (ctx->extra_certs != NULL) 
+                        {
+                        sk_X509_pop_free(ctx->extra_certs, X509_free);
+                        ctx->extra_certs = NULL;
+                        }
+
+                while ((ca = PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata))
+                        != NULL)
+                        {
+                        r = SSL_CTX_add_extra_chain_cert(ctx, ca);
+                        if (!r) 
+                                {
+                                X509_free(ca);
+                                ret = 0;
+                                goto end;
+                                }
+                        /* Note that we must not free r if it was successfully
+                         * added to the chain (while we must free the main
+                         * certificate, since its reference count is increased
+                         * by SSL_CTX_use_certificate). */
+                        }
+                /* When the while loop ends, it's usually just EOF. */
+                err = ERR_peek_last_error();
+                if (ERR_GET_LIB(err) == ERR_LIB_PEM && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)
+                        ERR_clear_error();
+                else 
+                        ret = 0; /* some real error */
+                }
+
+end:
+        if (x != NULL) X509_free(x);
+        if (in != NULL) BIO_free(in);
+        return(ret);
+        }
+#endif
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
new file mode 100644
index 0000000000..5f12aa361c
--- /dev/null
+++ b/src/lib/libssl/ssl_sess.c
@@ -0,0 +1,755 @@
+/* ssl/ssl_sess.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/lhash.h>
+#include <openssl/rand.h>
+#include "ssl_locl.h"
+
+static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
+static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s);
+static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
+
+SSL_SESSION *SSL_get_session(const SSL *ssl)
+/* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
+        {
+        return(ssl->session);
+        }
+
+SSL_SESSION *SSL_get1_session(SSL *ssl)
+/* variant of SSL_get_session: caller really gets something */
+        {
+        SSL_SESSION *sess;
+        /* Need to lock this all up rather than just use CRYPTO_add so that
+         * somebody doesn't free ssl->session between when we check it's
+         * non-null and when we up the reference count. */
+        CRYPTO_w_lock(CRYPTO_LOCK_SSL_SESSION);
+        sess = ssl->session;
+        if(sess)
+                sess->references++;
+        CRYPTO_w_unlock(CRYPTO_LOCK_SSL_SESSION);
+        return(sess);
+        }
+
+int SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+             CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+        {
+        return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, argl, argp,
+                        new_func, dup_func, free_func);
+        }
+
+int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
+        {
+        return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
+        }
+
+void *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)
+        {
+        return(CRYPTO_get_ex_data(&s->ex_data,idx));
+        }
+
+SSL_SESSION *SSL_SESSION_new(void)
+        {
+        SSL_SESSION *ss;
+
+        ss=(SSL_SESSION *)OPENSSL_malloc(sizeof(SSL_SESSION));
+        if (ss == NULL)
+                {
+                SSLerr(SSL_F_SSL_SESSION_NEW,ERR_R_MALLOC_FAILURE);
+                return(0);
+                }
+        memset(ss,0,sizeof(SSL_SESSION));
+
+        ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
+        ss->references=1;
+        ss->timeout=60*5+4; /* 5 minute timeout by default */
+        ss->time=time(NULL);
+        ss->prev=NULL;
+        ss->next=NULL;
+        ss->compress_meth=0;
+        CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
+        return(ss);
+        }
+
+/* Even with SSLv2, we have 16 bytes (128 bits) of session ID space. SSLv3/TLSv1
+ * has 32 bytes (256 bits). As such, filling the ID with random gunk repeatedly
+ * until we have no conflict is going to complete in one iteration pretty much
+ * "most" of the time (btw: understatement). So, if it takes us 10 iterations
+ * and we still can't avoid a conflict - well that's a reasonable point to call
+ * it quits. Either the RAND code is broken or someone is trying to open roughly
+ * very close to 2^128 (or 2^256) SSL sessions to our server. How you might
+ * store that many sessions is perhaps a more interesting question ... */
+
+#define MAX_SESS_ID_ATTEMPTS 10
+static int def_generate_session_id(const SSL *ssl, unsigned char *id,
+                                unsigned int *id_len)
+{
+        unsigned int retry = 0;
+        do
+                if(RAND_pseudo_bytes(id, *id_len) <= 0)
+                        return 0;
+        while(SSL_has_matching_session_id(ssl, id, *id_len) &&
+                (++retry < MAX_SESS_ID_ATTEMPTS));
+        if(retry < MAX_SESS_ID_ATTEMPTS)
+                return 1;
+        /* else - woops a session_id match */
+        /* XXX We should also check the external cache --
+         * but the probability of a collision is negligible, and
+         * we could not prevent the concurrent creation of sessions
+         * with identical IDs since we currently don't have means
+         * to atomically check whether a session ID already exists
+         * and make a reservation for it if it does not
+         * (this problem applies to the internal cache as well).
+         */
+        return 0;
+}
+
+int ssl_get_new_session(SSL *s, int session)
+        {
+        /* This gets used by clients and servers. */
+
+        unsigned int tmp;
+        SSL_SESSION *ss=NULL;
+        GEN_SESSION_CB cb = def_generate_session_id;
+
+        if ((ss=SSL_SESSION_new()) == NULL) return(0);
+
+        /* If the context has a default timeout, use it */
+        if (s->ctx->session_timeout == 0)
+                ss->timeout=SSL_get_default_timeout(s);
+        else
+                ss->timeout=s->ctx->session_timeout;
+
+        if (s->session != NULL)
+                {
+                SSL_SESSION_free(s->session);
+                s->session=NULL;
+                }
+
+        if (session)
+                {
+                if (s->version == SSL2_VERSION)
+                        {
+                        ss->ssl_version=SSL2_VERSION;
+                        ss->session_id_length=SSL2_SSL_SESSION_ID_LENGTH;
+                        }
+                else if (s->version == SSL3_VERSION)
+                        {
+                        ss->ssl_version=SSL3_VERSION;
+                        ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
+                        }
+                else if (s->version == TLS1_VERSION)
+                        {
+                        ss->ssl_version=TLS1_VERSION;
+                        ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
+                        }
+                else
+                        {
+                        SSLerr(SSL_F_SSL_GET_NEW_SESSION,SSL_R_UNSUPPORTED_SSL_VERSION);
+                        SSL_SESSION_free(ss);
+                        return(0);
+                        }
+                /* Choose which callback will set the session ID */
+                CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
+                if(s->generate_session_id)
+                        cb = s->generate_session_id;
+                else if(s->ctx->generate_session_id)
+                        cb = s->ctx->generate_session_id;
+                CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
+                /* Choose a session ID */
+                tmp = ss->session_id_length;
+                if(!cb(s, ss->session_id, &tmp))
+                        {
+                        /* The callback failed */
+                        SSLerr(SSL_F_SSL_GET_NEW_SESSION,
+                                SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
+                        SSL_SESSION_free(ss);
+                        return(0);
+                        }
+                /* Don't allow the callback to set the session length to zero.
+                 * nor set it higher than it was. */
+                if(!tmp || (tmp > ss->session_id_length))
+                        {
+                        /* The callback set an illegal length */
+                        SSLerr(SSL_F_SSL_GET_NEW_SESSION,
+                                SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
+                        SSL_SESSION_free(ss);
+                        return(0);
+                        }
+                /* If the session length was shrunk and we're SSLv2, pad it */
+                if((tmp < ss->session_id_length) && (s->version == SSL2_VERSION))
+                        memset(ss->session_id + tmp, 0, ss->session_id_length - tmp);
+                else
+                        ss->session_id_length = tmp;
+                /* Finally, check for a conflict */
+                if(SSL_has_matching_session_id(s, ss->session_id,
+                                                ss->session_id_length))
+                        {
+                        SSLerr(SSL_F_SSL_GET_NEW_SESSION,
+                                SSL_R_SSL_SESSION_ID_CONFLICT);
+                        SSL_SESSION_free(ss);
+                        return(0);
+                        }
+                }
+        else
+                {
+                ss->session_id_length=0;
+                }
+
+        if (s->sid_ctx_length > sizeof ss->sid_ctx)
+                {
+                SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
+                SSL_SESSION_free(ss);
+                return 0;
+                }
+        memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length);
+        ss->sid_ctx_length=s->sid_ctx_length;
+        s->session=ss;
+        ss->ssl_version=s->version;
+        ss->verify_result = X509_V_OK;
+
+        return(1);
+        }
+
+int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
+        {
+        /* This is used only by servers. */
+
+        SSL_SESSION *ret=NULL,data;
+        int fatal = 0;
+
+        data.ssl_version=s->version;
+        data.session_id_length=len;
+        if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
+                goto err;
+        memcpy(data.session_id,session_id,len);
+
+        if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
+                {
+                CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
+                ret=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,&data);
+                if (ret != NULL)
+                    /* don't allow other threads to steal it: */
+                    CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
+                CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
+                }
+
+        if (ret == NULL)
+                {
+                int copy=1;
+        
+                s->ctx->stats.sess_miss++;
+                ret=NULL;
+                if (s->ctx->get_session_cb != NULL
+                    && (ret=s->ctx->get_session_cb(s,session_id,len,&copy))
+                       != NULL)
+                        {
+                        s->ctx->stats.sess_cb_hit++;
+
+                        /* Increment reference count now if the session callback
+                         * asks us to do so (note that if the session structures
+                         * returned by the callback are shared between threads,
+                         * it must handle the reference count itself [i.e. copy == 0],
+                         * or things won't be thread-safe). */
+                        if (copy)
+                                CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
+
+                        /* Add the externally cached session to the internal
+                         * cache as well if and only if we are supposed to. */
+                        if(!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_STORE))
+                                /* The following should not return 1, otherwise,
+                                 * things are very strange */
+                                SSL_CTX_add_session(s->ctx,ret);
+                        }
+                if (ret == NULL)
+                        goto err;
+                }
+
+        /* Now ret is non-NULL, and we own one of its reference counts. */
+
+        if((s->verify_mode&SSL_VERIFY_PEER)
+           && (!s->sid_ctx_length || ret->sid_ctx_length != s->sid_ctx_length
+               || memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length)))
+            {
+                /* We've found the session named by the client, but we don't
+                 * want to use it in this context. */
+                
+                if (s->sid_ctx_length == 0)
+                        {
+                        /* application should have used SSL[_CTX]_set_session_id_context
+                         * -- we could tolerate this and just pretend we never heard
+                         * of this session, but then applications could effectively
+                         * disable the session cache by accident without anyone noticing */
+
+                        SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
+                        fatal = 1;
+                        goto err;
+                        }
+                else
+                        {
+#if 0 /* The client cannot always know when a session is not appropriate,
+           * so we shouldn't generate an error message. */
+
+                        SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
+#endif
+                        goto err; /* treat like cache miss */
+                        }
+                }
+
+        if (ret->cipher == NULL)
+                {
+                unsigned char buf[5],*p;
+                unsigned long l;
+
+                p=buf;
+                l=ret->cipher_id;
+                l2n(l,p);
+                if ((ret->ssl_version>>8) == SSL3_VERSION_MAJOR)
+                        ret->cipher=ssl_get_cipher_by_char(s,&(buf[2]));
+                else 
+                        ret->cipher=ssl_get_cipher_by_char(s,&(buf[1]));
+                if (ret->cipher == NULL)
+                        goto err;
+                }
+
+
+#if 0 /* This is way too late. */
+
+        /* If a thread got the session, then 'swaped', and another got
+         * it and then due to a time-out decided to 'OPENSSL_free' it we could
+         * be in trouble.  So I'll increment it now, then double decrement
+         * later - am I speaking rubbish?. */
+        CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
+#endif
+
+        if ((long)(ret->time+ret->timeout) < (long)time(NULL)) /* timeout */
+                {
+                s->ctx->stats.sess_timeout++;
+                /* remove it from the cache */
+                SSL_CTX_remove_session(s->ctx,ret);
+                goto err;
+                }
+
+        s->ctx->stats.sess_hit++;
+
+        /* ret->time=time(NULL); */ /* rezero timeout? */
+        /* again, just leave the session 
+         * if it is the same session, we have just incremented and
+         * then decremented the reference count :-) */
+        if (s->session != NULL)
+                SSL_SESSION_free(s->session);
+        s->session=ret;
+        s->verify_result = s->session->verify_result;
+        return(1);
+
+ err:
+        if (ret != NULL)
+                SSL_SESSION_free(ret);
+        if (fatal)
+                return -1;
+        else
+                return 0;
+        }
+
+int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
+        {
+        int ret=0;
+        SSL_SESSION *s;
+
+        /* add just 1 reference count for the SSL_CTX's session cache
+         * even though it has two ways of access: each session is in a
+         * doubly linked list and an lhash */
+        CRYPTO_add(&c->references,1,CRYPTO_LOCK_SSL_SESSION);
+        /* if session c is in already in cache, we take back the increment later */
+
+        CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+        s=(SSL_SESSION *)lh_insert(ctx->sessions,c);
+        
+        /* s != NULL iff we already had a session with the given PID.
+         * In this case, s == c should hold (then we did not really modify
+         * ctx->sessions), or we're in trouble. */
+        if (s != NULL && s != c)
+                {
+                /* We *are* in trouble ... */
+                SSL_SESSION_list_remove(ctx,s);
+                SSL_SESSION_free(s);
+                /* ... so pretend the other session did not exist in cache
+                 * (we cannot handle two SSL_SESSION structures with identical
+                 * session ID in the same cache, which could happen e.g. when
+                 * two threads concurrently obtain the same session from an external
+                 * cache) */
+                s = NULL;
+                }
+
+        /* Put at the head of the queue unless it is already in the cache */
+        if (s == NULL)
+                SSL_SESSION_list_add(ctx,c);
+
+        if (s != NULL)
+                {
+                /* existing cache entry -- decrement previously incremented reference
+                 * count because it already takes into account the cache */
+
+                SSL_SESSION_free(s); /* s == c */
+                ret=0;
+                }
+        else
+                {
+                /* new cache entry -- remove old ones if cache has become too large */
+                
+                ret=1;
+
+                if (SSL_CTX_sess_get_cache_size(ctx) > 0)
+                        {
+                        while (SSL_CTX_sess_number(ctx) >
+                                SSL_CTX_sess_get_cache_size(ctx))
+                                {
+                                if (!remove_session_lock(ctx,
+                                        ctx->session_cache_tail, 0))
+                                        break;
+                                else
+                                        ctx->stats.sess_cache_full++;
+                                }
+                        }
+                }
+        CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+        return(ret);
+        }
+
+int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
+{
+        return remove_session_lock(ctx, c, 1);
+}
+
+static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
+        {
+        SSL_SESSION *r;
+        int ret=0;
+
+        if ((c != NULL) && (c->session_id_length != 0))
+                {
+                if(lck) CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+                if ((r = (SSL_SESSION *)lh_retrieve(ctx->sessions,c)) == c)
+                        {
+                        ret=1;
+                        r=(SSL_SESSION *)lh_delete(ctx->sessions,c);
+                        SSL_SESSION_list_remove(ctx,c);
+                        }
+
+                if(lck) CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+
+                if (ret)
+                        {
+                        r->not_resumable=1;
+                        if (ctx->remove_session_cb != NULL)
+                                ctx->remove_session_cb(ctx,r);
+                        SSL_SESSION_free(r);
+                        }
+                }
+        else
+                ret=0;
+        return(ret);
+        }
+
+void SSL_SESSION_free(SSL_SESSION *ss)
+        {
+        int i;
+
+        if(ss == NULL)
+            return;
+
+        i=CRYPTO_add(&ss->references,-1,CRYPTO_LOCK_SSL_SESSION);
+#ifdef REF_PRINT
+        REF_PRINT("SSL_SESSION",ss);
+#endif
+        if (i > 0) return;
+#ifdef REF_CHECK
+        if (i < 0)
+                {
+                fprintf(stderr,"SSL_SESSION_free, bad reference count\n");
+                abort(); /* ok */
+                }
+#endif
+
+        CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
+
+        OPENSSL_cleanse(ss->key_arg,sizeof ss->key_arg);
+        OPENSSL_cleanse(ss->master_key,sizeof ss->master_key);
+        OPENSSL_cleanse(ss->session_id,sizeof ss->session_id);
+        if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert);
+        if (ss->peer != NULL) X509_free(ss->peer);
+        if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers);
+        OPENSSL_cleanse(ss,sizeof(*ss));
+        OPENSSL_free(ss);
+        }
+
+int SSL_set_session(SSL *s, SSL_SESSION *session)
+        {
+        int ret=0;
+        SSL_METHOD *meth;
+
+        if (session != NULL)
+                {
+                meth=s->ctx->method->get_ssl_method(session->ssl_version);
+                if (meth == NULL)
+                        meth=s->method->get_ssl_method(session->ssl_version);
+                if (meth == NULL)
+                        {
+                        SSLerr(SSL_F_SSL_SET_SESSION,SSL_R_UNABLE_TO_FIND_SSL_METHOD);
+                        return(0);
+                        }
+
+                if (meth != s->method)
+                        {
+                        if (!SSL_set_ssl_method(s,meth))
+                                return(0);
+                        if (s->ctx->session_timeout == 0)
+                                session->timeout=SSL_get_default_timeout(s);
+                        else
+                                session->timeout=s->ctx->session_timeout;
+                        }
+
+#ifndef OPENSSL_NO_KRB5
+                if (s->kssl_ctx && !s->kssl_ctx->client_princ &&
+                    session->krb5_client_princ_len > 0)
+                {
+                    s->kssl_ctx->client_princ = (char *)malloc(session->krb5_client_princ_len + 1);
+                    memcpy(s->kssl_ctx->client_princ,session->krb5_client_princ,
+                            session->krb5_client_princ_len);
+                    s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0';
+                }
+#endif /* OPENSSL_NO_KRB5 */
+
+                /* CRYPTO_w_lock(CRYPTO_LOCK_SSL);*/
+                CRYPTO_add(&session->references,1,CRYPTO_LOCK_SSL_SESSION);
+                if (s->session != NULL)
+                        SSL_SESSION_free(s->session);
+                s->session=session;
+                s->verify_result = s->session->verify_result;
+                /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/
+                ret=1;
+                }
+        else
+                {
+                if (s->session != NULL)
+                        {
+                        SSL_SESSION_free(s->session);
+                        s->session=NULL;
+                        }
+
+                meth=s->ctx->method;
+                if (meth != s->method)
+                        {
+                        if (!SSL_set_ssl_method(s,meth))
+                                return(0);
+                        }
+                ret=1;
+                }
+        return(ret);
+        }
+
+long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
+        {
+        if (s == NULL) return(0);
+        s->timeout=t;
+        return(1);
+        }
+
+long SSL_SESSION_get_timeout(const SSL_SESSION *s)
+        {
+        if (s == NULL) return(0);
+        return(s->timeout);
+        }
+
+long SSL_SESSION_get_time(const SSL_SESSION *s)
+        {
+        if (s == NULL) return(0);
+        return(s->time);
+        }
+
+long SSL_SESSION_set_time(SSL_SESSION *s, long t)
+        {
+        if (s == NULL) return(0);
+        s->time=t;
+        return(t);
+        }
+
+long SSL_CTX_set_timeout(SSL_CTX *s, long t)
+        {
+        long l;
+        if (s == NULL) return(0);
+        l=s->session_timeout;
+        s->session_timeout=t;
+        return(l);
+        }
+
+long SSL_CTX_get_timeout(const SSL_CTX *s)
+        {
+        if (s == NULL) return(0);
+        return(s->session_timeout);
+        }
+
+typedef struct timeout_param_st
+        {
+        SSL_CTX *ctx;
+        long time;
+        LHASH *cache;
+        } TIMEOUT_PARAM;
+
+static void timeout(SSL_SESSION *s, TIMEOUT_PARAM *p)
+        {
+        if ((p->time == 0) || (p->time > (s->time+s->timeout))) /* timeout */
+                {
+                /* The reason we don't call SSL_CTX_remove_session() is to
+                 * save on locking overhead */
+                lh_delete(p->cache,s);
+                SSL_SESSION_list_remove(p->ctx,s);
+                s->not_resumable=1;
+                if (p->ctx->remove_session_cb != NULL)
+                        p->ctx->remove_session_cb(p->ctx,s);
+                SSL_SESSION_free(s);
+                }
+        }
+
+static IMPLEMENT_LHASH_DOALL_ARG_FN(timeout, SSL_SESSION *, TIMEOUT_PARAM *)
+
+void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
+        {
+        unsigned long i;
+        TIMEOUT_PARAM tp;
+
+        tp.ctx=s;
+        tp.cache=s->sessions;
+        if (tp.cache == NULL) return;
+        tp.time=t;
+        CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+        i=tp.cache->down_load;
+        tp.cache->down_load=0;
+        lh_doall_arg(tp.cache, LHASH_DOALL_ARG_FN(timeout), &tp);
+        tp.cache->down_load=i;
+        CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+        }
+
+int ssl_clear_bad_session(SSL *s)
+        {
+        if (    (s->session != NULL) &&
+                !(s->shutdown & SSL_SENT_SHUTDOWN) &&
+                !(SSL_in_init(s) || SSL_in_before(s)))
+                {
+                SSL_CTX_remove_session(s->ctx,s->session);
+                return(1);
+                }
+        else
+                return(0);
+        }
+
+/* locked by SSL_CTX in the calling function */
+static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
+        {
+        if ((s->next == NULL) || (s->prev == NULL)) return;
+
+        if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail))
+                { /* last element in list */
+                if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
+                        { /* only one element in list */
+                        ctx->session_cache_head=NULL;
+                        ctx->session_cache_tail=NULL;
+                        }
+                else
+                        {
+                        ctx->session_cache_tail=s->prev;
+                        s->prev->next=(SSL_SESSION *)&(ctx->session_cache_tail);
+                        }
+                }
+        else
+                {
+                if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
+                        { /* first element in list */
+                        ctx->session_cache_head=s->next;
+                        s->next->prev=(SSL_SESSION *)&(ctx->session_cache_head);
+                        }
+                else
+                        { /* middle of list */
+                        s->next->prev=s->prev;
+                        s->prev->next=s->next;
+                        }
+                }
+        s->prev=s->next=NULL;
+        }
+
+static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
+        {
+        if ((s->next != NULL) && (s->prev != NULL))
+                SSL_SESSION_list_remove(ctx,s);
+
+        if (ctx->session_cache_head == NULL)
+                {
+                ctx->session_cache_head=s;
+                ctx->session_cache_tail=s;
+                s->prev=(SSL_SESSION *)&(ctx->session_cache_head);
+                s->next=(SSL_SESSION *)&(ctx->session_cache_tail);
+                }
+        else
+                {
+                s->next=ctx->session_cache_head;
+                s->next->prev=s;
+                s->prev=(SSL_SESSION *)&(ctx->session_cache_head);
+                ctx->session_cache_head=s;
+                }
+        }
+
diff --git a/src/lib/libssl/ssl_stat.c b/src/lib/libssl/ssl_stat.c
new file mode 100644
index 0000000000..b16d253081
--- /dev/null
+++ b/src/lib/libssl/ssl_stat.c
@@ -0,0 +1,502 @@
+/* ssl/ssl_stat.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+
+const char *SSL_state_string_long(const SSL *s)
+        {
+        const char *str;
+
+        switch (s->state)
+                {
+case SSL_ST_BEFORE: str="before SSL initialization"; break;
+case SSL_ST_ACCEPT: str="before accept initialization"; break;
+case SSL_ST_CONNECT: str="before connect initialization"; break;
+case SSL_ST_OK: str="SSL negotiation finished successfully"; break;
+case SSL_ST_RENEGOTIATE:        str="SSL renegotiate ciphers"; break;
+case SSL_ST_BEFORE|SSL_ST_CONNECT: str="before/connect initialization"; break;
+case SSL_ST_OK|SSL_ST_CONNECT: str="ok/connect SSL initialization"; break;
+case SSL_ST_BEFORE|SSL_ST_ACCEPT: str="before/accept initialization"; break;
+case SSL_ST_OK|SSL_ST_ACCEPT: str="ok/accept SSL initialization"; break;
+#ifndef OPENSSL_NO_SSL2
+case SSL2_ST_CLIENT_START_ENCRYPTION: str="SSLv2 client start encryption"; break;
+case SSL2_ST_SERVER_START_ENCRYPTION: str="SSLv2 server start encryption"; break;
+case SSL2_ST_SEND_CLIENT_HELLO_A: str="SSLv2 write client hello A"; break;
+case SSL2_ST_SEND_CLIENT_HELLO_B: str="SSLv2 write client hello B"; break;
+case SSL2_ST_GET_SERVER_HELLO_A: str="SSLv2 read server hello A"; break;
+case SSL2_ST_GET_SERVER_HELLO_B: str="SSLv2 read server hello B"; break;
+case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="SSLv2 write client master key A"; break;
+case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="SSLv2 write client master key B"; break;
+case SSL2_ST_SEND_CLIENT_FINISHED_A: str="SSLv2 write client finished A"; break;
+case SSL2_ST_SEND_CLIENT_FINISHED_B: str="SSLv2 write client finished B"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="SSLv2 write client certificate A"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="SSLv2 write client certificate B"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="SSLv2 write client certificate C"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="SSLv2 write client certificate D"; break;
+case SSL2_ST_GET_SERVER_VERIFY_A: str="SSLv2 read server verify A"; break;
+case SSL2_ST_GET_SERVER_VERIFY_B: str="SSLv2 read server verify B"; break;
+case SSL2_ST_GET_SERVER_FINISHED_A: str="SSLv2 read server finished A"; break;
+case SSL2_ST_GET_SERVER_FINISHED_B: str="SSLv2 read server finished B"; break;
+case SSL2_ST_GET_CLIENT_HELLO_A: str="SSLv2 read client hello A"; break;
+case SSL2_ST_GET_CLIENT_HELLO_B: str="SSLv2 read client hello B"; break;
+case SSL2_ST_GET_CLIENT_HELLO_C: str="SSLv2 read client hello C"; break;
+case SSL2_ST_SEND_SERVER_HELLO_A: str="SSLv2 write server hello A"; break;
+case SSL2_ST_SEND_SERVER_HELLO_B: str="SSLv2 write server hello B"; break;
+case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="SSLv2 read client master key A"; break;
+case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="SSLv2 read client master key B"; break;
+case SSL2_ST_SEND_SERVER_VERIFY_A: str="SSLv2 write server verify A"; break;
+case SSL2_ST_SEND_SERVER_VERIFY_B: str="SSLv2 write server verify B"; break;
+case SSL2_ST_SEND_SERVER_VERIFY_C: str="SSLv2 write server verify C"; break;
+case SSL2_ST_GET_CLIENT_FINISHED_A: str="SSLv2 read client finished A"; break;
+case SSL2_ST_GET_CLIENT_FINISHED_B: str="SSLv2 read client finished B"; break;
+case SSL2_ST_SEND_SERVER_FINISHED_A: str="SSLv2 write server finished A"; break;
+case SSL2_ST_SEND_SERVER_FINISHED_B: str="SSLv2 write server finished B"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="SSLv2 write request certificate A"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="SSLv2 write request certificate B"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="SSLv2 write request certificate C"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="SSLv2 write request certificate D"; break;
+case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="SSLv2 X509 read server certificate"; break;
+case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="SSLv2 X509 read client certificate"; break;
+#endif
+
+#ifndef OPENSSL_NO_SSL3
+/* SSLv3 additions */
+case SSL3_ST_CW_CLNT_HELLO_A:   str="SSLv3 write client hello A"; break;
+case SSL3_ST_CW_CLNT_HELLO_B:   str="SSLv3 write client hello B"; break;
+case SSL3_ST_CR_SRVR_HELLO_A:   str="SSLv3 read server hello A"; break;
+case SSL3_ST_CR_SRVR_HELLO_B:   str="SSLv3 read server hello B"; break;
+case SSL3_ST_CR_CERT_A:         str="SSLv3 read server certificate A"; break;
+case SSL3_ST_CR_CERT_B:         str="SSLv3 read server certificate B"; break;
+case SSL3_ST_CR_KEY_EXCH_A:     str="SSLv3 read server key exchange A"; break;
+case SSL3_ST_CR_KEY_EXCH_B:     str="SSLv3 read server key exchange B"; break;
+case SSL3_ST_CR_CERT_REQ_A:     str="SSLv3 read server certificate request A"; break;
+case SSL3_ST_CR_CERT_REQ_B:     str="SSLv3 read server certificate request B"; break;
+case SSL3_ST_CR_SRVR_DONE_A:    str="SSLv3 read server done A"; break;
+case SSL3_ST_CR_SRVR_DONE_B:    str="SSLv3 read server done B"; break;
+case SSL3_ST_CW_CERT_A:         str="SSLv3 write client certificate A"; break;
+case SSL3_ST_CW_CERT_B:         str="SSLv3 write client certificate B"; break;
+case SSL3_ST_CW_CERT_C:         str="SSLv3 write client certificate C"; break;
+case SSL3_ST_CW_CERT_D:         str="SSLv3 write client certificate D"; break;
+case SSL3_ST_CW_KEY_EXCH_A:     str="SSLv3 write client key exchange A"; break;
+case SSL3_ST_CW_KEY_EXCH_B:     str="SSLv3 write client key exchange B"; break;
+case SSL3_ST_CW_CERT_VRFY_A:    str="SSLv3 write certificate verify A"; break;
+case SSL3_ST_CW_CERT_VRFY_B:    str="SSLv3 write certificate verify B"; break;
+
+case SSL3_ST_CW_CHANGE_A:
+case SSL3_ST_SW_CHANGE_A:       str="SSLv3 write change cipher spec A"; break;
+case SSL3_ST_CW_CHANGE_B:       
+case SSL3_ST_SW_CHANGE_B:       str="SSLv3 write change cipher spec B"; break;
+case SSL3_ST_CW_FINISHED_A:     
+case SSL3_ST_SW_FINISHED_A:     str="SSLv3 write finished A"; break;
+case SSL3_ST_CW_FINISHED_B:     
+case SSL3_ST_SW_FINISHED_B:     str="SSLv3 write finished B"; break;
+case SSL3_ST_CR_CHANGE_A:       
+case SSL3_ST_SR_CHANGE_A:       str="SSLv3 read change cipher spec A"; break;
+case SSL3_ST_CR_CHANGE_B:       
+case SSL3_ST_SR_CHANGE_B:       str="SSLv3 read change cipher spec B"; break;
+case SSL3_ST_CR_FINISHED_A:     
+case SSL3_ST_SR_FINISHED_A:     str="SSLv3 read finished A"; break;
+case SSL3_ST_CR_FINISHED_B:     
+case SSL3_ST_SR_FINISHED_B:     str="SSLv3 read finished B"; break;
+
+case SSL3_ST_CW_FLUSH:
+case SSL3_ST_SW_FLUSH:          str="SSLv3 flush data"; break;
+
+case SSL3_ST_SR_CLNT_HELLO_A:   str="SSLv3 read client hello A"; break;
+case SSL3_ST_SR_CLNT_HELLO_B:   str="SSLv3 read client hello B"; break;
+case SSL3_ST_SR_CLNT_HELLO_C:   str="SSLv3 read client hello C"; break;
+case SSL3_ST_SW_HELLO_REQ_A:    str="SSLv3 write hello request A"; break;
+case SSL3_ST_SW_HELLO_REQ_B:    str="SSLv3 write hello request B"; break;
+case SSL3_ST_SW_HELLO_REQ_C:    str="SSLv3 write hello request C"; break;
+case SSL3_ST_SW_SRVR_HELLO_A:   str="SSLv3 write server hello A"; break;
+case SSL3_ST_SW_SRVR_HELLO_B:   str="SSLv3 write server hello B"; break;
+case SSL3_ST_SW_CERT_A:         str="SSLv3 write certificate A"; break;
+case SSL3_ST_SW_CERT_B:         str="SSLv3 write certificate B"; break;
+case SSL3_ST_SW_KEY_EXCH_A:     str="SSLv3 write key exchange A"; break;
+case SSL3_ST_SW_KEY_EXCH_B:     str="SSLv3 write key exchange B"; break;
+case SSL3_ST_SW_CERT_REQ_A:     str="SSLv3 write certificate request A"; break;
+case SSL3_ST_SW_CERT_REQ_B:     str="SSLv3 write certificate request B"; break;
+case SSL3_ST_SW_SRVR_DONE_A:    str="SSLv3 write server done A"; break;
+case SSL3_ST_SW_SRVR_DONE_B:    str="SSLv3 write server done B"; break;
+case SSL3_ST_SR_CERT_A:         str="SSLv3 read client certificate A"; break;
+case SSL3_ST_SR_CERT_B:         str="SSLv3 read client certificate B"; break;
+case SSL3_ST_SR_KEY_EXCH_A:     str="SSLv3 read client key exchange A"; break;
+case SSL3_ST_SR_KEY_EXCH_B:     str="SSLv3 read client key exchange B"; break;
+case SSL3_ST_SR_CERT_VRFY_A:    str="SSLv3 read certificate verify A"; break;
+case SSL3_ST_SR_CERT_VRFY_B:    str="SSLv3 read certificate verify B"; break;
+#endif
+
+#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
+/* SSLv2/v3 compatibility states */
+/* client */
+case SSL23_ST_CW_CLNT_HELLO_A:  str="SSLv2/v3 write client hello A"; break;
+case SSL23_ST_CW_CLNT_HELLO_B:  str="SSLv2/v3 write client hello B"; break;
+case SSL23_ST_CR_SRVR_HELLO_A:  str="SSLv2/v3 read server hello A"; break;
+case SSL23_ST_CR_SRVR_HELLO_B:  str="SSLv2/v3 read server hello B"; break;
+/* server */
+case SSL23_ST_SR_CLNT_HELLO_A:  str="SSLv2/v3 read client hello A"; break;
+case SSL23_ST_SR_CLNT_HELLO_B:  str="SSLv2/v3 read client hello B"; break;
+#endif
+
+default:        str="unknown state"; break;
+                }
+        return(str);
+        }
+
+const char *SSL_rstate_string_long(const SSL *s)
+        {
+        const char *str;
+
+        switch (s->rstate)
+                {
+        case SSL_ST_READ_HEADER: str="read header"; break;
+        case SSL_ST_READ_BODY: str="read body"; break;
+        case SSL_ST_READ_DONE: str="read done"; break;
+        default: str="unknown"; break;
+                }
+        return(str);
+        }
+
+const char *SSL_state_string(const SSL *s)
+        {
+        const char *str;
+
+        switch (s->state)
+                {
+case SSL_ST_BEFORE:                             str="PINIT "; break;
+case SSL_ST_ACCEPT:                             str="AINIT "; break;
+case SSL_ST_CONNECT:                            str="CINIT "; break;
+case SSL_ST_OK:                                 str="SSLOK "; break;
+#ifndef OPENSSL_NO_SSL2
+case SSL2_ST_CLIENT_START_ENCRYPTION:           str="2CSENC"; break;
+case SSL2_ST_SERVER_START_ENCRYPTION:           str="2SSENC"; break;
+case SSL2_ST_SEND_CLIENT_HELLO_A:               str="2SCH_A"; break;
+case SSL2_ST_SEND_CLIENT_HELLO_B:               str="2SCH_B"; break;
+case SSL2_ST_GET_SERVER_HELLO_A:                str="2GSH_A"; break;
+case SSL2_ST_GET_SERVER_HELLO_B:                str="2GSH_B"; break;
+case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:          str="2SCMKA"; break;
+case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:          str="2SCMKB"; break;
+case SSL2_ST_SEND_CLIENT_FINISHED_A:            str="2SCF_A"; break;
+case SSL2_ST_SEND_CLIENT_FINISHED_B:            str="2SCF_B"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:         str="2SCC_A"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:         str="2SCC_B"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:         str="2SCC_C"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:         str="2SCC_D"; break;
+case SSL2_ST_GET_SERVER_VERIFY_A:               str="2GSV_A"; break;
+case SSL2_ST_GET_SERVER_VERIFY_B:               str="2GSV_B"; break;
+case SSL2_ST_GET_SERVER_FINISHED_A:             str="2GSF_A"; break;
+case SSL2_ST_GET_SERVER_FINISHED_B:             str="2GSF_B"; break;
+case SSL2_ST_GET_CLIENT_HELLO_A:                str="2GCH_A"; break;
+case SSL2_ST_GET_CLIENT_HELLO_B:                str="2GCH_B"; break;
+case SSL2_ST_GET_CLIENT_HELLO_C:                str="2GCH_C"; break;
+case SSL2_ST_SEND_SERVER_HELLO_A:               str="2SSH_A"; break;
+case SSL2_ST_SEND_SERVER_HELLO_B:               str="2SSH_B"; break;
+case SSL2_ST_GET_CLIENT_MASTER_KEY_A:           str="2GCMKA"; break;
+case SSL2_ST_GET_CLIENT_MASTER_KEY_B:           str="2GCMKA"; break;
+case SSL2_ST_SEND_SERVER_VERIFY_A:              str="2SSV_A"; break;
+case SSL2_ST_SEND_SERVER_VERIFY_B:              str="2SSV_B"; break;
+case SSL2_ST_SEND_SERVER_VERIFY_C:              str="2SSV_C"; break;
+case SSL2_ST_GET_CLIENT_FINISHED_A:             str="2GCF_A"; break;
+case SSL2_ST_GET_CLIENT_FINISHED_B:             str="2GCF_B"; break;
+case SSL2_ST_SEND_SERVER_FINISHED_A:            str="2SSF_A"; break;
+case SSL2_ST_SEND_SERVER_FINISHED_B:            str="2SSF_B"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:        str="2SRC_A"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:        str="2SRC_B"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:        str="2SRC_C"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:        str="2SRC_D"; break;
+case SSL2_ST_X509_GET_SERVER_CERTIFICATE:       str="2X9GSC"; break;
+case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:       str="2X9GCC"; break;
+#endif
+
+#ifndef OPENSSL_NO_SSL3
+/* SSLv3 additions */
+case SSL3_ST_SW_FLUSH:
+case SSL3_ST_CW_FLUSH:                          str="3FLUSH"; break;
+case SSL3_ST_CW_CLNT_HELLO_A:                   str="3WCH_A"; break;
+case SSL3_ST_CW_CLNT_HELLO_B:                   str="3WCH_B"; break;
+case SSL3_ST_CR_SRVR_HELLO_A:                   str="3RSH_A"; break;
+case SSL3_ST_CR_SRVR_HELLO_B:                   str="3RSH_B"; break;
+case SSL3_ST_CR_CERT_A:                         str="3RSC_A"; break;
+case SSL3_ST_CR_CERT_B:                         str="3RSC_B"; break;
+case SSL3_ST_CR_KEY_EXCH_A:                     str="3RSKEA"; break;
+case SSL3_ST_CR_KEY_EXCH_B:                     str="3RSKEB"; break;
+case SSL3_ST_CR_CERT_REQ_A:                     str="3RCR_A"; break;
+case SSL3_ST_CR_CERT_REQ_B:                     str="3RCR_B"; break;
+case SSL3_ST_CR_SRVR_DONE_A:                    str="3RSD_A"; break;
+case SSL3_ST_CR_SRVR_DONE_B:                    str="3RSD_B"; break;
+case SSL3_ST_CW_CERT_A:                         str="3WCC_A"; break;
+case SSL3_ST_CW_CERT_B:                         str="3WCC_B"; break;
+case SSL3_ST_CW_CERT_C:                         str="3WCC_C"; break;
+case SSL3_ST_CW_CERT_D:                         str="3WCC_D"; break;
+case SSL3_ST_CW_KEY_EXCH_A:                     str="3WCKEA"; break;
+case SSL3_ST_CW_KEY_EXCH_B:                     str="3WCKEB"; break;
+case SSL3_ST_CW_CERT_VRFY_A:                    str="3WCV_A"; break;
+case SSL3_ST_CW_CERT_VRFY_B:                    str="3WCV_B"; break;
+
+case SSL3_ST_SW_CHANGE_A:
+case SSL3_ST_CW_CHANGE_A:                       str="3WCCSA"; break;
+case SSL3_ST_SW_CHANGE_B:
+case SSL3_ST_CW_CHANGE_B:                       str="3WCCSB"; break;
+case SSL3_ST_SW_FINISHED_A:
+case SSL3_ST_CW_FINISHED_A:                     str="3WFINA"; break;
+case SSL3_ST_SW_FINISHED_B:
+case SSL3_ST_CW_FINISHED_B:                     str="3WFINB"; break;
+case SSL3_ST_SR_CHANGE_A:
+case SSL3_ST_CR_CHANGE_A:                       str="3RCCSA"; break;
+case SSL3_ST_SR_CHANGE_B:
+case SSL3_ST_CR_CHANGE_B:                       str="3RCCSB"; break;
+case SSL3_ST_SR_FINISHED_A:
+case SSL3_ST_CR_FINISHED_A:                     str="3RFINA"; break;
+case SSL3_ST_SR_FINISHED_B:
+case SSL3_ST_CR_FINISHED_B:                     str="3RFINB"; break;
+
+case SSL3_ST_SW_HELLO_REQ_A:                    str="3WHR_A"; break;
+case SSL3_ST_SW_HELLO_REQ_B:                    str="3WHR_B"; break;
+case SSL3_ST_SW_HELLO_REQ_C:                    str="3WHR_C"; break;
+case SSL3_ST_SR_CLNT_HELLO_A:                   str="3RCH_A"; break;
+case SSL3_ST_SR_CLNT_HELLO_B:                   str="3RCH_B"; break;
+case SSL3_ST_SR_CLNT_HELLO_C:                   str="3RCH_C"; break;
+case SSL3_ST_SW_SRVR_HELLO_A:                   str="3WSH_A"; break;
+case SSL3_ST_SW_SRVR_HELLO_B:                   str="3WSH_B"; break;
+case SSL3_ST_SW_CERT_A:                         str="3WSC_A"; break;
+case SSL3_ST_SW_CERT_B:                         str="3WSC_B"; break;
+case SSL3_ST_SW_KEY_EXCH_A:                     str="3WSKEA"; break;
+case SSL3_ST_SW_KEY_EXCH_B:                     str="3WSKEB"; break;
+case SSL3_ST_SW_CERT_REQ_A:                     str="3WCR_A"; break;
+case SSL3_ST_SW_CERT_REQ_B:                     str="3WCR_B"; break;
+case SSL3_ST_SW_SRVR_DONE_A:                    str="3WSD_A"; break;
+case SSL3_ST_SW_SRVR_DONE_B:                    str="3WSD_B"; break;
+case SSL3_ST_SR_CERT_A:                         str="3RCC_A"; break;
+case SSL3_ST_SR_CERT_B:                         str="3RCC_B"; break;
+case SSL3_ST_SR_KEY_EXCH_A:                     str="3RCKEA"; break;
+case SSL3_ST_SR_KEY_EXCH_B:                     str="3RCKEB"; break;
+case SSL3_ST_SR_CERT_VRFY_A:                    str="3RCV_A"; break;
+case SSL3_ST_SR_CERT_VRFY_B:                    str="3RCV_B"; break;
+#endif
+
+#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
+/* SSLv2/v3 compatibility states */
+/* client */
+case SSL23_ST_CW_CLNT_HELLO_A:                  str="23WCHA"; break;
+case SSL23_ST_CW_CLNT_HELLO_B:                  str="23WCHB"; break;
+case SSL23_ST_CR_SRVR_HELLO_A:                  str="23RSHA"; break;
+case SSL23_ST_CR_SRVR_HELLO_B:                  str="23RSHA"; break;
+/* server */
+case SSL23_ST_SR_CLNT_HELLO_A:                  str="23RCHA"; break;
+case SSL23_ST_SR_CLNT_HELLO_B:                  str="23RCHB"; break;
+#endif
+
+default:                                        str="UNKWN "; break;
+                }
+        return(str);
+        }
+
+const char *SSL_alert_type_string_long(int value)
+        {
+        value>>=8;
+        if (value == SSL3_AL_WARNING)
+                return("warning");
+        else if (value == SSL3_AL_FATAL)
+                return("fatal");
+        else
+                return("unknown");
+        }
+
+const char *SSL_alert_type_string(int value)
+        {
+        value>>=8;
+        if (value == SSL3_AL_WARNING)
+                return("W");
+        else if (value == SSL3_AL_FATAL)
+                return("F");
+        else
+                return("U");
+        }
+
+const char *SSL_alert_desc_string(int value)
+        {
+        const char *str;
+
+        switch (value & 0xff)
+                {
+        case SSL3_AD_CLOSE_NOTIFY:              str="CN"; break;
+        case SSL3_AD_UNEXPECTED_MESSAGE:        str="UM"; break;
+        case SSL3_AD_BAD_RECORD_MAC:            str="BM"; break;
+        case SSL3_AD_DECOMPRESSION_FAILURE:     str="DF"; break;
+        case SSL3_AD_HANDSHAKE_FAILURE:         str="HF"; break;
+        case SSL3_AD_NO_CERTIFICATE:            str="NC"; break;
+        case SSL3_AD_BAD_CERTIFICATE:           str="BC"; break;
+        case SSL3_AD_UNSUPPORTED_CERTIFICATE:   str="UC"; break;
+        case SSL3_AD_CERTIFICATE_REVOKED:       str="CR"; break;
+        case SSL3_AD_CERTIFICATE_EXPIRED:       str="CE"; break;
+        case SSL3_AD_CERTIFICATE_UNKNOWN:       str="CU"; break;
+        case SSL3_AD_ILLEGAL_PARAMETER:         str="IP"; break;
+        case TLS1_AD_DECRYPTION_FAILED:         str="DC"; break;
+        case TLS1_AD_RECORD_OVERFLOW:           str="RO"; break;
+        case TLS1_AD_UNKNOWN_CA:                str="CA"; break;
+        case TLS1_AD_ACCESS_DENIED:             str="AD"; break;
+        case TLS1_AD_DECODE_ERROR:              str="DE"; break;
+        case TLS1_AD_DECRYPT_ERROR:             str="CY"; break;
+        case TLS1_AD_EXPORT_RESTRICTION:        str="ER"; break;
+        case TLS1_AD_PROTOCOL_VERSION:          str="PV"; break;
+        case TLS1_AD_INSUFFICIENT_SECURITY:     str="IS"; break;
+        case TLS1_AD_INTERNAL_ERROR:            str="IE"; break;
+        case TLS1_AD_USER_CANCELLED:            str="US"; break;
+        case TLS1_AD_NO_RENEGOTIATION:          str="NR"; break;
+        default:                                str="UK"; break;
+                }
+        return(str);
+        }
+
+const char *SSL_alert_desc_string_long(int value)
+        {
+        const char *str;
+
+        switch (value & 0xff)
+                {
+        case SSL3_AD_CLOSE_NOTIFY:
+                str="close notify";
+                break;
+        case SSL3_AD_UNEXPECTED_MESSAGE:
+                str="unexpected_message";
+                break;
+        case SSL3_AD_BAD_RECORD_MAC:
+                str="bad record mac";
+                break;
+        case SSL3_AD_DECOMPRESSION_FAILURE:
+                str="decompression failure";
+                break;
+        case SSL3_AD_HANDSHAKE_FAILURE:
+                str="handshake failure";
+                break;
+        case SSL3_AD_NO_CERTIFICATE:
+                str="no certificate";
+                break;
+        case SSL3_AD_BAD_CERTIFICATE:
+                str="bad certificate";
+                break;
+        case SSL3_AD_UNSUPPORTED_CERTIFICATE:
+                str="unsupported certificate";
+                break;
+        case SSL3_AD_CERTIFICATE_REVOKED:
+                str="certificate revoked";
+                break;
+        case SSL3_AD_CERTIFICATE_EXPIRED:
+                str="certificate expired";
+                break;
+        case SSL3_AD_CERTIFICATE_UNKNOWN:
+                str="certificate unknown";
+                break;
+        case SSL3_AD_ILLEGAL_PARAMETER:
+                str="illegal parameter";
+                break;
+        case TLS1_AD_DECRYPTION_FAILED:
+                str="decryption failed";
+                break;
+        case TLS1_AD_RECORD_OVERFLOW:
+                str="record overflow";
+                break;
+        case TLS1_AD_UNKNOWN_CA:
+                str="unknown CA";
+                break;
+        case TLS1_AD_ACCESS_DENIED:
+                str="access denied";
+                break;
+        case TLS1_AD_DECODE_ERROR:
+                str="decode error";
+                break;
+        case TLS1_AD_DECRYPT_ERROR:
+                str="decrypt error";
+                break;
+        case TLS1_AD_EXPORT_RESTRICTION:
+                str="export restriction";
+                break;
+        case TLS1_AD_PROTOCOL_VERSION:
+                str="protocol version";
+                break;
+        case TLS1_AD_INSUFFICIENT_SECURITY:
+                str="insufficient security";
+                break;
+        case TLS1_AD_INTERNAL_ERROR:
+                str="internal error";
+                break;
+        case TLS1_AD_USER_CANCELLED:
+                str="user canceled";
+                break;
+        case TLS1_AD_NO_RENEGOTIATION:
+                str="no renegotiation";
+                break;
+        default: str="unknown"; break;
+                }
+        return(str);
+        }
+
+const char *SSL_rstate_string(const SSL *s)
+        {
+        const char *str;
+
+        switch (s->rstate)
+                {
+        case SSL_ST_READ_HEADER:str="RH"; break;
+        case SSL_ST_READ_BODY:  str="RB"; break;
+        case SSL_ST_READ_DONE:  str="RD"; break;
+        default: str="unknown"; break;
+                }
+        return(str);
+        }
diff --git a/src/lib/libssl/ssl_txt.c b/src/lib/libssl/ssl_txt.c
new file mode 100644
index 0000000000..8655a31333
--- /dev/null
+++ b/src/lib/libssl/ssl_txt.c
@@ -0,0 +1,186 @@
+/* ssl/ssl_txt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/buffer.h>
+#include "ssl_locl.h"
+
+#ifndef OPENSSL_NO_FP_API
+int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x)
+        {
+        BIO *b;
+        int ret;
+
+        if ((b=BIO_new(BIO_s_file_internal())) == NULL)
+                {
+                SSLerr(SSL_F_SSL_SESSION_PRINT_FP,ERR_R_BUF_LIB);
+                return(0);
+                }
+        BIO_set_fp(b,fp,BIO_NOCLOSE);
+        ret=SSL_SESSION_print(b,x);
+        BIO_free(b);
+        return(ret);
+        }
+#endif
+
+int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
+        {
+        unsigned int i;
+        char *s;
+
+        if (x == NULL) goto err;
+        if (BIO_puts(bp,"SSL-Session:\n") <= 0) goto err;
+        if (x->ssl_version == SSL2_VERSION)
+                s="SSLv2";
+        else if (x->ssl_version == SSL3_VERSION)
+                s="SSLv3";
+        else if (x->ssl_version == TLS1_VERSION)
+                s="TLSv1";
+        else
+                s="unknown";
+        if (BIO_printf(bp,"    Protocol  : %s\n",s) <= 0) goto err;
+
+        if (x->cipher == NULL)
+                {
+                if (((x->cipher_id) & 0xff000000) == 0x02000000)
+                        {
+                        if (BIO_printf(bp,"    Cipher    : %06lX\n",x->cipher_id&0xffffff) <= 0)
+                                goto err;
+                        }
+                else
+                        {
+                        if (BIO_printf(bp,"    Cipher    : %04lX\n",x->cipher_id&0xffff) <= 0)
+                                goto err;
+                        }
+                }
+        else
+                {
+                if (BIO_printf(bp,"    Cipher    : %s\n",((x->cipher == NULL)?"unknown":x->cipher->name)) <= 0)
+                        goto err;
+                }
+        if (BIO_puts(bp,"    Session-ID: ") <= 0) goto err;
+        for (i=0; i<x->session_id_length; i++)
+                {
+                if (BIO_printf(bp,"%02X",x->session_id[i]) <= 0) goto err;
+                }
+        if (BIO_puts(bp,"\n    Session-ID-ctx: ") <= 0) goto err;
+        for (i=0; i<x->sid_ctx_length; i++)
+                {
+                if (BIO_printf(bp,"%02X",x->sid_ctx[i]) <= 0)
+                        goto err;
+                }
+        if (BIO_puts(bp,"\n    Master-Key: ") <= 0) goto err;
+        for (i=0; i<(unsigned int)x->master_key_length; i++)
+                {
+                if (BIO_printf(bp,"%02X",x->master_key[i]) <= 0) goto err;
+                }
+        if (BIO_puts(bp,"\n    Key-Arg   : ") <= 0) goto err;
+        if (x->key_arg_length == 0)
+                {
+                if (BIO_puts(bp,"None") <= 0) goto err;
+                }
+        else
+                for (i=0; i<x->key_arg_length; i++)
+                        {
+                        if (BIO_printf(bp,"%02X",x->key_arg[i]) <= 0) goto err;
+                        }
+#ifndef OPENSSL_NO_KRB5
+       if (BIO_puts(bp,"\n    Krb5 Principal: ") <= 0) goto err;
+            if (x->krb5_client_princ_len == 0)
+            {
+                if (BIO_puts(bp,"None") <= 0) goto err;
+                }
+        else
+                for (i=0; i<x->krb5_client_princ_len; i++)
+                        {
+                        if (BIO_printf(bp,"%02X",x->krb5_client_princ[i]) <= 0) goto err;
+                        }
+#endif /* OPENSSL_NO_KRB5 */
+        if (x->compress_meth != 0)
+                {
+                SSL_COMP *comp;
+
+                ssl_cipher_get_evp(x,NULL,NULL,&comp);
+                if (comp == NULL)
+                        {
+                        if (BIO_printf(bp,"\n   Compression: %d",x->compress_meth) <= 0) goto err;
+                        }
+                else
+                        {
+                        if (BIO_printf(bp,"\n   Compression: %d (%s)", comp->id,comp->method->name) <= 0) goto err;
+                        }
+                }       
+        if (x->time != 0L)
+                {
+                if (BIO_printf(bp, "\n    Start Time: %ld",x->time) <= 0) goto err;
+                }
+        if (x->timeout != 0L)
+                {
+                if (BIO_printf(bp, "\n    Timeout   : %ld (sec)",x->timeout) <= 0) goto err;
+                }
+        if (BIO_puts(bp,"\n") <= 0) goto err;
+
+        if (BIO_puts(bp, "    Verify return code: ") <= 0) goto err;
+        if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
+                X509_verify_cert_error_string(x->verify_result)) <= 0) goto err;
+                
+        return(1);
+err:
+        return(0);
+        }
+
diff --git a/src/lib/libssl/ssleay.cnf b/src/lib/libssl/ssleay.cnf
new file mode 100644
index 0000000000..c6480ee465
--- /dev/null
+++ b/src/lib/libssl/ssleay.cnf
@@ -0,0 +1,65 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE                = /dev/arandom
+
+####################################################################
+[ req ]
+default_bits            = 1024
+default_keyfile         = privkey.pem
+distinguished_name      = req_distinguished_name
+attributes              = req_attributes
+
+[ req_distinguished_name ]
+countryName                     = Country Name (2 letter code)
+#countryName_default            = AU
+countryName_min                 = 2
+countryName_max                 = 2
+
+stateOrProvinceName             = State or Province Name (full name)
+#stateOrProvinceName_default    = Some-State
+
+localityName                    = Locality Name (eg, city)
+
+0.organizationName              = Organization Name (eg, company)
+#0.organizationName_default     = Internet Widgits Pty Ltd
+
+# we can do this but it is not needed normally :-)
+#1.organizationName             = Second Organization Name (eg, company)
+#1.organizationName_default     = CryptSoft Pty Ltd
+
+organizationalUnitName          = Organizational Unit Name (eg, section)
+#organizationalUnitName_default =
+
+commonName                      = Common Name (eg, fully qualified host name)
+commonName_max                  = 64
+
+emailAddress                    = Email Address
+emailAddress_max                = 64
+
+[ req_attributes ]
+challengePassword               = A challenge password
+challengePassword_min           = 4
+challengePassword_max           = 20
+
+unstructuredName                = An optional company name
+
+[ x509v3_extensions ]
+
+nsCaRevocationUrl               = http://www.cryptsoft.com/ca-crl.pem
+nsComment                       = "This is a comment"
+
+# under ASN.1, the 0 bit would be encoded as 80
+nsCertType                      = 0x40
+
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+#nsCertSequence
+#nsCertExt
+#nsDataType
+
diff --git a/src/lib/libssl/t1_clnt.c b/src/lib/libssl/t1_clnt.c
new file mode 100644
index 0000000000..57205fb429
--- /dev/null
+++ b/src/lib/libssl/t1_clnt.c
@@ -0,0 +1,97 @@
+/* ssl/t1_clnt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+
+static SSL_METHOD *tls1_get_client_method(int ver);
+static SSL_METHOD *tls1_get_client_method(int ver)
+        {
+        if (ver == TLS1_VERSION)
+                return(TLSv1_client_method());
+        else
+                return(NULL);
+        }
+
+SSL_METHOD *TLSv1_client_method(void)
+        {
+        static int init=1;
+        static SSL_METHOD TLSv1_client_data;
+
+        if (init)
+                {
+                CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
+
+                if (init)
+                        {
+                        memcpy((char *)&TLSv1_client_data,(char *)tlsv1_base_method(),
+                                sizeof(SSL_METHOD));
+                        TLSv1_client_data.ssl_connect=ssl3_connect;
+                        TLSv1_client_data.get_ssl_method=tls1_get_client_method;
+                        init=0;
+                        }
+                
+                CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
+                }
+        return(&TLSv1_client_data);
+        }
+
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
new file mode 100644
index 0000000000..2c6246abf5
--- /dev/null
+++ b/src/lib/libssl/t1_enc.c
@@ -0,0 +1,816 @@
+/* ssl/t1_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/comp.h>
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
+#include <openssl/md5.h>
+#include <openssl/fips.h>
+
+static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
+                        int sec_len, unsigned char *seed, int seed_len,
+                        unsigned char *out, int olen)
+        {
+        int chunk,n;
+        unsigned int j;
+        HMAC_CTX ctx;
+        HMAC_CTX ctx_tmp;
+        unsigned char A1[EVP_MAX_MD_SIZE];
+        unsigned int A1_len;
+        
+        chunk=EVP_MD_size(md);
+
+        HMAC_CTX_init(&ctx);
+        HMAC_CTX_init(&ctx_tmp);
+        HMAC_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+        HMAC_CTX_set_flags(&ctx_tmp, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+        HMAC_Init_ex(&ctx,sec,sec_len,md, NULL);
+        HMAC_Init_ex(&ctx_tmp,sec,sec_len,md, NULL);
+        HMAC_Update(&ctx,seed,seed_len);
+        HMAC_Final(&ctx,A1,&A1_len);
+
+        n=0;
+        for (;;)
+                {
+                HMAC_Init_ex(&ctx,NULL,0,NULL,NULL); /* re-init */
+                HMAC_Init_ex(&ctx_tmp,NULL,0,NULL,NULL); /* re-init */
+                HMAC_Update(&ctx,A1,A1_len);
+                HMAC_Update(&ctx_tmp,A1,A1_len);
+                HMAC_Update(&ctx,seed,seed_len);
+
+                if (olen > chunk)
+                        {
+                        HMAC_Final(&ctx,out,&j);
+                        out+=j;
+                        olen-=j;
+                        HMAC_Final(&ctx_tmp,A1,&A1_len); /* calc the next A1 value */
+                        }
+                else    /* last one */
+                        {
+                        HMAC_Final(&ctx,A1,&A1_len);
+                        memcpy(out,A1,olen);
+                        break;
+                        }
+                }
+        HMAC_CTX_cleanup(&ctx);
+        HMAC_CTX_cleanup(&ctx_tmp);
+        OPENSSL_cleanse(A1,sizeof(A1));
+        }
+
+static void tls1_PRF(const EVP_MD *md5, const EVP_MD *sha1,
+                     unsigned char *label, int label_len,
+                     const unsigned char *sec, int slen, unsigned char *out1,
+                     unsigned char *out2, int olen)
+        {
+        int len,i;
+        const unsigned char *S1,*S2;
+
+        len=slen/2;
+        S1=sec;
+        S2= &(sec[len]);
+        len+=(slen&1); /* add for odd, make longer */
+
+        tls1_P_hash(md5 ,S1,len,label,label_len,out1,olen);
+        tls1_P_hash(sha1,S2,len,label,label_len,out2,olen);
+
+        for (i=0; i<olen; i++)
+                out1[i]^=out2[i];
+        }
+
+static void tls1_generate_key_block(SSL *s, unsigned char *km,
+             unsigned char *tmp, int num)
+        {
+        unsigned char *p;
+        unsigned char buf[SSL3_RANDOM_SIZE*2+
+                TLS_MD_MAX_CONST_SIZE];
+        p=buf;
+
+        memcpy(p,TLS_MD_KEY_EXPANSION_CONST,
+                TLS_MD_KEY_EXPANSION_CONST_SIZE);
+        p+=TLS_MD_KEY_EXPANSION_CONST_SIZE;
+        memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
+        p+=SSL3_RANDOM_SIZE;
+        memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
+        p+=SSL3_RANDOM_SIZE;
+
+        tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf),
+                 s->session->master_key,s->session->master_key_length,
+                 km,tmp,num);
+#ifdef KSSL_DEBUG
+        printf("tls1_generate_key_block() ==> %d byte master_key =\n\t",
+                s->session->master_key_length);
+        {
+        int i;
+        for (i=0; i < s->session->master_key_length; i++)
+                {
+                printf("%02X", s->session->master_key[i]);
+                }
+        printf("\n");  }
+#endif    /* KSSL_DEBUG */
+        }
+
+int tls1_change_cipher_state(SSL *s, int which)
+        {
+        static const unsigned char empty[]="";
+        unsigned char *p,*key_block,*mac_secret;
+        unsigned char *exp_label,buf[TLS_MD_MAX_CONST_SIZE+
+                SSL3_RANDOM_SIZE*2];
+        unsigned char tmp1[EVP_MAX_KEY_LENGTH];
+        unsigned char tmp2[EVP_MAX_KEY_LENGTH];
+        unsigned char iv1[EVP_MAX_IV_LENGTH*2];
+        unsigned char iv2[EVP_MAX_IV_LENGTH*2];
+        unsigned char *ms,*key,*iv,*er1,*er2;
+        int client_write;
+        EVP_CIPHER_CTX *dd;
+        const EVP_CIPHER *c;
+        const SSL_COMP *comp;
+        const EVP_MD *m;
+        int is_export,n,i,j,k,exp_label_len,cl;
+        int reuse_dd = 0;
+
+        is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
+        c=s->s3->tmp.new_sym_enc;
+        m=s->s3->tmp.new_hash;
+        comp=s->s3->tmp.new_compression;
+        key_block=s->s3->tmp.key_block;
+
+#ifdef KSSL_DEBUG
+        printf("tls1_change_cipher_state(which= %d) w/\n", which);
+        printf("\talg= %ld, comp= %p\n", s->s3->tmp.new_cipher->algorithms,
+                comp);
+        printf("\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c);
+        printf("\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n",
+                c->nid,c->block_size,c->key_len,c->iv_len);
+        printf("\tkey_block: len= %d, data= ", s->s3->tmp.key_block_length);
+        {
+        int i;
+        for (i=0; i<s->s3->tmp.key_block_length; i++)
+                printf("%02x", key_block[i]);  printf("\n");
+        }
+#endif  /* KSSL_DEBUG */
+
+        if (which & SSL3_CC_READ)
+                {
+                if (s->enc_read_ctx != NULL)
+                        reuse_dd = 1;
+                else if ((s->enc_read_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
+                        goto err;
+                dd= s->enc_read_ctx;
+                s->read_hash=m;
+                if (s->expand != NULL)
+                        {
+                        COMP_CTX_free(s->expand);
+                        s->expand=NULL;
+                        }
+                if (comp != NULL)
+                        {
+                        s->expand=COMP_CTX_new(comp->method);
+                        if (s->expand == NULL)
+                                {
+                                SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR);
+                                goto err2;
+                                }
+                        if (s->s3->rrec.comp == NULL)
+                                s->s3->rrec.comp=(unsigned char *)
+                                        OPENSSL_malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH);
+                        if (s->s3->rrec.comp == NULL)
+                                goto err;
+                        }
+                memset(&(s->s3->read_sequence[0]),0,8);
+                mac_secret= &(s->s3->read_mac_secret[0]);
+                }
+        else
+                {
+                if (s->enc_write_ctx != NULL)
+                        reuse_dd = 1;
+                else if ((s->enc_write_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
+                        goto err;
+                if ((s->enc_write_ctx == NULL) &&
+                        ((s->enc_write_ctx=(EVP_CIPHER_CTX *)
+                        OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
+                        goto err;
+                dd= s->enc_write_ctx;
+                s->write_hash=m;
+                if (s->compress != NULL)
+                        {
+                        COMP_CTX_free(s->compress);
+                        s->compress=NULL;
+                        }
+                if (comp != NULL)
+                        {
+                        s->compress=COMP_CTX_new(comp->method);
+                        if (s->compress == NULL)
+                                {
+                                SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR);
+                                goto err2;
+                                }
+                        }
+                memset(&(s->s3->write_sequence[0]),0,8);
+                mac_secret= &(s->s3->write_mac_secret[0]);
+                }
+
+        if (reuse_dd)
+                EVP_CIPHER_CTX_cleanup(dd);
+        EVP_CIPHER_CTX_init(dd);
+
+        p=s->s3->tmp.key_block;
+        i=EVP_MD_size(m);
+        cl=EVP_CIPHER_key_length(c);
+        j=is_export ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
+                       cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
+        /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */
+        k=EVP_CIPHER_iv_length(c);
+        er1= &(s->s3->client_random[0]);
+        er2= &(s->s3->server_random[0]);
+        if (    (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
+                (which == SSL3_CHANGE_CIPHER_SERVER_READ))
+                {
+                ms=  &(p[ 0]); n=i+i;
+                key= &(p[ n]); n+=j+j;
+                iv=  &(p[ n]); n+=k+k;
+                exp_label=(unsigned char *)TLS_MD_CLIENT_WRITE_KEY_CONST;
+                exp_label_len=TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE;
+                client_write=1;
+                }
+        else
+                {
+                n=i;
+                ms=  &(p[ n]); n+=i+j;
+                key= &(p[ n]); n+=j+k;
+                iv=  &(p[ n]); n+=k;
+                exp_label=(unsigned char *)TLS_MD_SERVER_WRITE_KEY_CONST;
+                exp_label_len=TLS_MD_SERVER_WRITE_KEY_CONST_SIZE;
+                client_write=0;
+                }
+
+        if (n > s->s3->tmp.key_block_length)
+                {
+                SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,ERR_R_INTERNAL_ERROR);
+                goto err2;
+                }
+
+        memcpy(mac_secret,ms,i);
+#ifdef TLS_DEBUG
+printf("which = %04X\nmac key=",which);
+{ int z; for (z=0; z<i; z++) printf("%02X%c",ms[z],((z+1)%16)?' ':'\n'); }
+#endif
+        if (is_export)
+                {
+                /* In here I set both the read and write key/iv to the
+                 * same value since only the correct one will be used :-).
+                 */
+                p=buf;
+                memcpy(p,exp_label,exp_label_len);
+                p+=exp_label_len;
+                memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
+                p+=SSL3_RANDOM_SIZE;
+                memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
+                p+=SSL3_RANDOM_SIZE;
+                tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf),key,j,
+                         tmp1,tmp2,EVP_CIPHER_key_length(c));
+                key=tmp1;
+
+                if (k > 0)
+                        {
+                        p=buf;
+                        memcpy(p,TLS_MD_IV_BLOCK_CONST,
+                                TLS_MD_IV_BLOCK_CONST_SIZE);
+                        p+=TLS_MD_IV_BLOCK_CONST_SIZE;
+                        memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
+                        p+=SSL3_RANDOM_SIZE;
+                        memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
+                        p+=SSL3_RANDOM_SIZE;
+                        tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,p-buf,empty,0,
+                                 iv1,iv2,k*2);
+                        if (client_write)
+                                iv=iv1;
+                        else
+                                iv= &(iv1[k]);
+                        }
+                }
+
+        s->session->key_arg_length=0;
+#ifdef KSSL_DEBUG
+        {
+        int i;
+        printf("EVP_CipherInit_ex(dd,c,key=,iv=,which)\n");
+        printf("\tkey= "); for (i=0; i<c->key_len; i++) printf("%02x", key[i]);
+        printf("\n");
+        printf("\t iv= "); for (i=0; i<c->iv_len; i++) printf("%02x", iv[i]);
+        printf("\n");
+        }
+#endif  /* KSSL_DEBUG */
+
+        EVP_CipherInit_ex(dd,c,NULL,key,iv,(which & SSL3_CC_WRITE));
+#ifdef TLS_DEBUG
+printf("which = %04X\nkey=",which);
+{ int z; for (z=0; z<EVP_CIPHER_key_length(c); z++) printf("%02X%c",key[z],((z+1)%16)?' ':'\n'); }
+printf("\niv=");
+{ int z; for (z=0; z<k; z++) printf("%02X%c",iv[z],((z+1)%16)?' ':'\n'); }
+printf("\n");
+#endif
+
+        OPENSSL_cleanse(tmp1,sizeof(tmp1));
+        OPENSSL_cleanse(tmp2,sizeof(tmp1));
+        OPENSSL_cleanse(iv1,sizeof(iv1));
+        OPENSSL_cleanse(iv2,sizeof(iv2));
+        return(1);
+err:
+        SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE);
+err2:
+        return(0);
+        }
+
+int tls1_setup_key_block(SSL *s)
+        {
+        unsigned char *p1,*p2;
+        const EVP_CIPHER *c;
+        const EVP_MD *hash;
+        int num;
+        SSL_COMP *comp;
+
+#ifdef KSSL_DEBUG
+        printf ("tls1_setup_key_block()\n");
+#endif  /* KSSL_DEBUG */
+
+        if (s->s3->tmp.key_block_length != 0)
+                return(1);
+
+        if (!ssl_cipher_get_evp(s->session,&c,&hash,&comp))
+                {
+                SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
+                return(0);
+                }
+
+        s->s3->tmp.new_sym_enc=c;
+        s->s3->tmp.new_hash=hash;
+
+        num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c);
+        num*=2;
+
+        ssl3_cleanup_key_block(s);
+
+        if ((p1=(unsigned char *)OPENSSL_malloc(num)) == NULL)
+                goto err;
+        if ((p2=(unsigned char *)OPENSSL_malloc(num)) == NULL)
+                goto err;
+
+        s->s3->tmp.key_block_length=num;
+        s->s3->tmp.key_block=p1;
+
+
+#ifdef TLS_DEBUG
+printf("client random\n");
+{ int z; for (z=0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c",s->s3->client_random[z],((z+1)%16)?' ':'\n'); }
+printf("server random\n");
+{ int z; for (z=0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c",s->s3->server_random[z],((z+1)%16)?' ':'\n'); }
+printf("pre-master\n");
+{ int z; for (z=0; z<s->session->master_key_length; z++) printf("%02X%c",s->session->master_key[z],((z+1)%16)?' ':'\n'); }
+#endif
+        tls1_generate_key_block(s,p1,p2,num);
+        OPENSSL_cleanse(p2,num);
+        OPENSSL_free(p2);
+#ifdef TLS_DEBUG
+printf("\nkey block\n");
+{ int z; for (z=0; z<num; z++) printf("%02X%c",p1[z],((z+1)%16)?' ':'\n'); }
+#endif
+
+        if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
+                {
+                /* enable vulnerability countermeasure for CBC ciphers with
+                 * known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt)
+                 */
+                s->s3->need_empty_fragments = 1;
+
+                if (s->session->cipher != NULL)
+                        {
+                        if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_eNULL)
+                                s->s3->need_empty_fragments = 0;
+                        
+#ifndef OPENSSL_NO_RC4
+                        if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4)
+                                s->s3->need_empty_fragments = 0;
+#endif
+                        }
+                }
+
+        return(1);
+err:
+        SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE);
+        return(0);
+        }
+
+int tls1_enc(SSL *s, int send)
+        {
+        SSL3_RECORD *rec;
+        EVP_CIPHER_CTX *ds;
+        unsigned long l;
+        int bs,i,ii,j,k,n=0;
+        const EVP_CIPHER *enc;
+
+        if (send)
+                {
+                if (s->write_hash != NULL)
+                        n=EVP_MD_size(s->write_hash);
+                ds=s->enc_write_ctx;
+                rec= &(s->s3->wrec);
+                if (s->enc_write_ctx == NULL)
+                        enc=NULL;
+                else
+                        enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
+                }
+        else
+                {
+                if (s->read_hash != NULL)
+                        n=EVP_MD_size(s->read_hash);
+                ds=s->enc_read_ctx;
+                rec= &(s->s3->rrec);
+                if (s->enc_read_ctx == NULL)
+                        enc=NULL;
+                else
+                        enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
+                }
+
+#ifdef KSSL_DEBUG
+        printf("tls1_enc(%d)\n", send);
+#endif    /* KSSL_DEBUG */
+
+        if ((s->session == NULL) || (ds == NULL) ||
+                (enc == NULL))
+                {
+                memmove(rec->data,rec->input,rec->length);
+                rec->input=rec->data;
+                }
+        else
+                {
+                l=rec->length;
+                bs=EVP_CIPHER_block_size(ds->cipher);
+
+                if ((bs != 1) && send)
+                        {
+                        i=bs-((int)l%bs);
+
+                        /* Add weird padding of upto 256 bytes */
+
+                        /* we need to add 'i' padding bytes of value j */
+                        j=i-1;
+                        if (s->options & SSL_OP_TLS_BLOCK_PADDING_BUG)
+                                {
+                                if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
+                                        j++;
+                                }
+                        for (k=(int)l; k<(int)(l+i); k++)
+                                rec->input[k]=j;
+                        l+=i;
+                        rec->length+=i;
+                        }
+
+#ifdef KSSL_DEBUG
+                {
+                unsigned long ui;
+                printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n",
+                        ds,rec->data,rec->input,l);
+                printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n",
+                        ds->buf_len, ds->cipher->key_len,
+                        DES_KEY_SZ, DES_SCHEDULE_SZ,
+                        ds->cipher->iv_len);
+                printf("\t\tIV: ");
+                for (i=0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]);
+                printf("\n");
+                printf("\trec->input=");
+                for (ui=0; ui<l; ui++) printf(" %02x", rec->input[ui]);
+                printf("\n");
+                }
+#endif  /* KSSL_DEBUG */
+
+                if (!send)
+                        {
+                        if (l == 0 || l%bs != 0)
+                                {
+                                SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
+                                ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
+                                return 0;
+                                }
+                        }
+                
+                EVP_Cipher(ds,rec->data,rec->input,l);
+
+#ifdef KSSL_DEBUG
+                {
+                unsigned long i;
+                printf("\trec->data=");
+                for (i=0; i<l; i++)
+                        printf(" %02x", rec->data[i]);  printf("\n");
+                }
+#endif  /* KSSL_DEBUG */
+
+                if ((bs != 1) && !send)
+                        {
+                        ii=i=rec->data[l-1]; /* padding_length */
+                        i++;
+                        if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG)
+                                {
+                                /* First packet is even in size, so check */
+                                if ((memcmp(s->s3->read_sequence,
+                                        "\0\0\0\0\0\0\0\0",8) == 0) && !(ii & 1))
+                                        s->s3->flags|=TLS1_FLAGS_TLS_PADDING_BUG;
+                                if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
+                                        i--;
+                                }
+                        /* TLS 1.0 does not bound the number of padding bytes by the block size.
+                         * All of them must have value 'padding_length'. */
+                        if (i > (int)rec->length)
+                                {
+                                /* Incorrect padding. SSLerr() and ssl3_alert are done
+                                 * by caller: we don't want to reveal whether this is
+                                 * a decryption error or a MAC verification failure
+                                 * (see http://www.openssl.org/~bodo/tls-cbc.txt) */
+                                return -1;
+                                }
+                        for (j=(int)(l-i); j<(int)l; j++)
+                                {
+                                if (rec->data[j] != ii)
+                                        {
+                                        /* Incorrect padding */
+                                        return -1;
+                                        }
+                                }
+                        rec->length-=i;
+                        }
+                }
+        return(1);
+        }
+
+int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in_ctx, unsigned char *out)
+        {
+        unsigned int ret;
+        EVP_MD_CTX ctx;
+
+        EVP_MD_CTX_init(&ctx);
+        EVP_MD_CTX_copy_ex(&ctx,in_ctx);
+        EVP_DigestFinal_ex(&ctx,out,&ret);
+        EVP_MD_CTX_cleanup(&ctx);
+        return((int)ret);
+        }
+
+int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx,
+             const char *str, int slen, unsigned char *out)
+        {
+        unsigned int i;
+        EVP_MD_CTX ctx;
+        unsigned char buf[TLS_MD_MAX_CONST_SIZE+MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
+        unsigned char *q,buf2[12];
+
+        q=buf;
+        memcpy(q,str,slen);
+        q+=slen;
+
+        EVP_MD_CTX_init(&ctx);
+        EVP_MD_CTX_copy_ex(&ctx,in1_ctx);
+        EVP_DigestFinal_ex(&ctx,q,&i);
+        q+=i;
+        EVP_MD_CTX_copy_ex(&ctx,in2_ctx);
+        EVP_DigestFinal_ex(&ctx,q,&i);
+        q+=i;
+
+        tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(q-buf),
+                s->session->master_key,s->session->master_key_length,
+                out,buf2,sizeof buf2);
+        EVP_MD_CTX_cleanup(&ctx);
+
+        return sizeof buf2;
+        }
+
+int tls1_mac(SSL *ssl, unsigned char *md, int send)
+        {
+        SSL3_RECORD *rec;
+        unsigned char *mac_sec,*seq;
+        const EVP_MD *hash;
+        unsigned int md_size;
+        int i;
+        HMAC_CTX hmac;
+        unsigned char buf[5]; 
+
+        if (send)
+                {
+                rec= &(ssl->s3->wrec);
+                mac_sec= &(ssl->s3->write_mac_secret[0]);
+                seq= &(ssl->s3->write_sequence[0]);
+                hash=ssl->write_hash;
+                }
+        else
+                {
+                rec= &(ssl->s3->rrec);
+                mac_sec= &(ssl->s3->read_mac_secret[0]);
+                seq= &(ssl->s3->read_sequence[0]);
+                hash=ssl->read_hash;
+                }
+
+        md_size=EVP_MD_size(hash);
+
+        buf[0]=rec->type;
+        buf[1]=TLS1_VERSION_MAJOR;
+        buf[2]=TLS1_VERSION_MINOR;
+        buf[3]=rec->length>>8;
+        buf[4]=rec->length&0xff;
+
+        /* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */
+        HMAC_CTX_init(&hmac);
+        HMAC_Init_ex(&hmac,mac_sec,EVP_MD_size(hash),hash,NULL);
+        HMAC_Update(&hmac,seq,8);
+        HMAC_Update(&hmac,buf,5);
+        HMAC_Update(&hmac,rec->input,rec->length);
+        HMAC_Final(&hmac,md,&md_size);
+        HMAC_CTX_cleanup(&hmac);
+
+#ifdef TLS_DEBUG
+printf("sec=");
+{unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",mac_sec[z]); printf("\n"); }
+printf("seq=");
+{int z; for (z=0; z<8; z++) printf("%02X ",seq[z]); printf("\n"); }
+printf("buf=");
+{int z; for (z=0; z<5; z++) printf("%02X ",buf[z]); printf("\n"); }
+printf("rec=");
+{unsigned int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); }
+#endif
+
+        for (i=7; i>=0; i--)
+                {
+                ++seq[i];
+                if (seq[i] != 0) break; 
+                }
+
+#ifdef TLS_DEBUG
+{unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",md[z]); printf("\n"); }
+#endif
+        return(md_size);
+        }
+
+int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
+             int len)
+        {
+        unsigned char buf[SSL3_RANDOM_SIZE*2+TLS_MD_MASTER_SECRET_CONST_SIZE];
+        unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH];
+
+#ifdef KSSL_DEBUG
+        printf ("tls1_generate_master_secret(%p,%p, %p, %d)\n", s,out, p,len);
+#endif  /* KSSL_DEBUG */
+
+        /* Setup the stuff to munge */
+        memcpy(buf,TLS_MD_MASTER_SECRET_CONST,
+                TLS_MD_MASTER_SECRET_CONST_SIZE);
+        memcpy(&(buf[TLS_MD_MASTER_SECRET_CONST_SIZE]),
+                s->s3->client_random,SSL3_RANDOM_SIZE);
+        memcpy(&(buf[SSL3_RANDOM_SIZE+TLS_MD_MASTER_SECRET_CONST_SIZE]),
+                s->s3->server_random,SSL3_RANDOM_SIZE);
+        tls1_PRF(s->ctx->md5,s->ctx->sha1,
+                buf,TLS_MD_MASTER_SECRET_CONST_SIZE+SSL3_RANDOM_SIZE*2,p,len,
+                s->session->master_key,buff,sizeof buff);
+#ifdef KSSL_DEBUG
+        printf ("tls1_generate_master_secret() complete\n");
+#endif  /* KSSL_DEBUG */
+        return(SSL3_MASTER_SECRET_SIZE);
+        }
+
+int tls1_alert_code(int code)
+        {
+        switch (code)
+                {
+        case SSL_AD_CLOSE_NOTIFY:       return(SSL3_AD_CLOSE_NOTIFY);
+        case SSL_AD_UNEXPECTED_MESSAGE: return(SSL3_AD_UNEXPECTED_MESSAGE);
+        case SSL_AD_BAD_RECORD_MAC:     return(SSL3_AD_BAD_RECORD_MAC);
+        case SSL_AD_DECRYPTION_FAILED:  return(TLS1_AD_DECRYPTION_FAILED);
+        case SSL_AD_RECORD_OVERFLOW:    return(TLS1_AD_RECORD_OVERFLOW);
+        case SSL_AD_DECOMPRESSION_FAILURE:return(SSL3_AD_DECOMPRESSION_FAILURE);
+        case SSL_AD_HANDSHAKE_FAILURE:  return(SSL3_AD_HANDSHAKE_FAILURE);
+        case SSL_AD_NO_CERTIFICATE:     return(-1);
+        case SSL_AD_BAD_CERTIFICATE:    return(SSL3_AD_BAD_CERTIFICATE);
+        case SSL_AD_UNSUPPORTED_CERTIFICATE:return(SSL3_AD_UNSUPPORTED_CERTIFICATE);
+        case SSL_AD_CERTIFICATE_REVOKED:return(SSL3_AD_CERTIFICATE_REVOKED);
+        case SSL_AD_CERTIFICATE_EXPIRED:return(SSL3_AD_CERTIFICATE_EXPIRED);
+        case SSL_AD_CERTIFICATE_UNKNOWN:return(SSL3_AD_CERTIFICATE_UNKNOWN);
+        case SSL_AD_ILLEGAL_PARAMETER:  return(SSL3_AD_ILLEGAL_PARAMETER);
+        case SSL_AD_UNKNOWN_CA:         return(TLS1_AD_UNKNOWN_CA);
+        case SSL_AD_ACCESS_DENIED:      return(TLS1_AD_ACCESS_DENIED);
+        case SSL_AD_DECODE_ERROR:       return(TLS1_AD_DECODE_ERROR);
+        case SSL_AD_DECRYPT_ERROR:      return(TLS1_AD_DECRYPT_ERROR);
+        case SSL_AD_EXPORT_RESTRICTION: return(TLS1_AD_EXPORT_RESTRICTION);
+        case SSL_AD_PROTOCOL_VERSION:   return(TLS1_AD_PROTOCOL_VERSION);
+        case SSL_AD_INSUFFICIENT_SECURITY:return(TLS1_AD_INSUFFICIENT_SECURITY);
+        case SSL_AD_INTERNAL_ERROR:     return(TLS1_AD_INTERNAL_ERROR);
+        case SSL_AD_USER_CANCELLED:     return(TLS1_AD_USER_CANCELLED);
+        case SSL_AD_NO_RENEGOTIATION:   return(TLS1_AD_NO_RENEGOTIATION);
+        default:                        return(-1);
+                }
+        }
+
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
new file mode 100644
index 0000000000..ca6c03d5af
--- /dev/null
+++ b/src/lib/libssl/t1_lib.c
@@ -0,0 +1,149 @@
+/* ssl/t1_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/objects.h>
+#include "ssl_locl.h"
+
+const char *tls1_version_str="TLSv1" OPENSSL_VERSION_PTEXT;
+
+static long tls1_default_timeout(void);
+
+static SSL3_ENC_METHOD TLSv1_enc_data={
+        tls1_enc,
+        tls1_mac,
+        tls1_setup_key_block,
+        tls1_generate_master_secret,
+        tls1_change_cipher_state,
+        tls1_final_finish_mac,
+        TLS1_FINISH_MAC_LENGTH,
+        tls1_cert_verify_mac,
+        TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE,
+        TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE,
+        tls1_alert_code,
+        };
+
+static SSL_METHOD TLSv1_data= {
+        TLS1_VERSION,
+        tls1_new,
+        tls1_clear,
+        tls1_free,
+        ssl_undefined_function,
+        ssl_undefined_function,
+        ssl3_read,
+        ssl3_peek,
+        ssl3_write,
+        ssl3_shutdown,
+        ssl3_renegotiate,
+        ssl3_renegotiate_check,
+        ssl3_ctrl,
+        ssl3_ctx_ctrl,
+        ssl3_get_cipher_by_char,
+        ssl3_put_cipher_by_char,
+        ssl3_pending,
+        ssl3_num_ciphers,
+        ssl3_get_cipher,
+        ssl_bad_method,
+        tls1_default_timeout,
+        &TLSv1_enc_data,
+        ssl_undefined_function,
+        ssl3_callback_ctrl,
+        ssl3_ctx_callback_ctrl,
+        };
+
+static long tls1_default_timeout(void)
+        {
+        /* 2 hours, the 24 hours mentioned in the TLSv1 spec
+         * is way too long for http, the cache would over fill */
+        return(60*60*2);
+        }
+
+SSL_METHOD *tlsv1_base_method(void)
+        {
+        return(&TLSv1_data);
+        }
+
+int tls1_new(SSL *s)
+        {
+        if (!ssl3_new(s)) return(0);
+        s->method->ssl_clear(s);
+        return(1);
+        }
+
+void tls1_free(SSL *s)
+        {
+        ssl3_free(s);
+        }
+
+void tls1_clear(SSL *s)
+        {
+        ssl3_clear(s);
+        s->version=TLS1_VERSION;
+        }
+
+#if 0
+long tls1_ctrl(SSL *s, int cmd, long larg, char *parg)
+        {
+        return(0);
+        }
+
+long tls1_callback_ctrl(SSL *s, int cmd, void *(*fp)())
+        {
+        return(0);
+        }
+#endif
diff --git a/src/lib/libssl/t1_meth.c b/src/lib/libssl/t1_meth.c
new file mode 100644
index 0000000000..fcc243f782
--- /dev/null
+++ b/src/lib/libssl/t1_meth.c
@@ -0,0 +1,96 @@
+/* ssl/t1_meth.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/objects.h>
+#include "ssl_locl.h"
+
+static SSL_METHOD *tls1_get_method(int ver);
+static SSL_METHOD *tls1_get_method(int ver)
+        {
+        if (ver == TLS1_VERSION)
+                return(TLSv1_method());
+        else
+                return(NULL);
+        }
+
+SSL_METHOD *TLSv1_method(void)
+        {
+        static int init=1;
+        static SSL_METHOD TLSv1_data;
+
+        if (init)
+                {
+                CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
+                
+                if (init)
+                        {
+                        memcpy((char *)&TLSv1_data,(char *)tlsv1_base_method(),
+                                sizeof(SSL_METHOD));
+                        TLSv1_data.ssl_connect=ssl3_connect;
+                        TLSv1_data.ssl_accept=ssl3_accept;
+                        TLSv1_data.get_ssl_method=tls1_get_method;
+                        init=0;
+                        }
+
+                CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
+                }
+        
+        return(&TLSv1_data);
+        }
+
diff --git a/src/lib/libssl/t1_srvr.c b/src/lib/libssl/t1_srvr.c
new file mode 100644
index 0000000000..1c1149e49f
--- /dev/null
+++ b/src/lib/libssl/t1_srvr.c
@@ -0,0 +1,98 @@
+/* ssl/t1_srvr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+
+static SSL_METHOD *tls1_get_server_method(int ver);
+static SSL_METHOD *tls1_get_server_method(int ver)
+        {
+        if (ver == TLS1_VERSION)
+                return(TLSv1_server_method());
+        else
+                return(NULL);
+        }
+
+SSL_METHOD *TLSv1_server_method(void)
+        {
+        static int init=1;
+        static SSL_METHOD TLSv1_server_data;
+
+        if (init)
+                {
+                CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
+
+                if (init)
+                        {
+                        memcpy((char *)&TLSv1_server_data,(char *)tlsv1_base_method(),
+                                sizeof(SSL_METHOD));
+                        TLSv1_server_data.ssl_accept=ssl3_accept;
+                        TLSv1_server_data.get_ssl_method=tls1_get_server_method;
+                        init=0;
+                        }
+                        
+                CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
+                }
+        return(&TLSv1_server_data);
+        }
+
diff --git a/src/lib/libssl/test/CAss.cnf b/src/lib/libssl/test/CAss.cnf
new file mode 100644
index 0000000000..21da59a73a
--- /dev/null
+++ b/src/lib/libssl/test/CAss.cnf
@@ -0,0 +1,33 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE                = ./.rnd
+
+####################################################################
+[ req ]
+default_bits            = 512
+default_keyfile         = keySS.pem
+distinguished_name      = req_distinguished_name
+encrypt_rsa_key         = no
+default_md              = sha1
+
+[ req_distinguished_name ]
+countryName                     = Country Name (2 letter code)
+countryName_default             = AU
+countryName_value               = AU
+
+organizationName                = Organization Name (eg, company)
+organizationName_value          = Dodgy Brothers
+
+commonName                      = Common Name (eg, YOUR name)
+commonName_value                = Dodgy CA
+
+[ v3_ca ]
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+basicConstraints = CA:true,pathlen:1
+keyUsage = cRLSign, keyCertSign
+issuerAltName=issuer:copy
+
diff --git a/src/lib/libssl/test/CAssdh.cnf b/src/lib/libssl/test/CAssdh.cnf
new file mode 100644
index 0000000000..4e0a908679
--- /dev/null
+++ b/src/lib/libssl/test/CAssdh.cnf
@@ -0,0 +1,24 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# hacked by iang to do DH certs - CA
+
+RANDFILE              = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name    = req_distinguished_name
+encrypt_rsa_key               = no
+
+[ req_distinguished_name ]
+countryName                   = Country Name (2 letter code)
+countryName_default           = CU
+countryName_value             = CU
+
+organizationName              = Organization Name (eg, company)
+organizationName_value                = La Junta de la Revolucion
+
+commonName                    = Common Name (eg, YOUR name)
+commonName_value              = Junta
+
diff --git a/src/lib/libssl/test/CAssdsa.cnf b/src/lib/libssl/test/CAssdsa.cnf
new file mode 100644
index 0000000000..a6b4d1810c
--- /dev/null
+++ b/src/lib/libssl/test/CAssdsa.cnf
@@ -0,0 +1,23 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# hacked by iang to do DSA certs - CA
+
+RANDFILE              = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name    = req_distinguished_name
+encrypt_rsa_key               = no
+
+[ req_distinguished_name ]
+countryName                   = Country Name (2 letter code)
+countryName_default           = ES
+countryName_value             = ES
+
+organizationName              = Organization Name (eg, company)
+organizationName_value                = Hermanos Locos
+
+commonName                    = Common Name (eg, YOUR name)
+commonName_value              = Hermanos Locos CA
diff --git a/src/lib/libssl/test/CAssrsa.cnf b/src/lib/libssl/test/CAssrsa.cnf
new file mode 100644
index 0000000000..eb24a6dfc0
--- /dev/null
+++ b/src/lib/libssl/test/CAssrsa.cnf
@@ -0,0 +1,24 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# create RSA certs - CA
+
+RANDFILE              = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name    = req_distinguished_name
+encrypt_key           = no
+
+[ req_distinguished_name ]
+countryName                   = Country Name (2 letter code)
+countryName_default           = ES
+countryName_value             = ES
+
+organizationName              = Organization Name (eg, company)
+organizationName_value                = Hermanos Locos
+
+commonName                    = Common Name (eg, YOUR name)
+commonName_value              = Hermanos Locos CA
+
diff --git a/src/lib/libssl/test/Makefile.ssl b/src/lib/libssl/test/Makefile.ssl
new file mode 100644
index 0000000000..373f17a929
--- /dev/null
+++ b/src/lib/libssl/test/Makefile.ssl
@@ -0,0 +1,796 @@
+#
+# test/Makefile.ssl
+#
+
+DIR=            test
+TOP=            ..
+CC=             cc
+INCLUDES=       -I$(TOP) -I../include $(KRB5_INCLUDES)
+CFLAG=          -g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=     /usr/local/ssl
+MAKEFILE=       Makefile.ssl
+MAKE=           make -f $(MAKEFILE)
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+PERL=           perl
+# KRB5 stuff
+KRB5_INCLUDES=
+LIBKRB5=
+
+PEX_LIBS=
+EX_LIBS= #-lnsl -lsocket
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile.ssl maketests.com \
+        tests.com testenc.com tx509.com trsa.com tcrl.com tsid.com treq.com \
+        tpkcs7.com tpkcs7d.com tverify.com testgen.com testss.com testssl.com \
+        testca.com VMSca-response.1 VMSca-response.2
+
+DLIBCRYPTO= ../libcrypto.a
+DLIBSSL= ../libssl.a
+LIBCRYPTO= -L.. -lcrypto
+LIBSSL= -L.. -lssl
+
+BNTEST=         bntest
+ECTEST=         ectest
+EXPTEST=        exptest
+IDEATEST=       ideatest
+SHATEST=        shatest
+SHA1TEST=       sha1test
+MDC2TEST=       mdc2test
+RMDTEST=        rmdtest
+MD2TEST=        md2test
+MD4TEST=        md4test
+MD5TEST=        md5test
+HMACTEST=       hmactest
+RC2TEST=        rc2test
+RC4TEST=        rc4test
+RC5TEST=        rc5test
+BFTEST=         bftest
+CASTTEST=       casttest
+DESTEST=        destest
+RANDTEST=       randtest
+DHTEST=         dhtest
+DSATEST=        dsatest
+METHTEST=       methtest
+SSLTEST=        ssltest
+RSATEST=        rsa_test
+ENGINETEST=     enginetest
+EVPTEST=        evp_test
+
+TESTS=          alltests
+
+EXE=    $(BNTEST) $(ECTEST) $(IDEATEST) $(MD2TEST)  $(MD4TEST) $(MD5TEST) $(HMACTEST) \
+        $(RC2TEST) $(RC4TEST) $(RC5TEST) \
+        $(DESTEST) $(SHATEST) $(SHA1TEST) $(MDC2TEST) $(RMDTEST) \
+        $(RANDTEST) $(DHTEST) $(ENGINETEST) \
+        $(BFTEST) $(CASTTEST) $(SSLTEST) $(EXPTEST) $(DSATEST) $(RSATEST) \
+        $(EVPTEST)
+
+# $(METHTEST)
+
+OBJ=    $(BNTEST).o $(ECTEST).o $(IDEATEST).o $(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \
+        $(HMACTEST).o \
+        $(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
+        $(DESTEST).o $(SHATEST).o $(SHA1TEST).o $(MDC2TEST).o $(RMDTEST).o \
+        $(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \
+        $(BFTEST).o  $(SSLTEST).o  $(DSATEST).o  $(EXPTEST).o $(RSATEST).o \
+        $(EVPTEST).o
+SRC=    $(BNTEST).c $(ECTEST).c $(IDEATEST).c $(MD2TEST).c  $(MD4TEST).c $(MD5TEST).c \
+        $(HMACTEST).c \
+        $(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \
+        $(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
+        $(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \
+        $(BFTEST).c  $(SSLTEST).c $(DSATEST).c   $(EXPTEST).c $(RSATEST).c \
+        $(EVPTEST).c
+
+EXHEADER= 
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ..; $(MAKE) DIRS=$(DIR) TESTS=$(TESTS) all)
+
+all:    exe
+
+exe:    $(EXE) dummytest
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+
+generate: $(SRC)
+$(SRC):
+        @sh $(TOP)/util/point.sh dummytest.c $@
+
+errors:
+
+install:
+
+tags:
+        ctags $(SRC)
+
+tests:  exe apps $(TESTS)
+
+apps:
+        @(cd ..; $(MAKE) DIRS=apps all)
+
+SET_SO_PATHS=OSSL_LIBPATH="`cd ..; pwd`"; \
+                LD_LIBRARY_PATH="$$OSSL_LIBPATH:$$LD_LIBRARY_PATH"; \
+                DYLD_LIBRARY_PATH="$$OSSL_LIBPATH:$$DYLD_LIBRARY_PATH"; \
+                SHLIB_PATH="$$OSSL_LIBPATH:$$SHLIB_PATH"; \
+                LIBPATH="$$OSSL_LIBPATH:$$LIBPATH"; \
+                if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="$${LIBPATH}:$$PATH"; fi; \
+                export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH
+
+alltests: \
+        test_des test_idea test_sha test_md4 test_md5 test_hmac \
+        test_md2 test_mdc2 \
+        test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_aes \
+        test_rand test_bn test_ec test_enc test_x509 test_rsa test_crl test_sid \
+        test_gen test_req test_pkcs7 test_verify test_dh test_dsa \
+        test_ss test_ca test_engine test_evp test_ssl
+
+test_evp:
+        $(SET_SO_PATHS); ./$(EVPTEST) evptests.txt
+
+test_des:
+        $(SET_SO_PATHS); ./$(DESTEST)
+
+test_idea:
+        $(SET_SO_PATHS); ./$(IDEATEST)
+
+test_sha:
+        $(SET_SO_PATHS); ./$(SHATEST)
+        $(SET_SO_PATHS); ./$(SHA1TEST)
+
+test_mdc2:
+        $(SET_SO_PATHS); ./$(MDC2TEST)
+
+test_md5:
+        $(SET_SO_PATHS); ./$(MD5TEST)
+
+test_md4:
+        $(SET_SO_PATHS); ./$(MD4TEST)
+
+test_hmac:
+        $(SET_SO_PATHS); ./$(HMACTEST)
+
+test_md2:
+        $(SET_SO_PATHS); ./$(MD2TEST)
+
+test_rmd:
+        $(SET_SO_PATHS); ./$(RMDTEST)
+
+test_bf:
+        $(SET_SO_PATHS); ./$(BFTEST)
+
+test_cast:
+        $(SET_SO_PATHS); ./$(CASTTEST)
+
+test_rc2:
+        $(SET_SO_PATHS); ./$(RC2TEST)
+
+test_rc4:
+        $(SET_SO_PATHS); ./$(RC4TEST)
+
+test_rc5:
+        $(SET_SO_PATHS); ./$(RC5TEST)
+
+test_rand:
+        $(SET_SO_PATHS); ./$(RANDTEST)
+
+test_enc:
+        @$(SET_SO_PATHS); sh ./testenc
+
+test_x509:
+        echo test normal x509v1 certificate
+        $(SET_SO_PATHS); sh ./tx509 2>/dev/null
+        echo test first x509v3 certificate
+        $(SET_SO_PATHS); sh ./tx509 v3-cert1.pem 2>/dev/null
+        echo test second x509v3 certificate
+        $(SET_SO_PATHS); sh ./tx509 v3-cert2.pem 2>/dev/null
+
+test_rsa:
+        @$(SET_SO_PATHS); sh ./trsa 2>/dev/null
+        $(SET_SO_PATHS); ./$(RSATEST)
+
+test_crl:
+        @$(SET_SO_PATHS); sh ./tcrl 2>/dev/null
+
+test_sid:
+        @$(SET_SO_PATHS); sh ./tsid 2>/dev/null
+
+test_req:
+        @$(SET_SO_PATHS); sh ./treq 2>/dev/null
+        @$(SET_SO_PATHS); sh ./treq testreq2.pem 2>/dev/null
+
+test_pkcs7:
+        @$(SET_SO_PATHS); sh ./tpkcs7 2>/dev/null
+        @$(SET_SO_PATHS); sh ./tpkcs7d 2>/dev/null
+
+test_bn:
+        @echo starting big number library test, could take a while...
+        @$(SET_SO_PATHS); ./$(BNTEST) >tmp.bntest
+        @echo quit >>tmp.bntest
+        @echo "running bc"
+        @<tmp.bntest sh -c "`sh ./bctest ignore`" | $(PERL) -e '$$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $$1";} elsif (!/^0$$/) {die "\nFailed! bc: $$_";} else {print STDERR "."; $$i++;}} print STDERR "\n$$i tests passed\n"'
+        @echo 'test a^b%c implementations'
+        $(SET_SO_PATHS); ./$(EXPTEST)
+
+test_ec:
+        @echo 'test elliptic curves'
+        $(SET_SO_PATHS); ./$(ECTEST)
+
+test_verify:
+        @echo "The following command should have some OK's and some failures"
+        @echo "There are definitly a few expired certificates"
+        -$(SET_SO_PATHS); ../apps/openssl verify -CApath ../certs ../certs/*.pem
+
+test_dh:
+        @echo "Generate a set of DH parameters"
+        $(SET_SO_PATHS); ./$(DHTEST)
+
+test_dsa:
+        @echo "Generate a set of DSA parameters"
+        $(SET_SO_PATHS); ./$(DSATEST)
+        $(SET_SO_PATHS); ./$(DSATEST) -app2_1
+
+test_gen:
+        @echo "Generate and verify a certificate request"
+        @$(SET_SO_PATHS); sh ./testgen
+
+test_ss keyU.ss certU.ss certCA.ss: testss
+        @echo "Generate and certify a test certificate"
+        @$(SET_SO_PATHS); sh ./testss
+
+test_engine: 
+        @echo "Manipulate the ENGINE structures"
+        $(SET_SO_PATHS); ./$(ENGINETEST)
+
+test_ssl: keyU.ss certU.ss certCA.ss
+        @echo "test SSL protocol"
+        @$(SET_SO_PATHS); sh ./testssl keyU.ss certU.ss certCA.ss
+
+test_ca:
+        @$(SET_SO_PATHS); if ../apps/openssl no-rsa; then \
+          echo "skipping CA.sh test -- requires RSA"; \
+        else \
+          echo "Generate and certify a test certificate via the 'ca' program"; \
+          sh ./testca; \
+        fi
+
+test_aes: #$(AESTEST)
+#       @echo "test Rijndael"
+#       $(SET_SO_PATHS); ./$(AESTEST)
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f .rnd tmp.bntest tmp.bctest *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log
+
+$(DLIBSSL):
+        (cd ..; $(MAKE) DIRS=ssl all)
+
+$(DLIBCRYPTO):
+        (cd ..; $(MAKE) DIRS=crypto all)
+
+$(RSATEST): $(RSATEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(RSATEST) $(CFLAGS) $(RSATEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(RSATEST) $(CFLAGS) $(RSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(BNTEST): $(BNTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(BNTEST) $(CFLAGS) $(BNTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(BNTEST) $(CFLAGS) $(BNTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(ECTEST): $(ECTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(ECTEST) $(CFLAGS) $(ECTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(ECTEST) $(CFLAGS) $(ECTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(EXPTEST): $(EXPTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(EXPTEST) $(CFLAGS) $(EXPTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(EXPTEST) $(CFLAGS) $(EXPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(IDEATEST): $(IDEATEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(IDEATEST) $(CFLAGS) $(IDEATEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(IDEATEST) $(CFLAGS) $(IDEATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(MD2TEST): $(MD2TEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(MD2TEST) $(CFLAGS) $(MD2TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(MD2TEST) $(CFLAGS) $(MD2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(SHATEST): $(SHATEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(SHATEST) $(CFLAGS) $(SHATEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(SHATEST) $(CFLAGS) $(SHATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(SHA1TEST): $(SHA1TEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(SHA1TEST) $(CFLAGS) $(SHA1TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(SHA1TEST) $(CFLAGS) $(SHA1TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(RMDTEST): $(RMDTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(RMDTEST) $(CFLAGS) $(RMDTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(RMDTEST) $(CFLAGS) $(RMDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(MDC2TEST): $(MDC2TEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(MDC2TEST) $(CFLAGS) $(MDC2TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(MDC2TEST) $(CFLAGS) $(MDC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(MD4TEST): $(MD4TEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(MD4TEST) $(CFLAGS) $(MD4TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(MD4TEST) $(CFLAGS) $(MD4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(MD5TEST): $(MD5TEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(MD5TEST) $(CFLAGS) $(MD5TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(MD5TEST) $(CFLAGS) $(MD5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(HMACTEST): $(HMACTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(HMACTEST) $(CFLAGS) $(HMACTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(HMACTEST) $(CFLAGS) $(HMACTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(RC2TEST): $(RC2TEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(RC2TEST) $(CFLAGS) $(RC2TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(RC2TEST) $(CFLAGS) $(RC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(BFTEST): $(BFTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(BFTEST) $(CFLAGS) $(BFTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(BFTEST) $(CFLAGS) $(BFTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(CASTTEST): $(CASTTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(CASTTEST) $(CFLAGS) $(CASTTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(CASTTEST) $(CFLAGS) $(CASTTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(RC4TEST): $(RC4TEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(RC4TEST) $(CFLAGS) $(RC4TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(RC4TEST) $(CFLAGS) $(RC4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(RC5TEST): $(RC5TEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(RC5TEST) $(CFLAGS) $(RC5TEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(RC5TEST) $(CFLAGS) $(RC5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(DESTEST): $(DESTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(DESTEST) $(CFLAGS) $(DESTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(DESTEST) $(CFLAGS) $(DESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(RANDTEST): $(RANDTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(RANDTEST) $(CFLAGS) $(RANDTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(RANDTEST) $(CFLAGS) $(RANDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(DHTEST): $(DHTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(DHTEST) $(CFLAGS) $(DHTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(DHTEST) $(CFLAGS) $(DHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(DSATEST): $(DSATEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(DSATEST) $(CFLAGS) $(DSATEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(DSATEST) $(CFLAGS) $(DSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(METHTEST): $(METHTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(METHTEST) $(CFLAGS) $(METHTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(METHTEST) $(CFLAGS) $(METHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(SSLTEST): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(SSLTEST) $(CFLAGS) $(SSLTEST).o $(PEX_LIBS) $(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(SSLTEST) $(CFLAGS) $(SSLTEST).o $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(ENGINETEST): $(ENGINETEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(ENGINETEST) $(CFLAGS) $(ENGINETEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(ENGINETEST) $(CFLAGS) $(ENGINETEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+$(EVPTEST): $(EVPTEST).o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o $(EVPTEST) $(CFLAGS) $(EVPTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o $(EVPTEST) $(CFLAGS) $(EVPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+        
+#$(AESTEST).o: $(AESTEST).c
+#       $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
+
+#$(AESTEST): $(AESTEST).o $(DLIBCRYPTO)
+#       if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+#         $(CC) -o $(AESTEST) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+#       else \
+#         LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+#         $(CC) -o $(AESTEST) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+#       fi
+
+dummytest: dummytest.o $(DLIBCRYPTO)
+        if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+          $(CC) -o dummytest $(CFLAGS) dummytest.o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+        else \
+          LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+          $(CC) -o dummytest $(CFLAGS) dummytest.o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+        fi
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bftest.o: ../e_os.h ../include/openssl/blowfish.h ../include/openssl/e_os2.h
+bftest.o: ../include/openssl/opensslconf.h bftest.c
+bntest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+bntest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+bntest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+bntest.o: ../include/openssl/cast.h ../include/openssl/crypto.h
+bntest.o: ../include/openssl/des.h ../include/openssl/des_old.h
+bntest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+bntest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+bntest.o: ../include/openssl/evp.h ../include/openssl/idea.h
+bntest.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+bntest.o: ../include/openssl/md4.h ../include/openssl/md5.h
+bntest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+bntest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+bntest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+bntest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+bntest.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+bntest.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+bntest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+bntest.o: ../include/openssl/sha.h ../include/openssl/stack.h
+bntest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
+bntest.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+bntest.o: ../include/openssl/x509_vfy.h bntest.c
+casttest.o: ../e_os.h ../include/openssl/cast.h ../include/openssl/e_os2.h
+casttest.o: ../include/openssl/opensslconf.h casttest.c
+destest.o: ../include/openssl/crypto.h ../include/openssl/des.h
+destest.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
+destest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+destest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+destest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
+destest.o: ../include/openssl/ui_compat.h destest.c
+dhtest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
+dhtest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+dhtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+dhtest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+dhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+dhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+dhtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dhtest.c
+dsatest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
+dsatest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+dsatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+dsatest.o: ../include/openssl/err.h ../include/openssl/lhash.h
+dsatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+dsatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
+dsatest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+dsatest.o: ../include/openssl/symhacks.h dsatest.c
+ectest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ectest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+ectest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+ectest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+ectest.o: ../include/openssl/engine.h ../include/openssl/err.h
+ectest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+ectest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ectest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+ectest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+ectest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h ectest.c
+enginetest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+enginetest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+enginetest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+enginetest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+enginetest.o: ../include/openssl/engine.h ../include/openssl/err.h
+enginetest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+enginetest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+enginetest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+enginetest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+enginetest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
+enginetest.o: enginetest.c
+evp_test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+evp_test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+evp_test.o: ../include/openssl/bn.h ../include/openssl/cast.h
+evp_test.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+evp_test.o: ../include/openssl/des.h ../include/openssl/des_old.h
+evp_test.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+evp_test.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+evp_test.o: ../include/openssl/err.h ../include/openssl/evp.h
+evp_test.o: ../include/openssl/idea.h ../include/openssl/lhash.h
+evp_test.o: ../include/openssl/md2.h ../include/openssl/md4.h
+evp_test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+evp_test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+evp_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+evp_test.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
+evp_test.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+evp_test.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+evp_test.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+evp_test.o: ../include/openssl/sha.h ../include/openssl/stack.h
+evp_test.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
+evp_test.o: ../include/openssl/ui_compat.h evp_test.c
+exptest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
+exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+exptest.o: ../include/openssl/err.h ../include/openssl/lhash.h
+exptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
+exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+exptest.o: ../include/openssl/symhacks.h exptest.c
+hmactest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+hmactest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+hmactest.o: ../include/openssl/bn.h ../include/openssl/cast.h
+hmactest.o: ../include/openssl/crypto.h ../include/openssl/des.h
+hmactest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+hmactest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+hmactest.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+hmactest.o: ../include/openssl/idea.h ../include/openssl/md2.h
+hmactest.o: ../include/openssl/md4.h ../include/openssl/md5.h
+hmactest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+hmactest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+hmactest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+hmactest.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+hmactest.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+hmactest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+hmactest.o: ../include/openssl/sha.h ../include/openssl/stack.h
+hmactest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
+hmactest.o: ../include/openssl/ui_compat.h hmactest.c
+ideatest.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/idea.h
+ideatest.o: ../include/openssl/opensslconf.h ideatest.c
+md2test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+md2test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+md2test.o: ../include/openssl/bn.h ../include/openssl/cast.h
+md2test.o: ../include/openssl/crypto.h ../include/openssl/des.h
+md2test.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+md2test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+md2test.o: ../include/openssl/evp.h ../include/openssl/idea.h
+md2test.o: ../include/openssl/md2.h ../include/openssl/md4.h
+md2test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+md2test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+md2test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+md2test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
+md2test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+md2test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+md2test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+md2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+md2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md2test.c
+md4test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+md4test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+md4test.o: ../include/openssl/bn.h ../include/openssl/cast.h
+md4test.o: ../include/openssl/crypto.h ../include/openssl/des.h
+md4test.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+md4test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+md4test.o: ../include/openssl/evp.h ../include/openssl/idea.h
+md4test.o: ../include/openssl/md2.h ../include/openssl/md4.h
+md4test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+md4test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+md4test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+md4test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
+md4test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+md4test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+md4test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+md4test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+md4test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md4test.c
+md5test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+md5test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+md5test.o: ../include/openssl/bn.h ../include/openssl/cast.h
+md5test.o: ../include/openssl/crypto.h ../include/openssl/des.h
+md5test.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+md5test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+md5test.o: ../include/openssl/evp.h ../include/openssl/idea.h
+md5test.o: ../include/openssl/md2.h ../include/openssl/md4.h
+md5test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+md5test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+md5test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+md5test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
+md5test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+md5test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+md5test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+md5test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+md5test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md5test.c
+mdc2test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+mdc2test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+mdc2test.o: ../include/openssl/bn.h ../include/openssl/cast.h
+mdc2test.o: ../include/openssl/crypto.h ../include/openssl/des.h
+mdc2test.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+mdc2test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+mdc2test.o: ../include/openssl/evp.h ../include/openssl/idea.h
+mdc2test.o: ../include/openssl/md2.h ../include/openssl/md4.h
+mdc2test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+mdc2test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+mdc2test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+mdc2test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
+mdc2test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+mdc2test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+mdc2test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+mdc2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+mdc2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h mdc2test.c
+randtest.o: ../e_os.h ../include/openssl/e_os2.h
+randtest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h
+randtest.o: ../include/openssl/rand.h randtest.c
+rc2test.o: ../e_os.h ../include/openssl/e_os2.h
+rc2test.o: ../include/openssl/opensslconf.h ../include/openssl/rc2.h rc2test.c
+rc4test.o: ../e_os.h ../include/openssl/e_os2.h
+rc4test.o: ../include/openssl/opensslconf.h ../include/openssl/rc4.h rc4test.c
+rc5test.o: ../e_os.h ../include/openssl/e_os2.h
+rc5test.o: ../include/openssl/opensslconf.h ../include/openssl/rc5.h rc5test.c
+rmdtest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+rmdtest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+rmdtest.o: ../include/openssl/bn.h ../include/openssl/cast.h
+rmdtest.o: ../include/openssl/crypto.h ../include/openssl/des.h
+rmdtest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+rmdtest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+rmdtest.o: ../include/openssl/evp.h ../include/openssl/idea.h
+rmdtest.o: ../include/openssl/md2.h ../include/openssl/md4.h
+rmdtest.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+rmdtest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+rmdtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+rmdtest.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
+rmdtest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+rmdtest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+rmdtest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+rmdtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+rmdtest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h rmdtest.c
+rsa_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+rsa_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+rsa_test.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+rsa_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+rsa_test.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+rsa_test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+rsa_test.o: ../include/openssl/symhacks.h rsa_test.c
+sha1test.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+sha1test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+sha1test.o: ../include/openssl/bn.h ../include/openssl/cast.h
+sha1test.o: ../include/openssl/crypto.h ../include/openssl/des.h
+sha1test.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+sha1test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+sha1test.o: ../include/openssl/evp.h ../include/openssl/idea.h
+sha1test.o: ../include/openssl/md2.h ../include/openssl/md4.h
+sha1test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+sha1test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+sha1test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+sha1test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
+sha1test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+sha1test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+sha1test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+sha1test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+sha1test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h sha1test.c
+shatest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+shatest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+shatest.o: ../include/openssl/bn.h ../include/openssl/cast.h
+shatest.o: ../include/openssl/crypto.h ../include/openssl/des.h
+shatest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+shatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+shatest.o: ../include/openssl/evp.h ../include/openssl/idea.h
+shatest.o: ../include/openssl/md2.h ../include/openssl/md4.h
+shatest.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+shatest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+shatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+shatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
+shatest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+shatest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+shatest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+shatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+shatest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h shatest.c
+ssltest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+ssltest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+ssltest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ssltest.o: ../include/openssl/cast.h ../include/openssl/comp.h
+ssltest.o: ../include/openssl/crypto.h ../include/openssl/des.h
+ssltest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+ssltest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+ssltest.o: ../include/openssl/engine.h ../include/openssl/err.h
+ssltest.o: ../include/openssl/evp.h ../include/openssl/idea.h
+ssltest.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssltest.o: ../include/openssl/md2.h ../include/openssl/md4.h
+ssltest.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+ssltest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssltest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssltest.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssltest.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssltest.o: ../include/openssl/rand.h ../include/openssl/rc2.h
+ssltest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+ssltest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+ssltest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssltest.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssltest.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssltest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssltest.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+ssltest.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+ssltest.o: ../include/openssl/x509_vfy.h ssltest.c
diff --git a/src/lib/libssl/test/P1ss.cnf b/src/lib/libssl/test/P1ss.cnf
new file mode 100644
index 0000000000..876a0d35f8
--- /dev/null
+++ b/src/lib/libssl/test/P1ss.cnf
@@ -0,0 +1,37 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE                = ./.rnd
+
+####################################################################
+[ req ]
+default_bits            = 512
+default_keyfile         = keySS.pem
+distinguished_name      = req_distinguished_name
+encrypt_rsa_key         = no
+default_md              = md2
+
+[ req_distinguished_name ]
+countryName                     = Country Name (2 letter code)
+countryName_default             = AU
+countryName_value               = AU
+
+organizationName                = Organization Name (eg, company)
+organizationName_value          = Dodgy Brothers
+
+0.commonName                    = Common Name (eg, YOUR name)
+0.commonName_value              = Brother 1
+
+1.commonName                    = Common Name (eg, YOUR name)
+1.commonName_value              = Brother 2
+
+2.commonName                    = Common Name (eg, YOUR name)
+2.commonName_value              = Proxy 1
+
+[ v3_proxy ]
+basicConstraints=CA:FALSE
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer:always
+proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:1,policy:text:AB
diff --git a/src/lib/libssl/test/P2ss.cnf b/src/lib/libssl/test/P2ss.cnf
new file mode 100644
index 0000000000..373a87e7c2
--- /dev/null
+++ b/src/lib/libssl/test/P2ss.cnf
@@ -0,0 +1,45 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE                = ./.rnd
+
+####################################################################
+[ req ]
+default_bits            = 512
+default_keyfile         = keySS.pem
+distinguished_name      = req_distinguished_name
+encrypt_rsa_key         = no
+default_md              = md2
+
+[ req_distinguished_name ]
+countryName                     = Country Name (2 letter code)
+countryName_default             = AU
+countryName_value               = AU
+
+organizationName                = Organization Name (eg, company)
+organizationName_value          = Dodgy Brothers
+
+0.commonName                    = Common Name (eg, YOUR name)
+0.commonName_value              = Brother 1
+
+1.commonName                    = Common Name (eg, YOUR name)
+1.commonName_value              = Brother 2
+
+2.commonName                    = Common Name (eg, YOUR name)
+2.commonName_value              = Proxy 1
+
+3.commonName                    = Common Name (eg, YOUR name)
+3.commonName_value              = Proxy 2
+
+[ v3_proxy ]
+basicConstraints=CA:FALSE
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer:always
+proxyCertInfo=critical,@proxy_ext
+
+[ proxy_ext ]
+language=id-ppl-anyLanguage
+pathlen=0
+policy=text:BC
diff --git a/src/lib/libssl/test/Sssdsa.cnf b/src/lib/libssl/test/Sssdsa.cnf
new file mode 100644
index 0000000000..8e170a28ef
--- /dev/null
+++ b/src/lib/libssl/test/Sssdsa.cnf
@@ -0,0 +1,27 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# hacked by iang to do DSA certs - Server
+
+RANDFILE              = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name    = req_distinguished_name
+encrypt_rsa_key               = no
+
+[ req_distinguished_name ]
+countryName                   = Country Name (2 letter code)
+countryName_default           = ES
+countryName_value             = ES
+
+organizationName                = Organization Name (eg, company)
+organizationName_value          = Tortilleras S.A.
+
+0.commonName                  = Common Name (eg, YOUR name)
+0.commonName_value            = Torti
+
+1.commonName                  = Common Name (eg, YOUR name)
+1.commonName_value            = Gordita
+
diff --git a/src/lib/libssl/test/Sssrsa.cnf b/src/lib/libssl/test/Sssrsa.cnf
new file mode 100644
index 0000000000..8c79a03fca
--- /dev/null
+++ b/src/lib/libssl/test/Sssrsa.cnf
@@ -0,0 +1,26 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# create RSA certs - Server
+
+RANDFILE              = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name    = req_distinguished_name
+encrypt_key           = no
+
+[ req_distinguished_name ]
+countryName                   = Country Name (2 letter code)
+countryName_default           = ES
+countryName_value             = ES
+
+organizationName                = Organization Name (eg, company)
+organizationName_value          = Tortilleras S.A.
+
+0.commonName                  = Common Name (eg, YOUR name)
+0.commonName_value            = Torti
+
+1.commonName                  = Common Name (eg, YOUR name)
+1.commonName_value            = Gordita
diff --git a/src/lib/libssl/test/Uss.cnf b/src/lib/libssl/test/Uss.cnf
new file mode 100644
index 0000000000..0c0ebb5f67
--- /dev/null
+++ b/src/lib/libssl/test/Uss.cnf
@@ -0,0 +1,36 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE                = ./.rnd
+
+####################################################################
+[ req ]
+default_bits            = 512
+default_keyfile         = keySS.pem
+distinguished_name      = req_distinguished_name
+encrypt_rsa_key         = no
+default_md              = md2
+
+[ req_distinguished_name ]
+countryName                     = Country Name (2 letter code)
+countryName_default             = AU
+countryName_value               = AU
+
+organizationName                = Organization Name (eg, company)
+organizationName_value          = Dodgy Brothers
+
+0.commonName                    = Common Name (eg, YOUR name)
+0.commonName_value              = Brother 1
+
+1.commonName                    = Common Name (eg, YOUR name)
+1.commonName_value              = Brother 2
+
+[ v3_ee ]
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer:always
+basicConstraints = CA:false
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+issuerAltName=issuer:copy
+
diff --git a/src/lib/libssl/test/VMSca-response.1 b/src/lib/libssl/test/VMSca-response.1
new file mode 100644
index 0000000000..8b13789179
--- /dev/null
+++ b/src/lib/libssl/test/VMSca-response.1
@@ -0,0 +1 @@
+
diff --git a/src/lib/libssl/test/VMSca-response.2 b/src/lib/libssl/test/VMSca-response.2
new file mode 100644
index 0000000000..9b48ee4cf9
--- /dev/null
+++ b/src/lib/libssl/test/VMSca-response.2
@@ -0,0 +1,2 @@
+y
+y
diff --git a/src/lib/libssl/test/bctest b/src/lib/libssl/test/bctest
new file mode 100644
index 0000000000..e81fc0733a
--- /dev/null
+++ b/src/lib/libssl/test/bctest
@@ -0,0 +1,111 @@
+#!/bin/sh
+
+# This script is used by test/Makefile to check whether a sane 'bc'
+# is installed.
+# ('make test_bn' should not try to run 'bc' if it does not exist or if
+# it is a broken 'bc' version that is known to cause trouble.)
+#
+# If 'bc' works, we also test if it knows the 'print' command.
+#
+# In any case, output an appropriate command line for running (or not
+# running) bc.
+
+
+IFS=:
+try_without_dir=true
+# First we try "bc", then "$dir/bc" for each item in $PATH.
+for dir in dummy:$PATH; do
+    if [ "$try_without_dir" = true ]; then
+      # first iteration
+      bc=bc
+      try_without_dir=false
+    else
+      # second and later iterations
+      bc="$dir/bc"
+      if [ ! -f "$bc" ]; then  # '-x' is not available on Ultrix
+        bc=''
+      fi
+    fi
+
+    if [ ! "$bc" = '' ]; then
+        failure=none
+
+
+        # Test for SunOS 5.[78] bc bug
+        "$bc" >tmp.bctest <<\EOF
+obase=16
+ibase=16
+a=AD88C418F31B3FC712D0425001D522B3AE9134FF3A98C13C1FCC1682211195406C1A6C66C6A\
+CEEC1A0EC16950233F77F1C2F2363D56DD71A36C57E0B2511FC4BA8F22D261FE2E9356D99AF57\
+10F3817C0E05BF79C423C3F66FDF321BE8D3F18F625D91B670931C1EF25F28E489BDA1C5422D1\
+C3F6F7A1AD21585746ECC4F10A14A778AF56F08898E965E9909E965E0CB6F85B514150C644759\
+3BE731877B16EA07B552088FF2EA728AC5E0FF3A23EB939304519AB8B60F2C33D6BA0945B66F0\
+4FC3CADF855448B24A9D7640BCF473E
+b=DCE91E7D120B983EA9A104B5A96D634DD644C37657B1C7860B45E6838999B3DCE5A555583C6\
+9209E41F413422954175A06E67FFEF6746DD652F0F48AEFECC3D8CAC13523BDAAD3F5AF4212BD\
+8B3CD64126E1A82E190228020C05B91C8B141F1110086FC2A4C6ED631EBA129D04BB9A19FC53D\
+3ED0E2017D60A68775B75481449
+(a/b)*b + (a%b) - a
+EOF
+        if [ 0 != "`cat tmp.bctest`" ]; then
+            failure=SunOStest
+        fi
+
+
+        if [ "$failure" = none ]; then
+            # Test for SCO bc bug.
+            "$bc" >tmp.bctest <<\EOF
+obase=16
+ibase=16
+-FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4AEC6F15AC177F176F2274D2\
+9DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7F5ADFACEE54573F5D256A06\
+11B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99FB9812A0E4A5773D8B254117\
+1239157EC6E3D8D50199 * -FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4\
+AEC6F15AC177F176F2274D29DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7\
+F5ADFACEE54573F5D256A0611B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99F\
+B9812A0E4A5773D8B2541171239157EC6E3D8D50199 - FFBACC221682DA464B6D7F123482522\
+02EDAEDCA38C3B69E9B7BBCD6165A9CD8716C4903417F23C09A85B851961F92C217258CEEB866\
+85EFCC5DD131853A02C07A873B8E2AF2E40C6D5ED598CD0E8F35AD49F3C3A17FDB7653E4E2DC4\
+A8D23CC34686EE4AD01F7407A7CD74429AC6D36DBF0CB6A3E302D0E5BDFCD048A3B90C1BE5AA8\
+E16C3D5884F9136B43FF7BB443764153D4AEC176C681B078F4CC53D6EB6AB76285537DDEE7C18\
+8C72441B52EDBDDBC77E02D34E513F2AABF92F44109CAFE8242BD0ECBAC5604A94B02EA44D43C\
+04E9476E6FBC48043916BFA1485C6093603600273C9C33F13114D78064AE42F3DC466C7DA543D\
+89C8D71
+AD534AFBED2FA39EE9F40E20FCF9E2C861024DB98DDCBA1CD118C49CA55EEBC20D6BA51B2271C\
+928B693D6A73F67FEB1B4571448588B46194617D25D910C6A9A130CC963155CF34079CB218A44\
+8A1F57E276D92A33386DDCA3D241DB78C8974ABD71DD05B0FA555709C9910D745185E6FE108E3\
+37F1907D0C56F8BFBF52B9704 % -E557905B56B13441574CAFCE2BD257A750B1A8B2C88D0E36\
+E18EF7C38DAC80D3948E17ED63AFF3B3467866E3B89D09A81B3D16B52F6A3C7134D3C6F5123E9\
+F617E3145BBFBE9AFD0D6E437EA4FF6F04BC67C4F1458B4F0F47B64 - 1C2BBBB19B74E86FD32\
+9E8DB6A8C3B1B9986D57ED5419C2E855F7D5469E35E76334BB42F4C43E3F3A31B9697C171DAC4\
+D97935A7E1A14AD209D6CF811F55C6DB83AA9E6DFECFCD6669DED7171EE22A40C6181615CAF3F\
+5296964
+EOF
+            if [ "0
+0" != "`cat tmp.bctest`" ]; then
+                failure=SCOtest
+            fi
+        fi
+
+
+        if [ "$failure" = none ]; then
+            # bc works; now check if it knows the 'print' command.
+            if [ "OK" = "`echo 'print \"OK\"' | $bc 2>/dev/null`" ]
+            then
+                echo "$bc"
+            else
+                echo "sed 's/print.*//' | $bc"
+            fi
+            exit 0
+        fi
+
+        echo "$bc does not work properly ('$failure' failed).  Looking for another bc ..." >&2
+    fi
+done
+
+echo "No working bc found.  Consider installing GNU bc." >&2
+if [ "$1" = ignore ]; then
+  echo "cat >/dev/null"
+  exit 0
+fi
+exit 1
diff --git a/src/lib/libssl/test/enginetest.c b/src/lib/libssl/test/enginetest.c
new file mode 100644
index 0000000000..87fa8c57b7
--- /dev/null
+++ b/src/lib/libssl/test/enginetest.c
@@ -0,0 +1,274 @@
+/* crypto/engine/enginetest.c */
+/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/e_os2.h>
+#include <stdio.h>
+#include <string.h>
+#include <openssl/buffer.h>
+#include <openssl/crypto.h>
+#include <openssl/engine.h>
+#include <openssl/err.h>
+
+static void display_engine_list()
+        {
+        ENGINE *h;
+        int loop;
+
+        h = ENGINE_get_first();
+        loop = 0;
+        printf("listing available engine types\n");
+        while(h)
+                {
+                printf("engine %i, id = \"%s\", name = \"%s\"\n",
+                        loop++, ENGINE_get_id(h), ENGINE_get_name(h));
+                h = ENGINE_get_next(h);
+                }
+        printf("end of list\n");
+        /* ENGINE_get_first() increases the struct_ref counter, so we 
+           must call ENGINE_free() to decrease it again */
+        ENGINE_free(h);
+        }
+
+int main(int argc, char *argv[])
+        {
+        ENGINE *block[512];
+        char buf[256];
+        const char *id, *name;
+        ENGINE *ptr;
+        int loop;
+        int to_return = 1;
+        ENGINE *new_h1 = NULL;
+        ENGINE *new_h2 = NULL;
+        ENGINE *new_h3 = NULL;
+        ENGINE *new_h4 = NULL;
+
+        /* enable memory leak checking unless explicitly disabled */
+        if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
+                {
+                CRYPTO_malloc_debug_init();
+                CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+                }
+        else
+                {
+                /* OPENSSL_DEBUG_MEMORY=off */
+                CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
+                }
+        CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+        ERR_load_crypto_strings();
+
+        memset(block, 0, 512 * sizeof(ENGINE *));
+        if(((new_h1 = ENGINE_new()) == NULL) ||
+                        !ENGINE_set_id(new_h1, "test_id0") ||
+                        !ENGINE_set_name(new_h1, "First test item") ||
+                        ((new_h2 = ENGINE_new()) == NULL) ||
+                        !ENGINE_set_id(new_h2, "test_id1") ||
+                        !ENGINE_set_name(new_h2, "Second test item") ||
+                        ((new_h3 = ENGINE_new()) == NULL) ||
+                        !ENGINE_set_id(new_h3, "test_id2") ||
+                        !ENGINE_set_name(new_h3, "Third test item") ||
+                        ((new_h4 = ENGINE_new()) == NULL) ||
+                        !ENGINE_set_id(new_h4, "test_id3") ||
+                        !ENGINE_set_name(new_h4, "Fourth test item"))
+                {
+                printf("Couldn't set up test ENGINE structures\n");
+                goto end;
+                }
+        printf("\nenginetest beginning\n\n");
+        display_engine_list();
+        if(!ENGINE_add(new_h1))
+                {
+                printf("Add failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        ptr = ENGINE_get_first();
+        if(!ENGINE_remove(ptr))
+                {
+                printf("Remove failed!\n");
+                goto end;
+                }
+        if (ptr)
+                ENGINE_free(ptr);
+        display_engine_list();
+        if(!ENGINE_add(new_h3) || !ENGINE_add(new_h2))
+                {
+                printf("Add failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        if(!ENGINE_remove(new_h2))
+                {
+                printf("Remove failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        if(!ENGINE_add(new_h4))
+                {
+                printf("Add failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        if(ENGINE_add(new_h3))
+                {
+                printf("Add *should* have failed but didn't!\n");
+                goto end;
+                }
+        else
+                printf("Add that should fail did.\n");
+        ERR_clear_error();
+        if(ENGINE_remove(new_h2))
+                {
+                printf("Remove *should* have failed but didn't!\n");
+                goto end;
+                }
+        else
+                printf("Remove that should fail did.\n");
+        ERR_clear_error();
+        if(!ENGINE_remove(new_h3))
+                {
+                printf("Remove failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        if(!ENGINE_remove(new_h4))
+                {
+                printf("Remove failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        /* Depending on whether there's any hardware support compiled
+         * in, this remove may be destined to fail. */
+        ptr = ENGINE_get_first();
+        if(ptr)
+                if(!ENGINE_remove(ptr))
+                        printf("Remove failed!i - probably no hardware "
+                                "support present.\n");
+        if (ptr)
+                ENGINE_free(ptr);
+        display_engine_list();
+        if(!ENGINE_add(new_h1) || !ENGINE_remove(new_h1))
+                {
+                printf("Couldn't add and remove to an empty list!\n");
+                goto end;
+                }
+        else
+                printf("Successfully added and removed to an empty list!\n");
+        printf("About to beef up the engine-type list\n");
+        for(loop = 0; loop < 512; loop++)
+                {
+                sprintf(buf, "id%i", loop);
+                id = BUF_strdup(buf);
+                sprintf(buf, "Fake engine type %i", loop);
+                name = BUF_strdup(buf);
+                if(((block[loop] = ENGINE_new()) == NULL) ||
+                                !ENGINE_set_id(block[loop], id) ||
+                                !ENGINE_set_name(block[loop], name))
+                        {
+                        printf("Couldn't create block of ENGINE structures.\n"
+                                "I'll probably also core-dump now, damn.\n");
+                        goto end;
+                        }
+                }
+        for(loop = 0; loop < 512; loop++)
+                {
+                if(!ENGINE_add(block[loop]))
+                        {
+                        printf("\nAdding stopped at %i, (%s,%s)\n",
+                                loop, ENGINE_get_id(block[loop]),
+                                ENGINE_get_name(block[loop]));
+                        goto cleanup_loop;
+                        }
+                else
+                        printf("."); fflush(stdout);
+                }
+cleanup_loop:
+        printf("\nAbout to empty the engine-type list\n");
+        while((ptr = ENGINE_get_first()) != NULL)
+                {
+                if(!ENGINE_remove(ptr))
+                        {
+                        printf("\nRemove failed!\n");
+                        goto end;
+                        }
+                ENGINE_free(ptr);
+                printf("."); fflush(stdout);
+                }
+        for(loop = 0; loop < 512; loop++)
+                {
+                OPENSSL_free((void *)ENGINE_get_id(block[loop]));
+                OPENSSL_free((void *)ENGINE_get_name(block[loop]));
+                }
+        printf("\nTests completed happily\n");
+        to_return = 0;
+end:
+        if(to_return)
+                ERR_print_errors_fp(stderr);
+        if(new_h1) ENGINE_free(new_h1);
+        if(new_h2) ENGINE_free(new_h2);
+        if(new_h3) ENGINE_free(new_h3);
+        if(new_h4) ENGINE_free(new_h4);
+        for(loop = 0; loop < 512; loop++)
+                if(block[loop])
+                        ENGINE_free(block[loop]);
+        ENGINE_cleanup();
+        CRYPTO_cleanup_all_ex_data();
+        ERR_free_strings();
+        ERR_remove_state(0);
+        CRYPTO_mem_leaks_fp(stderr);
+        return to_return;
+        }
diff --git a/src/lib/libssl/test/maketests.com b/src/lib/libssl/test/maketests.com
index 94621a655b..dfbfef7b1b 100644
--- a/src/lib/libssl/test/maketests.com
+++ b/src/lib/libssl/test/maketests.com
@@ -586,7 +586,7 @@ $ CCDEFS = "TCPIP_TYPE_''P3'"
 $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
 $ CCEXTRAFLAGS = ""
 $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
-$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
+$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX"
 $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
         CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
 $!
diff --git a/src/lib/libssl/test/md4test.c b/src/lib/libssl/test/md4test.c
new file mode 100644
index 0000000000..e0fdc42282
--- /dev/null
+++ b/src/lib/libssl/test/md4test.c
@@ -0,0 +1,134 @@
+/* crypto/md4/md4test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#ifdef OPENSSL_NO_MD4
+int main(int argc, char *argv[])
+{
+    printf("No MD4 support\n");
+    return(0);
+}
+#else
+#include <openssl/evp.h>
+#include <openssl/md4.h>
+
+static char *test[]={
+        "",
+        "a",
+        "abc",
+        "message digest",
+        "abcdefghijklmnopqrstuvwxyz",
+        "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+        "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+        NULL,
+        };
+
+static char *ret[]={
+"31d6cfe0d16ae931b73c59d7e0c089c0",
+"bde52cb31de33e46245e05fbdbd6fb24",
+"a448017aaf21d8525fc10ae87aa6729d",
+"d9130a8164549fe818874806e1c7014b",
+"d79e1c308aa5bbcdeea8ed63df412da9",
+"043f8582f241db351ce627e153e7f0e4",
+"e33b4ddc9c38f2199c3e7b164fcc0536",
+};
+
+static char *pt(unsigned char *md);
+int main(int argc, char *argv[])
+        {
+        int i,err=0;
+        unsigned char **P,**R;
+        char *p;
+        unsigned char md[MD4_DIGEST_LENGTH];
+
+        P=(unsigned char **)test;
+        R=(unsigned char **)ret;
+        i=1;
+        while (*P != NULL)
+                {
+                EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md4(), NULL);
+                p=pt(md);
+                if (strcmp(p,(char *)*R) != 0)
+                        {
+                        printf("error calculating MD4 on '%s'\n",*P);
+                        printf("got %s instead of %s\n",p,*R);
+                        err++;
+                        }
+                else
+                        printf("test %d ok\n",i);
+                i++;
+                R++;
+                P++;
+                }
+        exit(err);
+        return(0);
+        }
+
+static char *pt(unsigned char *md)
+        {
+        int i;
+        static char buf[80];
+
+        for (i=0; i<MD4_DIGEST_LENGTH; i++)
+                sprintf(&(buf[i*2]),"%02x",md[i]);
+        return(buf);
+        }
+#endif
diff --git a/src/lib/libssl/test/methtest.c b/src/lib/libssl/test/methtest.c
new file mode 100644
index 0000000000..005c2f4822
--- /dev/null
+++ b/src/lib/libssl/test/methtest.c
@@ -0,0 +1,105 @@
+/* test/methtest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/rsa.h>
+#include <openssl/x509.h>
+#include "meth.h"
+#include <openssl/err.h>
+
+int main(argc,argv)
+int argc;
+char *argv[];
+        {
+        METHOD_CTX *top,*tmp1,*tmp2;
+
+        top=METH_new(x509_lookup()); /* get a top level context */
+        if (top == NULL) goto err;
+
+        tmp1=METH_new(x509_by_file());
+        if (top == NULL) goto err;
+        METH_arg(tmp1,METH_TYPE_FILE,"cafile1");
+        METH_arg(tmp1,METH_TYPE_FILE,"cafile2");
+        METH_push(top,METH_X509_CA_BY_SUBJECT,tmp1);
+
+        tmp2=METH_new(x509_by_dir());
+        METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/.CAcerts");
+        METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/SSLeay/certs");
+        METH_arg(tmp2,METH_TYPE_DIR,"/usr/local/ssl/certs");
+        METH_push(top,METH_X509_CA_BY_SUBJECT,tmp2);
+
+/*      tmp=METH_new(x509_by_issuer_dir);
+        METH_arg(tmp,METH_TYPE_DIR,"/home/eay/.mycerts");
+        METH_push(top,METH_X509_BY_ISSUER,tmp);
+
+        tmp=METH_new(x509_by_issuer_primary);
+        METH_arg(tmp,METH_TYPE_FILE,"/home/eay/.mycerts/primary.pem");
+        METH_push(top,METH_X509_BY_ISSUER,tmp);
+*/
+
+        METH_init(top);
+        METH_control(tmp1,METH_CONTROL_DUMP,stdout);
+        METH_control(tmp2,METH_CONTROL_DUMP,stdout);
+        EXIT(0);
+err:
+        ERR_load_crypto_strings();
+        ERR_print_errors_fp(stderr);
+        EXIT(1);
+        return(0);
+        }
diff --git a/src/lib/libssl/test/pkcs7-1.pem b/src/lib/libssl/test/pkcs7-1.pem
new file mode 100644
index 0000000000..c47b27af88
--- /dev/null
+++ b/src/lib/libssl/test/pkcs7-1.pem
@@ -0,0 +1,15 @@
+-----BEGIN PKCS7-----
+MIICUAYJKoZIhvcNAQcCoIICQTCCAj0CAQExDjAMBggqhkiG9w0CAgUAMCgGCSqG
+SIb3DQEHAaAbBBlFdmVyeW9uZSBnZXRzIEZyaWRheSBvZmYuoIIBXjCCAVowggEE
+AgQUAAApMA0GCSqGSIb3DQEBAgUAMCwxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRF
+eGFtcGxlIE9yZ2FuaXphdGlvbjAeFw05MjA5MDkyMjE4MDZaFw05NDA5MDkyMjE4
+MDVaMEIxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRFeGFtcGxlIE9yZ2FuaXphdGlv
+bjEUMBIGA1UEAxMLVGVzdCBVc2VyIDEwWzANBgkqhkiG9w0BAQEFAANKADBHAkAK
+ZnkdxpiBaN56t3QZu3+wwAHGJxAnAHUUKULhmo2MUdBTs+N4Kh3l3Fr06+mUaBcB
+FKHf5nzcmpr1XWVWILurAgMBAAEwDQYJKoZIhvcNAQECBQADQQBFGqHhqncgSl/N
+9XYGnQL3MsJvNnsNV4puZPOakR9Hld8JlDQFEaDR30ogsmp3TMrvdfxpLlTCoZN8
+BxEmnZsWMYGbMIGYAgEBMDQwLDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFEV4YW1w
+bGUgT3JnYW5pemF0aW9uAgQUAAApMAwGCCqGSIb3DQICBQAwDQYJKoZIhvcNAQEB
+BQAEQAX6aoEvx9+L9PJUJQngPoRuEbnGIL4gCe+0QO+8xmkhaZSsBPNBtX0FIC1C
+j7Kie1x339mxW/w9VZNTUDQQweHh
+-----END PKCS7-----
diff --git a/src/lib/libssl/test/pkcs7.pem b/src/lib/libssl/test/pkcs7.pem
new file mode 100644
index 0000000000..d55c60b94e
--- /dev/null
+++ b/src/lib/libssl/test/pkcs7.pem
@@ -0,0 +1,54 @@
+     MIAGCSqGSIb3DQEHAqCAMIACAQExADCABgkqhkiG9w0BBwEAAKCAMIIE+DCCBGGg
+     AwIBAgIQaGSF/JpbS1C223+yrc+N1DANBgkqhkiG9w0BAQQFADBiMREwDwYDVQQH
+     EwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1Zl
+     cmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIwHhcNOTYw
+     ODEyMDAwMDAwWhcNOTYwODE3MjM1OTU5WjCCASAxETAPBgNVBAcTCEludGVybmV0
+     MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
+     c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjE3MDUGA1UECxMuRGlnaXRh
+     bCBJRCBDbGFzcyAxIC0gU01JTUUgVmVyaVNpZ24sIEluYy4gVEVTVDFGMEQGA1UE
+     CxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L0NQUyBJbmNvcnAuIGJ5IFJl
+     Zi4sTElBQi5MVEQoYyk5NjEZMBcGA1UEAxMQQWxleGFuZHJlIERlYWNvbjEgMB4G
+     CSqGSIb3DQEJARYRYWxleEB2ZXJpc2lnbi5jb20wWzANBgkqhkiG9w0BAQEFAANK
+     ADBHAkAOy7xxCAIkOfuIA2LyRpxgKlDORl8htdXYhF5iBGUx1GYaK6KF+bK/CCI0
+     l4j2OfWGFBUrwGoWqxTNcWgTfMzRAgMBAAGjggIyMIICLjAJBgNVHRMEAjAAMIIC
+     HwYDVR0DBIICFjCCAhIwggIOMIICCgYLYIZIAYb4RQEHAQEwggH5FoIBp1RoaXMg
+     Y2VydGlmaWNhdGUgaW5jb3Jwb3JhdGVzIGJ5IHJlZmVyZW5jZSwgYW5kIGl0cyB1
+     c2UgaXMgc3RyaWN0bHkgc3ViamVjdCB0bywgdGhlIFZlcmlTaWduIENlcnRpZmlj
+     YXRpb24gUHJhY3RpY2UgU3RhdGVtZW50IChDUFMpLCBhdmFpbGFibGUgYXQ6IGh0
+     dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9DUFM7IGJ5IEUtbWFpbCBhdCBDUFMtcmVx
+     dWVzdHNAdmVyaXNpZ24uY29tOyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMu
+     LCAyNTkzIENvYXN0IEF2ZS4sIE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBU
+     ZWwuICsxICg0MTUpIDk2MS04ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2ln
+     biwgSW5jLiAgQWxsIFJpZ2h0cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVT
+     IERJU0NMQUlNRUQgYW5kIExJQUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcB
+     AQGhDgYMYIZIAYb4RQEHAQECMCwwKhYoaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
+     L3JlcG9zaXRvcnkvQ1BTIDANBgkqhkiG9w0BAQQFAAOBgQAimWMGQwwwxk+b3KAL
+     HlSWXtU7LWHe29CEG8XeVNTvrqs6SBqT7OoENOkGxpfdpVgZ3Qw2SKjxDvbvpfSF
+     slsqcxWSgB/hWuaVuZCkvTw/dYGGOxkTJGxvDCfl1PZjX4dKbatslsi9Z9HpGWT7
+     ttItRwKqcBKgmCJvKi1pGWED0zCCAnkwggHioAMCAQICEDURpVKQb+fQKaRAGdQR
+     /D4wDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlT
+     aWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRp
+     ZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDYyNzAwMDAwMFoXDTk3MDYyNzIzNTk1
+     OVowYjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMu
+     MTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJz
+     Y3JpYmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2FKbPTdAFDdjKI9Bv
+     qrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7jW80GqLd5HUQq7XPy
+     sVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cariQPJUObwW7s987Lrb
+     P2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABozMwMTAPBgNVHRMECDAGAQH/AgEBMAsG
+     A1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADgYEA
+     KeXHoBmnbxRCgk0jM9e9mDppdxpsipIna/J8DOHEUuD4nONAr4+xOg73SBl026n7
+     Bk55A2wvAMGo7+kKTZ+rHaFDDcmq4O+rzFri2RIOeGAncj1IcGptAQhvXoIhFMG4
+     Jlzg1KlHZHqy7D3jex78zcSU7kKOu8f5tAX1jC3+sToAAKGAMIIBJzCBkTANBgkq
+     hkiG9w0BAQIFADBiMREwDwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNp
+     Z24sIEluYy4xNDAyBgNVBAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlk
+     dWFsIFN1YnNjcmliZXIXDTk2MDcwMTE3MzA0MFoXDTk3MDcwMTAwMDAwMFowDQYJ
+     KoZIhvcNAQECBQADgYEAGLuQ6PX8A7AiqBEtWzYtl6lZNSDI0bR5YUo+D2Jzkw30
+     dxQnJSbKXEc6XYuzAW5HvrzATXu5c19WWPT4cRDwmjH71i9QcDysWwf/wE0qGTiW
+     I3tQT0I5VGh7jIJD07nlBw3R4Xl8dH9kr85JsWinqDH5YKpIo9o8knY5n7+qjOow
+     ggEkMIGOMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5W
+     ZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBD
+     ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eRcNOTYwNzE2MjMxMTI5WhcNOTYwODE1MDAw
+     MDAwWjANBgkqhkiG9w0BAQIFAAOBgQAXsLE4vnsY6sY67QrmWec7iaU2ehzxanEK
+     /9wKHZNuhlNzk+qGZZw2evxfUe2OaRbYpl8zuZvhK9BHD3ad14OSe9/zx5hOPgP/
+     DQXt6R4R8Q/1JheBrolrgbavjvI2wKS8/Psp2prBrkF4T48+AKRmS8Zzh1guxgvP
+     b+xSu/jH0gAAMYAAAAAAAAAAAA==
diff --git a/src/lib/libssl/test/r160test.c b/src/lib/libssl/test/r160test.c
new file mode 100644
index 0000000000..a172e393ca
--- /dev/null
+++ b/src/lib/libssl/test/r160test.c
@@ -0,0 +1,57 @@
+/* test/r160test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
diff --git a/src/lib/libssl/test/rsa_test.c b/src/lib/libssl/test/rsa_test.c
new file mode 100644
index 0000000000..b8b462d33b
--- /dev/null
+++ b/src/lib/libssl/test/rsa_test.c
@@ -0,0 +1,318 @@
+/* test vectors from p1ovect1.txt */
+
+#include <stdio.h>
+#include <string.h>
+
+#include "e_os.h"
+
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/rand.h>
+#ifdef OPENSSL_NO_RSA
+int main(int argc, char *argv[])
+{
+    printf("No RSA support\n");
+    return(0);
+}
+#else
+#include <openssl/rsa.h>
+#include <openssl/engine.h>
+
+#define SetKey \
+  key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \
+  key->e = BN_bin2bn(e, sizeof(e)-1, key->e); \
+  key->d = BN_bin2bn(d, sizeof(d)-1, key->d); \
+  key->p = BN_bin2bn(p, sizeof(p)-1, key->p); \
+  key->q = BN_bin2bn(q, sizeof(q)-1, key->q); \
+  key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1)-1, key->dmp1); \
+  key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1)-1, key->dmq1); \
+  key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp)-1, key->iqmp); \
+  memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \
+  return (sizeof(ctext_ex) - 1);
+
+static int key1(RSA *key, unsigned char *c)
+    {
+    static unsigned char n[] =
+"\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F"
+"\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5"
+"\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93"
+"\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1"
+"\xF5";
+
+    static unsigned char e[] = "\x11";
+
+    static unsigned char d[] =
+"\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44"
+"\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64"
+"\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9"
+"\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51";
+
+    static unsigned char p[] =
+"\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
+"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12"
+"\x0D";
+    
+    static unsigned char q[] =
+"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
+"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
+"\x89";
+
+    static unsigned char dmp1[] =
+"\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF"
+"\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05";
+
+    static unsigned char dmq1[] =
+"\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99"
+"\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D"
+"\x51";
+
+    static unsigned char iqmp[] =
+"\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8"
+"\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26";
+
+    static unsigned char ctext_ex[] =
+"\x1b\x8f\x05\xf9\xca\x1a\x79\x52\x6e\x53\xf3\xcc\x51\x4f\xdb\x89"
+"\x2b\xfb\x91\x93\x23\x1e\x78\xb9\x92\xe6\x8d\x50\xa4\x80\xcb\x52"
+"\x33\x89\x5c\x74\x95\x8d\x5d\x02\xab\x8c\x0f\xd0\x40\xeb\x58\x44"
+"\xb0\x05\xc3\x9e\xd8\x27\x4a\x9d\xbf\xa8\x06\x71\x40\x94\x39\xd2";
+
+    SetKey;
+    }
+
+static int key2(RSA *key, unsigned char *c)
+    {
+    static unsigned char n[] =
+"\x00\xA3\x07\x9A\x90\xDF\x0D\xFD\x72\xAC\x09\x0C\xCC\x2A\x78\xB8"
+"\x74\x13\x13\x3E\x40\x75\x9C\x98\xFA\xF8\x20\x4F\x35\x8A\x0B\x26"
+"\x3C\x67\x70\xE7\x83\xA9\x3B\x69\x71\xB7\x37\x79\xD2\x71\x7B\xE8"
+"\x34\x77\xCF";
+
+    static unsigned char e[] = "\x3";
+
+    static unsigned char d[] =
+"\x6C\xAF\xBC\x60\x94\xB3\xFE\x4C\x72\xB0\xB3\x32\xC6\xFB\x25\xA2"
+"\xB7\x62\x29\x80\x4E\x68\x65\xFC\xA4\x5A\x74\xDF\x0F\x8F\xB8\x41"
+"\x3B\x52\xC0\xD0\xE5\x3D\x9B\x59\x0F\xF1\x9B\xE7\x9F\x49\xDD\x21"
+"\xE5\xEB";
+
+    static unsigned char p[] =
+"\x00\xCF\x20\x35\x02\x8B\x9D\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92"
+"\xEA\x0D\xA3\xB4\x32\x04\xB5\xCF\xCE\x91";
+
+    static unsigned char q[] =
+"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
+"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5F";
+    
+    static unsigned char dmp1[] =
+"\x00\x8A\x15\x78\xAC\x5D\x13\xAF\x10\x2B\x22\xB9\x99\xCD\x74\x61"
+"\xF1\x5E\x6D\x22\xCC\x03\x23\xDF\xDF\x0B";
+
+    static unsigned char dmq1[] =
+"\x00\x86\x55\x21\x4A\xC5\x4D\x8D\x4E\xCD\x61\x77\xF1\xC7\x36\x90"
+"\xCE\x2A\x48\x2C\x8B\x05\x99\xCB\xE0\x3F";
+
+    static unsigned char iqmp[] =
+"\x00\x83\xEF\xEF\xB8\xA9\xA4\x0D\x1D\xB6\xED\x98\xAD\x84\xED\x13"
+"\x35\xDC\xC1\x08\xF3\x22\xD0\x57\xCF\x8D";
+
+    static unsigned char ctext_ex[] =
+"\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a"
+"\x8b\x40\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4"
+"\x17\x53\x03\x29\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52"
+"\x62\x51";
+
+    SetKey;
+    }
+
+static int key3(RSA *key, unsigned char *c)
+    {
+    static unsigned char n[] =
+"\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71"
+"\xF7\x36\x8D\x07\xEE\xD4\x10\x43\xA4\x40\xD6\xB6\xF0\x74\x54\xF5"
+"\x1F\xB8\xDF\xBA\xAF\x03\x5C\x02\xAB\x61\xEA\x48\xCE\xEB\x6F\xCD"
+"\x48\x76\xED\x52\x0D\x60\xE1\xEC\x46\x19\x71\x9D\x8A\x5B\x8B\x80"
+"\x7F\xAF\xB8\xE0\xA3\xDF\xC7\x37\x72\x3E\xE6\xB4\xB7\xD9\x3A\x25"
+"\x84\xEE\x6A\x64\x9D\x06\x09\x53\x74\x88\x34\xB2\x45\x45\x98\x39"
+"\x4E\xE0\xAA\xB1\x2D\x7B\x61\xA5\x1F\x52\x7A\x9A\x41\xF6\xC1\x68"
+"\x7F\xE2\x53\x72\x98\xCA\x2A\x8F\x59\x46\xF8\xE5\xFD\x09\x1D\xBD"
+"\xCB";
+
+    static unsigned char e[] = "\x11";
+
+    static unsigned char d[] =
+"\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD"
+"\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41"
+"\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69"
+"\xD6\x87\x0D\xA2\xC0\x82\xA9\x39\xE3\x7F\xDC\xB8\x2E\xC9\x3E\xDA"
+"\xC9\x7F\xF3\xAD\x59\x50\xAC\xCF\xBC\x11\x1C\x76\xF1\xA9\x52\x94"
+"\x44\xE5\x6A\xAF\x68\xC5\x6C\x09\x2C\xD3\x8D\xC3\xBE\xF5\xD2\x0A"
+"\x93\x99\x26\xED\x4F\x74\xA1\x3E\xDD\xFB\xE1\xA1\xCE\xCC\x48\x94"
+"\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3"
+"\xC1";
+
+    static unsigned char p[] =
+"\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60"
+"\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6"
+"\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A"
+"\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65"
+"\x99";
+
+    static unsigned char q[] =
+"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
+"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
+"\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
+"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15"
+"\x03";
+
+    static unsigned char dmp1[] =
+"\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A"
+"\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E"
+"\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E"
+"\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81";
+
+    static unsigned char dmq1[] =
+"\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9"
+"\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7"
+"\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D"
+"\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D";
+    
+    static unsigned char iqmp[] =
+"\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23"
+"\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11"
+"\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E"
+"\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39"
+"\xF7";
+
+    static unsigned char ctext_ex[] =
+"\xb8\x24\x6b\x56\xa6\xed\x58\x81\xae\xb5\x85\xd9\xa2\x5b\x2a\xd7"
+"\x90\xc4\x17\xe0\x80\x68\x1b\xf1\xac\x2b\xc3\xde\xb6\x9d\x8b\xce"
+"\xf0\xc4\x36\x6f\xec\x40\x0a\xf0\x52\xa7\x2e\x9b\x0e\xff\xb5\xb3"
+"\xf2\xf1\x92\xdb\xea\xca\x03\xc1\x27\x40\x05\x71\x13\xbf\x1f\x06"
+"\x69\xac\x22\xe9\xf3\xa7\x85\x2e\x3c\x15\xd9\x13\xca\xb0\xb8\x86"
+"\x3a\x95\xc9\x92\x94\xce\x86\x74\x21\x49\x54\x61\x03\x46\xf4\xd4"
+"\x74\xb2\x6f\x7c\x48\xb4\x2e\xe6\x8e\x1f\x57\x2a\x1f\xc4\x02\x6a"
+"\xc4\x56\xb4\xf5\x9f\x7b\x62\x1e\xa1\xb9\xd8\x8f\x64\x20\x2f\xb1";
+
+    SetKey;
+    }
+
+static int pad_unknown(void)
+{
+    unsigned long l;
+    while ((l = ERR_get_error()) != 0)
+      if (ERR_GET_REASON(l) == RSA_R_UNKNOWN_PADDING_TYPE)
+        return(1);
+    return(0);
+}
+
+static const char rnd_seed[] = "string to make the random number generator think it has entropy";
+
+int main(int argc, char *argv[])
+    {
+    int err=0;
+    int v;
+    RSA *key;
+    unsigned char ptext[256];
+    unsigned char ctext[256];
+    static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
+    unsigned char ctext_ex[256];
+    int plen;
+    int clen = 0;
+    int num;
+
+    CRYPTO_malloc_debug_init();
+    CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+    RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
+
+    plen = sizeof(ptext_ex) - 1;
+
+    for (v = 0; v < 3; v++)
+        {
+        key = RSA_new();
+        switch (v) {
+    case 0:
+        clen = key1(key, ctext_ex);
+        break;
+    case 1:
+        clen = key2(key, ctext_ex);
+        break;
+    case 2:
+        clen = key3(key, ctext_ex);
+        break;
+        }
+
+        num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
+                                 RSA_PKCS1_PADDING);
+        if (num != clen)
+            {
+            printf("PKCS#1 v1.5 encryption failed!\n");
+            err=1;
+            goto oaep;
+            }
+  
+        num = RSA_private_decrypt(num, ctext, ptext, key,
+                                  RSA_PKCS1_PADDING);
+        if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
+            {
+            printf("PKCS#1 v1.5 decryption failed!\n");
+            err=1;
+            }
+        else
+            printf("PKCS #1 v1.5 encryption/decryption ok\n");
+
+    oaep:
+        ERR_clear_error();
+        num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
+                                 RSA_PKCS1_OAEP_PADDING);
+        if (num == -1 && pad_unknown())
+            {
+            printf("No OAEP support\n");
+            goto next;
+            }
+        if (num != clen)
+            {
+            printf("OAEP encryption failed!\n");
+            err=1;
+            goto next;
+            }
+  
+        num = RSA_private_decrypt(num, ctext, ptext, key,
+                                  RSA_PKCS1_OAEP_PADDING);
+        if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
+            {
+            printf("OAEP decryption (encrypted data) failed!\n");
+            err=1;
+            }
+        else if (memcmp(ctext, ctext_ex, num) == 0)
+            {
+            printf("OAEP test vector %d passed!\n", v);
+            goto next;
+            }
+    
+        /* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT).
+           Try decrypting ctext_ex */
+
+        num = RSA_private_decrypt(clen, ctext_ex, ptext, key,
+                                  RSA_PKCS1_OAEP_PADDING);
+
+        if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
+            {
+            printf("OAEP decryption (test vector data) failed!\n");
+            err=1;
+            }
+        else
+            printf("OAEP encryption/decryption ok\n");
+    next:
+        RSA_free(key);
+        }
+
+    CRYPTO_cleanup_all_ex_data();
+    ERR_remove_state(0);
+
+    CRYPTO_mem_leaks_fp(stderr);
+
+    return err;
+    }
+#endif
diff --git a/src/lib/libssl/test/sha1hashes.txt b/src/lib/libssl/test/sha1hashes.txt
new file mode 100644
index 0000000000..4adfa197e9
--- /dev/null
+++ b/src/lib/libssl/test/sha1hashes.txt
@@ -0,0 +1,342 @@
+#  Configuration information for "SHA-1 Test"
+#  SHA tests are configured for BYTE oriented implementations
+H>SHS Type 1 Hashes<H
+D>
+DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 ^
+3CDF2936DA2FC556BFA533AB1EB59CE710AC80E5 ^
+19C1E2048FA7393CFBF2D310AD8209EC11D996E5 ^
+CA775D8C80FAA6F87FA62BECA6CA6089D63B56E5 ^
+71AC973D0E4B50AE9E5043FF4D615381120A25A0 ^
+A6B5B9F854CFB76701C3BDDBF374B3094EA49CBA ^
+D87A0EE74E4B9AD72E6847C87BDEEB3D07844380 ^
+1976B8DD509FE66BF09C9A8D33534D4EF4F63BFD ^
+5A78F439B6DB845BB8A558E4CEB106CD7B7FF783 ^
+F871BCE62436C1E280357416695EE2EF9B83695C ^
+62B243D1B780E1D31CF1BA2DE3F01C72AEEA0E47 ^
+1698994A273404848E56E7FDA4457B5900DE1342 ^
+056F4CDC02791DA7ED1EB2303314F7667518DEEF ^
+9FE2DA967BD8441EEA1C32DF68DDAA9DC1FC8E4B ^
+73A31777B4ACE9384EFA8BBEAD45C51A71ABA6DD ^
+3F9D7C4E2384EDDABFF5DD8A31E23DE3D03F42AC ^
+4814908F72B93FFD011135BEE347DE9A08DA838F ^
+0978374B67A412A3102C5AA0B10E1A6596FC68EB ^
+44AD6CB618BD935460D46D3F921D87B99AB91C1E ^
+02DC989AF265B09CF8485640842128DCF95E9F39 ^
+67507B8D497B35D6E99FC01976D73F54AECA75CF ^
+1EAE0373C1317CB60C36A42A867B716039D441F5 ^
+9C3834589E5BFFAC9F50950E0199B3EC2620BEC8 ^
+209F7ABC7F3B878EE46CDF3A1FBB9C21C3474F32 ^
+05FC054B00D97753A9B3E2DA8FBBA3EE808CEF22 ^
+0C4980EA3A46C757DFBFC5BAA38AC6C8E72DDCE7 ^
+96A460D2972D276928B69864445BEA353BDCFFD2 ^
+F3EF04D8FA8C6FA9850F394A4554C080956FA64B ^
+F2A31D875D1D7B30874D416C4D2EA6BAF0FFBAFE ^
+F4942D3B9E9588DCFDC6312A84DF75D05F111C20 ^
+310207DF35B014E4676D30806FA34424813734DD ^
+4DA1955B2FA7C7E74E3F47D7360CE530BBF57CA3 ^
+74C4BC5B26FB4A08602D40CCEC6C6161B6C11478 ^
+0B103CE297338DFC7395F7715EE47539B556DDB6 ^
+EFC72D99E3D2311CE14190C0B726BDC68F4B0821 ^
+660EDAC0A8F4CE33DA0D8DBAE597650E97687250 ^
+FE0A55A988B3B93946A63EB36B23785A5E6EFC3E ^
+0CBDF2A5781C59F907513147A0DE3CC774B54BF3 ^
+663E40FEE5A44BFCB1C99EA5935A6B5BC9F583B0 ^
+00162134256952DD9AE6B51EFB159B35C3C138C7 ^
+CEB88E4736E354416E2010FC1061B3B53B81664B ^
+A6A2C4B6BCC41DDC67278F3DF4D8D0B9DD7784EF ^
+C23D083CD8820B57800A869F5F261D45E02DC55D ^
+E8AC31927B78DDEC41A31CA7A44EB7177165E7AB ^
+E864EC5DBAB0F9FF6984AB6AD43A8C9B81CC9F9C ^
+CFED6269069417A84D6DE2347220F4B858BCD530 ^
+D9217BFB46C96348722C3783D29D4B1A3FEDA38C ^
+DEC24E5554F79697218D317315FA986229CE3350 ^
+83A099DF7071437BA5495A5B0BFBFEFE1C0EF7F3 ^
+AA3198E30891A83E33CE3BFA0587D86A197D4F80 ^
+9B6ACBEB4989CBEE7015C7D515A75672FFDE3442 ^
+B021EB08A436B02658EAA7BA3C88D49F1219C035 ^
+CAE36DAB8AEA29F62E0855D9CB3CD8E7D39094B1 ^
+02DE8BA699F3C1B0CB5AD89A01F2346E630459D7 ^
+88021458847DD39B4495368F7254941859FAD44B ^
+91A165295C666FE85C2ADBC5A10329DAF0CB81A0 ^
+4B31312EAF8B506811151A9DBD162961F7548C4B ^
+3FE70971B20558F7E9BAC303ED2BC14BDE659A62 ^
+93FB769D5BF49D6C563685954E2AECC024DC02D6 ^
+BC8827C3E614D515E83DEA503989DEA4FDA6EA13 ^
+E83868DBE4A389AB48E61CFC4ED894F32AE112AC ^
+55C95459CDE4B33791B4B2BCAAF840930AF3F3BD ^
+36BB0E2BA438A3E03214D9ED2B28A4D5C578FCAA ^
+3ACBF874199763EBA20F3789DFC59572ACA4CF33 ^
+86BE037C4D509C9202020767D860DAB039CADACE ^
+51B57D7080A87394EEC3EB2E0B242E553F2827C9 ^
+1EFBFA78866315CE6A71E457F3A750A38FACAB41 ^
+57D6CB41AEEC20236F365B3A490C61D0CFA39611 ^
+C532CB64B4BA826372BCCF2B4B5793D5B88BB715 ^
+15833B5631032663E783686A209C6A2B47A1080E ^
+D04F2043C96E10CD83B574B1E1C217052CD4A6B2 ^
+E8882627C64DB743F7DB8B4413DD033FC63BEB20 ^
+CD2D32286B8867BC124A0AF2236FC74BE3622199 ^
+019B70D745375091ED5C7B218445EC986D0F5A82 ^
+E5FF5FEC1DADBAED02BF2DAD4026BE6A96B3F2AF ^
+6F4E23B3F2E2C068D13921FE4E5E053FFED4E146 ^
+25E179602A575C915067566FBA6DA930E97F8678 ^
+67DED0E68E235C8A523E051E86108EEB757EFBFD ^
+AF78536EA83C822796745556D62A3EE82C7BE098 ^
+64D7AC52E47834BE72455F6C64325F9C358B610D ^
+9D4866BAA3639C13E541F250FFA3D8BC157A491F ^
+2E258811961D3EB876F30E7019241A01F9517BEC ^
+8E0EBC487146F83BC9077A1630E0FB3AB3C89E63 ^
+CE8953741FFF3425D2311FBBF4AB481B669DEF70 ^
+789D1D2DAB52086BD90C0E137E2515ED9C6B59B5 ^
+B76CE7472700DD68D6328B7AA8437FB051D15745 ^
+F218669B596C5FFB0B1C14BD03C467FC873230A0 ^
+1FF3BDBE0D504CB0CDFAB17E6C37ABA6B3CFFDED ^
+2F3CBACBB14405A4652ED52793C1814FD8C4FCE0 ^
+982C8AB6CE164F481915AF59AAED9FFF2A391752 ^
+5CD92012D488A07ECE0E47901D0E083B6BD93E3F ^
+69603FEC02920851D4B3B8782E07B92BB2963009 ^
+3E90F76437B1EA44CF98A08D83EA24CECF6E6191 ^
+34C09F107C42D990EB4881D4BF2DDDCAB01563AE ^
+474BE0E5892EB2382109BFC5E3C8249A9283B03D ^
+A04B4F75051786682483252438F6A75BF4705EC6 ^
+BE88A6716083EB50ED9416719D6A247661299383 ^
+C67E38717FEE1A5F65EC6C7C7C42AFC00CD37F04 ^
+959AC4082388E19E9BE5DE571C047EF10C174A8D ^
+BAA7AA7B7753FA0ABDC4A541842B5D238D949F0A ^
+351394DCEBC08155D100FCD488578E6AE71D0E9C ^
+AB8BE94C5AF60D9477EF1252D604E58E27B2A9EE ^
+3429EC74A695FDD3228F152564952308AFE0680A ^
+907FA46C029BC67EAA8E4F46E3C2A232F85BD122 ^
+2644C87D1FBBBC0FC8D65F64BCA2492DA15BAAE4 ^
+110A3EEB408756E2E81ABAF4C5DCD4D4C6AFCF6D ^
+CD4FDC35FAC7E1ADB5DE40F47F256EF74D584959 ^
+8E6E273208AC256F9ECCF296F3F5A37BC8A0F9F7 ^
+FE0606100BDBC268DB39B503E0FDFE3766185828 ^
+6C63C3E58047BCDB35A17F74EEBA4E9B14420809 ^
+BCC2BD305F0BCDA8CF2D478EF9FE080486CB265F ^
+CE5223FD3DD920A3B666481D5625B16457DCB5E8 ^
+948886776E42E4F5FAE1B2D0C906AC3759E3F8B0 ^
+4C12A51FCFE242F832E3D7329304B11B75161EFB ^
+C54BDD2050504D92F551D378AD5FC72C9ED03932 ^
+8F53E8FA79EA09FD1B682AF5ED1515ECA965604C ^
+2D7E17F6294524CE78B33EAB72CDD08E5FF6E313 ^
+64582B4B57F782C9302BFE7D07F74AA176627A3A ^
+6D88795B71D3E386BBD1EB830FB9F161BA98869F ^
+86AD34A6463F12CEE6DE9596ABA72F0DF1397FD1 ^
+7EB46685A57C0D466152DC339C8122548C757ED1 ^
+E7A98FB0692684054407CC221ABC60C199D6F52A ^
+34DF1306662206FD0A5FC2969A4BEEC4EB0197F7 ^
+56CF7EBF08D10F0CB9FE7EE3B63A5C3A02BCB450 ^
+3BAE5CB8226642088DA760A6F78B0CF8EDDEA9F1 ^
+6475DF681E061FA506672C27CBABFA9AA6DDFF62 ^
+79D81991FA4E4957C8062753439DBFD47BBB277D ^
+BAE224477B20302E881F5249F52EC6C34DA8ECEF ^
+EDE4DEB4293CFE4138C2C056B7C46FF821CC0ACC ^
+<D
+
+H>SHS Type 2 Hashes<H
+D>
+A771FA5C812BD0C9596D869EC99E4F4AC988B13F ^
+E99D566212BBBCEEE903946F6100C9C96039A8F4 ^
+B48CE6B1D13903E3925AE0C88CB931388C013F9C ^
+E647D5BAF670D4BF3AFC0A6B72A2424B0C64F194 ^
+65C1CD932A06B05CD0B43AFB3BC7891F6BCEF45C ^
+70FFAE353A5CD0F8A65A8B2746D0F16281B25EC7 ^
+CC8221F2B829B8CF39646BF46888317C3EB378EA ^
+26ACCC2D6D51FF7BF3E5895588907765111BB69B ^
+01072915B8E868D9B28E759CF2BC1AEA4BB92165 ^
+3016115711D74236ADF0C371E47992F87A428598 ^
+BF30417999C1368F008C1F19FECA4D18A5E1C3C9 ^
+62BA49087185F2742C26E1C1F4844112178BF673 ^
+E1F6B9536F384DD3098285BBFD495A474140DC5A ^
+B522DAE1D67726EBA7C4136D4E2F6D6D645AC43E ^
+E9A021C3EB0B9F2C710554D4BF21B19F78E09478 ^
+DF13573188F3BF705E697A3E1F580145F2183377 ^
+188835CFE52ECFA0C4135C2825F245DC29973970 ^
+41B615A34EE2CEC9D84A91B141CFAB115821950B ^
+AB3DD6221D2AFE6613B815DA1C389EEC74AA0337 ^
+0706D414B4AA7FB4A9051AA70D6856A7264054FB ^
+3CBF8151F3A00B1D5A809CBB8C4F3135055A6BD1 ^
+DA5D6A0319272BBCCEA63ACFA6799756FFDA6840 ^
+FB4429C95F6277B346D3B389413758DFFFEEDC98 ^
+2C6E30D9C895B42DCCCFC84C906EC88C09B20DE1 ^
+3DE3189A5E19F225CDCE254DFF23DACD22C61363 ^
+93530A9BC9A817F6922518A73A1505C411D05DA2 ^
+E31354345F832D31E05C1B842D405D4BD4588EC8 ^
+3FF76957E80B60CF74D015AD431FCA147B3AF232 ^
+34AE3B806BE143A84DCE82E4B830EB7D3D2BAC69 ^
+D7447E53D66BB5E4C26E8B41F83EFD107BF4ADDA ^
+77DD2A4482705BC2E9DC96EC0A13395771AC850C ^
+EAA1465DB1F59DE3F25EB8629602B568E693BB57 ^
+9329D5B40E0DC43AA25FED69A0FA9C211A948411 ^
+E94C0B6AA62AA08C625FAF817DDF8F51EC645273 ^
+7FF02B909D82AD668E31E547E0FB66CB8E213771 ^
+5BB3570858FA1744123BAC2873B0BB9810F53FA1 ^
+905F43940B3591CE39D1145ACB1ECA80AB5E43CD ^
+336C79FBD82F33E490C577E3F791C3CBFE842AFF ^
+5C6D07A6B44F7A75A64F6CE592F3BAE91E022210 ^
+7E0D3E9D33127F4A30EB8D9C134A58409FA8695B ^
+9A5F50DFCFB19286206C229019F0ABF25283028C ^
+DCA737E269F9D8626D488988C996E06B352C0708 ^
+B8FFC1D4972FCE63241E0E77850AC46DDE75DBFA ^
+E9C9BF41C8549354151B977003CE1D830BE667DB ^
+0942908960B54F96CB43452E583F4F9CB66E398A ^
+FCE34051C34D4B81B85DDC4B543CDE8007E284B3 ^
+61E8916532503627F4024D13884640A46F1D61D4 ^
+F008D5D7853B6A17B7466CD9E18BD135E520FAF4 ^
+BD8D2E873CF659B5C77AAC1616827EF8A3B1A3B3 ^
+B25A04DD425302ED211A1C2412D2410FA10C63B6 ^
+A404E21588123E0893718B4B44E91414A785B91F ^
+A1E13BC55BF6DAD83CF3AABDA3287AD68681EA64 ^
+D5FD35FFABED6733C92365929DF0FB4CAE864D15 ^
+C12E9C280EE9C079E0506FF89F9B20536E0A83EF ^
+E22769DC00748A9BBD6C05BBC8E81F2CD1DC4E2D ^
+F29835A93475740E888E8C14318F3CA45A3C8606 ^
+1A1D77C6D0F97C4B620FAA90F3F8644408E4B13D ^
+4EC84870E9BDD25F523C6DFB6EDD605052CA4EAA ^
+D689513FED08B80C39B67371959BC4E3FECB0537 ^
+C4FED58F209FC3C34AD19F86A6DACADC86C04D33 ^
+051888C6D00029C176DE792B84DECE2DC1C74B00 ^
+1A3540BEE05518505827954F58B751C475AEECE0 ^
+DFA19180359D5A7A38E842F172359CAF4208FC05 ^
+7B0FA84EBBCFF7D7F4500F73D79660C4A3431B67 ^
+9E886081C9ACAAD0F97B10810D1DE6FCDCE6B5F4 ^
+A4D46E4BA0AE4B012F75B1B50D0534D578AE9CB6 ^
+6342B199EE64C7B2C9CBCD4F2DCB65ACEF51516F ^
+AABFD63688EB678357869130083E1B52F6EA861D ^
+F732B7372DAF44801F81EFFE3108726239837936 ^
+5E9347FE4574CDCB80281ED092191199BADD7B42 ^
+D5776B7DFFF75C1358ABDBBB3F27A20BB6CA7C55 ^
+022B7ADA472FB7A9DA9219621C9C5F563D3792F6 ^
+7F1DE4ECA20362DA624653D225A5B3F7964A9FF2 ^
+CA0F2B1BFB4469C11ED006A994734F0F2F5EFD17 ^
+833D63F5C2EA0CD43EC15F2B9DD97FF12B030479 ^
+14FD356190416C00592B86FF7CA50B622F85593A ^
+4AB6B57EDDEF1CE935622F935C1619AE7C1667D6 ^
+B456A6A968ACD66CAA974F96A9A916E700AA3C5D ^
+FD1C257FE046B2A27E2F0CD55ED2DECA845F01D7 ^
+66E0D01780F1063E2929EAAD74826BC64060E38C ^
+A8478DF406F179FD4EF97F4574D7F99EA1CE9EB8 ^
+248E58CF09A372114FC2F93B09C5FC14F3D0059E ^
+F15767DE91796A6816977EFA4FCED4B7FD9B8A57 ^
+36A6BC5E680E15675D9696338C88B36248BBBAF4 ^
+4DEA6251B2A6DF017A8093AB066EE3863A4EC369 ^
+D30E70E357D57E3D82CA554B8A3D58DFF528FA94 ^
+70CA84D827F7FD61446233F88CF2F990B0F3E2AA ^
+8D500C9CFDE0288530A2106B70BED39326C52C3C ^
+F3D4D139EDFC24596377BC97A96FB7621F27FFC7 ^
+5509BAFFAC6D507860CEFC5AB5832CB63CD4B687 ^
+0C0AEA0C2FD7A620C77866B1A177481E26B4F592 ^
+149176007FEE58A591E3F00F8DB658B605F8390C ^
+17C0D7B0256159F3626786FFDB20237AE154FA84 ^
+741A58618ABEB1D983D67AFDCBC49AA397A3B8E0 ^
+B738D6B3409EB9ED2F1719B84D13F7C36169CDEC ^
+3D33DE31F64055D3B128AC9A6AA3F92DFD4F5330 ^
+B6925F4DF94949B8844C867428BA3DEDF4CF2B51 ^
+CF5E7256292ABEC431D8E8B9CBEAF22AF072377E ^
+975DCE94902923977F129C0E4ACF40AD28DDB9AA ^
+333B0259B18CE64D6B52CF563DD3041E5F63A516 ^
+<D
+
+H>SHS Type 3 Hashes<H
+D>
+80E044703A880C20EC41F645120A8A5B5D194ECE ^
+E142829CA08FC9787F17AA16CE727396169B2713 ^
+6A2BAF62469D311F9257A0727F52C7EAA87CCEB4 ^
+362E3E7136CA611D7FBF687D3BBDC54CDA64843F ^
+F5900ADC6223A5D24A7526ABFC60FA8E2D59A5AB ^
+AD0CAC6A21D5B10833DDE7FA85927D74EDA142A9 ^
+47AD337EAFFDC177AAF7CBD035BE6F398B9D0536 ^
+9CF58595DF80872535BCC7C056E223546F0BB4EE ^
+7151CEB1918278CED2902B1D663D596F8D1B986F ^
+ADDC9F09AA4026EF6C4B7F1A84D3A13B4CDC65B3 ^
+921FE78A863A317B1FA1FB3CA3BE1948DE7EF754 ^
+64BE10732D71D52CE8A486DA23E6B453DF7C6FBD ^
+4A450659470DD759ABFAE1D73972A6D2E63AC16C ^
+0D665E4BBF30B7EAB955BDE84759E185EECAB4CB ^
+0C1B8EE94D61CDD0837EAED9FE33DE4A8334B596 ^
+D93BFE2A6227A4BF9B7C61EBCE4A8CDE131593FE ^
+BDA883F804B470C90BD6AC490DFC34EBC27F9648 ^
+46A0969373552213632591C52030C38E5DBDC49E ^
+4781289E48B910C550DC23CA7D3AF5324C03532D ^
+693A34CFCDDED0F3AC72E7197FCE9BB66A8E3981 ^
+AE088AF1D8865140963B3ABFB63E32E04CD1506F ^
+ADF0F8F1D85CA97586F5DC6DC5FD11FA39270F55 ^
+E484F5AD86C5F4D09E366ADF6E0DE73449F97B28 ^
+81C49842BA3D7072FB42288E03CE737A2672C091 ^
+F6CC71AD897C23A16835490DED289BFD45500AB0 ^
+23E71AED62FE8E28F34F58E7FE5594EC5EB0486C ^
+92BA7934AA5867EE52960F4E0EDFB90AA7B69305 ^
+C3D1CC8CBD1B6FFEE0D90CE962CD9C09AB1548AA ^
+3CE37A583B71A6A77BE325066A0F00C5D11DFC3E ^
+76EF5D236E1042D356A3234A422C092F86003064 ^
+8C3F703436C6C882E60263540A8E4C3E5646DC15 ^
+6138F9F3AB43B988DD3857422CCB304352459F40 ^
+B812DE98775B4690B4FC2ECFCAB61C73C7271DC7 ^
+06660985CD80D48E7B9F88455B4233924C3B64BB ^
+76AB4B6378D6F63499A94EB67EB1CB31AFF8D775 ^
+F31F6B0BE7AB059A1F59A46481967E88392979E6 ^
+0C1638498FBB7DB9600B98B4B22EF85E0FE245FB ^
+5607C6AF600939736795AC523FA43B736F41A118 ^
+8A03244866BDD21B9D8A82E98436C894FAD86ECC ^
+8A75BFD911AF87303B9B8FB7A1A47CCA52D3D98A ^
+16F0F3B5D37411236A1E3D6B1EDAB74CDA25ED4B ^
+AC72BF45477481F58A302628DC5299FFA32E7C9F ^
+74CFFD5881F75AC20726E1447DCF7F47024380EF ^
+5BFBECEECBC27DA05729C4D1AC8C1286EA6DCEC9 ^
+012AACBC0579FA4CB4F107E9A9AD1A86AD2F6A4D ^
+F7D552CBC5EF90F1A579388B5A8A9EC71EB67681 ^
+10C70115C4C34753274BFED477DF01440A67A361 ^
+078D2FACD293B6B6219D89899C16AA1AA8E3DE82 ^
+83C6BF9FB0D3091ADF374EBFA0A69916F17E6D26 ^
+2CDB1924DA62AB64C007C6505FF657E4ADDEA9C1 ^
+E95D209BCB9864B076FF4DFCA8F8BD75D62D1B48 ^
+632824CF5025F8F90AD2923BDDF449550D64C0F5 ^
+02B1C0B41FC27EC5A32E586F1AC480BF0061E56A ^
+28156BC6769AE390BF32C6512C46169181E1536D ^
+F730E6E287D992E7F3E013B6F1E088F0B9C41598 ^
+B056A6A832FA5FE964EF77FF3E0BE1C32E0D58C0 ^
+D5B3D19AFBB48FB56BA6D44A82DE6BD08DB208DE ^
+0215AD79BD6B8023C05FD2F8966211897DF6337A ^
+EC4CF38C244EB6526A44F70570925247145DA8CA ^
+C0D931262ECE93DA5A6ABC89CD6AD3162EA6B09E ^
+6BB48FAC26AA2B4859BBDEFCFB53AE4D1D9A0340 ^
+58611D43741E67A7F0DA9CB337A59DCD1EBE758E ^
+7C2AEC216AF231509E47B7EED06BB17859812B7E ^
+F60EE5DBF4A7A676EC98B3DDB1CDD6CDF3CDA33B ^
+0492E59B1F4C94E97F29A26C3EE7D57E1B0FDD72 ^
+4FCF549D902D9BE1101A756DB9E45415FB61BCD2 ^
+95C71D26AD6B38CC771376B4A4F962F12E1E3D4F ^
+F6A2449E773C72FB886B3C43E2B30EC2A1B7454A ^
+CDE86695E00AEC9A5DB6FDDB5D5A5934448D58E0 ^
+502318A758FABFF6AC53844E9E2BCD159C678510 ^
+589D295148F95F75DAE964DD743FE981FA236D4E ^
+7973DD33AE3599A556BACC77E8656E782E029EFF ^
+9F5BE43AADD43C6DB3883C9DA4B52E1A50257AEE ^
+454289D8FFB237A56D5214EAE88F0A9D328FEA1A ^
+7E686B36595BEB4C0D4528FF960EDB55088A028D ^
+F9789D1EF19A0084AC0E9F43A4BC0EE0478939EF ^
+2F32B0E7CC8BE19C325545C816E77056D7BBE70F ^
+6B1617746F073CFCD2CEBCAFBBE6FD0E28ED2D56 ^
+CF8D2EA3888AD76761799383E5A15979F6DB7A88 ^
+557AF6D9D5947203C60E98C9A79B92B8BD085E2B ^
+C61A217423DE68ED6CD34C91756C8DD3A650A2A2 ^
+73F3F79C151B6C1BD9369EDB26B932C2362B0593 ^
+364141E5FBCDE83F210C5BBBEB6810F6299DE14B ^
+F806BECD025D264FD59E93D9E3606A674C40F216 ^
+E0C761A57F00CBFB07D49BCB034C36A7122F4C5B ^
+5D3831044B9E0032FBE3C3425FFD13698F413B33 ^
+7EB1AB41E9997753C5D530DF118E71E72D7B86FC ^
+CC053EA1556269D7E8BCBA30B208FCBF0EE2EE64 ^
+A57739B1DD41E7DC0C40D6B6159A7E73CE2748AA ^
+90DA527C9DB9ACC2FD530D560A2F1191A80D0567 ^
+6AC1F2A0B8CA0E5ABC9FDF1ADCE588FBDF5CC53E ^
+43C1A0A0EE4163EC929726989F92B03639B233AB ^
+8927F299462413AC29A74080E54D8EE2DB7165E7 ^
+0C8D7E22226D91B423E781B508F31517EAAB607B ^
+7286E20D7F08D18A893254FBD3CC833F7973DCAF ^
+0CB8C235928B8E936C43B8F29EF3758B9FD54A7B ^
+F67C24CC23E440CA3F206CEEB5504ECA54CD5CA3 ^
+D78A25DEAA1E7ADADDB3C145ED0E5263BA4F2910 ^
+00AA68174D29492C578AC853FFCD55908292D41A ^
+D5570EEDB09A62A5948F7F311F7ED5EF247F9AD9 ^
+<D
diff --git a/src/lib/libssl/test/sha1vectors.txt b/src/lib/libssl/test/sha1vectors.txt
new file mode 100644
index 0000000000..c2ea186603
--- /dev/null
+++ b/src/lib/libssl/test/sha1vectors.txt
@@ -0,0 +1,2293 @@
+#  Configuration information for "SHA-1 Test"
+#  SHA tests are configured for BYTE oriented implementations
+H>SHS Type 1 Strings<H
+D>
+0 1 ^
+5 0 2 1 2 1 2 ^
+5 0 1 3 4 4 4 ^
+7 0 4 3 4 4 1 4 4 ^
+10 0 4 1 5 3 4 4 3 1 3 4 ^
+10 0 3 1 6 5 5 1 3 6 6 4 ^
+13 1 3 2 5 3 3 3 4 6 6 1 4 6 2 ^
+16 1 3 5 5 1 2 1 3 3 6 3 5 2 3 5 7 2 ^
+15 1 8 1 5 3 2 7 4 5 6 7 3 3 1 6 3 ^
+15 1 4 6 8 2 1 4 2 5 1 6 8 8 6 4 7 ^
+18 1 1 2 7 3 8 6 7 5 4 3 4 3 5 3 3 2 6 8 ^
+16 0 9 8 1 8 1 7 6 7 7 1 2 6 9 5 4 7 ^
+18 0 7 1 7 3 9 4 7 7 5 2 8 1 7 8 2 7 2 9 ^
+19 1 2 3 1 8 8 6 9 10 3 10 8 9 2 4 1 5 1 5 9 ^
+19 1 8 5 4 8 1 3 9 5 7 7 2 7 2 7 8 7 4 8 10 ^
+20 1 1 9 7 4 1 4 5 1 10 8 6 4 4 9 9 9 8 2 9 10 ^
+19 1 11 6 7 7 2 6 2 6 10 6 9 10 5 11 1 6 8 11 4 ^
+22 0 10 5 10 3 7 8 9 9 1 1 1 10 2 1 5 10 2 9 9 9 7 8 ^
+21 0 1 10 1 6 9 4 2 5 2 11 8 12 12 9 8 1 3 10 7 11 12 ^
+24 1 3 9 5 12 3 4 2 9 12 11 6 6 1 1 9 5 9 1 4 9 4 10 8 9 ^
+25 1 3 2 3 11 1 12 5 6 2 7 8 4 8 8 9 9 8 4 9 1 4 8 10 9 9 ^
+23 0 11 10 7 10 10 6 10 9 4 5 10 5 8 4 1 10 12 4 6 1 8 11 6 ^
+22 0 12 8 10 4 3 8 5 5 7 11 13 11 12 11 4 12 3 6 5 11 10 5 ^
+26 1 10 9 6 9 7 2 10 4 4 5 5 2 12 13 5 3 1 10 1 4 7 8 13 13 12 9 ^
+31 0 2 6 5 4 7 3 10 6 13 6 3 9 6 2 10 5 3 8 4 1 11 3 5 3 7 11 1 12 9 12 5 ^
+27 1 14 5 1 3 7 2 3 9 3 4 14 4 4 10 8 5 14 1 11 12 12 10 4 13 7 11 9 ^
+30 1 4 9 5 5 8 9 5 10 4 2 4 7 9 9 6 3 5 1 8 3 2 13 3 14 9 8 9 10 14 10 ^
+27 0 12 9 5 8 7 2 14 12 3 8 14 6 6 4 7 5 7 10 7 11 10 1 9 6 7 12 14 ^
+24 0 12 9 9 2 11 13 12 11 11 6 14 13 10 5 6 8 10 4 3 11 11 14 5 14 ^
+24 0 15 4 5 3 8 12 15 8 14 15 9 12 12 3 10 13 6 11 10 4 13 14 8 8 ^
+28 1 1 8 1 5 11 4 9 12 4 13 15 5 9 11 7 14 11 1 11 7 8 8 11 1 13 15 12 13 ^
+32 1 5 8 3 8 10 7 8 1 5 13 12 14 5 3 6 4 12 15 6 6 10 11 13 9 1 11 6 10 3 7 14 
+2 ^
+31 0 10 3 5 1 14 11 11 16 1 2 2 11 6 13 15 12 6 5 16 2 14 2 10 12 2 5 5 6 10 13 
+15 ^
+34 0 3 10 8 16 9 5 12 15 4 11 13 3 6 5 10 8 1 3 9 3 11 1 2 16 12 10 6 1 9 1 16 
+5 6 14 ^
+30 1 1 12 4 4 2 15 13 15 11 15 5 11 9 7 15 16 6 16 12 3 2 10 16 5 5 7 1 7 11 16 
+^
+34 0 7 9 11 2 5 5 5 4 13 13 14 4 7 12 6 4 8 2 9 9 13 13 3 3 6 7 16 7 6 15 5 8 
+15 14 ^
+36 1 4 6 16 15 11 14 14 4 7 10 3 4 10 3 6 7 14 4 6 6 5 2 7 8 16 2 12 16 10 14 3 
+2 3 7 14 3 ^
+32 0 15 10 9 1 14 10 14 6 6 16 3 2 3 8 3 12 8 11 17 3 9 7 16 14 4 11 15 5 13 9 
+5 17 ^
+30 0 17 17 13 8 2 6 8 16 1 12 5 17 2 9 8 10 13 14 11 17 12 5 14 9 11 9 11 4 11 
+12 ^
+30 1 16 6 10 5 8 3 17 16 14 1 15 15 15 6 13 2 11 6 13 11 13 4 6 7 11 11 12 16 
+13 16 ^
+33 1 16 16 14 16 2 4 16 11 6 15 7 4 17 6 5 7 6 3 14 16 5 17 11 13 1 1 14 13 3 6 
+14 5 16 ^
+39 1 2 16 13 7 8 6 2 15 1 9 12 4 4 11 13 7 2 11 9 18 4 5 4 8 2 14 9 9 1 8 13 11 
+15 8 5 9 10 16 7 ^
+34 0 2 7 1 1 17 13 6 11 10 8 5 12 15 6 15 10 12 4 18 1 2 8 11 12 16 10 12 18 11 
+16 12 11 17 6 ^
+34 1 4 7 13 7 10 7 10 6 1 12 7 18 11 18 2 10 15 10 14 8 18 9 9 12 12 3 13 12 6 
+4 9 17 13 17 ^
+40 0 5 7 3 2 1 17 14 4 16 6 13 1 13 6 6 10 1 3 18 3 11 7 9 5 7 11 17 1 9 16 5 
+15 10 17 3 8 15 17 8 12 ^
+40 0 11 3 15 17 11 1 1 4 3 14 18 4 2 18 8 15 6 4 6 3 15 11 16 10 17 17 9 6 3 2 
+6 16 4 9 12 6 8 1 11 17 ^
+37 1 2 19 12 8 16 14 2 9 16 2 6 6 7 9 10 9 11 9 14 11 15 5 16 9 2 17 2 8 15 8 4 
+3 14 14 16 16 12 ^
+37 1 11 10 16 12 11 7 14 14 14 6 10 10 1 6 13 19 5 6 4 7 12 12 10 5 10 15 15 8 
+5 13 17 13 5 6 14 1 19 ^
+38 1 2 6 5 17 9 11 18 18 8 6 13 15 3 3 15 5 13 18 3 2 5 5 14 7 13 4 17 7 2 17 3 
+18 15 7 15 16 18 11 ^
+38 1 12 8 6 3 17 12 13 19 15 9 7 17 16 15 3 11 11 5 2 13 19 16 2 4 16 7 8 1 2 9 
+17 12 3 5 18 19 11 9 ^
+39 1 14 16 14 8 9 16 5 1 6 3 17 18 16 9 1 15 9 10 9 19 1 3 3 20 11 13 17 1 19 8 
+3 4 3 7 1 14 19 19 19 ^
+37 1 18 13 11 5 18 4 19 10 6 19 11 17 10 10 7 9 13 16 9 10 18 4 12 5 16 5 20 12 
+3 8 10 1 18 1 6 20 14 ^
+36 0 8 9 6 12 11 7 7 3 17 13 6 20 17 9 20 16 10 12 17 8 11 8 11 10 5 10 14 18 8 
+19 9 12 12 2 20 19 ^
+39 0 12 16 20 3 9 9 19 17 13 13 4 17 2 11 7 14 3 6 16 13 10 13 5 16 10 2 8 2 17 
+19 4 17 7 19 6 9 15 15 6 ^
+43 0 7 2 18 5 7 18 5 2 15 7 11 10 9 3 2 14 19 3 11 8 18 15 5 3 5 12 15 16 10 17 
+7 19 16 2 1 16 6 3 19 12 5 18 16 ^
+49 1 9 11 2 1 12 11 14 12 14 10 4 11 6 8 16 7 5 11 20 8 17 4 14 4 15 3 2 2 4 3 
+2 3 14 15 10 2 12 7 3 7 20 20 19 10 2 3 1 10 20 ^
+36 0 19 20 12 5 19 21 5 21 11 14 19 1 17 8 9 4 19 3 17 1 14 21 14 7 6 5 20 14 
+21 20 4 6 21 7 11 12 ^
+41 0 12 9 11 6 16 18 18 10 11 20 6 12 11 5 7 21 19 18 6 15 21 10 4 14 9 19 10 3 
+3 5 13 1 8 12 3 13 9 7 10 17 14 ^
+45 0 10 6 8 3 17 18 3 21 19 6 17 15 4 9 15 9 15 14 4 7 14 8 10 13 4 11 10 7 6 
+21 1 14 5 11 7 7 2 13 13 3 9 13 8 14 20 ^
+39 1 3 7 18 4 9 9 5 15 13 17 10 15 16 20 8 19 9 10 9 1 19 14 21 2 18 13 10 4 18 
+16 4 21 15 10 18 19 3 12 18 ^
+41 0 14 4 13 11 1 11 1 10 2 12 4 21 10 21 18 9 2 16 7 20 6 7 12 19 20 1 13 12 
+10 8 21 15 7 19 13 6 8 19 20 18 19 ^
+37 0 11 18 1 17 14 15 20 16 20 8 2 17 10 4 21 5 19 19 14 22 21 18 13 14 1 3 12 
+11 11 4 22 13 5 18 7 21 21 ^
+48 0 9 22 19 12 8 16 5 17 5 9 1 2 9 6 12 6 1 7 4 3 15 1 14 1 12 3 10 2 10 14 21 
+13 17 6 6 17 1 21 2 14 16 17 9 11 20 21 11 18 ^
+50 1 12 8 20 13 2 9 20 9 14 10 1 16 2 22 6 4 16 14 15 1 12 4 14 9 21 3 3 9 8 21 
+15 14 8 4 14 4 2 3 8 12 8 6 1 2 18 20 15 3 19 10 ^
+44 0 10 20 14 6 3 4 21 1 12 4 18 2 6 7 6 9 20 14 10 10 19 17 21 12 15 17 7 10 
+11 8 10 12 1 19 19 9 18 21 4 18 11 9 22 5 ^
+47 0 15 8 15 3 5 6 2 19 12 17 4 20 8 11 20 2 18 4 16 20 12 9 9 6 16 21 16 3 16 
+18 3 19 5 16 2 4 2 12 11 15 11 14 17 2 10 18 8 ^
+48 1 5 13 3 21 5 3 6 18 18 10 1 21 21 7 1 13 12 19 1 14 6 8 21 19 21 11 19 13 2 
+13 4 1 10 22 16 4 9 4 10 16 3 7 15 11 9 13 17 12 ^
+45 0 14 7 6 2 20 3 6 19 19 10 2 22 12 17 12 1 20 7 7 15 20 6 18 8 3 14 23 18 15 
+4 7 5 23 15 7 14 10 10 19 17 2 4 15 17 21 ^
+45 1 15 11 8 9 17 5 12 18 14 6 20 17 21 12 16 9 22 9 20 15 2 22 11 2 6 11 9 8 2 
+4 14 19 3 21 21 23 8 2 11 4 8 4 20 22 11 ^
+38 0 21 18 22 10 19 9 14 17 23 21 10 7 15 13 16 5 4 10 13 14 20 23 12 20 23 18 
+10 12 8 21 11 6 12 7 19 14 18 17 ^
+40 0 18 22 6 9 22 5 23 13 6 8 23 20 22 5 22 15 19 20 9 9 1 13 13 10 14 13 5 22 
+14 21 9 21 19 14 14 4 18 13 12 14 ^
+48 1 7 3 15 5 17 14 23 14 5 17 22 11 1 8 13 23 6 21 3 6 11 7 23 8 6 21 4 4 22 
+19 13 8 5 19 7 5 23 1 4 19 11 23 11 21 14 1 3 21 ^
+43 0 22 14 11 7 18 16 17 24 12 12 3 13 19 16 22 4 16 4 6 23 8 18 11 2 3 20 22 9 
+21 8 23 1 23 20 7 16 13 23 4 13 3 7 22 ^
+47 1 23 6 13 19 2 3 7 2 9 9 15 6 13 4 22 6 19 20 1 9 7 14 1 15 3 23 24 22 18 12 
+12 17 19 10 8 11 22 12 10 2 20 15 18 17 18 7 19 ^
+47 1 12 21 6 12 4 7 18 17 3 2 14 24 14 1 23 1 11 15 10 6 18 20 7 1 8 1 16 6 20 
+23 23 21 10 10 12 24 10 11 23 2 12 23 9 3 24 24 10 ^
+52 0 14 10 18 15 14 5 16 11 22 2 15 24 8 22 1 4 24 9 10 15 3 9 5 4 17 15 9 12 
+19 19 1 3 10 6 8 3 17 8 18 24 19 3 4 15 4 9 2 24 5 20 13 13 ^
+42 0 20 17 19 22 13 8 10 19 15 11 1 14 17 20 22 10 7 11 16 9 21 22 17 23 12 15 
+4 24 7 21 18 2 21 16 1 19 18 20 11 3 15 17 ^
+50 0 18 1 6 14 5 5 5 19 13 10 24 19 16 24 15 13 2 19 15 24 21 17 4 13 17 1 1 9 
+1 10 2 18 1 21 19 5 18 12 2 22 16 23 15 19 6 18 9 1 23 5 ^
+51 0 21 13 14 11 18 12 13 3 19 9 20 22 20 2 11 12 6 1 12 16 18 2 9 8 4 3 11 17 
+11 5 4 19 16 11 23 13 18 1 20 8 2 16 16 21 4 19 5 5 20 24 16 ^
+53 1 20 25 17 11 8 4 19 25 17 7 16 21 6 4 8 2 15 9 2 9 19 3 6 3 3 10 25 13 15 7 
+8 20 21 12 10 12 5 24 11 20 3 13 13 16 9 13 10 3 9 16 3 7 25 ^
+49 1 9 9 14 2 13 17 25 2 18 5 19 23 9 25 9 10 23 12 12 7 13 8 15 7 1 6 21 2 8 7 
+6 16 14 14 12 15 13 24 10 15 11 10 8 14 15 21 25 21 25 ^
+47 0 9 18 20 22 21 20 11 14 23 22 10 13 14 8 19 12 2 11 20 23 13 4 10 6 5 7 23 
+11 3 16 8 21 4 8 18 5 12 14 8 6 20 19 24 8 23 17 23 ^
+48 1 7 19 1 18 1 14 22 13 14 5 8 22 18 14 25 17 11 12 22 2 12 12 16 12 13 18 17 
+12 17 14 18 8 25 9 23 5 3 8 14 24 17 7 3 3 23 17 22 19 ^
+51 1 19 17 16 22 24 14 16 20 23 20 9 19 16 7 12 16 5 8 9 7 10 21 24 10 11 19 1 
+21 14 14 19 3 22 8 12 20 1 18 5 6 5 12 14 1 1 11 9 22 3 24 4 ^
+52 1 6 1 11 16 1 12 8 11 11 17 10 22 7 3 10 2 6 4 24 16 24 19 4 5 18 11 12 9 20 
+21 25 2 21 18 10 20 25 21 3 17 17 5 8 22 25 19 8 10 19 7 11 18 ^
+44 0 26 14 21 25 25 4 9 13 5 8 9 21 8 12 26 24 9 24 15 1 23 22 16 14 8 22 15 19 
+24 20 7 8 15 24 12 4 4 23 21 13 19 15 21 12 ^
+59 1 15 7 3 21 20 8 22 14 23 26 19 2 10 18 3 5 3 1 9 15 15 3 7 13 23 9 7 1 13 
+17 14 25 9 16 2 2 6 13 7 19 25 17 1 5 21 2 7 22 5 6 25 3 12 19 6 2 4 24 17 ^
+60 0 9 18 20 19 4 11 14 1 6 8 26 6 9 22 4 10 2 7 21 9 8 24 25 14 22 12 22 3 23 
+3 3 20 6 11 23 6 1 7 5 18 5 15 25 26 1 1 10 11 11 4 12 11 20 3 14 2 3 2 23 15 ^
+49 0 12 17 24 11 8 6 24 16 15 22 21 14 6 12 20 19 5 5 12 11 6 23 2 16 23 7 24 6 
+21 2 17 17 5 25 11 25 20 25 24 18 6 12 19 25 7 6 5 2 25 ^
+54 1 12 16 1 15 7 1 26 19 19 13 20 11 17 6 20 5 24 24 1 21 11 9 20 21 15 10 19 
+26 3 2 6 7 12 9 10 8 14 10 15 5 17 8 21 1 20 25 6 19 8 3 22 16 16 20 ^
+63 0 17 13 11 10 17 15 12 6 13 14 17 4 12 10 24 5 13 24 3 5 2 5 11 14 8 5 10 17 
+16 8 4 14 21 15 3 6 17 25 8 2 3 3 19 10 13 22 22 8 2 13 25 17 2 1 19 1 14 20 2 
+5 4 15 24 ^
+49 0 14 20 7 25 20 26 20 16 7 17 17 22 1 13 6 5 1 18 14 15 23 15 10 5 19 18 18 
+26 12 13 3 25 12 21 16 24 4 16 3 6 26 26 10 20 13 1 20 24 15 ^
+56 0 3 8 14 5 5 7 11 13 11 26 11 4 26 17 20 19 11 10 3 10 14 9 6 9 7 16 10 4 4 
+19 19 2 26 13 19 17 15 24 15 4 21 22 13 13 12 22 2 14 20 5 18 7 17 24 20 20 ^
+58 1 6 17 9 20 2 10 19 3 22 4 1 11 3 5 3 21 11 15 12 23 26 5 2 27 6 5 16 6 3 2 
+23 5 3 20 20 4 24 2 18 21 7 14 10 27 23 6 24 6 19 23 3 9 22 16 21 17 19 23 ^
+58 1 17 7 21 19 6 16 15 15 20 14 2 25 19 14 18 19 7 9 1 14 11 10 16 3 23 14 26 
+10 11 1 18 1 12 24 19 19 1 7 2 3 24 7 12 9 2 8 16 20 24 5 26 26 4 9 2 7 25 17 ^
+54 1 8 12 18 14 26 7 17 18 4 20 1 16 14 21 26 4 6 8 24 11 25 15 24 16 23 4 10 
+23 21 24 15 10 9 26 7 14 24 21 6 20 5 17 16 17 1 3 12 1 4 13 3 9 21 26 ^
+56 1 7 18 11 1 19 20 23 12 12 27 13 13 15 16 13 1 16 15 12 26 3 16 16 8 17 13 
+21 4 6 5 19 14 16 4 16 11 14 18 18 27 9 13 21 3 26 22 3 7 6 4 26 3 15 8 25 21 ^
+50 1 20 13 9 11 20 6 11 21 27 25 20 7 4 18 26 16 27 5 12 19 7 23 6 25 25 2 11 
+13 25 21 18 17 6 12 14 13 24 11 14 19 26 27 25 6 1 15 4 7 27 15 ^
+51 0 15 16 26 27 23 14 12 28 22 15 8 19 2 20 13 1 24 2 25 1 6 19 19 8 11 24 24 
+21 13 27 5 11 28 17 7 25 6 23 24 14 25 12 5 13 26 2 5 8 10 16 17 ^
+58 1 5 26 18 19 21 3 12 11 13 4 14 22 22 14 16 13 3 22 16 23 5 19 6 13 10 26 17 
+27 26 4 3 25 6 14 2 3 5 7 23 11 22 8 25 2 9 25 18 17 8 2 14 4 19 1 5 27 13 24 ^
+53 0 2 27 28 2 17 23 10 27 18 26 7 22 16 3 27 1 26 21 28 10 3 6 2 2 10 17 13 16 
+6 17 21 23 13 20 22 5 6 11 12 12 8 23 13 17 9 23 20 3 28 27 12 17 22 ^
+59 0 28 19 5 21 4 27 8 1 19 14 20 6 7 9 1 6 22 3 19 26 14 8 6 7 19 15 23 1 17 
+16 6 26 14 5 22 25 4 7 10 16 21 10 18 19 24 16 23 8 3 17 28 18 10 2 5 3 21 21 
+15 ^
+58 0 6 24 1 4 24 18 10 22 1 21 12 5 4 4 20 25 24 26 8 25 11 2 7 27 22 19 4 18 
+27 10 28 4 12 24 8 16 12 11 16 17 25 8 12 16 1 9 9 10 5 24 23 18 5 14 18 8 4 28 
+^
+61 0 5 17 8 28 1 22 4 11 3 2 17 3 14 9 27 13 18 24 9 8 7 28 25 14 21 27 24 6 18 
+16 2 12 15 9 14 10 1 8 17 4 6 15 26 11 15 2 28 20 26 16 3 7 5 8 9 26 10 12 25 
+11 22 ^
+53 0 9 13 24 15 20 2 4 8 2 22 20 19 4 15 14 28 13 25 10 10 12 28 24 22 26 28 15 
+9 11 26 19 22 27 2 21 8 20 23 26 12 10 21 9 15 13 25 7 26 1 13 5 9 20 ^
+58 0 3 9 21 22 7 1 23 28 1 2 8 22 12 18 28 5 18 14 7 11 17 20 20 7 21 13 8 28 
+21 22 2 16 20 15 28 9 3 22 13 10 23 4 16 11 14 1 10 8 14 14 15 18 13 12 21 18 
+25 28 ^
+60 1 29 20 2 29 22 8 16 20 4 12 9 6 12 16 16 7 9 20 29 11 9 4 1 15 25 16 29 10 
+22 7 2 8 5 18 14 23 24 4 6 26 3 11 6 12 1 7 14 24 14 6 10 21 16 23 29 25 6 14 
+17 24 ^
+64 0 12 10 5 10 15 25 8 15 3 7 13 25 16 14 1 29 22 26 15 27 9 1 8 8 28 6 13 5 
+13 3 15 5 23 8 23 2 5 5 4 17 13 14 7 17 12 27 3 18 5 7 5 26 18 15 22 28 16 13 7 
+2 23 19 25 15 ^
+56 1 17 7 16 25 23 11 11 15 2 13 9 26 2 24 26 7 28 11 2 29 7 22 23 5 28 19 1 27 
+29 1 24 11 18 20 3 13 11 7 3 15 17 24 1 18 13 6 3 25 27 16 28 18 24 8 23 22 ^
+51 1 29 28 6 28 14 12 28 27 22 4 14 25 1 3 9 7 11 14 15 16 10 19 12 19 11 20 13 
+28 4 27 28 7 27 12 4 28 21 17 22 20 17 15 15 23 22 13 12 21 22 21 29 ^
+64 1 12 14 12 18 27 8 7 4 9 14 16 15 8 11 21 20 10 10 21 23 20 2 11 23 1 11 1 5 
+3 23 16 15 27 14 5 16 3 22 2 3 24 3 19 29 4 4 10 8 20 14 15 1 26 12 27 25 4 28 
+22 11 19 19 24 9 ^
+60 1 20 8 9 5 25 19 17 19 15 7 24 24 21 3 20 16 8 3 17 28 18 29 9 23 9 10 29 4 
+12 24 15 5 8 22 17 29 12 3 8 29 15 21 21 4 7 20 7 10 7 26 10 16 24 6 7 12 8 12 
+15 17 ^
+60 0 9 17 11 28 12 26 26 6 29 13 10 20 6 23 10 4 3 26 26 14 20 20 25 14 13 15 
+24 14 11 4 23 27 24 20 9 16 17 24 13 12 6 1 14 26 25 7 8 21 1 19 3 2 2 17 21 13 
+5 9 21 11 ^
+54 0 25 1 27 24 6 23 16 5 1 20 29 22 25 9 25 10 3 28 28 25 19 18 16 24 14 15 5 
+28 12 28 26 29 2 15 15 9 5 18 19 22 12 15 4 6 15 24 16 9 4 26 25 18 27 12 ^
+61 1 20 4 26 12 3 22 1 22 30 3 28 10 9 24 14 29 6 30 3 10 20 14 6 3 19 21 21 28 
+16 18 11 30 11 20 30 1 9 8 11 5 19 10 24 4 22 4 2 26 5 15 20 8 3 13 30 18 8 1 
+25 28 19 ^
+56 1 20 15 21 18 18 12 16 13 24 9 21 2 28 6 1 23 9 18 27 27 4 9 13 10 8 14 16 
+15 12 11 14 21 14 10 11 25 17 17 30 21 13 27 26 26 22 14 13 17 21 19 9 9 20 23 
+13 28 ^
+59 1 10 28 24 10 22 27 23 27 8 17 14 6 4 21 26 15 1 8 29 27 6 28 15 3 27 25 25 
+14 19 13 29 8 24 2 8 2 4 12 19 11 10 6 26 14 22 24 30 10 11 12 2 12 17 23 8 8 
+12 28 12 ^
+56 0 14 28 2 17 4 8 3 26 9 23 21 30 30 20 4 13 28 29 9 3 17 7 19 30 28 1 2 20 9 
+12 24 15 30 20 27 3 23 11 6 29 25 23 26 17 20 10 22 15 23 6 25 5 4 30 2 29 ^
+63 1 23 15 27 14 26 1 1 7 19 12 7 6 20 18 14 4 15 17 28 7 11 7 8 9 22 17 12 5 
+23 18 25 18 6 12 26 30 12 30 14 3 1 18 10 20 27 21 8 6 24 26 20 11 24 7 2 4 18 
+15 14 30 16 19 14 ^
+52 0 27 15 4 19 25 29 29 7 14 18 9 11 9 27 11 15 29 9 28 20 2 30 26 21 17 8 28 
+17 22 29 24 8 11 18 29 15 6 7 27 27 17 24 18 23 11 19 8 30 5 24 22 24 ^
+66 1 25 15 28 23 5 10 21 5 8 7 3 10 19 17 6 9 15 29 10 7 4 1 16 21 16 29 13 18 
+5 3 8 15 8 21 29 20 5 27 2 13 27 7 7 30 2 18 26 10 2 5 29 21 15 25 26 24 8 12 
+20 3 9 10 30 7 12 29 ^
+53 1 30 26 20 11 22 19 27 2 16 10 6 4 24 17 20 25 20 15 8 23 23 20 30 18 16 3 
+30 15 26 23 28 7 21 8 7 31 31 14 26 18 3 1 26 28 15 25 11 31 3 25 9 21 30 ^
+67 0 2 6 14 4 9 5 28 8 17 22 1 4 8 7 10 14 19 10 14 8 27 9 24 26 4 30 11 8 19 5 
+21 7 2 27 20 16 20 20 22 14 13 16 26 14 10 3 25 22 25 23 21 10 15 15 29 8 13 4 
+2 13 22 20 7 4 20 31 23 ^
+65 0 2 2 28 13 19 14 12 23 27 6 2 14 2 22 6 25 30 29 31 13 14 16 31 12 16 30 5 
+14 31 11 4 1 1 25 21 13 26 22 21 5 22 14 29 1 21 3 14 30 4 2 29 12 15 23 3 15 5 
+1 6 23 22 13 1 14 23 ^
+59 1 25 5 15 6 13 3 22 11 23 31 24 6 5 20 4 14 3 29 8 29 19 7 29 23 25 28 19 11 
+15 27 21 14 1 19 20 26 12 7 12 1 18 13 29 28 23 29 14 23 7 1 9 29 24 5 30 18 5 
+25 30 ^
+55 1 31 25 13 7 24 25 24 1 12 19 9 7 6 28 20 14 28 21 19 31 20 20 6 24 18 27 24 
+4 18 21 1 31 15 1 15 2 27 4 26 25 4 23 19 2 31 22 30 21 22 5 27 12 30 28 31 ^
+62 0 27 15 18 14 25 15 17 7 28 11 28 29 30 1 17 12 10 2 18 20 21 2 11 12 5 4 12 
+25 14 5 5 24 22 18 31 15 22 29 11 3 21 31 21 27 3 28 7 10 25 2 15 30 9 30 7 22 
+15 9 3 20 24 14 ^
+60 0 28 14 18 9 27 14 22 27 31 10 8 14 7 15 7 20 5 26 1 29 7 17 17 8 3 13 27 18 
+8 31 27 28 22 22 17 19 18 18 11 19 13 25 10 19 6 28 4 31 23 10 18 26 31 5 10 13 
+12 8 15 27 ^
+60 1 24 22 4 29 22 31 28 20 4 16 21 3 1 15 5 15 6 30 3 29 29 7 27 20 2 20 31 22 
+26 9 29 16 4 26 32 17 20 14 28 17 19 6 24 11 26 28 5 18 15 8 16 20 21 4 9 12 4 
+8 17 29 ^
+<D
+
+H>SHS Type 2 Strings<H
+D>
+69 1 5 3 11 15 12 24 31 23 1 6 28 2 8 31 6 7 30 5 19 23 12 6 9 31 19 17 24 25 
+22 6 12 16 3 7 9 9 11 29 4 11 2 5 13 29 10 12 30 32 18 28 18 27 3 30 4 4 26 6 
+13 31 13 2 11 7 24 4 17 29 12 ^
+95 0 21 19 21 23 11 42 36 2 13 4 1 33 22 16 27 9 4 33 16 3 30 15 11 32 13 17 38 
+32 9 38 4 36 15 32 27 19 42 18 6 36 22 10 29 12 25 40 15 29 23 28 30 4 8 11 24 
+9 10 31 28 43 23 16 29 33 5 40 26 3 19 12 36 43 5 35 37 5 14 11 45 35 16 10 8 
+32 4 15 35 26 2 39 22 37 22 30 29 ^
+106 1 18 14 51 2 6 32 51 9 32 50 44 46 51 8 11 53 45 55 16 10 3 52 8 20 20 46 
+46 13 32 2 46 50 43 25 54 9 31 29 2 47 15 29 24 45 44 18 37 14 28 39 36 44 47 
+16 50 10 44 24 53 35 22 40 20 15 51 22 18 22 42 6 54 49 38 21 7 13 30 16 7 52 
+16 22 13 38 7 11 44 33 9 25 13 37 42 14 45 53 30 38 5 25 5 35 38 22 28 53 ^
+127 0 58 35 43 28 5 28 63 8 12 25 9 47 53 29 62 7 37 2 3 48 5 12 55 56 28 35 12 
+63 6 58 27 27 48 44 35 14 17 22 56 10 8 1 16 15 42 63 14 51 57 19 41 7 8 56 47 
+34 52 22 48 60 43 9 1 52 4 21 49 61 18 50 23 13 46 62 23 45 62 9 56 18 23 31 8 
+30 27 36 13 38 4 58 53 47 24 18 41 58 19 12 18 52 42 29 44 45 26 63 34 32 41 64 
+15 26 55 19 2 49 6 30 53 13 54 12 53 37 12 37 43 ^
+148 0 60 4 51 47 58 38 17 63 33 23 28 43 12 69 70 33 17 12 50 18 18 36 45 2 67 
+4 45 20 4 33 38 29 45 8 22 58 39 71 38 32 53 35 19 53 31 29 51 35 4 63 18 33 26 
+47 70 9 64 62 63 30 15 1 35 28 16 40 20 14 50 33 19 38 30 27 55 10 16 46 47 7 
+55 12 53 26 56 33 29 55 25 17 48 43 21 43 18 24 63 27 68 46 38 33 35 10 18 11 
+27 5 9 58 35 70 36 36 39 47 2 10 66 47 5 18 21 44 71 51 57 3 22 7 56 55 28 25 
+14 40 16 24 48 37 66 50 24 45 18 39 53 55 ^
+165 1 15 62 35 29 15 40 19 76 67 4 5 71 46 61 26 8 77 48 1 23 12 60 40 24 44 33 
+29 42 73 66 49 61 20 30 1 54 52 42 39 64 23 65 37 24 20 11 26 66 22 77 22 57 7 
+38 57 33 61 73 7 64 1 49 35 76 14 27 21 45 68 38 58 73 13 72 47 73 33 8 66 23 
+38 4 56 77 47 10 71 13 20 31 41 6 51 3 18 17 61 47 14 48 76 46 28 34 43 1 56 4 
+25 7 65 41 1 34 37 23 59 59 27 26 13 15 14 75 60 14 1 28 59 26 65 61 16 23 17 
+28 6 19 2 35 49 30 29 48 2 63 73 59 1 3 76 41 11 19 18 43 54 63 67 51 4 9 78 60 
+66 ^
+181 0 18 19 84 17 12 10 57 18 77 51 52 16 39 74 49 52 63 38 72 2 15 64 83 62 49 
+56 11 26 68 58 83 33 23 50 63 71 53 27 84 22 39 41 52 58 11 64 7 60 45 70 22 5 
+73 38 30 30 48 21 75 80 40 21 8 53 9 26 30 34 81 71 71 51 23 75 33 41 23 32 5 8 
+66 40 72 40 16 66 45 14 48 34 21 41 27 3 55 27 37 23 41 65 4 57 51 74 22 19 75 
+42 16 19 46 16 10 48 20 19 37 41 14 57 9 17 55 38 5 60 7 46 20 43 36 39 52 20 
+10 62 45 23 46 7 35 75 29 70 35 36 34 25 12 15 84 26 10 6 71 29 79 33 32 25 59 
+76 82 64 58 7 8 19 41 74 2 53 65 24 1 55 51 36 21 79 7 ^
+184 1 60 66 66 6 3 9 73 12 7 40 70 18 71 70 65 51 14 14 27 50 9 87 81 50 22 19 
+40 37 16 79 12 34 37 76 82 10 61 7 81 49 67 26 45 82 50 81 63 45 69 31 31 76 51 
+9 59 34 51 54 34 83 10 33 51 86 81 82 69 18 8 22 64 19 86 62 58 33 37 17 34 5 
+29 83 42 76 50 54 66 39 9 1 36 43 17 65 6 35 56 72 71 83 88 10 1 8 87 22 6 21 
+78 25 89 43 62 40 55 85 31 89 74 63 46 28 24 26 31 17 7 8 27 19 12 85 17 20 27 
+77 10 2 54 80 17 52 74 76 69 78 11 20 80 4 29 24 85 75 18 39 23 70 83 29 57 67 
+72 70 33 4 15 46 42 2 69 13 53 33 69 64 33 64 14 40 69 59 78 54 ^
+193 1 68 43 95 53 38 58 55 28 20 16 67 48 17 86 32 44 68 67 28 16 14 79 25 15 
+72 67 50 80 18 30 10 75 1 60 45 87 78 28 95 49 63 70 59 26 6 51 73 60 65 18 26 
+8 87 5 58 31 25 57 40 46 78 57 34 78 61 36 66 57 38 80 22 32 68 71 30 74 37 81 
+66 77 66 55 2 51 24 93 61 40 68 45 61 12 63 24 89 59 52 72 43 20 20 69 36 40 88 
+46 9 62 55 77 84 20 18 6 77 15 52 39 75 3 26 4 85 17 62 29 11 92 46 58 29 59 28 
+42 80 71 96 2 49 85 37 63 4 61 14 2 53 87 25 86 6 75 76 93 41 39 93 92 42 56 41 
+63 26 28 18 77 11 50 78 79 1 12 12 91 29 13 58 5 56 92 66 59 4 39 47 95 5 5 62 
+33 13 80 27 ^
+203 1 35 28 11 7 20 7 17 3 3 30 89 13 65 56 66 63 22 82 16 31 55 56 77 91 91 71 
+101 13 10 85 101 95 17 99 98 91 33 14 20 48 32 7 64 29 38 35 25 4 95 23 34 1 85 
+81 23 31 96 71 84 50 15 79 47 25 51 45 35 66 19 61 60 9 31 93 64 70 30 42 86 53 
+1 71 46 42 22 38 96 10 99 34 76 26 55 73 63 63 97 23 92 81 64 46 1 30 31 35 86 
+91 88 64 87 16 37 69 84 94 60 100 3 47 52 8 71 87 57 29 76 43 18 45 46 15 65 12 
+44 42 66 60 15 68 19 58 39 62 76 9 92 101 57 32 4 34 15 41 62 32 89 71 43 35 31 
+41 21 17 82 33 96 27 62 29 82 57 46 62 15 24 99 37 83 40 52 46 56 80 98 3 91 74 
+6 27 7 58 94 10 41 79 97 84 77 74 26 99 35 ^
+212 1 26 101 17 91 45 97 80 59 102 30 68 4 85 9 4 39 16 18 85 70 11 87 62 72 78 
+38 3 41 53 82 82 35 18 13 94 64 52 39 77 59 26 9 65 46 64 98 32 29 86 79 16 63 
+54 76 56 98 16 98 78 22 72 33 103 104 52 84 12 65 15 85 101 97 84 31 51 26 100 
+100 38 80 13 2 78 7 24 44 84 103 27 7 28 16 33 99 25 103 54 14 42 62 87 92 27 
+22 42 5 52 100 84 73 72 63 24 48 56 52 23 5 17 76 31 1 95 58 43 60 50 62 30 23 
+35 79 20 35 3 72 32 45 51 87 41 84 27 79 77 70 102 15 54 15 100 8 52 69 105 3 
+30 84 42 93 66 89 69 74 24 33 42 97 4 38 99 106 13 93 6 106 74 100 54 45 21 59 
+56 37 9 50 32 75 79 31 77 9 61 1 8 68 6 60 81 7 100 99 14 61 48 25 73 26 70 72 
+94 34 ^
+233 0 11 98 110 88 35 110 35 64 49 88 93 28 85 6 78 65 90 52 24 97 51 39 51 59 
+23 1 3 49 33 11 78 27 35 55 64 5 102 4 70 25 56 58 38 66 11 31 96 66 104 59 41 
+86 58 29 79 41 40 72 51 12 92 34 52 44 69 104 21 97 89 96 48 21 4 61 40 28 67 
+34 23 85 44 22 62 52 33 84 23 30 73 74 4 79 12 81 47 80 53 47 89 40 19 80 62 34 
+61 29 41 95 43 1 70 63 55 53 18 19 13 48 10 19 89 49 4 52 53 56 76 10 8 104 77 
+15 28 38 75 109 3 85 90 8 40 8 93 90 43 39 14 60 17 36 78 56 105 80 35 75 36 58 
+82 50 100 98 45 74 13 66 95 72 71 95 34 14 98 72 33 38 37 52 6 14 107 59 3 29 
+61 67 98 92 5 93 17 98 36 87 41 75 71 57 88 17 25 91 84 3 58 20 92 69 51 50 36 
+31 14 25 18 30 18 1 41 104 30 82 59 87 70 34 96 28 47 62 81 103 48 ^
+234 1 63 90 108 108 102 64 82 88 4 111 76 97 22 1 108 41 34 91 33 20 25 24 26 8 
+83 11 31 7 85 109 106 4 105 85 68 28 33 99 53 8 16 12 11 74 17 83 66 70 16 30 9 
+67 68 34 24 81 47 92 72 47 37 33 38 92 17 8 28 88 22 62 69 32 89 75 3 72 96 85 
+13 105 24 38 37 94 115 83 72 108 114 24 93 76 103 60 99 102 9 43 10 59 95 46 33 
+93 15 26 69 44 2 86 107 55 45 61 65 92 66 9 55 39 70 83 29 98 67 13 111 15 20 
+31 62 8 2 51 20 19 33 44 14 115 71 112 97 10 41 28 53 51 26 57 15 38 98 55 106 
+22 56 31 50 95 107 110 84 70 10 108 96 73 100 25 36 55 88 71 63 96 30 90 96 79 
+22 7 30 23 28 59 89 8 51 99 47 86 34 18 43 65 98 104 107 49 7 79 71 8 57 21 29 
+80 2 74 78 44 57 9 61 22 13 68 52 91 74 98 43 30 58 68 95 101 72 102 76 42 99 
+61 ^
+249 0 27 117 45 119 80 2 59 52 8 76 20 94 102 69 96 42 46 106 67 9 110 89 71 69 
+34 31 15 85 16 29 100 82 37 62 68 95 108 44 23 114 34 36 56 93 11 30 96 12 31 
+67 14 114 14 66 70 30 81 46 53 119 85 6 104 47 92 72 70 5 70 15 115 68 105 33 
+97 13 85 106 14 61 29 22 86 45 57 69 91 38 38 28 66 13 60 95 103 3 15 5 113 38 
+23 62 5 65 94 107 73 104 37 47 102 117 3 78 35 7 95 56 78 45 52 28 46 43 37 32 
+53 19 55 29 47 97 76 115 83 71 11 45 62 73 99 116 2 24 116 7 28 41 2 29 37 52 
+23 5 118 79 31 57 89 61 24 101 78 50 93 73 41 7 33 45 47 24 1 48 73 36 3 25 87 
+46 28 108 54 68 53 67 119 28 36 118 104 42 88 27 112 4 74 85 1 63 39 97 71 74 
+75 76 10 49 12 79 11 50 103 118 94 117 118 37 27 12 94 60 28 51 47 82 110 17 15 
+105 23 52 43 12 21 22 81 41 12 74 90 42 108 117 98 67 4 69 85 ^
+243 0 76 81 26 101 13 68 62 106 87 19 98 32 81 63 79 93 31 121 123 75 52 11 66 
+41 54 87 38 5 104 62 51 38 55 29 31 120 44 16 48 94 46 105 91 66 78 27 43 6 64 
+2 55 79 75 84 113 22 4 113 109 31 33 17 96 11 29 63 98 103 107 116 34 14 9 95 
+38 18 51 75 33 109 118 55 66 4 76 7 75 70 82 74 23 1 26 69 40 112 99 47 65 31 
+70 119 52 103 88 85 86 28 16 12 76 25 22 78 64 21 86 27 61 77 72 108 2 18 106 
+119 121 54 16 85 72 2 73 26 88 66 60 80 35 24 117 63 24 44 67 52 122 119 33 72 
+16 99 98 69 54 19 42 28 53 114 32 117 81 100 57 49 123 56 21 68 80 53 95 1 45 
+95 107 98 87 1 27 24 99 116 16 67 1 113 91 84 25 40 25 72 3 28 90 87 112 80 16 
+117 45 77 36 90 105 59 88 122 64 108 108 71 98 18 50 115 93 105 77 35 6 46 55 
+47 102 4 26 87 111 120 81 113 4 57 105 3 84 94 115 61 73 ^
+255 1 91 47 51 9 57 9 55 94 61 61 68 46 107 6 35 81 114 78 96 74 14 89 73 67 67 
+69 113 107 11 98 113 109 20 92 17 67 70 88 57 10 124 9 60 122 93 91 45 7 15 24 
+51 5 98 115 24 49 90 104 117 66 128 94 64 80 12 43 91 46 111 59 58 77 30 14 88 
+60 123 68 41 44 68 40 104 118 41 43 93 90 105 92 16 127 26 54 125 114 79 71 24 
+48 21 25 118 40 103 49 91 44 67 65 25 119 109 18 48 23 69 112 38 61 64 87 84 
+104 119 110 122 92 22 1 8 83 34 100 32 62 41 46 112 34 102 76 56 39 4 127 30 13 
+19 110 124 7 16 128 95 4 124 11 104 116 126 49 95 3 55 96 70 90 101 4 122 96 75 
+118 39 128 99 92 18 42 20 87 83 35 75 111 61 67 71 28 101 9 56 34 105 95 71 23 
+73 71 26 57 15 23 76 55 99 89 128 98 117 68 43 88 62 38 62 39 2 83 36 15 26 60 
+128 96 73 74 10 1 12 42 22 2 77 33 33 32 57 13 14 82 57 12 39 3 58 80 14 87 85 
+44 69 109 119 ^
+283 0 102 55 53 41 60 88 25 67 58 76 44 22 68 118 108 40 95 96 81 90 85 28 77 
+18 11 37 72 93 60 110 124 119 95 131 91 37 109 126 8 73 69 72 80 17 83 5 76 20 
+32 15 10 1 103 18 22 116 98 9 51 104 102 44 33 15 12 24 31 89 1 6 28 101 8 64 
+72 106 30 5 52 89 111 39 108 64 85 17 57 124 22 105 78 115 3 40 108 66 108 77 
+128 103 44 35 38 13 95 10 111 63 98 117 61 51 126 69 96 70 70 59 39 13 97 33 
+112 2 77 7 123 70 83 29 66 67 49 79 19 104 115 14 60 2 55 40 71 33 28 114 51 91 
+17 46 45 128 57 87 62 25 115 38 50 55 90 74 8 51 102 79 43 94 36 122 94 12 41 
+36 25 104 91 24 7 99 80 30 126 32 63 122 107 114 27 28 79 41 12 35 51 115 122 
+70 22 79 65 2 88 27 17 59 15 23 44 57 5 65 6 26 78 80 125 93 84 100 45 22 129 
+68 36 111 74 118 11 50 42 120 47 21 8 86 112 26 67 60 99 45 93 47 8 38 59 52 56 
+124 20 82 18 117 24 18 46 106 19 117 26 41 47 45 130 7 15 1 4 5 100 10 85 50 44 
+11 48 92 119 108 42 118 125 ^
+272 0 8 61 99 70 96 20 87 123 134 82 22 2 110 118 33 86 5 7 5 94 56 15 60 96 54 
+13 22 55 99 4 25 105 17 37 69 10 38 117 117 30 70 13 9 109 115 62 94 52 66 117 
+100 135 7 75 23 5 81 110 31 118 29 1 62 11 41 88 109 119 102 37 3 30 123 47 31 
+56 134 29 124 116 118 99 21 56 77 91 23 37 135 81 44 51 67 95 51 133 30 57 67 
+116 122 48 100 7 132 97 106 69 93 4 95 125 102 103 119 81 57 133 96 37 118 50 
+117 113 81 127 17 45 103 32 121 129 60 43 65 127 30 36 132 110 52 53 35 71 12 
+76 22 72 130 112 99 76 26 21 73 63 63 97 23 58 115 132 114 1 132 31 35 18 23 54 
+30 53 118 37 35 84 94 60 100 3 47 18 110 105 87 57 63 76 43 52 45 46 49 65 12 
+10 42 66 60 117 34 19 92 5 28 76 9 126 101 125 32 38 34 15 7 62 32 21 3 43 69 
+31 109 123 51 116 135 130 129 130 63 14 57 80 62 15 126 31 105 83 108 120 80 
+124 46 98 105 91 6 6 27 7 58 128 78 7 79 63 84 77 74 128 65 61 95 121 17 24 123 
+117 51 122 ^
+284 0 44 71 43 20 126 58 53 47 98 18 19 119 93 29 70 39 94 112 44 115 135 98 82 
+10 67 29 102 113 68 80 19 75 1 91 114 87 80 7 40 37 86 120 16 104 136 117 82 
+138 32 65 114 119 137 121 8 12 46 126 26 119 73 130 60 76 113 100 14 133 26 116 
+34 120 80 95 84 53 15 24 44 51 4 10 23 77 24 99 66 37 54 63 42 136 21 34 76 5 
+17 128 101 1 59 40 113 112 32 97 31 93 105 79 91 18 39 1 103 132 51 68 124 111 
+13 97 43 128 69 84 85 72 15 12 26 87 16 16 92 101 13 77 4 118 89 103 56 42 16 
+60 44 39 126 46 18 83 93 41 105 3 82 106 115 91 6 4 54 115 15 120 109 113 48 41 
+9 95 20 62 67 105 111 25 132 7 116 46 138 44 83 61 124 131 35 107 6 109 81 114 
+67 41 137 77 56 74 73 34 12 14 69 52 11 98 47 54 83 81 6 1 15 88 35 139 80 83 
+49 89 27 47 130 92 133 87 51 112 76 49 109 49 57 93 73 22 117 50 64 58 97 139 
+36 131 111 133 58 33 8 88 55 38 90 46 30 118 57 29 82 74 41 117 38 46 94 92 5 
+105 15 117 70 103 68 60 120 48 21 110 85 40 81 66 ^
+291 0 46 113 52 134 79 74 64 57 18 23 9 52 8 16 103 57 138 59 59 65 92 2 7 130 
+92 8 34 40 86 131 140 100 112 4 42 1 110 108 43 37 15 67 19 35 94 61 130 98 35 
+88 34 65 104 56 126 118 50 87 10 81 109 90 86 118 32 6 114 88 39 38 39 62 3 12 
+134 72 137 35 75 81 115 106 140 112 11 123 41 103 45 95 84 71 107 13 26 110 96 
+62 16 109 84 59 53 38 27 8 28 13 32 137 17 138 41 122 36 99 65 99 83 36 112 29 
+49 70 96 126 136 131 116 3 18 17 126 142 14 37 141 141 123 42 13 20 83 42 139 
+83 54 49 58 42 7 137 29 48 16 121 127 34 52 140 106 128 58 36 124 83 24 69 54 
+61 112 17 6 95 97 24 57 86 124 59 71 119 67 1 109 54 68 49 57 132 32 5 71 113 
+40 80 104 75 106 133 31 126 130 104 62 9 39 44 66 116 141 135 96 132 19 41 121 
+126 124 77 8 4 60 82 6 101 124 89 51 123 48 40 85 77 21 112 10 69 66 115 87 16 
+108 30 84 65 80 103 32 131 134 73 47 10 63 39 50 93 37 135 114 69 48 34 58 23 
+27 133 37 9 40 98 41 115 99 70 83 29 42 67 133 55 79 80 91 122 12 2 115 112 47 ^
+293 1 33 13 99 138 1 42 89 118 87 113 99 12 134 142 100 38 5 55 75 14 110 108 
+42 64 130 79 138 62 64 69 57 11 123 25 59 16 111 94 24 65 30 51 119 48 107 92 
+84 69 28 136 143 54 20 6 70 47 142 64 4 65 59 73 99 134 146 102 125 116 57 137 
+137 72 48 128 78 5 80 63 54 85 30 22 129 68 21 21 74 28 128 107 27 60 2 93 95 
+71 37 11 37 15 39 102 3 104 65 80 59 52 113 34 20 67 60 27 81 135 46 106 106 
+102 68 128 17 15 100 124 15 43 136 122 100 67 142 35 14 53 120 2 89 93 99 73 9 
+122 39 77 15 96 90 43 79 134 60 92 105 55 96 31 119 77 97 72 23 140 38 30 43 83 
+136 88 107 117 72 109 118 58 91 119 73 95 100 59 138 123 54 49 143 50 133 66 
+106 45 80 88 42 93 5 59 77 101 74 110 104 40 92 19 77 76 86 102 129 3 144 101 
+139 134 56 90 18 91 94 85 55 10 137 11 58 1 107 113 70 22 7 56 29 143 111 8 46 
+45 116 122 129 89 7 121 53 95 14 49 118 62 125 91 37 97 15 35 100 63 140 63 50 
+51 58 26 127 6 45 59 102 121 114 85 141 135 10 72 19 106 66 66 41 53 13 38 1 21 
+103 50 108 46 119 ^
+297 1 46 31 132 112 28 63 124 97 129 43 40 72 99 107 132 137 96 139 99 145 121 
+144 118 37 81 39 94 60 55 109 47 109 110 75 42 12 139 137 43 128 106 107 19 126 
+12 101 148 127 15 117 125 125 62 96 13 76 70 96 101 110 138 8 95 76 143 17 32 
+97 79 149 39 31 94 123 21 41 135 55 84 70 33 135 118 50 62 121 81 1 45 144 93 
+60 5 64 137 8 105 91 82 67 27 113 119 53 18 98 79 48 84 32 135 128 5 1 20 76 17 
+85 108 72 36 141 140 49 150 105 104 3 149 14 54 18 148 64 49 125 37 28 28 101 
+22 104 91 32 82 117 12 114 69 58 2 58 115 9 108 47 59 65 14 92 7 4 86 98 16 82 
+92 95 38 94 10 10 48 97 104 66 115 97 142 115 122 119 40 97 16 32 47 34 88 89 
+26 50 12 76 80 51 40 9 133 24 44 40 122 84 108 22 142 140 99 44 15 54 8 42 125 
+150 130 21 79 124 62 46 119 15 29 91 57 150 42 138 71 61 68 80 114 6 1 70 121 
+18 35 113 56 87 86 10 73 14 29 41 72 89 1 133 87 101 123 59 90 142 77 133 52 78 
+48 34 138 134 27 17 60 131 147 61 93 148 39 132 49 62 71 36 91 4 139 49 100 120 
+43 113 144 30 94 73 127 40 125 ^
+313 1 35 97 95 76 105 88 32 138 30 69 61 40 47 21 107 6 39 81 114 53 125 53 147 
+14 4 73 146 96 98 13 136 11 98 117 138 153 67 146 71 99 88 7 139 24 13 35 47 97 
+145 74 36 119 3 51 84 48 119 53 49 15 79 17 120 103 148 64 30 41 97 120 75 111 
+63 58 131 134 18 13 10 48 18 16 48 43 15 54 18 41 47 122 144 80 92 145 77 1 33 
+89 54 46 78 48 21 54 43 40 53 24 16 73 42 94 29 44 34 151 152 23 123 12 142 140 
+43 37 88 29 19 35 72 96 151 130 62 112 34 36 91 120 50 112 138 2 105 60 68 137 
+131 5 17 19 139 74 11 120 78 149 58 128 15 104 16 126 78 20 57 134 71 49 90 76 
+108 126 100 54 68 39 132 153 42 147 146 124 62 87 35 75 61 65 46 100 82 105 113 
+31 63 5 95 54 71 77 127 150 80 36 144 2 130 59 74 39 3 152 121 122 18 117 12 
+117 141 118 135 62 36 69 5 39 53 150 52 153 143 30 66 96 126 131 56 137 8 7 86 
+142 14 7 111 141 93 136 137 134 43 12 89 23 44 9 152 146 121 97 19 38 110 91 67 
+14 32 110 66 68 8 130 84 73 118 59 24 41 72 121 150 55 37 138 27 104 66 124 9 
+51 109 47 125 109 148 8 29 47 72 146 149 61 93 10 20 54 15 76 133 125 106 110 
+67 ^
+330 0 23 9 26 136 27 51 115 122 44 106 6 146 108 113 85 51 8 96 47 56 137 62 59 
+89 143 71 140 14 85 156 139 99 154 30 53 115 35 147 108 148 58 52 28 103 19 92 
+95 152 152 10 11 13 155 67 11 83 101 69 153 152 45 141 14 120 129 140 119 59 2 
+89 73 70 83 29 16 67 81 29 1 54 65 96 117 2 37 47 128 33 3 89 108 98 139 49 78 
+27 103 39 119 94 132 90 38 132 55 65 131 90 58 2 54 100 69 118 22 44 19 7 148 
+93 25 29 123 81 64 131 55 30 1 89 38 97 82 64 9 28 86 123 151 10 133 40 154 102 
+4 111 65 9 63 59 124 116 72 105 76 57 137 97 32 145 108 78 112 50 43 34 75 20 
+22 129 68 11 118 74 125 118 57 17 20 129 53 65 61 144 1 17 142 156 52 100 54 15 
+20 59 52 63 131 20 57 124 31 125 46 106 76 92 8 98 154 152 80 114 15 140 136 
+112 100 17 92 25 151 150 80 99 69 83 49 43 156 102 19 57 122 96 30 3 39 134 40 
+32 75 5 76 127 138 99 17 57 52 150 130 18 127 33 23 116 107 78 77 77 42 69 68 
+48 41 69 33 75 40 49 128 103 4 146 93 10 83 66 96 152 30 38 12 33 5 39 47 41 34 
+60 74 20 42 156 67 46 56 102 89 3 124 81 99 104 56 50 8 61 74 55 15 87 108 28 
+138 47 93 60 2 124 46 126 103 91 145 36 25 116 122 51 ^
+322 0 75 7 107 158 81 105 154 90 20 125 77 114 69 92 7 58 21 98 154 50 128 149 
+117 127 153 45 3 18 121 86 29 71 79 101 2 5 22 143 10 27 53 146 157 148 112 33 
+22 80 123 24 147 1 112 82 159 63 74 97 109 33 151 32 89 87 132 117 46 129 59 
+115 91 114 118 37 21 9 94 60 25 89 47 79 110 55 12 143 99 87 43 88 56 57 160 76 
+12 71 128 77 146 117 95 105 42 66 3 76 20 76 101 100 118 149 45 26 143 148 32 
+57 39 129 19 31 84 123 1 152 135 5 54 30 13 125 68 30 62 101 51 142 5 94 83 20 
+116 24 107 109 105 91 42 17 27 93 69 3 139 68 79 38 84 2 85 128 126 122 131 46 
+17 35 98 42 26 111 100 29 120 55 84 114 109 145 14 18 138 14 9 85 7 18 129 91 2 
+94 51 133 82 87 123 64 39 8 103 38 75 110 78 7 9 45 115 42 138 135 86 78 16 62 
+52 75 159 54 151 121 149 77 74 16 85 47 102 105 82 119 10 67 137 153 148 135 28 
+49 26 151 153 36 80 11 130 113 24 44 30 102 24 58 133 122 140 99 24 156 54 119 
+42 115 140 90 132 19 94 2 157 99 136 19 71 7 130 153 108 51 21 58 70 74 137 1 
+40 111 149 5 103 6 27 76 141 23 125 140 1 72 29 152 103 87 51 93 29 80 132 77 
+123 153 68 159 14 98 114 158 121 158 81 131 ^
+322 0 35 93 109 125 119 10 10 19 135 26 4 74 135 35 120 129 113 92 17 29 47 88 
+14 159 149 87 45 36 75 68 22 138 20 59 61 144 151 11 107 6 153 81 114 43 85 157 
+97 148 118 73 126 56 58 137 96 11 98 67 98 103 57 146 21 59 88 151 139 148 127 
+25 17 47 115 34 160 109 107 51 64 28 69 13 49 149 69 141 90 93 118 64 10 1 67 
+80 35 111 13 58 101 124 132 147 154 18 162 6 162 33 5 34 142 41 161 82 114 70 
+92 145 57 155 137 114 79 44 36 48 48 21 14 13 40 33 14 150 33 32 54 143 14 4 
+101 142 23 93 136 132 120 147 17 38 163 143 5 52 46 151 130 32 72 34 124 150 51 
+100 112 128 126 65 10 28 87 81 159 131 19 99 54 125 110 58 119 28 78 129 104 
+140 126 38 154 27 114 61 153 90 66 98 76 50 158 48 39 82 123 22 147 136 114 52 
+37 35 75 41 15 150 60 52 55 103 21 23 129 95 24 71 47 97 130 50 140 144 106 100 
+9 64 19 117 122 71 92 8 77 156 97 121 98 85 2 36 39 109 143 23 120 156 133 93 
+154 36 66 116 131 160 127 162 161 46 142 14 141 81 141 63 86 117 104 3 146 39 
+127 34 133 102 106 91 57 9 28 60 61 7 158 12 80 26 8 122 80 44 63 68 49 158 21 
+32 81 150 15 141 108 161 64 46 124 123 31 99 27 105 109 98 112 144 ^
+336 1 34 161 107 149 48 67 138 109 156 104 37 133 60 80 84 81 160 9 16 96 164 1 
+95 112 4 86 163 116 98 103 55 31 8 56 37 36 127 32 9 89 103 31 100 161 85 106 
+119 89 154 43 115 162 137 108 128 38 42 155 103 9 62 65 102 122 10 138 160 125 
+47 158 43 91 69 123 132 35 121 4 110 89 130 69 29 139 69 53 70 83 29 163 67 41 
+9 108 34 45 76 87 2 144 164 98 33 160 79 78 48 89 9 38 134 93 146 79 54 122 80 
+38 112 55 55 101 70 8 129 44 70 59 98 149 24 136 124 138 63 25 166 83 51 34 91 
+45 30 118 59 28 87 72 44 116 28 36 103 101 113 10 114 62 111 71 65 126 53 19 
+114 86 42 85 36 57 137 57 159 95 88 78 72 20 23 14 65 10 22 129 68 1 68 74 75 
+108 7 7 147 109 13 35 51 104 158 164 122 126 2 50 4 132 127 59 52 13 81 20 47 
+107 74 148 115 46 106 46 82 115 68 144 142 60 104 15 90 136 102 100 134 42 15 
+141 100 40 49 49 73 166 13 156 82 166 37 82 96 137 130 166 134 20 139 45 122 56 
+107 98 79 124 17 32 130 120 165 77 23 130 96 67 68 47 37 12 29 18 38 158 19 160 
+55 147 39 118 83 121 96 43 137 33 66 86 112 147 155 149 140 5 19 17 148 161 10 
+44 159 146 57 16 26 102 49 3 104 61 59 74 56 10 165 31 54 25 142 157 37 58 165 
+128 154 73 50 149 94 137 ^
+330 1 61 51 65 132 23 169 116 122 14 66 7 98 131 72 69 127 72 163 125 68 69 51 
+47 159 31 164 71 118 50 83 113 81 127 153 45 137 134 121 68 163 26 43 65 127 
+166 138 98 144 18 53 137 139 148 76 158 4 62 78 167 102 144 94 55 141 63 29 97 
+91 24 115 166 80 69 132 99 1 120 23 88 64 87 118 37 137 152 94 60 168 71 47 52 
+110 37 155 125 63 42 43 52 11 12 151 31 12 44 110 32 128 117 68 87 24 39 164 76 
+145 58 101 91 100 140 151 143 130 32 21 3 111 1 31 75 123 153 116 135 130 27 
+164 165 116 23 12 62 83 24 133 139 49 74 154 80 158 80 64 105 91 6 142 27 75 24 
+128 112 41 79 29 84 145 40 128 99 95 95 19 17 160 89 15 17 84 64 11 93 10 66 78 
+73 127 148 18 129 139 143 49 150 9 84 82 154 85 15 88 82 60 87 19 12 133 58 20 
+39 65 51 141 134 27 70 167 120 117 86 60 16 44 16 57 132 18 142 85 104 59 47 
+141 58 2 66 96 46 119 153 40 110 126 103 90 144 13 26 106 144 80 145 134 103 95 
+24 44 21 84 140 13 97 104 140 99 6 147 54 83 42 106 131 54 96 135 67 118 121 81 
+109 10 53 132 112 117 81 33 155 49 61 38 119 1 13 102 131 148 94 131 143 67 123 
+148 89 104 135 72 145 152 76 87 6 66 2 71 123 77 114 108 59 123 166 62 96 140 
+94 149 116 169 ^
+349 0 125 17 93 82 80 110 156 147 156 99 154 4 29 90 163 120 84 113 56 8 157 29 
+61 169 141 113 78 48 50 13 138 11 50 61 99 106 2 107 6 117 81 114 34 49 112 52 
+130 82 73 108 20 22 110 60 11 98 22 62 58 48 146 149 23 88 142 139 121 91 16 
+163 2 88 171 133 100 62 51 46 10 24 150 49 131 60 114 63 84 91 64 165 138 40 44 
+172 111 141 58 74 115 96 129 145 164 153 170 126 24 169 16 115 41 125 46 87 61 
+92 145 39 155 92 78 70 35 27 21 48 21 151 159 40 15 5 132 170 23 18 107 160 150 
+56 133 23 66 109 123 102 102 172 166 145 116 151 34 1 151 130 5 36 34 97 114 15 
+82 128 112 119 99 29 138 165 42 36 159 95 19 63 36 89 101 40 92 1 33 93 104 113 
+126 2 136 96 52 108 90 57 89 31 5 113 30 39 37 96 4 147 127 105 43 165 35 75 23 
+143 105 24 25 10 94 12 160 102 95 170 71 20 70 112 23 95 144 61 73 137 55 1 81 
+95 26 65 172 41 147 79 103 80 40 121 36 12 64 98 169 93 111 115 48 127 9 39 107 
+131 115 118 162 161 10 142 14 123 54 141 36 41 99 77 140 128 167 82 25 106 57 
+70 64 21 19 15 34 126 149 167 53 163 127 86 35 8 54 23 40 140 3 169 45 150 152 
+96 81 143 28 28 124 87 13 90 9 87 109 53 67 164 28 131 89 149 42 55 126 79 132 
+74 19 133 30 68 72 75 148 9 10 72 152 144 83 106 153 74 163 98 152 ^
+375 1 94 28 13 8 20 28 18 118 5 140 89 67 171 64 152 85 61 101 80 154 149 34 
+115 135 128 108 110 20 33 128 103 35 38 57 95 10 111 151 98 29 149 7 82 69 96 
+114 26 103 171 101 53 121 24 2 121 51 35 70 83 29 154 67 5 167 63 16 27 58 60 2 
+99 128 71 33 160 70 51 3 44 149 2 89 84 101 43 18 113 71 38 94 55 46 74 52 139 
+102 35 43 50 80 122 6 100 88 129 36 25 148 47 24 7 55 36 30 82 32 19 78 63 26 
+71 28 167 85 56 167 95 159 78 26 66 35 65 90 44 159 105 59 15 67 57 137 21 132 
+50 70 78 36 169 5 172 56 1 22 129 68 168 23 74 30 99 138 174 120 91 153 8 42 68 
+158 155 104 99 133 5 135 96 82 59 52 144 36 20 38 62 29 112 106 46 106 19 73 70 
+41 135 133 42 95 15 45 136 93 100 98 173 6 132 55 4 4 31 64 130 162 156 64 157 
+19 46 96 92 103 139 134 2 94 18 86 38 89 62 61 79 157 14 112 111 156 32 14 85 
+78 31 59 20 1 161 169 149 29 122 150 133 37 102 30 109 65 85 51 174 110 164 66 
+77 76 111 119 131 95 5 1 166 103 134 141 17 158 123 137 48 165 175 102 13 3 86 
+43 23 47 56 150 165 4 36 174 115 157 168 13 147 119 109 55 41 140 67 27 31 27 
+53 126 17 163 116 122 160 60 7 92 113 66 45 109 60 151 125 62 39 39 17 153 13 
+152 53 94 50 53 89 57 127 153 45 119 104 121 56 145 172 19 41 103 166 108 68 
+126 12 53 131 127 148 52 134 168 50 48 155 72 132 82 37 129 63 175 160 ^
+366 1 73 15 79 139 71 51 132 81 135 111 166 61 37 60 118 37 92 134 94 60 150 53 
+47 25 110 19 137 107 27 176 43 16 145 146 142 165 12 17 92 166 110 117 41 69 6 
+12 164 76 109 40 101 82 82 131 134 115 143 112 32 164 146 93 162 31 66 123 144 
+80 135 94 137 156 107 157 173 62 65 176 124 112 4 65 127 44 131 53 19 105 91 
+149 106 27 57 158 92 85 14 79 20 84 127 174 128 72 68 59 171 17 124 80 167 8 57 
+28 172 66 144 48 42 37 109 121 18 120 103 116 13 132 39 73 145 76 158 43 82 33 
+51 153 164 97 13 2 3 20 24 114 98 9 25 131 102 99 86 42 16 26 159 39 105 161 
+133 49 59 41 20 105 31 136 30 87 10 119 135 13 83 99 58 45 99 156 26 61 135 143 
+80 118 107 76 77 24 44 12 66 95 147 61 86 140 99 167 138 54 47 42 97 122 18 60 
+90 40 73 85 63 82 1 35 96 94 81 54 15 128 40 52 2 101 1 165 93 113 130 85 95 98 
+58 105 112 53 68 108 72 100 152 49 87 140 39 154 62 114 77 105 63 50 87 157 26 
+78 122 67 140 71 170 119 5 93 64 50 104 144 129 138 75 130 4 178 60 139 120 54 
+113 32 2 133 17 43 163 129 89 72 149 155 30 38 7 138 5 44 61 69 76 175 107 6 93 
+81 114 28 25 82 22 118 58 73 96 175 177 92 36 11 98 171 38 28 42 146 125 178 88 
+136 139 103 67 10 151 151 70 153 115 94 32 51 34 177 173 132 49 119 54 96 45 78 
+73 64 159 120 22 20 154 111 117 58 56 109 72 143 ^
+372 1 136 146 144 170 90 15 169 180 88 41 89 10 60 52 92 145 21 155 47 42 61 26 
+18 176 48 21 124 141 40 179 178 114 143 14 164 71 142 132 11 124 23 39 82 114 
+84 57 163 130 127 89 133 16 138 151 130 160 34 70 78 161 64 92 112 110 72 175 
+102 138 179 173 159 59 19 27 18 53 92 22 65 156 170 57 104 86 126 148 118 155 
+78 43 63 90 48 80 168 142 68 12 39 174 69 168 147 118 96 34 129 35 75 5 107 60 
+170 180 147 85 3 133 75 95 152 71 175 43 94 178 50 144 16 46 101 46 165 45 68 
+163 38 172 5 138 61 85 62 177 76 36 167 19 53 151 66 66 97 3 100 164 12 98 131 
+70 109 162 161 156 142 14 105 27 141 9 178 81 50 113 110 131 37 16 79 12 34 37 
+167 173 10 152 7 81 140 158 26 136 82 50 172 154 45 160 31 122 167 142 9 150 
+125 51 54 125 174 10 124 51 177 81 173 69 109 8 22 155 19 86 62 149 33 37 108 
+34 96 29 174 133 167 50 54 66 130 9 1 36 134 108 65 97 126 56 163 71 83 88 10 1 
+8 178 22 6 112 169 116 89 43 153 40 146 85 31 89 74 154 137 28 115 117 122 108 
+98 8 27 110 103 176 17 20 27 77 10 93 145 80 17 143 165 76 69 78 102 20 91 171 
+95 29 115 176 166 109 39 23 70 83 29 148 67 163 161 33 4 15 46 42 2 69 104 53 
+33 160 64 33 155 14 131 160 59 78 71 19 176 107 65 38 82 55 40 56 40 115 84 29 
+25 44 68 104 176 76 64 123 18 25 136 23 6 171 31 30 30 58 14 13 72 57 14 41 177 
+^
+363 0 135 69 16 167 79 143 46 178 26 3 65 58 36 135 97 35 175 51 152 57 137 173 
+108 10 54 78 4 153 173 164 48 177 22 129 68 168 167 74 174 91 106 174 96 75 129 
+168 34 36 158 147 88 75 101 149 103 64 42 59 52 112 180 20 30 22 173 80 98 46 
+106 179 65 30 17 127 125 26 87 15 5 136 85 100 66 141 182 124 15 156 148 15 56 
+98 146 156 48 149 3 14 96 52 79 115 134 170 54 178 54 22 73 30 45 39 133 182 96 
+103 148 176 6 45 62 183 51 180 153 145 145 117 21 90 118 109 21 62 22 101 49 53 
+11 142 86 132 66 69 44 79 87 115 55 5 169 150 63 110 109 177 150 91 129 40 149 
+159 102 165 3 70 27 175 23 56 126 165 164 20 158 91 157 136 157 131 111 69 39 
+33 132 43 19 175 179 37 118 9 155 116 122 128 52 7 84 89 58 13 85 44 135 125 54 
+183 23 161 145 173 136 29 62 50 13 57 25 127 153 45 95 64 121 40 121 140 171 9 
+71 166 68 28 102 4 53 123 111 148 20 102 160 34 8 139 32 116 66 13 113 63 143 
+97 63 10 59 124 66 41 132 71 115 106 151 46 22 45 118 37 67 124 94 60 140 43 47 
+10 110 9 127 97 7 156 43 180 125 126 137 145 12 2 82 146 100 117 26 59 180 181 
+164 76 89 30 101 77 72 126 114 95 143 102 32 149 131 83 157 31 61 123 139 60 
+135 74 169 122 151 102 137 168 62 55 166 119 97 163 60 112 24 116 38 178 105 91 
+134 86 27 47 138 72 70 183 79 15 84 117 154 128 57 53 39 161 88 ^
+393 1 92 72 151 33 183 164 42 112 32 10 5 93 97 18 112 71 92 168 116 179 186 65 
+137 68 134 3 82 9 19 121 148 65 160 173 158 167 90 66 180 172 99 86 83 86 26 16 
+10 135 23 81 137 125 17 19 25 183 73 7 104 185 79 165 119 119 176 59 75 18 5 59 
+132 26 21 127 119 80 94 83 52 61 24 44 4 50 55 115 29 70 140 99 159 130 54 15 
+42 89 114 173 28 50 16 33 53 47 58 180 19 64 78 49 30 186 104 32 44 157 85 1 
+149 85 97 114 77 63 58 50 89 80 21 36 84 72 60 152 25 87 108 15 138 54 106 77 
+97 23 42 55 149 181 62 106 43 132 31 138 111 176 93 40 10 96 128 105 114 43 98 
+4 146 20 107 120 14 113 181 101 1 19 155 113 57 64 117 131 6 22 186 138 184 36 
+61 29 36 175 107 6 61 81 114 20 180 42 169 102 26 73 80 151 153 68 4 11 98 139 
+6 175 34 146 93 154 88 128 139 79 35 2 135 119 46 129 91 86 179 51 18 169 141 
+108 49 103 46 72 21 70 49 64 151 96 185 175 130 111 85 58 32 101 40 101 131 136 
+139 170 70 10 169 175 73 41 69 177 45 47 92 145 11 155 22 22 56 21 13 166 48 21 
+109 131 40 174 178 104 128 9 149 51 132 122 173 119 23 24 67 109 74 32 158 110 
+117 74 123 6 118 151 130 150 167 34 55 58 146 54 72 112 105 57 160 82 123 159 
+153 159 39 19 7 8 33 87 12 50 146 150 37 104 71 126 133 108 145 68 38 38 90 43 
+75 148 122 43 2 39 154 54 163 147 113 91 29 109 35 75 182 87 35 155 170 127 80 
+185 118 60 95 142 71 165 28 84 168 25 144 178 31 81 41 160 25 53 143 ^
+381 1 14 172 163 130 45 69 46 145 36 36 151 169 13 135 42 26 81 153 76 148 178 
+90 131 30 101 162 161 132 142 14 89 3 141 175 146 65 26 89 94 99 187 8 55 162 2 
+13 143 173 2 120 173 41 132 150 2 112 42 18 140 130 37 128 23 106 159 118 167 
+150 101 11 30 109 150 184 124 19 169 73 165 53 109 158 172 147 11 46 38 149 25 
+21 92 184 64 179 158 133 135 34 38 58 114 9 183 4 118 76 49 89 102 40 163 47 75 
+80 176 175 8 154 14 180 104 153 84 89 11 129 8 138 85 181 73 66 154 121 20 115 
+93 114 108 82 182 19 86 103 176 183 186 177 53 10 69 137 56 1 135 141 68 69 54 
+86 12 75 171 87 187 107 144 150 93 23 7 70 83 29 140 67 139 153 183 178 189 30 
+18 2 29 72 29 33 160 56 9 123 164 107 136 19 70 31 177 152 99 57 38 66 55 32 32 
+24 83 60 21 1 36 52 80 168 44 32 115 184 25 120 181 172 155 189 22 30 26 180 5 
+64 49 188 1 28 111 57 176 167 67 131 22 160 186 169 65 34 30 117 91 17 163 39 
+134 57 137 155 90 170 42 78 170 141 167 158 42 177 22 129 68 168 143 74 150 85 
+82 174 78 63 111 156 28 12 158 141 76 57 77 125 79 40 12 59 52 88 156 20 24 182 
+149 56 92 46 106 167 59 189 121 119 14 81 15 165 136 79 100 42 117 182 118 175 
+138 124 3 50 74 134 156 36 143 181 180 96 22 61 97 134 164 24 166 30 10 61 6 33 
+9 115 176 84 97 142 152 15 50 165 45 168 135 133 127 93 15 66 94 91 9 32 16 95 
+37 29 171 118 68 108 66 63 20 55 186 ^
+396 1 97 10 5 160 132 18 83 73 159 141 55 120 31 131 141 102 138 3 52 9 148 189 
+56 99 165 146 2 140 64 157 100 121 113 102 24 21 24 123 16 10 139 152 19 109 
+146 116 122 92 43 7 75 62 49 170 58 26 117 125 45 147 5 125 136 155 118 2 26 50 
+161 21 182 127 153 45 68 19 121 22 94 104 144 166 35 166 23 176 75 188 53 114 
+93 148 177 66 151 16 156 121 180 98 48 179 95 63 107 97 45 1 23 97 57 23 132 53 
+79 97 124 19 188 18 118 37 22 106 94 60 122 25 47 176 110 184 109 79 164 120 43 
+153 89 90 128 109 12 168 64 110 82 117 192 41 171 163 164 76 53 12 101 68 54 
+117 78 59 143 84 32 122 104 65 148 31 52 123 130 24 135 38 151 95 142 93 101 
+159 62 37 148 110 70 127 51 85 181 89 11 142 105 91 107 50 27 29 102 36 43 165 
+79 6 84 99 118 128 30 26 3 143 17 68 66 139 187 15 165 158 24 88 20 179 174 81 
+79 18 106 47 74 150 104 179 162 59 131 62 116 166 82 184 188 97 136 41 136 167 
+140 143 175 72 42 174 148 75 74 71 86 14 16 191 117 11 63 119 119 186 182 13 
+171 49 182 80 167 73 147 119 107 164 41 57 181 168 29 114 26 184 121 101 80 76 
+65 34 49 24 44 191 38 25 91 5 58 140 99 153 124 54 184 42 83 108 155 4 20 191 3 
+29 35 40 180 7 40 66 25 12 180 86 26 38 139 73 1 137 79 85 102 71 39 28 44 77 
+56 190 12 66 72 30 152 7 87 84 190 126 48 100 77 91 186 36 31 143 163 50 94 25 
+126 1 114 105 170 93 22 173 90 116 87 96 19 74 4 122 183 83 120 177 113 169 181 
+77 182 1 149 186 ^
+384 1 25 56 85 107 177 6 186 138 184 28 61 184 191 175 107 6 29 81 114 12 156 2 
+137 86 189 73 64 127 129 44 167 11 98 107 169 143 26 146 61 130 88 120 139 55 3 
+189 119 87 22 105 67 78 147 51 2 161 109 84 49 87 38 48 192 62 25 64 143 72 169 
+151 106 111 53 58 8 93 8 85 123 120 131 170 38 2 169 167 49 41 37 153 21 39 92 
+145 190 155 177 185 48 13 5 150 48 21 85 115 40 166 178 88 104 1 125 19 116 106 
+141 111 23 43 101 58 187 150 78 101 50 107 185 86 151 130 134 143 34 31 26 122 
+38 40 112 97 33 136 50 99 127 121 159 7 19 170 187 1 79 191 26 130 118 5 104 47 
+126 109 92 129 52 30 193 90 35 67 116 90 3 181 39 122 30 155 147 105 83 21 77 
+35 75 174 55 190 131 154 95 72 185 94 36 95 126 71 149 4 68 152 180 144 146 7 
+49 33 152 188 29 111 194 172 148 125 35 59 36 125 11 36 141 149 183 125 27 1 71 
+133 61 138 168 85 131 5 96 162 161 117 142 14 79 183 141 165 126 55 11 74 84 79 
+167 3 40 142 177 193 128 173 192 100 163 16 127 145 182 97 17 193 120 115 32 
+108 18 96 154 103 152 150 86 181 15 99 135 179 124 194 164 68 160 43 109 138 
+152 142 6 21 23 149 20 11 82 164 44 159 148 133 115 24 28 53 104 9 183 179 108 
+56 39 84 87 30 163 32 70 75 166 170 8 139 9 175 99 143 64 89 186 114 183 133 85 
+161 63 61 154 111 15 115 78 109 108 72 177 14 71 103 176 173 176 157 38 10 54 
+132 41 186 130 126 63 69 39 76 7 65 171 82 172 102 124 140 83 113 ^
+396 1 189 70 83 29 132 67 115 145 151 170 181 14 192 2 187 40 5 33 160 48 183 
+91 132 83 112 177 62 189 153 128 91 49 38 50 55 24 8 8 51 36 13 175 28 36 56 
+160 12 107 168 25 104 157 156 139 165 14 30 192 164 195 56 41 180 159 28 79 41 
+144 167 51 115 188 136 154 145 65 2 22 93 83 191 147 23 110 57 137 131 66 138 
+26 78 146 125 159 150 34 177 22 129 68 168 111 74 118 77 50 174 54 47 87 140 20 
+178 158 133 60 33 45 93 47 8 170 59 52 56 124 20 16 150 117 24 84 46 106 151 51 
+158 173 113 111 196 73 15 133 136 71 100 10 85 182 110 143 114 92 185 42 42 118 
+156 20 135 173 156 96 180 37 73 134 156 182 150 196 192 45 172 17 167 91 168 68 
+89 134 120 190 173 34 141 37 152 111 117 103 61 7 34 62 67 191 190 8 87 21 195 
+139 86 44 76 66 55 186 23 31 87 183 5 155 122 191 68 53 149 136 35 115 26 121 
+131 102 123 3 42 197 133 179 56 84 165 136 190 130 49 157 80 101 103 97 197 11 
+19 118 1 5 119 137 9 104 193 141 116 122 72 38 7 70 47 44 155 43 16 107 125 40 
+127 193 105 131 145 108 185 6 50 141 1 167 127 153 45 53 192 121 12 79 84 129 
+151 15 166 196 156 60 188 53 109 83 148 162 46 146 6 136 111 160 88 38 169 85 
+63 87 97 35 194 3 82 52 13 132 43 59 92 109 4 178 3 118 37 195 96 94 60 112 15 
+47 166 110 179 99 69 149 100 43 138 69 70 123 89 12 158 54 90 72 117 182 31 166 
+153 164 76 33 2 101 63 44 112 58 39 143 74 32 107 89 55 143 31 47 123 125 4 135 
+18 141 80 137 88 81 154 187 ^
+406 0 23 134 103 49 99 44 64 160 68 190 114 105 91 86 22 27 15 74 8 22 151 79 
+199 84 85 90 128 9 5 175 129 17 40 59 125 187 194 144 151 3 60 6 158 153 67 58 
+18 99 19 53 129 90 179 134 52 124 55 95 138 82 170 167 69 122 13 108 160 119 
+115 161 51 14 167 120 47 60 57 86 16 184 96 197 42 98 112 165 154 199 157 21 
+168 52 146 66 126 119 93 150 20 36 153 140 194 93 26 156 114 80 80 55 44 13 35 
+24 44 191 24 190 63 177 44 140 99 146 117 54 163 42 76 101 134 176 185 177 168 
+1 21 19 180 193 12 52 197 191 173 65 19 31 118 59 1 123 72 71 88 64 11 193 37 
+63 28 169 184 45 72 195 152 186 87 56 176 112 41 93 77 84 158 29 3 136 142 36 
+80 4 119 166 86 98 163 93 1 145 83 102 66 75 191 46 4 94 155 55 120 149 113 148 
+181 49 175 180 142 87 5 51 65 92 167 196 186 138 184 23 61 164 171 175 107 6 9 
+81 114 7 141 177 117 76 174 73 54 112 114 29 152 11 98 87 154 123 21 146 41 115 
+88 115 139 40 183 189 109 67 7 90 52 73 127 51 192 156 89 69 49 77 33 33 182 57 
+10 64 138 57 159 136 91 111 33 58 193 88 188 75 118 110 126 170 18 197 169 162 
+34 41 17 138 6 34 92 145 185 155 157 170 43 8 140 48 21 70 105 40 161 178 78 89 
+196 110 199 106 96 121 106 23 185 28 96 48 167 145 58 91 35 97 180 66 151 130 
+124 128 34 16 6 107 28 20 112 92 18 121 30 84 107 101 159 187 19 155 182 181 74 
+186 11 120 98 185 104 32 126 94 82 119 42 25 173 90 30 62 96 70 178 176 39 102 
+15 150 147 100 78 16 57 35 75 169 35 170 116 144 75 146 ^
+409 1 185 70 12 95 110 71 133 183 52 136 148 144 114 186 17 25 144 164 5 79 178 
+172 124 117 19 43 20 93 174 36 125 117 151 109 3 164 55 101 37 122 152 77 131 
+168 88 162 161 93 142 14 63 167 141 149 94 39 190 50 68 47 135 198 16 110 153 
+177 104 173 192 68 147 179 119 137 166 73 180 169 88 91 24 76 10 80 146 79 128 
+150 62 149 194 83 111 171 124 170 156 60 152 27 109 106 120 134 201 184 202 149 
+12 198 66 132 12 127 132 133 83 8 12 45 88 9 183 155 92 24 23 76 63 14 163 8 62 
+67 150 162 8 115 1 167 91 127 32 89 162 90 159 125 85 129 47 53 154 95 7 115 54 
+101 108 56 169 6 47 103 176 157 160 125 14 10 30 124 17 178 122 102 55 69 15 60 
+202 49 171 74 148 94 92 124 67 200 184 70 83 29 127 67 100 140 131 165 176 4 
+182 2 167 20 193 33 160 43 173 71 112 68 97 157 57 169 138 113 86 44 38 40 55 
+19 196 201 31 21 8 165 23 26 41 155 195 183 102 158 25 94 142 146 129 150 9 30 
+177 154 195 51 36 175 139 28 59 31 124 167 41 105 173 121 134 130 65 185 17 78 
+78 181 137 13 95 57 137 116 51 118 16 78 131 115 154 145 29 177 22 129 68 168 
+91 74 98 72 30 174 39 37 72 130 15 163 158 128 50 18 25 73 27 191 150 59 52 36 
+104 20 11 130 97 4 79 46 106 141 46 138 163 108 106 191 68 15 113 136 66 100 
+193 65 182 105 123 99 72 180 37 22 108 156 10 130 168 141 96 160 22 58 134 151 
+162 140 181 187 35 157 7 147 76 163 58 84 129 100 190 153 24 126 32 142 96 107 
+88 41 2 14 42 52 186 170 3 82 11 180 119 66 29 56 66 50 171 3 11 77 163 5 150 
+112 128 ^
+413 1 47 25 135 129 7 108 19 107 117 102 102 3 28 190 112 165 56 63 165 122 183 
+116 28 157 52 73 89 90 169 202 12 111 185 203 91 116 200 97 193 134 116 122 44 
+31 7 63 26 37 134 22 2 93 125 33 99 186 77 124 131 94 171 183 50 113 178 146 
+127 153 45 32 164 121 203 58 56 108 130 192 166 168 128 39 188 53 102 69 148 
+141 18 139 197 108 97 132 74 24 155 71 63 59 97 21 194 180 61 45 204 132 29 31 
+85 88 188 164 187 118 37 167 82 94 60 98 1 47 152 110 172 85 55 128 72 43 117 
+41 42 116 61 12 144 40 62 58 117 168 17 159 139 164 76 5 193 101 56 30 105 30 
+11 143 60 32 86 68 41 136 31 40 123 118 181 135 195 127 59 130 81 53 147 62 13 
+124 98 34 79 39 49 145 53 180 94 105 91 71 2 27 5 54 193 7 141 79 199 84 75 70 
+128 199 195 160 119 17 20 54 115 187 184 129 146 193 40 201 143 138 57 43 18 94 
+204 38 114 80 179 114 47 119 50 80 118 82 160 152 49 112 198 88 155 104 95 151 
+36 199 162 100 27 50 47 86 195 16 179 81 192 27 83 107 150 134 194 147 1 158 32 
+131 61 111 119 83 140 5 21 133 120 174 78 26 136 109 65 80 40 29 203 25 24 44 
+191 14 170 43 162 34 140 99 141 112 54 148 42 71 96 119 161 165 167 148 186 11 
+4 180 188 197 42 182 181 168 50 14 26 103 49 1 113 67 61 78 59 196 173 32 53 8 
+154 169 30 72 175 152 176 87 36 166 102 36 88 77 79 138 24 188 131 127 26 70 
+194 114 146 66 93 158 93 191 125 78 92 51 60 176 26 4 74 135 35 120 129 113 133 
+181 29 170 170 137 77 190 46 45 77 157 191 186 138 184 18 61 144 151 175 107 6 
+194 81 114 2 126 110 ^
+427 1 85 60 150 73 38 88 90 5 128 11 98 55 130 91 13 146 9 91 88 107 139 16 159 
+189 93 35 191 66 28 65 95 51 184 148 57 45 49 61 25 9 166 49 194 64 130 33 143 
+112 67 111 1 58 177 80 164 59 110 94 118 170 194 197 169 154 10 41 193 114 190 
+26 92 145 177 155 125 146 35 200 124 48 21 46 89 40 153 178 62 65 196 86 175 90 
+80 89 98 23 169 4 88 32 135 137 26 75 11 81 172 34 151 130 108 104 34 200 182 
+83 12 196 112 84 202 97 206 60 75 69 159 163 19 131 174 157 66 178 195 104 66 
+161 104 8 126 70 66 103 26 17 141 90 22 54 64 38 146 168 39 70 199 142 147 92 
+70 8 25 35 75 161 3 138 92 128 43 59 185 55 205 95 100 71 123 173 42 126 128 
+144 94 176 205 20 139 149 198 59 168 172 109 112 9 33 10 73 154 36 115 97 131 
+99 196 144 45 81 22 112 142 72 131 148 83 162 161 78 142 14 53 157 141 139 74 
+29 180 35 58 27 115 198 1 90 138 167 89 173 192 48 137 159 114 132 156 58 160 
+154 68 76 19 56 5 70 141 64 113 150 47 129 184 73 96 166 124 155 151 55 147 17 
+109 86 100 129 201 164 192 149 7 193 56 112 200 107 122 133 63 206 2 40 78 9 
+183 140 82 4 13 71 48 4 163 201 57 62 140 157 8 100 204 162 86 117 12 89 147 75 
+144 120 85 109 37 48 154 85 2 115 39 96 108 46 164 1 32 103 176 147 150 105 207 
+10 15 119 2 173 117 87 50 69 50 202 39 171 69 133 89 72 114 57 195 179 70 83 29 
+122 67 85 135 111 160 171 202 172 2 147 183 33 160 38 163 51 92 53 82 137 52 
+149 123 98 81 39 38 30 55 14 186 196 11 6 3 155 18 16 26 150 180 168 97 148 25 
+84 127 136 119 135 4 30 162 144 195 46 31 170 119 28 190 ^
+443 1 17 96 167 27 91 152 100 106 109 65 164 10 57 71 167 123 209 74 57 137 95 
+30 90 2 78 110 101 147 138 22 177 22 129 68 168 63 74 70 65 2 174 18 23 51 116 
+8 142 158 121 36 207 207 45 209 170 122 59 52 8 76 20 4 102 69 186 72 46 106 
+127 39 110 149 101 99 184 61 15 85 136 59 100 172 37 182 98 95 78 44 173 30 204 
+94 156 206 123 161 120 96 132 1 37 134 144 134 126 160 180 21 136 203 119 55 
+156 44 77 122 72 190 125 10 105 25 128 75 93 67 13 205 196 14 31 179 142 206 75 
+207 159 91 38 8 28 66 43 150 185 193 63 135 5 143 98 143 32 5 125 124 197 103 
+14 97 107 102 87 3 18 185 97 155 56 48 165 112 178 106 13 157 32 53 79 85 149 
+197 7 106 175 203 71 101 195 92 193 129 116 122 24 26 7 58 11 32 119 7 202 83 
+125 28 79 181 57 119 121 84 161 168 50 93 163 131 127 153 45 17 144 121 198 43 
+36 93 115 177 166 148 108 24 188 53 97 59 148 126 208 134 192 88 87 112 64 14 
+145 61 63 39 97 11 194 165 46 40 199 132 19 11 80 73 178 154 177 118 37 147 72 
+94 60 88 201 47 142 110 167 75 45 113 52 43 102 21 22 111 41 12 134 30 42 48 
+117 158 7 154 129 164 76 195 188 101 51 20 100 10 201 143 50 32 71 53 31 131 31 
+35 123 113 166 135 180 117 44 125 76 33 142 62 3 114 93 19 59 34 34 130 38 170 
+74 105 91 56 192 27 205 34 178 202 131 79 199 84 65 50 128 189 185 145 109 17 
+49 105 187 174 114 141 183 20 196 128 123 47 28 18 89 189 23 99 70 179 94 42 
+114 45 65 98 82 150 137 29 102 183 68 150 89 75 141 21 184 157 80 7 40 37 86 
+190 16 174 66 187 12 68 102 135 114 189 137 191 148 12 116 56 96 119 73 130 200 
+6 113 100 154 63 26 116 104 50 80 25 14 193 83 ^
+436 1 24 44 191 211 138 11 138 18 140 99 133 104 54 124 42 63 88 95 137 133 151 
+116 162 208 193 180 180 173 26 158 165 160 26 6 18 79 33 1 97 59 45 62 51 172 
+141 24 37 189 130 145 6 72 143 152 160 87 4 150 86 28 80 77 71 106 16 164 123 
+103 10 54 178 106 114 34 85 150 93 175 93 70 76 27 36 152 207 4 42 103 3 120 97 
+113 109 181 210 162 154 129 61 166 38 13 53 141 183 186 138 184 10 61 112 119 
+175 107 6 170 81 114 207 102 125 65 50 135 73 28 73 75 203 113 11 98 35 115 71 
+8 146 202 76 88 102 139 1 144 189 83 15 181 51 13 60 75 51 179 143 37 30 49 51 
+20 207 156 44 184 64 125 18 133 97 52 111 194 58 167 75 149 49 105 84 113 170 
+179 197 169 149 208 41 178 99 180 21 92 145 172 155 105 131 30 208 200 114 48 
+21 31 79 40 148 178 52 50 196 71 160 80 70 69 93 23 159 202 83 22 115 132 6 65 
+209 71 167 14 151 130 98 89 34 190 167 68 2 181 112 79 192 82 191 45 55 49 159 
+148 19 116 169 142 61 173 185 94 46 146 104 206 126 55 56 93 16 12 121 90 17 49 
+44 18 126 163 39 50 189 137 147 87 65 3 5 35 75 156 196 118 77 118 23 54 185 40 
+195 95 90 71 113 163 32 116 108 144 74 166 190 15 134 134 188 39 158 172 94 107 
+212 23 53 134 36 105 77 111 89 186 124 35 61 7 102 132 67 131 128 78 162 161 63 
+142 14 43 147 141 129 54 19 170 20 48 7 95 198 199 70 123 157 74 173 192 28 127 
+139 109 127 146 43 140 139 48 61 14 36 60 136 49 98 150 32 109 174 63 81 161 
+124 140 146 50 142 7 109 66 80 124 201 144 182 149 2 188 46 92 185 87 112 133 
+43 201 205 35 68 9 183 125 72 197 3 66 33 207 163 191 52 57 130 152 8 85 204 
+157 81 107 205 187 ^
+462 1 126 54 123 113 85 81 23 41 154 71 210 115 18 89 108 32 157 209 11 103 176 
+133 136 77 193 10 209 112 196 166 110 66 43 69 194 36 202 25 171 62 112 82 44 
+100 43 188 172 70 83 29 115 67 64 128 83 153 164 195 158 2 119 187 169 33 160 
+31 149 23 64 32 61 109 45 121 102 77 74 32 38 16 55 7 172 189 198 200 211 141 
+11 2 5 143 159 147 90 134 25 70 106 122 105 114 212 30 141 130 195 39 24 163 91 
+28 11 7 76 167 17 81 137 85 86 94 65 149 5 42 66 157 113 204 59 57 137 80 15 70 
+207 78 95 91 142 133 17 177 22 129 68 168 43 74 50 60 197 174 3 13 36 106 3 127 
+158 116 26 197 192 25 194 155 102 59 52 203 56 20 214 82 49 171 67 46 106 117 
+34 90 139 96 94 179 56 15 65 136 54 100 157 17 182 93 75 63 24 168 25 189 84 
+156 201 118 156 105 96 112 201 22 134 139 114 116 145 175 11 121 198 99 40 151 
+34 72 117 52 190 105 90 20 118 60 83 52 208 205 181 209 16 174 122 206 70 202 
+144 71 18 208 8 66 38 135 170 178 53 115 5 138 88 123 17 200 115 119 182 98 9 
+87 97 102 72 3 8 180 82 145 56 33 165 102 173 96 213 157 12 33 69 80 129 192 2 
+101 165 203 51 86 190 87 193 124 116 122 4 21 7 53 211 27 104 207 197 73 125 23 
+59 176 37 114 111 74 151 153 50 73 148 116 127 153 45 2 124 121 193 28 16 78 
+100 162 166 128 88 9 188 53 92 49 148 111 193 129 187 68 77 92 54 4 135 51 63 
+19 97 1 194 150 31 35 194 132 9 206 75 58 168 144 167 118 37 127 62 94 60 78 
+196 47 132 110 162 65 35 98 32 43 87 1 2 106 21 12 124 20 22 38 117 148 212 149 
+119 164 76 180 183 101 46 10 95 205 186 143 40 32 56 38 21 126 31 30 123 108 
+151 135 165 107 29 120 71 13 137 62 208 104 88 4 39 29 19 115 23 160 54 105 91 
+41 177 27 200 14 163 124 ^
+453 0 115 79 199 84 49 18 128 173 169 121 93 17 186 41 89 187 158 90 133 167 
+206 188 104 99 31 4 18 81 165 217 75 54 179 62 34 106 37 41 66 82 134 113 215 
+86 159 36 142 65 43 125 215 160 149 48 193 24 21 86 182 16 166 42 179 206 44 94 
+111 82 181 121 167 132 198 92 48 72 119 57 114 184 200 81 68 122 39 26 84 96 26 
+80 1 208 177 217 24 44 191 206 118 209 123 8 140 99 128 99 54 109 42 58 83 80 
+122 113 141 96 147 203 183 180 175 158 16 143 155 155 11 1 13 64 23 1 87 54 35 
+52 46 157 121 19 27 174 115 130 209 72 123 152 150 87 202 140 76 23 75 77 66 86 
+11 149 118 88 44 168 101 94 14 80 145 93 165 73 65 66 12 21 137 192 4 22 83 201 
+120 77 113 94 181 195 157 144 124 51 151 33 211 38 131 178 186 138 184 5 61 92 
+99 175 107 6 155 81 114 207 87 105 45 40 120 73 18 58 60 193 98 11 98 15 100 51 
+3 146 187 61 88 97 139 204 129 189 73 213 171 36 216 55 55 51 174 138 17 15 49 
+41 15 197 146 39 174 64 120 3 123 82 37 111 179 58 157 70 134 39 100 74 108 170 
+164 197 169 144 198 41 163 84 170 16 92 145 167 155 85 116 25 208 200 104 48 21 
+16 69 40 143 178 42 35 196 56 145 70 60 49 88 23 149 192 78 12 95 127 204 55 
+199 61 162 212 151 130 88 74 34 180 152 53 210 166 112 74 182 67 176 30 35 29 
+159 133 19 101 164 127 56 168 175 84 26 131 104 196 126 40 46 83 6 7 101 90 12 
+44 24 216 106 158 39 30 179 132 147 82 60 216 203 35 75 151 181 98 62 108 3 49 
+185 25 185 95 80 71 103 153 22 106 88 144 54 156 175 10 129 119 178 19 148 172 
+79 102 207 13 208 33 114 36 95 57 91 79 176 104 25 41 210 92 122 62 131 108 73 
+162 161 48 142 14 33 137 141 119 34 9 160 5 38 205 75 198 189 50 108 112 ^
+454 1 53 173 192 113 111 102 120 132 22 112 118 20 40 7 8 213 46 129 28 77 150 
+11 81 160 49 60 154 124 119 139 43 135 213 109 38 52 117 201 116 168 149 215 
+181 32 64 164 59 98 133 15 194 198 28 54 9 183 104 58 176 209 59 12 200 163 177 
+45 50 116 145 8 64 204 150 74 93 184 89 111 39 108 108 85 61 13 36 154 61 210 
+115 3 84 108 22 152 209 216 103 176 123 126 57 183 10 199 107 186 161 105 51 38 
+69 184 26 202 15 171 57 97 77 24 90 33 183 167 70 83 29 110 67 49 123 63 148 
+159 190 148 2 99 172 159 33 160 26 139 3 44 17 46 89 40 101 87 62 69 27 38 6 55 
+2 162 184 183 190 211 131 6 212 210 138 144 132 85 124 25 60 91 112 95 99 212 
+30 126 120 195 34 19 158 71 28 211 217 56 167 7 71 122 70 66 79 65 134 27 61 
+147 103 199 44 57 137 65 50 202 78 80 81 137 128 12 177 22 129 68 168 23 74 30 
+55 182 174 208 3 21 96 218 112 158 111 16 187 177 5 179 140 82 59 52 188 36 20 
+214 62 29 156 62 46 106 107 29 70 129 91 89 174 51 15 45 136 49 100 142 217 182 
+88 55 48 4 163 20 174 74 156 196 113 151 90 96 92 191 7 134 134 94 106 130 170 
+1 106 193 79 25 146 24 67 112 32 190 85 210 75 15 108 45 73 37 193 205 166 194 
+1 169 102 206 65 197 129 51 218 198 208 66 33 120 155 163 43 95 5 133 78 103 2 
+185 105 114 167 93 4 77 87 102 57 3 218 175 67 135 56 18 165 92 168 86 203 157 
+212 13 59 75 109 187 217 96 155 203 31 71 185 82 193 119 116 122 204 16 7 48 
+201 22 89 197 192 63 125 18 39 171 17 109 101 64 141 138 50 53 133 101 127 153 
+45 207 104 121 188 13 216 63 85 147 166 108 68 214 188 53 87 39 148 96 178 124 
+182 48 67 72 44 214 125 41 63 219 97 211 194 135 16 30 189 132 219 191 70 43 
+158 181 ^
+475 0 153 118 37 99 48 94 60 64 189 47 118 110 155 51 21 77 4 43 66 195 196 99 
+215 12 110 6 216 24 117 134 205 142 105 164 76 159 176 101 39 218 88 184 165 
+143 26 32 35 17 7 119 31 23 123 101 130 135 144 93 8 113 64 207 130 62 201 90 
+81 205 11 22 220 94 2 146 26 105 91 20 156 27 193 208 142 178 107 79 199 84 41 
+2 128 165 161 109 85 17 174 37 81 187 150 78 129 159 194 184 92 87 23 214 18 77 
+153 209 63 46 179 46 30 102 33 29 50 82 126 101 203 78 147 20 138 53 27 117 207 
+148 145 32 181 16 13 86 178 16 162 30 175 198 32 90 99 66 177 113 155 124 186 
+80 44 60 119 49 106 176 192 65 52 106 27 26 68 92 14 80 211 200 169 213 24 44 
+191 202 102 197 111 140 99 124 95 54 97 42 54 79 68 110 97 133 80 135 199 175 
+180 171 146 8 131 147 151 221 219 9 52 15 1 79 50 27 44 42 145 105 15 19 162 
+103 118 201 72 107 152 142 87 190 132 68 19 71 77 62 70 7 137 114 76 214 36 160 
+97 78 220 76 141 93 157 57 61 58 9 125 180 4 6 67 189 120 61 113 82 181 183 153 
+136 120 43 139 29 199 26 123 174 186 138 184 1 61 76 83 175 107 6 143 81 114 
+207 75 89 29 32 108 73 10 46 48 185 86 11 98 221 88 35 221 146 175 49 88 93 139 
+196 117 189 65 201 163 24 208 51 39 51 170 134 1 3 49 33 11 189 138 35 166 64 
+116 213 115 70 25 111 167 58 149 66 122 31 96 66 104 170 152 197 169 140 190 41 
+151 72 162 12 92 145 163 155 69 104 21 208 200 96 48 21 4 61 40 139 178 34 23 
+196 44 133 62 52 33 84 23 141 184 74 4 79 123 192 47 191 53 158 200 151 130 80 
+62 34 172 140 41 206 154 112 70 174 55 164 18 19 13 159 121 19 89 160 115 52 
+164 167 76 10 119 104 188 126 28 38 75 220 3 85 90 8 40 8 204 90 154 39 14 171 
+128 147 78 56 216 191 35 75 147 169 82 50 100 209 45 185 13 177 95 150 ^
+471 0 71 89 139 8 92 60 144 26 142 154 3 122 98 164 216 134 172 58 95 200 224 
+201 5 86 36 81 29 63 65 162 76 11 13 196 78 108 55 131 80 66 162 161 27 142 14 
+19 123 141 105 6 220 146 209 24 184 47 198 175 22 87 133 38 173 192 205 103 91 
+97 115 122 7 92 103 25 2 213 213 36 124 13 62 150 221 61 150 39 45 149 124 104 
+134 38 130 208 109 18 32 112 201 96 158 149 215 176 22 44 149 39 88 133 220 189 
+193 23 44 9 183 89 48 161 204 54 222 195 163 167 40 45 106 140 8 49 204 145 69 
+83 169 89 96 24 93 103 85 41 3 31 154 51 210 115 213 79 108 12 147 209 206 103 
+176 113 116 37 173 10 189 102 176 156 100 36 33 69 174 16 202 5 171 52 82 72 4 
+80 23 178 162 70 83 29 105 67 34 118 43 143 154 185 138 2 79 157 149 33 160 21 
+129 208 24 2 31 69 35 81 72 47 64 22 38 221 55 222 152 179 168 180 211 121 1 
+207 200 133 129 117 80 114 25 50 76 102 85 84 212 30 111 110 195 29 14 153 51 
+28 196 212 36 167 222 61 107 55 46 64 65 119 220 12 56 137 93 194 29 57 137 50 
+210 30 197 78 65 71 132 123 7 177 22 129 68 168 3 74 10 50 167 174 198 218 6 86 
+218 97 158 106 6 177 162 210 164 125 62 59 52 173 16 20 214 42 9 141 57 46 106 
+97 24 50 119 86 84 169 46 15 25 136 44 100 127 202 182 83 35 33 209 158 15 159 
+64 156 191 108 146 75 96 72 181 217 134 129 74 96 115 165 216 91 188 59 10 141 
+14 62 107 12 190 65 205 60 10 98 30 63 22 178 205 151 179 211 164 82 206 60 192 
+114 31 203 188 193 66 28 105 140 148 33 75 5 128 68 83 212 170 95 109 152 88 
+224 67 77 102 42 3 213 170 52 125 56 3 165 82 163 76 193 157 197 218 49 70 89 
+182 217 91 145 203 11 56 180 77 193 114 116 122 189 11 7 43 191 17 74 187 187 
+53 125 13 19 166 222 104 91 54 131 123 50 33 118 86 127 167 ^
+480 1 45 193 76 121 181 219 195 42 64 126 166 80 40 200 188 53 80 25 148 75 157 
+117 175 20 53 44 30 207 111 27 63 198 97 204 194 114 222 23 182 132 212 170 63 
+22 144 120 143 118 37 79 38 94 60 54 184 47 108 110 150 41 11 62 211 43 51 180 
+181 94 200 12 100 223 201 14 117 124 200 137 95 164 76 144 171 101 34 213 83 
+169 150 143 16 32 20 2 224 114 31 18 123 96 115 135 129 83 220 108 59 192 125 
+62 196 80 76 195 218 17 210 79 214 136 6 105 91 5 141 27 188 193 127 168 97 79 
+199 84 31 209 128 155 151 94 75 17 159 32 71 187 140 63 124 149 179 179 77 72 
+13 204 18 72 138 199 48 36 179 26 25 97 28 14 30 82 116 86 188 68 132 133 38 7 
+107 197 133 140 12 166 6 3 86 173 16 157 15 170 188 17 85 84 46 172 103 140 114 
+171 65 39 45 119 39 96 166 182 45 32 86 12 26 48 87 226 80 201 190 159 208 24 
+44 191 197 82 182 96 217 140 99 119 90 54 82 42 49 74 53 95 77 123 60 120 194 
+165 180 166 131 225 116 137 146 211 219 4 37 5 1 69 45 17 34 37 130 85 10 9 147 
+88 103 191 72 87 152 132 87 175 122 58 14 66 77 57 50 2 122 109 61 209 26 150 
+92 58 205 71 136 93 147 37 56 48 212 221 110 165 4 213 47 174 120 41 113 67 181 
+168 148 126 115 33 124 24 184 11 113 169 186 138 184 223 61 56 63 175 107 6 128 
+81 114 207 60 69 9 22 93 73 31 33 175 71 11 98 206 73 15 221 146 160 34 88 88 
+139 186 102 189 55 186 153 9 198 46 19 51 165 129 208 215 49 23 6 179 128 30 
+156 64 111 203 105 55 10 111 152 58 139 61 107 21 91 56 99 170 137 197 169 135 
+180 41 136 57 152 7 92 145 158 155 49 89 16 208 200 86 48 21 216 51 40 134 178 
+24 8 196 29 118 52 42 13 79 23 131 174 69 221 59 118 177 37 181 43 153 185 151 
+130 70 47 34 162 125 26 201 139 112 65 164 40 149 3 226 220 159 106 19 74 155 
+100 47 159 157 193 ^
+471 0 211 98 104 174 126 7 24 61 213 225 57 90 1 33 209 183 62 147 39 215 157 
+121 147 71 49 216 170 35 75 140 148 54 29 86 188 38 185 221 163 95 58 71 81 131 
+84 44 144 10 134 142 228 118 86 156 204 126 172 46 91 196 220 197 218 70 36 73 
+13 47 57 154 60 3 226 188 70 100 51 131 64 62 162 161 15 142 14 11 115 141 97 
+219 216 138 201 16 172 31 198 167 6 75 125 26 173 192 193 95 75 93 111 114 224 
+76 91 213 13 227 201 213 28 120 1 50 150 213 45 142 31 33 145 124 92 130 34 126 
+204 109 2 16 108 201 80 150 149 215 172 14 28 137 23 80 133 208 185 189 19 36 9 
+183 77 40 149 200 50 214 191 163 159 36 41 98 136 8 37 204 141 65 75 157 89 84 
+12 81 99 85 25 224 27 154 43 210 115 205 75 108 4 143 209 198 103 176 105 108 
+21 165 10 181 98 168 152 96 24 29 69 166 8 202 226 171 48 70 68 217 72 15 174 
+158 70 83 29 101 67 22 114 27 139 150 181 130 2 63 145 141 33 160 17 121 196 8 
+219 19 53 31 65 60 35 60 18 38 217 55 222 144 175 156 172 211 113 226 203 192 
+129 117 105 76 106 25 42 64 94 77 72 212 30 99 102 195 25 10 149 35 28 184 208 
+20 167 218 53 95 43 30 52 65 107 220 52 129 85 190 17 57 137 38 202 14 193 78 
+53 63 128 119 3 177 22 129 68 168 216 74 223 46 155 174 190 214 223 78 218 85 
+158 102 227 169 150 198 152 113 46 59 52 161 20 214 26 222 129 53 46 106 89 20 
+34 111 82 80 165 42 15 9 136 40 100 115 190 182 79 19 21 197 154 11 147 56 156 
+187 104 142 63 96 56 173 209 134 125 58 88 103 161 212 79 184 43 227 137 6 58 
+103 225 190 49 201 48 6 90 18 55 10 166 205 139 167 203 160 66 206 56 188 102 
+15 191 180 181 66 24 93 128 136 25 59 5 124 60 67 204 158 87 105 140 84 224 59 
+69 102 30 3 209 166 40 117 56 220 165 74 159 68 185 157 185 206 41 66 167 ^
+490 1 176 217 85 133 203 218 38 174 71 193 108 116 122 171 5 7 37 179 11 56 175 
+181 41 125 7 226 160 204 98 79 42 119 105 50 9 100 68 127 153 45 185 60 121 177 
+211 183 30 52 114 166 64 24 192 188 53 76 17 148 63 145 113 171 4 45 28 22 203 
+103 19 63 186 97 200 194 102 214 19 178 132 208 158 59 10 136 112 135 118 37 63 
+30 94 60 46 180 47 100 110 146 33 3 50 199 43 39 168 169 90 188 12 92 219 189 6 
+117 116 196 133 87 164 76 132 167 101 30 209 79 157 138 143 8 32 8 221 220 110 
+31 14 123 92 103 135 117 75 212 104 55 180 121 62 192 72 72 187 206 13 202 67 
+206 128 221 105 91 224 129 27 184 181 115 160 89 79 199 84 23 197 128 147 143 
+82 67 17 147 28 63 187 132 51 120 141 167 175 65 60 5 196 18 68 126 191 36 28 
+179 10 21 93 24 2 14 82 108 74 176 60 120 215 129 26 222 99 189 121 136 227 154 
+229 226 86 169 16 153 3 166 180 5 81 72 30 168 95 128 106 159 53 35 33 119 31 
+88 158 174 29 16 70 26 32 83 218 80 193 182 151 204 24 44 191 193 66 170 84 213 
+140 99 115 86 54 70 42 45 70 41 83 61 115 44 108 190 157 180 162 119 221 104 
+129 142 203 219 25 228 1 61 41 9 26 33 118 69 6 1 135 76 91 183 72 71 152 124 
+87 163 114 50 10 62 77 53 34 229 110 105 49 205 18 142 88 42 193 67 132 93 139 
+21 52 40 204 213 98 153 4 201 31 162 120 25 113 55 181 156 144 118 111 25 112 
+20 172 230 105 165 186 138 184 223 61 40 47 175 107 6 116 81 114 207 48 53 224 
+14 81 73 223 19 21 167 59 11 98 194 61 230 221 146 148 22 88 84 139 178 90 189 
+47 174 145 228 190 42 3 51 161 125 196 207 49 15 2 171 120 26 148 64 107 195 97 
+43 229 111 140 58 131 57 95 13 87 48 95 170 125 197 169 131 172 41 124 45 144 3 
+92 145 154 155 33 77 12 208 200 78 48 21 208 43 40 130 178 16 227 196 17 106 44 
+34 228 75 23 123 166 65 217 43 114 165 29 173 35 200 ^
+479 0 167 151 130 58 29 34 150 107 8 195 121 112 59 152 22 131 218 208 202 159 
+88 19 56 149 82 41 153 145 54 199 86 104 166 126 228 16 53 209 225 41 90 230 29 
+197 171 46 143 39 203 149 117 147 67 45 216 158 35 75 136 136 38 17 78 176 34 
+185 213 155 95 50 71 73 123 225 76 28 144 227 126 130 228 114 74 148 192 118 
+172 34 87 192 216 193 206 54 36 65 230 31 49 146 44 228 214 180 62 92 47 131 48 
+58 162 161 3 142 14 3 107 141 89 207 212 130 193 8 160 15 198 159 223 63 117 14 
+173 192 181 87 59 89 107 106 216 60 79 201 1 227 189 213 20 116 222 38 150 205 
+29 134 23 21 141 124 80 126 30 122 200 109 219 104 201 64 142 149 215 168 6 12 
+125 7 72 133 196 181 185 15 28 9 183 65 32 137 196 46 206 187 163 151 32 37 90 
+132 8 25 204 137 61 67 145 89 72 69 95 85 9 220 23 154 35 210 115 197 71 108 
+229 139 209 190 103 176 97 100 5 157 10 173 94 160 148 92 12 25 69 158 202 222 
+171 44 58 64 205 64 7 170 154 70 83 29 97 67 10 110 11 135 146 177 122 2 47 133 
+133 33 160 13 113 184 225 211 7 37 27 49 48 23 56 14 38 213 55 222 136 171 144 
+164 211 105 226 199 184 125 105 93 72 98 25 34 52 86 69 60 212 30 87 94 195 21 
+6 145 19 28 172 204 4 167 214 45 83 31 14 40 65 95 220 221 48 121 77 186 5 57 
+137 26 194 231 189 78 41 55 124 115 232 177 22 129 68 168 204 74 211 42 143 174 
+182 210 215 70 218 73 158 98 223 161 138 186 140 101 30 59 52 149 217 20 214 10 
+210 117 49 46 106 81 16 18 103 78 76 161 38 15 226 136 36 100 103 178 182 75 3 
+9 185 150 7 135 48 156 183 100 138 51 96 40 165 201 134 121 42 80 91 157 208 67 
+180 27 219 133 231 54 99 213 190 33 197 36 2 82 6 47 231 154 205 127 155 195 
+156 50 206 52 184 90 232 179 172 169 66 20 81 116 124 17 43 5 120 52 51 196 146 
+79 101 128 80 224 65 ^
+503 1 55 102 9 3 202 159 19 103 56 206 165 60 152 54 171 157 164 185 27 59 45 
+171 217 80 123 203 203 23 169 66 193 103 116 122 156 7 32 169 6 41 165 176 31 
+125 2 211 155 189 93 69 32 109 90 50 225 85 53 127 153 45 175 40 121 172 201 
+168 15 37 99 166 44 4 182 188 53 71 7 148 48 130 108 166 220 35 8 12 198 93 9 
+63 171 97 195 194 87 204 14 173 132 203 143 54 231 126 102 125 118 37 43 20 94 
+60 36 175 47 90 110 141 23 229 35 184 43 24 153 154 85 173 12 82 214 174 232 
+117 106 191 128 77 164 76 117 162 101 25 204 74 142 123 143 234 32 229 211 215 
+105 31 9 123 87 88 135 102 65 202 99 50 165 116 62 187 62 67 177 191 8 192 52 
+196 118 206 105 91 214 114 27 179 166 100 150 79 79 199 84 13 182 128 137 133 
+67 57 17 132 23 53 187 122 36 115 131 152 170 50 45 231 186 18 63 111 181 21 18 
+179 226 16 88 19 223 230 82 98 59 161 50 105 200 124 11 207 89 179 106 131 212 
+139 224 221 86 164 16 148 224 161 170 226 76 57 10 163 85 113 96 144 38 30 18 
+119 21 78 148 164 9 232 50 221 26 12 78 208 80 183 172 141 199 24 44 191 188 46 
+155 69 208 140 99 110 81 54 55 42 40 65 26 68 41 105 24 93 185 147 180 157 104 
+216 89 119 137 193 219 231 10 223 1 51 36 235 16 28 103 49 1 227 120 61 76 173 
+72 51 152 114 87 148 104 40 5 57 77 48 14 229 95 100 34 200 8 132 83 22 178 62 
+127 93 129 1 47 30 194 203 83 138 4 186 11 147 120 5 113 40 181 141 139 108 106 
+15 97 15 157 220 95 160 186 138 184 223 61 20 27 175 107 6 101 81 114 207 33 33 
+209 4 66 73 218 4 6 157 44 11 98 179 46 215 221 146 133 7 88 79 139 168 75 189 
+37 159 135 218 180 37 219 51 156 120 181 197 49 5 233 161 110 21 138 64 102 185 
+87 28 219 111 125 58 121 52 80 3 82 38 90 170 110 197 169 126 162 41 109 30 134 
+234 92 145 149 155 13 62 7 208 200 68 48 21 198 33 40 125 178 6 217 196 2 91 34 
+24 213 70 23 113 161 ^
+470 0 58 210 15 107 144 15 159 21 142 152 151 130 48 14 34 140 92 231 190 106 
+112 54 142 7 116 208 193 187 159 73 19 41 144 67 36 148 135 44 184 71 104 156 
+126 218 6 43 204 225 21 90 230 24 182 156 26 138 39 188 139 112 147 62 40 216 
+143 35 75 131 121 18 2 68 161 29 185 203 145 95 40 71 63 113 220 66 8 144 212 
+116 115 228 109 59 138 177 108 172 19 82 187 211 188 191 34 36 55 215 11 39 136 
+24 223 199 170 52 82 42 131 28 53 162 161 226 142 14 231 97 141 79 192 207 120 
+183 236 145 233 198 149 208 48 107 237 173 192 166 77 39 84 102 96 206 40 64 
+186 224 227 174 213 10 111 212 23 150 195 9 124 13 6 136 124 65 121 25 117 195 
+109 204 218 99 201 44 132 149 215 163 234 230 110 225 62 133 181 176 180 10 18 
+9 183 50 22 122 191 41 196 182 163 141 27 32 80 127 8 10 204 132 56 57 130 89 
+57 223 54 90 85 227 215 18 154 25 210 115 187 66 108 224 134 209 180 103 176 87 
+90 223 147 10 163 89 150 143 87 235 20 69 148 228 202 217 171 39 43 59 190 54 
+235 165 149 70 83 29 92 67 233 105 229 130 141 172 112 2 27 118 123 33 160 8 
+103 169 210 201 230 17 22 29 33 8 51 9 38 208 55 222 126 166 129 154 211 95 226 
+194 174 120 90 78 67 88 25 24 37 76 59 45 212 30 72 84 195 16 1 140 237 28 157 
+199 222 167 209 35 68 16 232 25 65 80 220 211 43 111 67 181 228 57 137 11 184 
+216 184 78 26 45 119 110 232 177 22 129 68 168 189 74 196 37 128 174 172 205 
+205 60 218 58 158 93 218 151 123 171 125 86 10 59 52 134 202 20 214 228 195 102 
+44 46 106 71 11 236 93 73 71 156 33 15 211 136 31 100 88 163 182 70 221 232 170 
+145 2 120 38 156 178 95 133 36 96 20 155 191 134 116 22 70 76 152 203 52 175 7 
+209 128 226 49 94 198 190 13 192 21 235 72 229 37 221 139 205 112 140 185 151 
+30 206 47 179 75 217 101 ^
+502 0 158 148 66 13 60 95 103 3 15 5 113 38 23 182 125 65 94 107 73 224 37 47 
+102 237 3 198 155 7 95 56 198 165 52 148 46 163 157 152 173 19 55 29 167 217 76 
+115 203 191 11 165 62 193 99 116 122 144 236 7 28 161 2 29 157 172 23 125 238 
+199 151 177 89 61 24 101 78 50 213 73 41 127 153 45 167 24 121 168 193 156 3 25 
+87 166 28 228 174 188 53 67 239 148 36 118 104 162 208 27 232 4 194 85 1 63 159 
+97 191 194 75 196 10 169 132 199 131 50 223 118 94 117 118 37 27 12 94 60 28 
+171 47 82 110 137 15 225 23 172 43 12 141 142 81 161 12 74 210 162 228 117 98 
+187 124 69 164 76 105 158 101 21 200 70 130 111 143 230 32 221 203 211 101 31 5 
+123 83 76 135 90 57 194 95 46 153 112 62 183 54 63 169 179 4 184 40 188 110 194 
+105 91 206 102 27 175 154 88 142 71 79 199 84 5 170 128 129 125 55 49 17 120 19 
+45 187 114 24 111 123 140 166 38 33 227 178 18 59 99 173 9 10 179 214 12 84 15 
+215 218 82 90 47 149 42 93 188 120 239 195 81 171 94 127 200 127 220 217 86 160 
+16 144 216 157 162 218 72 45 234 159 77 101 88 132 26 26 6 119 13 70 140 156 
+233 220 34 213 26 236 74 200 80 175 164 133 195 24 44 191 184 30 143 57 204 140 
+99 106 77 54 43 42 36 61 14 56 25 97 8 81 181 139 180 153 92 212 77 111 133 185 
+219 231 238 219 1 43 32 231 8 24 91 33 237 223 108 49 64 165 72 35 152 106 87 
+136 96 32 1 53 77 44 238 229 83 96 22 196 124 79 6 166 58 123 93 121 225 43 22 
+186 195 71 126 4 174 235 135 120 229 113 28 181 129 135 100 102 7 85 11 145 212 
+87 156 186 138 184 223 61 4 11 175 107 6 89 81 114 207 21 17 197 236 54 73 214 
+232 234 149 32 11 98 167 34 203 221 146 121 235 88 75 139 160 63 189 29 147 127 
+210 172 33 207 51 152 116 169 189 49 237 233 153 102 17 130 64 98 177 79 16 211 
+111 113 58 113 48 68 235 78 30 86 170 98 197 169 122 154 41 97 18 126 234 92 
+145 145 155 237 50 209 ^
+481 1 208 200 56 48 21 186 21 40 119 178 236 205 196 226 73 22 12 195 64 23 101 
+144 54 206 241 103 132 7 151 13 138 140 151 130 40 2 34 132 80 223 186 94 112 
+50 134 237 104 200 181 175 159 61 19 29 140 55 32 144 127 36 172 59 104 148 126 
+210 240 35 200 225 5 90 230 20 170 144 10 134 39 176 131 108 147 58 36 216 131 
+35 75 127 109 2 232 60 149 25 185 195 137 95 32 71 55 105 216 58 234 144 200 
+108 103 228 105 47 130 165 100 172 7 78 183 207 184 179 18 36 47 203 237 31 128 
+8 219 187 162 44 74 38 131 12 49 162 161 218 142 14 227 89 141 71 180 203 112 
+175 232 133 221 198 141 196 36 99 229 173 192 154 69 23 80 98 88 198 24 52 174 
+216 227 162 213 2 107 204 11 150 187 235 116 5 236 132 124 53 117 21 113 191 
+109 192 206 95 201 28 124 149 215 159 230 218 98 213 54 133 169 172 176 6 10 9 
+183 38 14 110 187 37 188 178 163 133 23 28 72 123 8 240 204 128 52 49 118 89 45 
+215 42 86 85 215 211 14 154 17 210 115 179 62 108 220 130 209 172 103 176 79 82 
+211 139 10 155 85 142 139 83 227 16 69 140 224 202 213 171 35 31 55 178 46 231 
+161 145 70 83 29 88 67 225 101 217 126 137 168 104 2 11 106 115 33 160 4 95 157 
+198 193 222 1 18 13 21 238 47 5 38 204 55 222 118 162 117 146 211 87 226 190 
+166 116 78 66 63 80 25 16 25 68 51 33 212 30 60 76 195 12 239 136 225 28 145 
+195 210 167 205 27 56 4 220 13 65 68 220 203 39 103 59 177 220 57 137 241 176 
+204 180 78 14 37 115 106 232 177 22 129 68 168 177 74 184 33 116 174 164 201 
+197 52 218 46 158 89 214 143 111 159 113 74 236 59 52 122 190 20 214 216 183 90 
+40 46 106 63 7 224 85 69 67 152 29 15 199 136 27 100 76 151 182 66 209 224 158 
+141 240 108 30 156 174 91 129 24 96 4 147 183 134 112 6 62 64 148 199 40 171 
+233 201 124 222 45 90 186 190 239 188 9 235 64 221 29 213 127 178 ^
+508 1 94 122 173 145 6 206 41 173 57 199 146 150 136 66 9 48 83 91 239 243 5 
+109 30 7 174 113 57 90 95 69 224 29 39 102 229 3 194 151 239 87 56 190 165 44 
+144 38 155 157 140 161 11 51 13 163 217 72 107 203 179 243 161 58 193 95 116 
+122 132 236 7 24 153 242 17 149 168 15 125 238 187 147 165 85 53 16 93 66 50 
+201 61 29 127 153 45 159 8 121 164 185 144 235 13 75 166 12 216 166 188 53 63 
+235 148 24 106 100 158 196 19 220 240 190 77 237 63 147 97 187 194 63 188 6 165 
+132 195 119 46 215 110 86 109 118 37 11 4 94 60 20 167 47 74 110 133 7 221 11 
+160 43 129 130 77 149 12 66 206 150 224 117 90 183 120 61 164 76 93 154 101 17 
+196 66 118 99 143 226 32 213 195 207 97 31 1 123 79 64 135 78 49 186 91 42 141 
+108 62 179 46 59 161 167 176 28 180 102 182 105 91 198 90 27 171 142 76 134 63 
+79 199 84 241 158 128 121 117 43 41 17 108 15 37 187 106 12 107 115 128 162 26 
+21 223 170 18 55 87 165 241 2 179 202 8 80 11 207 206 82 82 35 137 34 81 176 
+116 231 183 73 163 82 123 188 115 216 213 86 156 16 140 208 153 154 210 68 33 
+222 155 69 89 80 120 14 22 238 119 5 62 132 148 221 208 18 205 26 224 70 192 80 
+167 156 125 191 24 44 191 180 14 131 45 200 140 99 102 73 54 31 42 32 57 2 44 9 
+89 236 69 177 131 180 149 80 208 65 103 129 177 219 231 230 215 1 35 28 227 20 
+79 17 237 219 96 37 52 157 72 19 152 98 87 124 88 24 241 49 77 40 226 229 71 92 
+10 192 236 116 75 234 154 54 119 93 113 213 39 14 178 187 59 114 4 162 223 123 
+120 217 113 16 181 117 131 92 98 243 73 7 133 204 79 152 186 138 184 223 61 232 
+239 175 107 6 77 81 114 207 9 1 185 232 42 73 210 224 226 141 20 11 98 155 22 
+191 221 146 109 227 88 71 139 152 51 189 21 135 119 202 164 29 195 51 148 112 
+157 181 49 233 233 145 94 13 122 64 94 169 71 4 203 111 101 58 105 44 56 231 74 
+22 82 170 86 197 169 118 146 41 85 6 118 234 92 145 141 149 ^
+484 1 219 32 243 208 200 48 48 21 178 13 40 115 178 232 197 196 218 61 14 4 183 
+60 23 93 136 50 202 229 99 120 245 143 5 134 128 151 130 32 236 34 124 68 215 
+182 82 112 46 126 229 92 192 169 163 159 49 19 17 136 43 28 140 119 28 160 47 
+104 140 126 202 236 27 196 225 235 90 230 16 158 132 240 130 39 164 123 104 147 
+54 32 216 119 35 75 123 97 232 224 52 137 21 185 187 129 95 24 71 47 97 212 50 
+222 144 188 100 91 228 101 35 122 153 92 172 241 74 179 203 180 167 2 36 39 191 
+225 23 120 238 215 175 154 36 66 34 131 242 45 162 161 210 142 14 223 81 141 63 
+168 199 104 167 228 121 209 198 133 184 24 91 221 173 192 142 61 7 76 94 80 190 
+8 40 162 208 227 150 213 240 103 196 245 150 179 223 108 243 228 128 124 41 113 
+17 109 187 109 180 194 91 201 12 116 149 215 155 226 206 86 201 46 133 157 168 
+172 2 2 9 183 26 6 98 183 33 180 174 163 125 19 24 64 119 8 232 204 124 48 41 
+106 89 33 207 30 82 85 203 207 10 154 9 210 115 171 58 108 216 126 209 164 103 
+176 71 74 199 131 10 147 81 134 135 79 219 12 69 132 220 202 209 171 31 19 51 
+166 38 227 157 141 70 83 29 84 67 217 97 205 122 133 164 96 2 241 94 107 33 160 
+87 145 186 185 214 231 14 243 9 230 43 1 38 200 55 222 110 158 105 138 211 79 
+226 186 158 112 66 54 59 72 25 8 13 60 43 21 212 30 48 68 195 8 239 132 213 28 
+133 191 198 167 201 19 44 238 208 1 65 56 220 195 35 95 51 173 212 57 137 233 
+168 192 176 78 2 29 111 102 232 177 22 129 68 168 165 74 172 29 104 174 156 197 
+189 44 218 34 158 85 210 135 99 147 101 62 224 59 52 110 178 20 214 204 171 78 
+36 46 106 55 3 212 77 65 63 148 25 15 187 136 23 100 64 139 182 62 197 216 146 
+137 240 96 22 156 170 87 125 12 96 234 139 175 134 108 236 54 52 144 195 28 167 
+221 193 120 218 41 86 174 190 227 184 243 235 56 213 21 205 115 205 71 ^
+506 0 110 165 141 238 206 37 169 45 187 134 142 124 66 5 36 71 79 235 231 5 105 
+22 239 166 101 49 86 83 65 224 21 31 102 221 3 190 147 231 79 56 182 165 36 140 
+30 147 157 128 149 3 47 245 159 217 68 99 203 167 235 157 54 193 91 116 122 120 
+236 7 20 145 242 5 141 164 7 125 238 175 143 153 81 45 8 85 54 50 189 49 17 127 
+153 45 151 240 121 160 177 132 227 1 63 166 244 204 158 188 53 59 231 148 12 94 
+96 154 184 11 208 236 186 69 233 63 135 97 183 194 51 180 2 161 132 191 107 42 
+207 102 78 101 118 37 243 244 94 60 12 163 47 66 110 129 247 217 247 148 43 236 
+117 118 73 137 12 58 202 138 220 117 82 179 116 53 164 76 81 150 101 13 192 62 
+106 87 143 222 32 205 187 203 93 31 245 123 75 52 135 66 41 178 87 38 129 104 
+62 175 38 55 153 155 244 168 16 172 94 170 105 91 190 78 27 167 130 64 126 55 
+79 199 84 237 146 128 113 109 31 33 17 96 11 29 187 98 103 107 116 158 14 9 219 
+162 18 51 75 157 233 242 179 190 4 76 7 199 194 82 74 23 125 26 69 164 112 223 
+171 65 155 70 119 176 103 212 209 86 152 16 136 200 149 146 202 64 21 210 151 
+61 77 72 108 2 18 230 119 245 54 124 140 209 196 2 197 26 212 66 184 80 159 148 
+117 187 24 44 191 176 246 119 33 196 140 99 98 69 54 19 42 28 53 238 32 241 81 
+224 57 173 123 180 145 68 204 53 95 125 169 219 231 222 211 1 27 24 223 240 16 
+67 1 237 215 84 25 40 149 72 3 152 90 87 112 80 16 241 45 77 36 214 229 59 88 
+246 188 232 108 71 222 142 50 115 93 105 201 35 6 170 179 47 102 4 150 211 111 
+120 205 113 4 181 105 127 84 94 239 61 3 121 196 71 148 186 138 184 223 61 220 
+227 175 107 6 65 81 114 207 245 233 173 228 30 73 206 216 218 133 8 11 98 143 
+10 179 221 146 97 219 88 67 139 144 39 189 13 123 111 194 156 25 183 51 144 108 
+145 173 49 229 233 137 86 9 114 64 90 161 63 240 195 111 89 58 97 40 44 227 70 
+14 78 170 74 197 169 114 138 41 73 242 110 234 177 ^
+491 0 145 135 155 207 20 243 208 200 40 48 21 170 5 40 111 178 228 189 196 210 
+49 6 246 171 56 23 85 128 46 198 217 95 108 241 135 247 130 116 151 130 24 228 
+34 116 56 207 178 70 112 42 118 221 80 184 157 151 159 37 19 5 132 31 24 136 
+111 20 148 35 104 132 126 194 232 19 192 225 223 90 230 12 146 120 228 126 39 
+152 115 100 147 50 28 216 107 35 75 119 85 220 216 44 125 17 185 179 121 95 16 
+71 39 89 208 42 210 144 176 92 79 228 97 23 114 141 84 172 233 70 175 199 176 
+155 236 36 31 179 213 15 112 226 211 163 146 28 58 30 131 230 41 162 161 202 
+142 14 219 73 141 55 156 195 96 159 224 109 197 198 125 172 12 83 213 173 192 
+130 53 241 72 90 72 182 242 28 150 200 227 138 213 236 99 188 237 150 171 211 
+100 239 220 124 124 29 109 13 105 183 109 168 182 87 201 246 108 149 215 151 
+222 194 74 189 38 133 145 164 168 248 244 9 183 14 248 86 179 29 172 170 163 
+117 15 20 56 115 8 224 204 120 44 33 94 89 21 199 18 78 85 191 203 6 154 1 210 
+115 163 54 108 212 122 209 156 103 176 63 66 187 123 10 139 77 126 131 75 211 8 
+69 124 216 202 205 171 27 7 47 154 30 223 153 137 70 83 29 80 67 209 93 193 118 
+129 160 88 2 229 82 99 33 160 246 79 133 174 177 206 219 10 231 247 222 39 247 
+38 196 55 222 102 154 93 130 211 71 226 182 150 108 54 42 55 64 25 1 52 35 9 
+212 30 36 60 195 4 239 128 201 28 121 187 186 167 197 11 32 230 196 239 65 44 
+220 187 31 87 43 169 204 57 137 225 160 180 172 78 240 21 107 98 232 177 22 129 
+68 168 153 74 160 25 92 174 148 193 181 36 218 22 158 81 206 127 87 135 89 50 
+212 59 52 98 166 20 214 192 159 66 32 46 106 47 249 200 69 61 59 144 21 15 175 
+136 19 100 52 127 182 58 185 208 134 133 240 84 14 156 166 83 121 96 222 131 
+167 134 104 224 46 40 140 191 16 163 209 185 116 214 37 82 162 190 215 180 235 
+235 48 205 13 197 103 205 76 104 161 139 232 146 ^
+516 0 33 165 33 175 122 134 112 66 1 24 59 67 231 219 5 101 14 227 158 89 41 82 
+71 61 224 13 23 102 213 3 186 143 223 71 56 174 165 28 136 22 139 157 116 137 
+247 43 233 155 217 64 91 203 155 227 153 50 193 87 116 122 108 236 7 16 137 242 
+245 133 160 251 125 238 163 139 141 77 37 77 42 50 177 37 5 127 153 45 143 228 
+121 156 169 120 219 241 51 166 232 192 150 188 53 55 227 148 82 92 150 172 3 
+196 232 182 61 229 63 123 97 179 194 39 172 250 157 132 187 95 38 199 94 70 93 
+118 37 231 240 94 60 4 159 47 58 110 125 243 213 239 136 43 228 105 106 69 125 
+12 50 198 126 216 117 74 175 112 45 164 76 69 146 101 9 188 58 94 75 143 218 32 
+197 179 199 89 31 245 123 71 40 135 54 33 170 83 34 117 100 62 171 30 51 145 
+143 244 160 4 164 86 158 105 91 182 66 27 163 118 52 118 47 79 199 84 233 134 
+128 105 101 19 25 17 84 7 21 187 90 240 99 99 104 154 2 249 215 154 18 47 63 
+149 225 238 179 178 72 3 191 182 82 66 11 113 18 57 152 108 215 159 57 147 58 
+115 164 91 208 205 86 148 16 132 192 145 138 194 60 9 198 147 53 65 64 96 242 
+14 222 119 241 46 116 132 197 184 238 189 26 200 62 176 80 151 140 109 183 24 
+44 191 172 234 107 21 192 140 99 94 65 54 7 42 24 49 230 20 229 73 212 45 169 
+115 180 141 56 200 41 87 121 161 219 231 214 207 1 19 20 219 236 12 55 237 237 
+211 72 13 28 141 72 239 152 82 87 100 72 8 241 41 77 32 202 229 47 84 238 184 
+228 100 67 210 130 46 111 93 97 189 31 250 162 171 35 90 4 138 199 99 120 193 
+113 244 181 93 123 76 90 235 49 251 109 188 63 144 186 138 184 223 61 208 215 
+175 107 6 53 81 114 207 237 221 161 224 18 73 202 208 210 125 248 11 98 131 250 
+167 221 146 85 211 88 63 139 136 27 189 5 111 103 186 148 21 171 51 140 104 133 
+165 49 225 233 129 78 5 106 64 86 153 55 232 187 111 77 58 89 36 32 223 66 6 74 
+170 62 197 169 110 130 41 61 234 102 234 92 145 133 155 201 14 243 208 200 36 
+48 21 166 1 40 109 178 147 ^
+522 0 179 196 200 34 251 241 156 51 23 75 118 41 193 202 90 93 236 125 242 125 
+101 151 130 14 218 34 106 41 197 173 55 112 37 108 211 65 174 142 136 159 22 19 
+245 127 16 19 131 101 10 133 20 104 122 126 184 227 9 187 225 208 90 230 7 131 
+105 213 121 39 137 105 95 147 45 23 216 92 35 75 114 70 205 206 34 110 12 185 
+169 111 95 6 71 29 79 203 32 195 144 161 82 64 228 92 8 104 126 74 172 223 65 
+170 194 171 140 221 36 21 164 198 5 102 211 206 148 136 18 48 25 131 215 36 162 
+161 192 142 14 214 63 141 45 141 190 86 149 219 94 182 198 115 157 252 73 203 
+173 192 115 43 226 67 85 62 172 227 13 135 190 227 123 213 231 94 178 227 150 
+161 196 90 234 210 119 124 14 104 8 100 178 109 153 167 82 201 231 98 149 215 
+146 217 179 59 174 28 133 130 159 163 248 239 9 183 254 243 71 174 24 162 165 
+163 107 10 15 46 110 8 214 204 115 39 23 79 89 6 189 3 73 85 176 198 1 154 246 
+210 115 153 49 108 207 117 209 146 103 176 53 56 172 113 10 129 72 116 126 70 
+201 3 69 114 211 202 200 171 22 247 42 139 20 218 148 132 70 83 29 75 67 199 88 
+178 113 124 155 78 2 214 67 89 33 160 246 69 118 159 167 196 204 5 216 237 212 
+34 247 38 191 55 222 92 149 78 120 211 61 226 177 140 103 39 27 50 54 25 245 
+241 42 25 249 212 30 21 50 195 254 239 123 186 28 106 182 171 167 192 1 17 220 
+181 229 65 29 220 177 26 77 33 164 194 57 137 215 150 165 167 78 230 11 102 93 
+232 177 22 129 68 168 138 74 145 20 77 174 138 188 171 26 218 7 158 76 201 117 
+72 120 74 35 197 59 52 83 151 20 214 177 144 51 27 46 106 37 249 185 59 56 54 
+139 16 15 160 136 14 100 37 112 182 53 170 198 119 128 240 69 4 156 161 78 116 
+240 96 207 121 157 134 99 209 36 25 135 186 1 158 194 175 111 209 32 77 147 190 
+200 175 225 235 38 195 3 187 88 205 61 89 151 134 217 206 30 162 24 166 113 128 
+103 66 253 15 50 58 228 210 5 98 8 218 152 80 35 79 62 58 224 7 17 102 207 3 
+183 140 217 65 56 168 165 22 133 16 133 157 107 128 244 12 ^
+517 1 218 150 217 59 81 203 140 217 148 45 193 82 116 122 93 236 7 11 127 242 
+235 123 155 246 125 238 148 134 126 72 27 247 67 27 50 162 22 247 127 153 45 
+133 213 121 151 159 105 209 231 36 166 217 177 140 188 53 50 222 148 242 67 87 
+145 157 250 181 227 177 51 224 63 108 97 174 194 24 162 250 152 132 182 80 33 
+189 84 60 83 118 37 216 235 94 60 251 154 47 48 110 120 238 208 229 121 43 218 
+90 91 64 110 12 40 193 111 211 117 64 170 107 35 164 76 54 141 101 4 183 53 79 
+60 143 213 32 187 169 194 84 31 245 123 66 25 135 39 23 160 78 29 102 95 62 166 
+20 46 135 128 244 150 246 154 76 143 105 91 172 51 27 158 103 37 108 37 79 199 
+84 228 119 128 95 91 4 15 17 69 2 11 187 80 230 94 89 89 149 244 239 210 144 18 
+42 48 139 215 233 179 163 252 67 255 181 167 82 56 253 98 8 42 137 103 205 144 
+47 137 43 110 149 76 203 200 86 143 16 127 182 140 128 184 55 251 183 142 43 50 
+54 81 232 9 212 119 236 36 106 122 182 169 223 179 26 185 57 166 80 141 130 99 
+178 24 44 191 167 219 92 6 187 140 99 89 60 54 249 42 19 44 220 5 214 63 197 30 
+164 105 180 136 41 195 26 77 116 151 219 231 204 202 1 9 15 214 231 7 40 222 
+237 206 57 255 13 131 72 224 152 72 87 85 62 255 241 36 77 27 187 229 32 79 228 
+179 223 90 62 195 115 41 106 93 87 174 26 245 152 161 20 75 4 123 184 84 120 
+178 113 234 181 78 118 66 85 230 34 251 94 178 53 139 186 138 184 223 61 193 
+200 175 107 6 38 81 114 207 227 206 146 219 3 73 197 198 200 115 238 11 98 116 
+240 152 221 146 70 201 88 58 139 126 12 189 252 96 93 176 138 16 156 51 135 99 
+118 155 49 220 233 119 68 96 64 81 143 45 222 177 111 62 58 79 31 17 218 61 253 
+69 170 47 197 169 105 120 41 46 224 92 234 92 145 128 155 186 256 243 208 200 
+26 48 21 156 248 40 104 178 221 175 196 196 28 249 239 150 49 23 71 114 39 191 
+196 88 87 234 121 240 123 95 151 130 10 214 34 102 35 193 171 49 112 35 104 207 
+59 170 136 130 159 16 19 241 125 213 ^
+529 1 15 127 93 2 121 8 104 114 126 176 223 1 183 225 196 90 230 3 119 93 201 
+117 39 125 97 91 147 41 19 216 80 35 75 110 58 193 198 26 98 8 185 161 103 95 
+257 71 21 71 199 24 183 144 149 74 52 228 88 255 96 114 66 172 215 61 166 190 
+167 128 209 36 13 152 186 256 94 199 202 136 128 10 40 21 131 203 32 162 161 
+184 142 14 210 55 141 37 129 186 78 141 215 82 170 198 107 145 244 65 195 173 
+192 103 35 214 63 81 54 164 215 1 123 182 227 111 213 227 90 170 219 150 153 
+184 82 230 202 115 124 2 100 4 96 174 109 141 155 78 201 219 90 149 215 142 213 
+167 47 162 20 133 118 155 159 248 235 9 183 246 239 59 170 20 154 161 163 99 6 
+11 38 106 8 206 204 111 35 15 67 89 253 181 250 69 85 164 194 256 154 242 210 
+115 145 45 108 203 113 209 138 103 176 45 48 160 105 10 121 68 108 122 66 193 
+258 69 106 207 202 196 171 18 239 38 127 12 214 144 128 70 83 29 71 67 191 84 
+166 109 120 151 70 2 202 55 81 33 160 246 61 106 147 159 188 192 1 204 229 204 
+30 247 38 187 55 222 84 145 66 112 211 53 226 173 132 99 27 15 46 46 25 241 233 
+34 17 241 212 30 9 42 195 254 239 119 174 28 94 178 159 167 188 252 5 212 169 
+221 65 17 220 169 22 69 25 160 186 57 137 207 142 153 163 78 222 3 98 89 232 
+177 22 129 68 168 126 74 133 16 65 174 130 184 163 18 218 254 158 72 197 109 60 
+108 62 23 185 59 52 71 139 20 214 165 132 39 23 46 106 29 249 173 51 52 50 135 
+12 15 148 136 10 100 25 100 182 49 158 190 107 124 240 57 255 156 157 74 112 
+232 96 195 113 149 134 95 197 28 13 131 182 248 154 182 167 107 205 28 73 135 
+190 188 171 217 235 30 187 254 179 76 205 49 77 143 130 205 206 26 158 12 154 
+101 120 91 66 253 3 38 46 224 198 5 94 206 144 68 27 75 50 54 224 258 9 102 199 
+3 179 136 209 57 56 160 165 14 129 8 125 157 95 116 240 36 212 148 217 57 77 
+203 134 213 146 43 193 80 116 122 87 236 7 9 123 242 231 119 153 244 125 238 
+142 132 120 70 23 245 63 21 50 156 16 243 127 153 45 129 207 121 149 155 99 205 
+227 30 166 211 57 ^
+548 0 134 188 53 47 219 148 236 58 84 142 148 247 172 224 174 45 221 63 99 97 
+171 194 15 156 250 149 132 179 71 30 183 78 54 77 118 37 207 232 94 60 248 151 
+47 42 110 117 235 205 223 112 43 212 81 82 61 101 12 34 190 102 208 117 58 167 
+104 29 164 76 45 138 101 1 180 50 70 51 143 210 32 181 163 191 81 31 245 123 63 
+16 135 30 17 154 75 26 93 92 62 163 14 43 129 119 244 144 240 148 70 134 105 91 
+166 42 27 155 94 28 102 31 79 199 84 225 110 128 89 85 255 9 17 60 259 5 187 74 
+224 91 83 80 146 238 233 207 138 18 39 39 133 209 230 179 154 252 64 255 175 
+158 82 50 247 89 2 33 128 100 199 135 41 131 34 107 140 67 200 197 86 140 16 
+124 176 137 122 178 52 245 174 139 37 41 48 72 226 6 206 119 233 30 100 116 173 
+160 214 173 26 176 54 160 80 135 124 93 175 24 44 191 164 210 83 257 184 140 99 
+86 57 54 243 42 16 41 214 256 205 57 188 21 161 99 180 133 32 192 17 71 113 145 
+219 231 198 199 1 3 12 211 228 4 31 213 237 203 48 249 4 125 72 215 152 66 87 
+76 56 252 241 33 77 24 178 229 23 76 222 176 220 84 59 186 106 38 103 93 81 165 
+23 242 146 155 11 66 4 114 175 75 120 169 113 228 181 69 115 60 82 227 25 251 
+85 172 47 136 186 138 184 223 61 184 191 175 107 6 29 81 114 207 221 197 137 
+216 254 73 194 192 194 109 232 11 98 107 234 143 221 146 61 195 88 55 139 120 3 
+189 249 87 87 170 132 13 147 51 132 96 109 149 49 217 233 113 62 257 90 64 78 
+137 39 216 171 111 53 58 73 28 8 215 58 250 66 170 38 197 169 102 114 41 37 218 
+86 234 92 145 125 155 177 250 243 208 200 20 48 21 150 245 40 101 178 218 169 
+196 190 19 246 236 141 46 23 65 108 36 188 187 85 78 231 115 237 120 86 151 130 
+4 208 34 96 26 187 168 40 112 32 98 201 50 164 127 121 159 7 19 235 122 1 14 
+126 91 118 5 104 112 126 174 222 259 182 225 193 90 230 2 116 90 198 116 39 122 
+95 90 147 40 18 216 77 35 75 109 55 190 196 24 95 7 185 159 101 95 256 71 19 69 
+198 22 180 144 146 72 49 228 87 253 94 111 64 172 213 60 165 189 166 125 206 36 
+11 149 183 255 92 196 201 133 126 8 38 20 131 213 ^
+547 0 29 162 161 178 142 14 207 49 141 31 120 183 72 135 212 73 161 198 101 136 
+238 59 189 173 192 94 29 205 60 78 48 158 206 254 114 176 227 102 213 224 87 
+164 213 150 147 175 76 227 196 112 124 255 97 1 93 171 109 132 146 75 201 210 
+84 149 215 139 210 158 38 153 14 133 109 152 156 248 232 9 183 240 236 50 167 
+17 148 158 163 93 3 8 32 103 8 200 204 108 32 9 58 89 247 175 244 66 85 155 191 
+256 154 239 210 115 139 42 108 200 110 209 132 103 176 39 42 151 99 10 115 65 
+102 119 63 187 258 69 100 204 202 193 171 15 233 35 118 6 211 141 125 70 83 29 
+68 67 185 81 157 106 117 148 64 2 193 46 75 33 160 246 55 97 138 153 182 183 
+260 195 223 198 27 247 38 184 55 222 78 142 57 106 211 47 226 170 126 96 18 6 
+43 40 25 238 227 28 11 235 212 30 36 195 254 239 116 165 28 85 175 150 167 185 
+249 258 206 160 215 65 8 220 163 19 63 19 157 180 57 137 201 136 144 160 78 216 
+259 95 86 232 177 22 129 68 168 117 74 124 13 56 174 124 181 157 12 218 248 158 
+69 194 103 51 99 53 14 176 59 52 62 130 20 214 156 123 30 20 46 106 23 249 164 
+45 49 47 132 9 15 139 136 7 100 16 91 182 46 149 184 98 121 240 48 252 156 154 
+71 109 226 96 186 107 143 134 92 188 22 4 128 179 242 151 173 161 104 202 25 70 
+126 190 179 168 211 235 24 181 251 173 67 205 40 68 137 127 196 206 23 155 3 
+145 92 114 82 66 253 256 29 37 221 189 5 91 256 197 138 59 21 72 41 51 224 255 
+3 102 193 3 176 133 203 51 56 154 165 8 126 2 119 157 86 107 237 33 203 145 217 
+54 71 203 125 207 143 40 193 77 116 122 78 236 7 6 117 242 225 113 150 241 125 
+238 133 129 111 67 17 242 57 12 50 147 7 237 127 153 45 123 198 121 146 149 90 
+199 221 21 166 202 162 130 188 53 45 217 148 232 52 82 140 142 245 166 222 172 
+41 219 63 93 97 169 194 9 152 250 147 132 177 65 28 179 74 50 73 118 37 201 230 
+94 60 246 149 47 38 110 115 233 203 219 106 43 208 75 76 59 95 12 30 188 96 206 
+117 54 165 102 25 164 76 39 136 101 261 178 48 64 45 143 208 32 177 159 189 79 
+31 245 123 61 10 135 24 13 150 73 24 87 90 62 161 10 41 125 209 ^
+542 1 244 136 232 140 62 122 105 91 158 30 27 151 82 16 94 23 79 199 84 221 98 
+128 81 77 247 1 17 48 259 261 187 66 216 87 75 68 142 230 225 203 130 18 35 27 
+125 201 226 179 142 252 60 255 167 146 82 42 239 77 258 21 116 96 191 123 33 
+123 22 103 128 55 196 193 86 136 16 120 168 133 114 170 48 237 162 135 29 29 40 
+60 218 2 198 119 229 22 92 108 161 148 202 165 26 164 50 152 80 127 116 85 171 
+24 44 191 160 198 71 249 180 140 99 82 53 54 235 42 12 37 206 248 193 49 176 9 
+157 91 180 129 20 188 5 63 109 137 219 231 190 195 1 259 8 207 224 19 201 237 
+199 36 241 256 117 72 203 152 58 87 64 48 248 241 29 77 20 166 229 11 72 214 
+172 216 76 55 174 94 34 99 93 73 153 19 238 138 147 263 54 4 102 163 63 120 157 
+113 220 181 57 111 52 78 223 13 251 73 164 39 132 186 138 184 223 61 172 179 
+175 107 6 17 81 114 207 213 185 125 212 246 73 190 184 186 101 224 11 98 95 226 
+131 221 146 49 187 88 51 139 112 255 189 245 75 79 162 124 9 135 51 128 92 97 
+141 49 213 233 105 54 257 82 64 74 129 31 208 163 111 41 58 65 24 260 211 54 
+246 62 170 26 197 169 98 106 41 25 210 78 234 92 145 121 155 165 242 243 208 
+200 12 48 21 142 241 40 97 178 214 161 196 182 7 242 232 129 42 23 57 100 32 
+184 175 81 66 227 107 233 116 74 151 130 260 200 34 88 14 179 164 28 112 28 90 
+193 38 156 115 109 159 259 19 227 118 253 10 122 83 256 106 257 104 104 126 166 
+218 255 178 225 181 90 230 262 104 78 186 112 39 110 87 86 147 36 14 216 65 35 
+75 105 43 178 188 16 83 3 185 151 93 95 252 71 11 61 194 14 168 144 134 64 37 
+228 83 245 86 99 56 172 205 56 161 185 162 113 194 36 3 137 171 251 84 184 197 
+121 118 30 16 131 188 27 162 161 174 142 14 205 45 141 27 114 181 68 131 210 67 
+155 198 97 130 234 55 185 173 192 88 25 199 58 76 44 154 200 250 108 172 227 96 
+213 222 85 160 209 150 143 169 72 225 192 110 124 251 95 263 91 169 109 126 140 
+73 201 204 80 149 215 137 208 152 32 147 10 133 103 150 154 248 230 9 183 236 
+234 44 165 15 144 156 163 89 1 6 28 101 8 196 204 106 164 ^
+567 0 1 46 89 239 167 236 62 85 143 187 256 154 235 210 115 131 38 108 196 106 
+209 124 103 176 31 34 139 91 10 107 61 94 115 59 179 258 69 92 200 202 189 171 
+11 225 31 106 264 207 137 121 70 83 29 64 67 177 77 145 102 113 144 56 2 181 34 
+67 33 160 246 47 85 126 145 174 171 260 183 215 190 23 247 38 180 55 222 70 138 
+45 98 211 39 226 166 118 92 6 260 39 32 25 234 219 20 3 227 212 30 254 28 195 
+254 239 112 153 28 73 171 138 167 181 245 250 198 148 207 65 262 220 155 15 55 
+11 153 172 57 137 193 128 132 156 78 208 255 91 82 232 177 22 129 68 168 105 74 
+112 9 44 174 116 177 149 4 218 240 158 65 190 95 39 87 41 2 164 59 52 50 118 20 
+214 144 111 18 16 46 106 15 249 152 37 45 43 128 5 15 127 136 3 100 4 79 182 42 
+137 176 86 117 240 36 248 156 150 67 105 218 96 174 99 135 134 88 176 14 258 
+124 175 234 147 161 153 100 198 21 66 114 190 167 164 203 235 16 173 247 165 55 
+205 28 56 129 123 184 206 19 151 257 133 80 106 70 66 253 248 17 25 217 177 5 
+87 252 185 130 47 13 68 29 47 224 251 261 102 185 3 172 129 195 43 56 146 165 
+122 260 111 157 74 95 233 29 191 141 217 50 63 203 113 199 139 36 193 73 116 
+122 66 236 7 2 109 242 217 105 146 237 125 238 121 125 99 63 9 238 49 50 135 
+261 229 127 153 45 115 186 121 142 141 78 191 213 9 166 190 150 122 188 53 41 
+213 148 224 40 78 136 130 241 154 218 168 33 215 63 81 97 165 194 263 144 250 
+143 132 173 53 24 171 66 42 65 118 37 189 226 94 60 242 145 47 30 110 111 229 
+199 211 94 43 200 63 64 55 83 12 22 184 84 202 117 46 161 98 17 164 76 27 132 
+101 261 174 44 52 33 143 204 32 169 151 185 75 31 245 123 57 264 135 12 5 142 
+69 20 75 86 62 157 2 37 117 101 244 132 228 136 58 116 105 91 154 24 27 149 76 
+10 90 19 79 199 84 219 92 128 77 73 243 263 17 42 259 259 187 62 212 85 71 62 
+140 226 221 201 126 18 33 21 121 197 224 179 136 252 58 255 163 140 82 38 235 
+71 256 15 110 94 187 117 29 119 16 101 122 49 194 191 86 134 16 118 164 131 110 
+166 46 233 156 133 25 23 36 54 214 194 119 227 18 88 104 155 142 196 161 26 158 
+48 148 80 123 112 81 169 24 44 191 158 192 65 245 178 140 223 ^
+551 1 78 49 54 227 42 8 33 198 240 181 41 164 265 153 83 180 125 8 184 261 55 
+105 129 219 231 182 191 1 255 4 203 220 264 7 189 237 195 24 233 248 109 72 191 
+152 50 87 52 40 244 241 25 77 16 154 229 267 68 206 168 212 68 51 162 82 30 95 
+93 65 141 15 234 130 139 255 42 4 90 151 51 120 145 113 212 181 45 107 44 74 
+219 1 251 61 156 31 128 186 138 184 223 61 160 167 175 107 6 5 81 114 207 205 
+173 113 208 238 73 186 176 178 93 216 11 98 83 218 119 221 146 37 179 88 47 139 
+104 247 189 241 63 71 154 116 5 123 51 124 88 85 133 49 209 233 97 46 257 74 64 
+70 121 23 200 155 111 29 58 57 20 252 207 50 242 58 170 14 197 169 94 98 41 13 
+202 70 234 92 145 117 155 153 234 243 208 200 4 48 21 134 237 40 93 178 210 153 
+196 174 263 238 228 117 38 23 49 92 28 180 163 77 54 223 99 229 112 62 151 130 
+256 192 34 80 2 171 160 16 112 24 82 185 26 148 103 97 159 251 19 219 114 245 6 
+118 75 252 94 249 104 96 126 158 214 251 174 225 169 90 230 262 92 66 174 108 
+39 98 79 82 147 32 10 216 53 35 75 101 31 166 180 8 71 267 185 143 85 95 248 71 
+3 53 190 6 156 144 122 56 25 228 79 237 78 87 48 172 197 52 157 181 158 101 182 
+36 263 125 159 247 76 172 193 109 110 260 22 12 131 176 23 162 161 166 142 14 
+201 37 141 19 102 177 60 123 206 55 143 198 89 118 226 47 177 173 192 76 17 187 
+54 72 36 146 188 242 96 164 227 84 213 218 81 152 201 150 135 157 64 221 184 
+106 124 243 91 263 87 165 109 114 128 69 201 192 72 149 215 133 204 140 20 135 
+2 133 91 146 150 248 226 9 183 228 230 32 161 11 136 152 163 81 265 2 20 97 8 
+188 204 102 26 265 40 89 235 163 232 60 85 137 185 256 154 233 210 115 127 36 
+108 194 104 209 120 103 176 27 30 133 87 10 103 59 90 113 57 175 258 69 88 198 
+202 187 171 9 221 29 100 262 205 135 119 70 83 29 62 67 173 75 139 100 111 142 
+52 2 175 28 63 33 160 246 43 79 120 141 170 165 260 177 211 186 21 247 38 178 
+55 222 66 136 39 94 211 35 226 164 114 90 256 37 28 25 232 215 16 267 223 212 
+30 250 24 195 254 239 110 147 28 67 169 132 167 179 243 246 194 142 203 65 263 ^
+578 0 220 147 11 47 3 149 164 57 137 185 120 120 152 78 200 251 87 78 232 177 
+22 129 68 168 93 74 100 5 32 174 108 173 141 266 218 232 158 61 186 87 27 75 29 
+260 152 59 52 38 106 20 214 132 99 6 12 46 106 7 249 140 29 41 39 124 1 15 115 
+136 269 100 262 67 182 38 125 168 74 113 240 24 244 156 146 63 101 210 96 162 
+91 127 134 84 164 6 250 120 171 226 143 149 145 96 194 17 62 102 190 155 160 
+195 235 8 165 243 157 43 205 16 44 121 119 172 206 15 147 249 121 68 98 58 66 
+253 240 5 13 213 165 5 83 248 173 122 35 5 64 17 43 224 247 257 102 177 3 168 
+125 187 35 56 138 165 262 118 256 103 157 62 83 229 25 179 137 217 46 55 203 
+101 191 135 32 193 69 116 122 54 236 7 268 101 242 209 97 142 233 125 238 109 
+121 87 59 1 234 41 258 50 123 253 221 127 153 45 107 174 121 138 133 66 183 205 
+267 166 178 138 114 188 53 37 209 148 216 28 74 132 118 237 142 214 164 25 211 
+63 69 97 161 194 255 136 250 139 132 169 41 20 163 58 34 57 118 37 177 222 94 
+60 238 141 47 22 110 107 225 195 203 82 43 192 51 52 51 71 12 14 180 72 198 117 
+38 157 94 9 164 76 15 128 101 261 170 40 40 21 143 200 32 161 143 181 71 31 245 
+123 53 256 135 267 134 65 16 63 82 62 153 264 33 109 89 244 124 220 128 50 104 
+105 91 146 12 27 145 64 268 82 11 79 199 84 215 80 128 69 65 235 259 17 30 259 
+255 187 54 204 81 63 50 136 218 213 197 118 18 29 9 113 189 220 179 124 252 54 
+255 155 128 82 30 227 59 252 3 98 90 179 105 21 111 4 97 110 37 190 187 86 130 
+16 114 156 127 102 158 42 225 144 129 17 11 28 42 206 266 186 119 223 10 80 96 
+143 130 184 153 26 146 44 140 80 115 104 73 165 24 44 191 154 180 53 237 174 
+140 99 76 47 54 223 42 6 31 194 236 175 37 158 261 151 79 180 123 2 182 257 51 
+103 125 219 231 178 189 1 253 2 201 218 264 1 183 237 193 18 229 244 105 72 185 
+152 46 87 46 36 242 241 23 77 14 148 229 263 66 202 166 210 64 49 156 76 28 93 
+93 61 135 13 232 126 135 251 36 4 84 145 45 120 139 113 208 181 39 105 40 72 
+217 265 251 55 152 27 126 186 138 184 223 61 154 161 175 107 6 269 81 114 207 
+201 167 107 206 234 73 184 172 174 89 212 11 98 77 214 113 221 146 31 175 88 45 
+139 100 243 189 213 ^
+578 1 51 63 146 108 1 111 51 120 84 73 125 49 205 233 89 38 257 66 64 66 113 15 
+192 147 111 17 58 49 16 244 203 46 238 54 170 2 197 169 90 90 41 1 194 62 234 
+92 145 113 155 141 226 243 208 200 268 48 21 126 233 40 89 178 206 145 196 166 
+255 234 224 105 34 23 41 84 24 176 151 73 42 219 91 225 108 50 151 130 252 184 
+34 72 262 163 156 4 112 20 74 177 14 140 91 85 159 243 19 211 110 237 2 114 67 
+248 82 241 104 88 126 150 210 247 170 225 157 90 230 262 80 54 162 104 39 86 71 
+78 147 28 6 216 41 35 75 97 19 154 172 59 267 185 135 77 95 244 71 267 45 186 
+270 144 144 110 48 13 228 75 229 70 75 40 172 189 48 153 177 154 89 170 36 259 
+113 147 243 68 160 189 97 102 256 14 8 131 164 19 162 161 158 142 14 197 29 141 
+11 90 173 52 115 202 43 131 198 81 106 218 39 169 173 192 64 9 175 50 68 28 138 
+176 234 84 156 227 72 213 214 77 144 193 150 127 145 56 217 176 102 124 235 87 
+263 83 161 109 102 116 65 201 180 64 149 215 129 200 128 8 123 266 133 79 142 
+146 248 222 9 183 220 226 20 157 7 128 148 163 73 265 270 12 93 8 180 204 98 22 
+261 28 89 227 155 224 56 85 125 181 256 154 229 210 115 119 32 108 190 100 209 
+112 103 176 19 22 121 79 10 95 55 82 109 53 167 258 69 80 194 202 183 171 5 213 
+25 88 258 201 131 115 70 83 29 58 67 165 71 127 96 107 138 44 2 163 16 55 33 
+160 246 35 67 108 133 162 153 260 165 203 178 17 247 38 174 55 222 58 132 27 86 
+211 27 226 160 106 86 260 248 33 20 25 228 207 8 263 215 212 30 242 16 195 254 
+239 106 135 28 55 165 120 167 175 239 238 186 130 195 65 250 220 143 9 43 271 
+147 160 57 137 181 116 114 150 78 196 249 85 76 232 177 22 129 68 168 87 74 94 
+3 26 174 104 171 137 264 218 228 158 59 184 83 21 69 23 256 146 59 52 32 100 20 
+214 126 93 10 46 106 3 249 134 25 39 37 122 271 15 109 136 269 100 258 61 182 
+36 119 164 68 111 240 18 242 156 144 61 99 206 96 156 87 123 134 82 158 2 246 
+118 169 222 141 143 141 94 192 15 60 96 190 149 158 191 235 4 161 241 153 37 
+205 10 38 117 117 166 206 13 145 245 115 62 94 52 66 253 236 271 7 211 159 5 81 
+246 167 118 29 1 62 11 41 224 245 255 102 173 3 166 123 183 31 56 134 165 260 
+116 254 81 ^
+583 1 157 50 71 225 21 167 133 217 42 47 203 89 183 131 28 193 65 116 122 42 
+236 7 268 93 242 201 89 138 229 125 238 97 117 75 55 267 230 33 250 50 111 245 
+213 127 153 45 99 162 121 134 125 54 175 197 259 166 166 126 106 188 53 33 205 
+148 208 16 70 128 106 233 130 210 160 17 207 63 57 97 157 194 247 128 250 135 
+132 165 29 16 155 50 26 49 118 37 165 218 94 60 234 137 47 14 110 103 221 191 
+195 70 43 184 39 40 47 59 12 6 176 60 194 117 30 153 90 1 164 76 3 124 101 261 
+166 36 28 9 143 196 32 153 135 177 67 31 245 123 49 248 135 262 263 126 61 12 
+51 78 62 149 260 29 101 77 244 116 212 120 42 92 105 91 138 27 141 52 260 74 3 
+79 199 84 211 68 128 61 57 227 255 17 18 259 251 187 46 196 77 55 38 132 210 
+205 193 110 18 25 271 105 181 216 179 112 252 50 255 147 116 82 22 219 47 248 
+265 86 86 171 93 13 103 266 93 98 25 186 183 86 126 16 110 148 123 94 150 38 
+217 132 125 9 273 20 30 198 266 178 119 219 2 72 88 131 118 172 145 26 134 40 
+132 80 107 96 65 161 24 44 191 150 168 41 229 170 140 99 72 43 54 215 42 2 27 
+186 228 163 29 146 253 147 71 180 119 264 178 249 43 99 117 219 231 170 185 1 
+249 272 197 214 264 263 171 237 189 6 221 236 97 72 173 152 38 87 34 28 238 241 
+19 77 10 136 229 255 62 194 162 206 56 45 144 64 24 89 93 53 123 9 228 118 127 
+243 24 4 72 133 33 120 127 113 200 181 27 101 32 68 213 257 251 43 144 19 122 
+186 138 184 223 61 142 149 175 107 6 261 81 114 207 193 155 95 202 226 73 180 
+164 166 81 204 11 98 65 206 101 221 146 19 167 88 41 139 92 235 189 235 45 59 
+142 104 273 105 51 118 82 67 121 49 203 233 85 34 257 62 64 64 109 11 188 143 
+111 11 58 45 14 240 201 44 236 52 170 270 197 169 88 86 41 269 190 58 234 92 
+145 111 155 135 222 243 208 200 266 48 21 122 231 40 87 178 204 141 196 162 251 
+232 222 99 32 23 37 80 22 174 145 71 36 217 87 223 106 44 151 130 250 180 34 68 
+258 159 154 272 112 18 70 173 8 136 85 79 159 239 19 207 108 233 112 63 246 76 
+237 104 84 126 146 208 245 168 225 151 90 230 262 74 48 156 102 39 80 67 76 147 
+26 4 216 35 35 75 95 13 148 168 270 53 267 185 131 73 95 242 71 265 41 184 268 
+138 144 104 44 7 228 73 225 66 69 36 272 ^
+588 0 181 44 149 173 150 77 158 36 255 101 135 239 60 148 185 85 94 252 6 4 131 
+152 15 162 161 150 142 14 193 21 141 3 78 169 44 107 198 31 119 198 73 94 210 
+31 161 173 192 52 1 163 46 64 20 130 164 226 72 148 227 60 213 210 73 136 185 
+150 119 133 48 213 168 98 124 227 83 263 79 157 109 90 104 61 201 168 56 149 
+215 125 196 116 272 111 262 133 67 138 142 248 218 9 183 212 222 8 153 3 120 
+144 163 65 265 270 4 89 8 172 204 94 18 257 16 89 219 147 216 52 85 113 177 256 
+154 225 210 115 111 28 108 186 96 209 104 103 176 11 14 109 71 10 87 51 74 105 
+49 159 258 69 72 190 202 179 171 1 205 21 76 254 197 127 111 70 83 29 54 67 157 
+67 115 92 103 134 36 2 151 4 47 33 160 246 27 55 96 125 154 141 260 153 195 170 
+13 247 38 170 55 222 50 128 15 78 211 19 226 156 98 82 252 240 29 12 25 224 199 
+259 207 212 30 234 8 195 254 239 102 123 28 43 161 108 167 171 235 230 178 118 
+187 65 242 220 135 5 35 267 143 152 57 137 173 108 102 146 78 188 245 81 72 232 
+177 22 129 68 168 75 74 82 275 14 174 96 167 129 260 218 220 158 55 180 75 9 57 
+11 248 134 59 52 20 88 20 214 114 81 264 6 46 106 271 249 122 17 35 33 118 271 
+15 97 136 269 100 250 49 182 32 107 156 56 107 240 6 238 156 140 57 95 198 96 
+144 79 115 134 78 146 270 238 114 165 214 137 131 133 90 188 11 56 84 190 137 
+154 183 235 272 153 237 145 25 205 274 26 109 113 154 206 9 141 237 103 50 86 
+40 66 253 228 263 271 207 147 5 77 242 155 110 17 269 58 275 37 224 241 251 102 
+165 3 162 119 175 23 56 126 165 256 112 250 91 157 44 65 223 19 161 131 217 40 
+43 203 83 179 129 26 193 63 116 122 36 236 7 268 89 242 197 85 136 227 125 238 
+91 115 69 53 265 228 29 246 50 105 241 209 127 153 45 95 156 121 132 121 48 171 
+193 255 166 160 120 102 188 53 31 203 148 204 10 68 126 100 231 124 208 158 13 
+205 63 51 97 155 194 243 124 250 133 132 163 23 14 151 46 22 45 118 37 159 216 
+94 60 232 135 47 10 110 101 219 189 191 64 43 180 33 34 45 53 12 2 174 54 192 
+117 26 151 88 273 164 76 273 122 101 261 164 34 22 3 143 194 32 149 131 175 65 
+31 245 123 47 244 135 258 261 122 59 10 45 76 62 147 258 27 97 71 244 112 208 
+116 38 86 105 91 134 270 27 139 46 256 70 275 79 199 160 ^
+594 0 207 56 128 53 49 219 251 17 6 259 247 187 38 188 73 47 26 128 202 197 189 
+102 18 21 263 97 173 212 179 100 252 46 255 139 104 82 14 211 35 244 257 74 82 
+163 81 5 95 258 89 86 13 182 179 86 122 16 106 140 119 86 142 34 209 120 121 1 
+265 12 18 190 266 170 119 215 272 64 80 119 106 160 137 26 122 36 124 80 99 88 
+57 157 24 44 191 146 156 29 221 166 140 99 68 39 54 207 42 276 23 178 220 151 
+21 134 245 143 63 180 115 256 174 241 35 95 109 219 231 162 181 1 245 272 193 
+210 264 255 159 237 185 272 213 228 89 72 161 152 30 87 22 20 234 241 15 77 6 
+124 229 247 58 186 158 202 48 41 132 52 20 85 93 45 111 5 224 110 119 235 12 4 
+60 121 21 120 115 113 192 181 15 97 24 64 209 249 251 31 136 11 118 186 138 184 
+223 61 130 137 175 107 6 253 81 114 207 185 143 83 198 218 73 176 156 158 73 
+196 11 98 53 198 89 221 146 7 159 88 37 139 84 227 189 231 33 51 134 96 273 93 
+51 114 78 55 113 49 199 233 77 26 257 54 64 60 101 3 180 135 111 277 58 37 10 
+232 197 40 232 48 170 262 197 169 84 78 41 261 182 50 234 92 145 107 155 123 
+214 243 208 200 262 48 21 114 227 40 83 178 200 133 196 154 243 228 218 87 28 
+23 29 72 18 170 133 67 24 213 79 219 102 32 151 130 246 172 34 60 250 151 150 
+264 112 14 62 165 274 128 73 67 159 231 19 199 104 225 274 108 55 242 64 229 
+104 76 126 138 204 241 164 225 139 90 230 262 62 36 144 98 39 68 59 72 147 22 
+216 23 35 75 91 1 136 160 266 41 267 185 123 65 95 238 71 261 33 180 264 126 
+144 92 36 273 228 69 217 58 57 28 172 177 42 147 171 148 71 152 36 253 95 129 
+237 56 142 183 79 90 250 2 2 131 146 13 162 161 146 142 14 191 17 141 277 72 
+167 40 103 196 25 113 198 69 88 206 27 157 173 192 46 275 157 44 62 16 126 158 
+222 66 144 227 54 213 208 71 132 181 150 115 127 44 211 164 96 124 223 81 263 
+77 155 109 84 98 59 201 162 52 149 215 123 194 110 268 105 260 133 61 136 140 
+248 216 9 183 208 220 2 151 1 116 142 163 61 265 270 87 8 168 204 92 16 255 10 
+89 215 143 212 50 85 107 175 256 154 223 210 115 107 26 108 184 94 209 100 103 
+176 7 10 103 67 10 83 49 70 103 47 155 258 69 68 188 202 177 171 277 201 19 70 
+252 195 125 109 70 83 29 52 67 153 65 109 90 101 132 32 2 145 276 43 33 160 246 
+23 259 ^
+600 1 87 119 148 132 260 144 189 164 10 247 38 167 55 222 44 125 6 72 211 13 
+226 153 92 79 246 234 26 6 25 221 193 273 256 201 212 30 228 2 195 254 239 99 
+114 28 34 158 99 167 168 232 224 172 109 181 65 236 220 129 2 29 264 140 146 57 
+137 167 102 93 143 78 182 242 78 69 232 177 22 129 68 168 66 74 73 275 5 174 90 
+164 123 257 218 214 158 52 177 69 48 2 242 125 59 52 11 79 20 214 105 72 258 3 
+46 106 268 249 113 11 32 30 115 271 15 88 136 269 100 244 40 182 29 98 150 47 
+104 240 276 235 156 137 54 92 192 96 135 73 109 134 75 137 267 232 111 162 208 
+134 122 127 87 185 8 53 75 190 128 151 177 235 269 147 234 139 16 205 268 17 
+103 110 145 206 6 138 231 94 41 80 31 66 253 222 257 265 204 138 5 74 239 146 
+104 8 266 55 269 34 224 238 248 102 159 3 159 116 169 17 56 120 165 253 109 247 
+85 157 35 56 220 16 152 128 217 37 37 203 74 173 126 23 193 60 116 122 27 236 7 
+268 83 242 191 79 133 224 125 238 82 112 60 50 262 225 23 240 50 96 235 203 127 
+153 45 89 147 121 129 115 39 165 187 249 166 151 111 96 188 53 28 200 148 198 1 
+65 123 91 228 115 205 155 7 202 63 42 97 152 194 237 118 250 130 132 160 14 11 
+145 40 16 39 118 37 150 213 94 60 229 132 47 4 110 98 216 186 185 55 43 174 24 
+25 42 44 12 275 171 45 189 117 20 148 85 270 164 76 267 119 101 261 161 31 13 
+273 143 191 32 143 125 172 62 31 245 123 44 238 135 252 258 116 56 7 36 73 62 
+144 255 24 91 62 244 106 202 110 32 77 105 91 128 264 27 136 37 250 64 272 79 
+199 84 206 53 128 51 47 217 250 17 3 259 246 187 36 186 72 45 23 127 200 195 
+188 100 18 20 261 95 171 211 179 97 252 45 255 137 101 82 12 209 32 243 255 71 
+81 161 78 3 93 256 88 83 10 181 178 86 121 16 105 138 118 84 140 33 207 117 120 
+278 263 10 15 188 266 168 119 214 271 62 78 116 103 157 135 26 119 35 122 80 97 
+86 55 156 24 44 191 145 153 26 219 165 140 99 67 38 54 205 42 276 22 176 218 
+148 19 131 243 142 61 180 114 254 173 239 33 94 107 219 231 160 180 1 244 272 
+192 209 264 253 156 237 184 270 211 226 87 72 158 152 28 87 19 18 233 241 14 77 
+5 121 229 245 57 184 157 201 46 40 129 49 19 84 93 43 108 4 223 108 117 233 9 4 
+57 118 18 120 112 113 190 181 12 96 22 63 208 247 251 28 134 9 117 186 138 184 
+223 61 127 216 ^
+590 1 175 107 6 247 81 114 207 179 134 74 195 212 73 173 150 152 67 190 11 98 
+44 192 80 221 146 279 153 88 34 139 78 221 189 228 24 45 128 90 273 84 51 111 
+75 46 107 49 196 233 71 20 257 48 64 57 95 278 174 129 111 271 58 31 7 226 194 
+37 229 45 170 256 197 169 81 72 41 255 176 44 234 92 145 104 155 114 208 243 
+208 200 259 48 21 108 224 40 80 178 197 127 196 148 237 225 215 78 25 23 23 66 
+15 167 124 64 15 210 73 216 99 23 151 130 243 166 34 54 244 145 147 258 112 11 
+56 159 268 122 64 58 159 225 19 193 101 219 274 105 49 239 55 223 104 70 126 
+132 201 238 161 225 130 90 230 262 53 27 135 95 39 59 53 69 147 19 278 216 14 
+35 75 88 273 127 154 263 32 267 185 117 59 95 235 71 258 27 177 261 117 144 83 
+30 267 228 66 211 52 48 22 172 171 39 144 168 145 62 143 36 250 86 120 234 50 
+133 180 70 84 247 277 280 131 137 10 162 161 140 142 14 188 11 141 274 63 164 
+34 97 193 16 104 198 63 79 200 21 151 173 192 37 272 148 41 59 10 120 149 216 
+57 138 227 45 213 205 68 126 175 150 109 118 38 208 158 93 124 217 78 263 74 
+152 109 75 89 56 201 153 46 149 215 120 191 101 262 96 257 133 52 133 137 248 
+213 9 183 202 217 274 148 279 110 139 163 55 265 270 275 84 8 162 204 89 13 252 
+1 89 209 137 206 47 85 98 172 256 154 220 210 115 101 23 108 181 91 209 94 103 
+176 1 4 94 61 10 77 46 64 100 44 149 258 69 62 185 202 174 171 277 195 16 61 
+249 192 122 106 70 83 29 49 67 147 62 100 87 98 129 26 2 136 270 37 33 160 246 
+17 40 81 115 144 126 260 138 185 160 8 247 38 165 55 222 40 123 68 211 9 226 
+151 88 77 242 230 24 2 25 219 189 271 254 197 212 30 224 279 195 254 239 97 108 
+28 28 156 93 167 166 230 220 168 103 177 65 232 220 125 25 262 138 142 57 137 
+163 98 87 141 78 178 240 76 67 232 177 22 129 68 168 60 74 67 275 280 174 86 
+162 119 255 218 210 158 50 175 65 275 42 277 238 119 59 52 5 73 20 214 99 66 
+254 1 46 106 266 249 107 7 30 28 113 271 15 82 136 269 100 240 34 182 27 92 146 
+41 102 240 272 233 156 135 52 90 188 96 129 69 105 134 73 131 265 228 109 160 
+204 132 116 123 85 183 6 51 69 190 122 149 173 235 267 143 232 135 10 205 264 
+11 99 108 139 206 4 136 227 88 35 76 25 66 253 218 253 261 202 132 5 72 237 140 
+203 ^
+620 0 279 262 51 261 30 224 234 244 102 151 3 155 112 161 9 56 112 165 249 105 
+243 77 157 23 44 216 12 140 124 217 33 29 203 62 165 122 19 193 56 116 122 15 
+236 7 268 75 242 183 71 129 220 125 238 70 108 48 46 258 221 15 232 50 84 227 
+195 127 153 45 81 135 121 125 107 27 157 179 241 166 139 99 88 188 53 24 196 
+148 190 272 61 119 79 224 103 201 151 282 198 63 30 97 148 194 229 110 250 126 
+132 156 2 7 137 32 8 31 118 37 138 209 94 60 225 128 47 279 110 94 212 182 177 
+43 43 166 12 13 38 32 12 271 167 33 185 117 12 144 81 266 164 76 259 115 101 
+261 157 27 1 265 143 187 32 135 117 168 58 31 245 123 40 230 135 244 254 108 52 
+3 24 69 62 140 251 20 83 50 244 98 194 102 24 65 105 91 120 256 27 132 25 242 
+56 268 79 199 84 202 41 128 43 39 209 246 17 274 259 242 187 28 178 68 37 11 
+123 192 187 184 92 18 16 253 87 163 207 179 85 252 41 255 129 89 82 4 201 20 
+239 247 59 77 153 66 278 85 248 84 71 281 177 174 86 117 16 101 130 114 76 132 
+29 199 105 116 274 255 2 3 180 266 160 119 210 267 54 70 104 91 145 127 26 107 
+31 114 80 89 78 47 152 24 44 191 141 141 14 211 161 140 99 63 34 54 197 42 276 
+18 168 210 136 11 119 235 138 53 180 110 246 169 231 25 90 99 219 231 152 176 1 
+240 272 188 205 264 245 144 237 180 262 203 218 79 72 146 152 20 87 7 10 229 
+241 10 77 1 109 229 237 53 176 153 197 38 36 117 37 15 80 93 35 96 219 100 109 
+225 280 4 45 106 6 120 100 113 182 181 92 14 59 204 239 251 16 126 1 113 186 
+138 184 223 61 115 122 175 107 6 243 81 114 207 175 128 68 193 208 73 171 146 
+148 63 186 11 98 38 188 74 221 146 275 149 88 32 139 74 217 189 226 18 41 124 
+86 273 78 51 109 73 40 103 49 194 233 67 16 257 44 64 55 91 276 170 125 111 267 
+58 27 5 222 192 35 227 43 170 252 197 169 79 68 41 251 172 40 234 92 145 102 
+155 108 204 243 208 200 257 48 21 104 222 40 78 178 195 123 196 144 233 223 213 
+72 23 23 19 62 13 165 118 62 9 208 69 214 97 17 151 130 241 162 34 50 240 141 
+145 254 112 9 52 155 264 118 58 52 159 221 19 189 99 215 274 103 45 237 49 219 
+104 66 126 128 199 236 159 225 124 90 230 262 47 21 129 93 39 53 49 67 147 17 
+278 216 8 35 75 86 269 121 150 261 26 267 185 113 55 95 233 71 256 23 175 259 
+111 144 77 26 263 228 64 207 48 42 18 172 167 37 142 166 143 56 137 36 248 80 
+114 232 46 127 257 ^
+605 1 58 76 243 273 280 131 125 6 162 161 132 142 14 184 3 141 270 51 160 26 89 
+189 4 92 198 55 67 192 13 143 173 192 25 268 136 37 55 2 112 137 208 45 130 227 
+33 213 201 64 118 167 150 101 106 30 204 150 89 124 209 74 263 70 148 109 63 77 
+52 201 141 38 149 215 116 187 89 254 84 253 133 40 129 133 248 209 9 183 194 
+213 266 144 279 102 135 163 47 265 270 271 80 8 154 204 85 9 248 274 89 201 129 
+198 43 85 86 168 256 154 216 210 115 93 19 108 177 87 209 86 103 176 278 281 82 
+53 10 69 42 56 96 40 141 258 69 54 181 202 170 171 277 187 12 49 245 188 118 
+102 70 83 29 45 67 139 58 88 83 94 125 18 2 124 262 29 33 160 246 9 28 69 107 
+136 114 260 126 177 152 4 247 38 161 55 222 32 119 273 60 211 1 226 147 80 73 
+234 222 20 279 25 215 181 267 250 189 212 30 216 275 195 254 239 93 96 28 16 
+152 81 167 162 226 212 160 91 169 65 224 220 117 281 17 258 134 134 57 137 155 
+90 75 137 78 170 236 72 63 232 177 22 129 68 168 48 74 55 275 272 174 78 158 
+111 251 218 202 158 46 171 57 267 30 269 230 107 59 52 278 61 20 214 87 54 246 
+282 46 106 262 249 95 284 26 24 109 271 15 70 136 269 100 232 22 182 23 80 138 
+29 98 240 264 229 156 131 48 86 180 96 117 61 97 134 69 119 261 220 105 156 196 
+128 104 115 81 179 2 47 57 190 110 145 165 235 263 135 228 127 283 205 256 284 
+91 104 127 206 132 219 76 23 68 13 66 253 210 245 253 198 120 5 68 233 128 92 
+275 260 49 257 28 224 232 242 102 147 3 153 110 157 5 56 108 165 247 103 241 73 
+157 17 38 214 10 134 122 217 31 25 203 56 161 120 17 193 54 116 122 9 236 7 268 
+71 242 179 67 127 218 125 238 64 106 42 44 256 219 11 228 50 78 223 191 127 153 
+45 77 129 121 123 103 21 153 175 237 166 133 93 84 188 53 22 194 148 186 268 59 
+117 73 222 97 199 149 280 196 63 24 97 146 194 225 106 250 124 132 154 281 5 
+133 28 4 27 118 37 132 207 94 60 223 126 47 277 110 92 210 180 173 37 43 162 6 
+7 36 26 12 269 165 27 183 117 8 142 79 264 164 76 255 113 101 261 155 25 280 
+261 143 185 32 131 113 166 56 31 245 123 38 226 135 240 252 104 50 1 18 67 62 
+138 249 18 79 44 244 94 190 98 20 59 105 91 116 252 27 130 19 238 52 266 79 199 
+84 200 35 128 39 35 205 244 17 270 259 240 187 24 174 66 33 5 121 188 183 182 
+88 18 14 249 83 159 205 179 79 252 186 ^
+615 0 255 121 77 82 283 193 8 235 239 47 73 145 54 274 77 240 80 59 273 173 170 
+86 113 16 97 122 110 68 124 25 191 93 112 270 247 281 278 172 266 152 119 206 
+263 46 62 92 79 133 119 26 95 27 106 80 81 70 39 148 24 44 191 137 129 2 203 
+157 140 99 59 30 54 189 42 276 14 160 202 124 3 107 227 134 45 180 106 238 165 
+223 17 86 91 219 231 144 172 1 236 272 184 201 264 237 132 237 176 254 195 210 
+71 72 134 152 12 87 282 2 225 241 6 77 284 97 229 229 49 168 149 193 30 32 105 
+25 11 76 93 27 84 283 215 92 101 217 272 4 33 94 281 120 88 113 174 181 275 88 
+6 55 200 231 251 4 118 280 109 186 138 184 223 61 103 110 175 107 6 235 81 114 
+207 167 116 56 189 200 73 167 138 140 55 178 11 98 26 180 62 221 146 267 141 88 
+28 139 66 209 189 222 6 33 116 78 273 66 51 105 69 28 95 49 190 233 59 8 257 36 
+64 51 83 272 162 117 111 259 58 19 1 214 188 31 223 39 170 244 197 169 75 60 41 
+243 164 32 234 92 145 98 155 96 196 243 208 200 253 48 21 96 218 40 74 178 191 
+115 196 136 225 219 209 60 19 23 11 54 9 161 106 58 284 204 61 210 93 5 151 130 
+237 154 34 42 232 133 141 246 112 5 44 147 256 110 46 40 159 213 19 181 95 207 
+274 99 37 233 37 211 104 58 126 120 195 232 155 225 112 90 230 262 35 9 117 89 
+39 41 41 63 147 13 278 216 283 35 75 82 261 109 142 257 14 267 185 105 47 95 
+229 71 252 15 171 255 99 144 65 18 255 228 60 199 40 30 10 172 159 33 138 162 
+139 44 125 36 244 68 102 228 38 115 174 52 72 241 271 280 131 119 4 162 161 128 
+142 14 182 286 141 268 45 158 22 85 187 285 86 198 51 61 188 9 139 173 192 19 
+266 130 35 53 285 108 131 204 39 126 227 27 213 199 62 114 163 150 97 100 26 
+202 146 87 124 205 72 263 68 146 109 57 71 50 201 135 34 149 215 114 185 83 250 
+78 251 133 34 127 131 248 207 9 183 190 211 262 142 279 98 133 163 43 265 270 
+269 78 8 150 204 83 7 246 270 89 197 125 194 41 85 80 166 256 154 214 210 115 
+89 17 108 175 85 209 82 103 176 276 279 76 49 10 65 40 52 94 38 137 258 69 50 
+179 202 168 171 277 183 10 43 243 186 116 100 70 83 29 43 67 135 56 82 81 92 
+123 14 2 118 258 25 33 160 246 5 22 63 103 132 108 260 120 173 148 2 247 38 159 
+55 222 28 117 269 56 211 284 226 145 76 71 230 218 18 277 25 213 177 265 248 
+185 212 30 212 273 195 254 239 91 90 28 10 150 75 167 160 224 175 ^
+613 0 152 79 161 65 216 220 109 281 9 254 130 126 57 137 147 82 63 133 78 162 
+232 68 59 232 177 22 129 68 168 36 74 43 275 264 174 70 154 103 247 218 194 158 
+42 167 49 259 18 261 222 95 59 52 270 49 20 214 75 42 238 282 46 106 258 249 83 
+280 22 20 105 271 15 58 136 269 100 224 10 182 19 68 130 17 94 240 256 225 156 
+127 44 82 172 96 105 53 89 134 65 107 257 212 101 152 188 124 92 107 77 175 287 
+43 45 190 98 141 157 235 259 127 224 119 275 205 248 276 83 100 115 206 285 128 
+211 64 11 60 1 66 253 202 237 245 194 108 5 64 229 116 84 267 256 45 249 24 224 
+228 238 102 139 3 149 106 149 286 56 100 165 243 99 237 65 157 5 26 210 6 122 
+118 217 27 17 203 44 153 116 13 193 50 116 122 286 236 7 268 63 242 171 59 123 
+214 125 238 52 102 30 40 252 215 3 220 50 66 215 183 127 153 45 69 117 121 119 
+95 9 145 167 229 166 121 81 76 188 53 18 190 148 178 260 55 113 61 218 85 195 
+145 276 192 63 12 97 142 194 217 98 250 120 132 150 273 1 125 20 285 19 118 37 
+120 203 94 60 219 122 47 273 110 88 206 176 165 25 43 154 283 284 32 14 12 265 
+161 15 179 117 138 75 260 164 76 247 109 101 261 151 21 272 253 143 181 32 123 
+105 162 52 31 245 123 34 218 135 232 248 96 46 286 6 63 62 134 245 14 71 32 244 
+86 182 90 12 47 105 91 108 244 27 126 7 230 44 262 79 199 84 196 23 128 31 27 
+197 240 17 262 259 236 187 16 166 62 25 282 117 180 175 178 80 18 10 241 75 151 
+201 179 67 252 35 255 117 71 82 281 189 2 233 235 41 71 141 48 272 73 236 78 53 
+269 171 168 86 111 16 95 118 108 64 120 23 187 87 110 268 243 279 274 168 266 
+148 119 204 261 42 58 86 73 127 115 26 89 25 102 80 77 66 35 146 24 44 191 135 
+123 285 199 155 140 99 57 28 54 185 42 276 12 156 198 118 288 101 223 132 41 
+180 104 234 163 219 13 84 87 219 231 140 170 1 234 272 182 199 264 233 126 237 
+174 250 191 206 67 72 128 152 8 87 278 287 223 241 4 77 284 91 229 225 47 164 
+147 191 26 30 99 19 9 74 93 23 78 283 213 88 97 213 268 4 27 88 277 120 82 113 
+170 181 271 86 2 53 198 227 251 287 114 278 107 186 138 184 223 61 97 104 175 
+107 6 231 81 114 207 163 110 50 187 196 73 165 134 136 51 174 11 98 20 176 56 
+221 146 263 137 88 26 139 62 205 189 220 29 112 74 273 60 51 103 67 22 91 49 
+188 233 55 4 257 32 64 49 79 270 158 113 111 255 58 15 288 210 213 ^
+624 1 28 220 36 170 238 197 169 72 54 41 237 158 26 234 92 145 95 155 87 190 
+243 208 200 250 48 21 90 215 40 71 178 188 109 196 130 219 216 206 51 16 23 5 
+48 6 158 97 55 278 201 55 207 90 286 151 130 234 148 34 36 226 127 138 240 112 
+2 38 141 250 104 37 31 159 207 19 175 92 201 274 96 31 230 28 205 104 52 126 
+114 192 229 152 225 103 90 230 262 26 108 86 39 32 35 60 147 10 278 216 277 35 
+75 79 255 100 136 254 5 267 185 99 41 95 226 71 249 9 168 252 90 144 56 12 249 
+228 57 193 34 21 4 172 153 30 135 159 136 35 116 36 241 59 93 225 32 106 171 43 
+66 238 268 280 131 110 1 162 161 122 142 14 179 283 141 265 36 155 16 79 184 
+279 77 198 45 52 182 3 133 173 192 10 263 121 32 50 282 102 122 198 30 120 227 
+18 213 196 59 108 157 150 91 91 20 199 140 84 124 199 69 263 65 143 109 48 62 
+47 201 126 28 149 215 111 182 74 244 69 248 133 25 124 128 248 204 9 183 184 
+208 256 139 279 92 130 163 37 265 270 266 75 8 144 204 80 4 243 264 89 191 119 
+188 38 85 71 163 256 154 211 210 115 83 14 108 172 82 209 76 103 176 273 276 67 
+43 10 59 37 46 91 35 131 258 69 44 176 202 165 171 277 177 7 34 240 183 113 97 
+70 83 29 40 67 129 53 73 78 89 120 8 2 109 252 19 33 160 246 289 13 54 97 126 
+99 260 111 167 142 289 247 38 156 55 222 22 114 263 50 211 281 226 142 70 68 
+224 212 15 274 25 210 171 262 245 179 212 30 206 270 195 254 239 88 81 28 1 147 
+66 167 157 221 202 150 76 159 65 214 220 107 281 7 253 129 124 57 137 145 80 60 
+132 78 160 231 67 58 232 177 22 129 68 168 33 74 40 275 262 174 68 153 101 246 
+218 192 158 41 166 47 257 15 259 220 92 59 52 268 46 20 214 72 39 236 282 46 
+106 257 249 80 279 21 19 104 271 15 55 136 269 100 222 7 182 18 65 128 14 93 
+240 254 224 156 126 43 81 170 96 102 51 87 134 64 104 256 210 100 151 186 123 
+89 105 76 174 287 42 42 190 95 140 155 235 258 125 223 117 273 205 246 274 81 
+99 112 206 285 127 209 61 8 58 288 66 253 200 235 243 193 105 5 63 228 113 82 
+265 255 44 247 23 224 227 237 102 137 3 148 105 147 285 56 98 165 242 98 236 63 
+157 2 23 209 5 119 117 217 26 15 203 41 151 115 12 193 49 116 122 284 236 7 268 
+61 242 169 57 122 213 125 238 49 101 27 39 251 214 1 218 50 63 213 181 127 153 
+45 67 114 121 118 93 6 143 165 227 166 118 78 74 188 53 17 189 148 176 258 54 
+112 58 217 82 194 144 275 191 141 ^
+628 1 3 97 139 194 211 92 250 117 132 147 267 290 119 14 282 13 118 37 111 200 
+94 60 216 119 47 270 110 85 203 173 159 16 43 148 277 278 29 5 12 262 158 6 176 
+117 286 135 72 257 164 76 241 106 101 261 148 18 266 247 143 178 32 117 99 159 
+49 31 245 123 31 212 135 226 245 90 43 286 289 60 62 131 242 11 65 23 244 80 
+176 84 6 38 105 91 102 238 27 123 290 224 38 259 79 199 84 193 14 128 25 21 191 
+237 17 256 259 233 187 10 160 59 19 276 114 174 169 175 74 18 7 235 69 145 198 
+179 58 252 32 255 111 62 82 278 183 285 230 229 32 68 135 39 269 67 230 75 44 
+263 168 165 86 108 16 92 112 105 58 114 20 181 78 107 265 237 276 268 162 266 
+142 119 201 258 36 52 77 64 118 109 26 80 22 96 80 71 60 29 143 24 44 191 132 
+114 279 193 152 140 99 54 25 54 179 42 276 9 150 192 109 285 92 217 129 35 180 
+101 228 160 213 7 81 81 219 231 134 167 1 231 272 179 196 264 227 117 237 171 
+244 185 200 61 72 119 152 2 87 272 284 220 241 1 77 284 82 229 219 44 158 144 
+188 20 27 90 10 6 71 93 17 69 283 210 82 91 207 262 4 18 79 271 120 73 113 164 
+181 265 83 288 50 195 221 251 281 108 275 104 186 138 184 223 61 88 95 175 107 
+6 225 81 114 207 157 101 41 184 190 73 162 128 130 45 168 11 98 11 170 47 221 
+146 257 131 88 23 139 56 199 189 217 283 23 106 68 273 51 51 100 64 13 85 49 
+185 233 49 290 257 26 64 46 73 267 152 107 111 249 58 9 288 204 183 26 218 34 
+170 234 197 169 70 50 41 233 154 22 234 92 145 93 155 81 186 243 208 200 248 48 
+21 86 213 40 69 178 186 105 196 126 215 214 204 45 14 23 1 44 4 156 91 53 274 
+199 51 205 88 282 151 130 232 144 34 32 222 123 136 236 112 34 137 246 100 31 
+25 159 203 19 171 90 197 274 94 27 228 22 201 104 48 126 110 190 227 150 225 97 
+90 230 262 20 286 102 84 39 26 31 58 147 8 278 216 273 35 75 77 251 94 132 252 
+291 267 185 95 37 95 224 71 247 5 166 250 84 144 50 8 245 228 55 189 30 15 172 
+149 28 133 157 134 29 110 36 239 53 87 223 28 100 169 37 62 236 266 280 131 104 
+291 162 161 118 142 14 177 281 141 263 30 153 12 75 182 275 71 198 41 46 178 
+291 129 173 192 4 261 115 30 48 280 98 116 194 24 116 227 12 213 194 57 104 153 
+150 87 85 16 197 136 82 124 195 67 263 63 141 109 42 56 45 201 120 24 149 215 
+109 180 68 240 63 246 133 19 122 126 248 202 9 183 180 206 252 137 279 88 128 
+163 33 265 270 264 73 8 140 204 78 2 241 76 ^
+622 0 89 183 111 180 34 85 59 159 256 154 207 210 115 75 10 108 168 78 209 68 
+103 176 269 272 55 35 10 51 33 38 87 31 123 258 69 36 172 202 161 171 277 169 3 
+22 236 179 109 93 70 83 29 36 67 121 49 61 74 85 116 2 97 244 11 33 160 246 285 
+1 42 89 118 87 260 99 159 134 289 247 38 152 55 222 14 110 255 42 211 277 226 
+138 62 64 216 204 11 270 25 206 163 258 241 171 212 30 198 266 195 254 239 84 
+69 28 283 143 54 167 153 217 194 142 64 151 65 206 220 99 281 293 249 125 116 
+57 137 137 72 48 128 78 152 227 63 54 232 177 22 129 68 168 21 74 28 275 254 
+174 60 149 93 242 218 184 158 37 162 39 249 3 251 212 80 59 52 260 34 20 214 60 
+27 228 282 46 106 253 249 68 275 17 15 100 271 15 43 136 269 100 214 289 182 14 
+53 120 2 89 240 246 220 156 122 39 77 162 96 90 43 79 134 60 92 252 202 96 147 
+178 119 77 97 72 170 287 38 30 190 83 136 147 235 254 117 219 109 265 205 238 
+266 73 95 100 206 285 123 201 49 290 50 280 66 253 192 227 235 189 93 5 59 224 
+101 74 257 251 40 239 19 224 223 233 102 129 3 144 101 139 281 56 90 165 238 94 
+232 55 157 284 11 205 1 107 113 217 22 7 203 29 143 111 8 193 45 116 122 276 
+236 7 268 53 242 161 49 118 209 125 238 37 97 15 35 247 210 287 210 50 51 205 
+173 127 153 45 59 102 121 114 85 288 135 157 219 166 106 66 66 188 53 13 185 
+148 168 250 50 108 46 213 70 190 140 271 187 63 291 97 137 194 207 88 250 115 
+132 145 263 290 115 10 280 9 118 37 105 198 94 60 214 117 47 268 110 83 201 171 
+155 10 43 144 273 274 27 293 12 260 156 174 117 284 133 70 255 164 76 237 104 
+101 261 146 16 262 243 143 176 32 113 95 157 47 31 245 123 29 208 135 222 243 
+86 41 286 285 58 62 129 240 9 61 17 244 76 172 80 2 32 105 91 98 234 27 121 286 
+220 34 257 79 199 84 191 8 128 21 17 187 235 17 252 259 231 187 6 156 57 15 272 
+112 170 165 173 70 18 5 231 65 141 196 179 52 252 30 255 107 56 82 276 179 281 
+228 225 26 66 131 33 267 63 226 73 38 259 166 163 86 106 16 90 108 103 54 110 
+18 177 72 105 263 233 274 264 158 266 138 119 199 256 32 48 71 58 112 105 26 74 
+20 92 80 67 56 25 141 24 44 191 130 108 275 189 150 140 99 52 23 54 175 42 276 
+7 146 188 103 283 86 213 127 31 180 99 224 158 209 3 79 77 219 231 130 165 1 
+229 272 177 194 264 223 111 237 169 240 181 196 57 72 113 152 292 87 268 282 
+218 241 293 77 284 76 229 80 ^
+635 1 40 150 140 184 12 23 78 294 2 67 93 9 57 283 206 74 83 199 254 4 6 67 263 
+120 61 113 156 181 257 79 284 46 191 213 251 273 100 271 100 186 138 184 223 61 
+76 83 175 107 6 217 81 114 207 149 89 29 180 182 73 158 120 122 37 160 11 98 
+295 162 35 221 146 249 123 88 19 139 48 191 189 213 275 15 98 60 273 39 51 96 
+60 1 77 49 181 233 41 286 257 18 64 42 65 263 144 99 111 241 58 1 288 196 179 
+22 214 30 170 226 197 169 66 42 41 225 146 14 234 92 145 89 155 69 178 243 208 
+200 244 48 21 78 209 40 65 178 182 97 196 118 207 210 200 33 10 23 289 36 152 
+79 49 266 195 43 201 84 274 151 130 228 136 34 24 214 115 132 228 112 292 26 
+129 238 92 19 13 159 195 19 163 86 189 274 90 19 224 10 193 104 40 126 102 186 
+223 146 225 85 90 230 262 8 278 90 80 39 14 23 54 147 4 278 216 265 35 75 73 
+243 82 124 248 283 267 185 87 29 95 220 71 243 293 162 246 72 144 38 237 228 51 
+181 22 3 288 172 141 24 129 153 130 17 98 36 235 41 75 219 20 88 165 25 54 232 
+262 280 131 92 291 162 161 110 142 14 173 277 141 259 18 149 4 67 178 267 59 
+198 33 34 170 287 121 173 192 288 257 103 26 44 276 90 104 186 12 108 227 213 
+190 53 96 145 150 79 73 8 193 128 78 124 187 63 263 59 137 109 30 44 41 201 108 
+16 149 215 105 176 56 232 51 242 133 7 118 122 248 198 9 183 172 202 244 133 
+279 80 124 163 25 265 270 260 69 8 132 204 74 294 237 252 89 179 107 176 32 85 
+53 157 256 154 205 210 115 71 8 108 166 76 209 64 103 176 267 270 49 31 10 47 
+31 34 85 29 119 258 69 32 170 202 159 171 277 165 1 16 234 177 107 91 70 83 29 
+34 67 117 47 55 72 83 114 292 2 91 240 7 33 160 246 283 291 36 85 114 81 260 93 
+155 130 289 247 38 150 55 222 10 108 251 38 211 275 226 136 58 62 212 200 9 268 
+25 204 159 256 239 167 212 30 194 264 195 254 239 82 63 28 279 141 48 167 151 
+215 190 138 58 147 65 202 220 95 281 291 247 123 112 57 137 133 68 42 126 78 
+148 225 61 52 232 177 22 129 68 168 15 74 22 275 250 174 56 147 89 240 218 180 
+158 35 160 35 245 293 247 208 74 59 52 256 28 20 214 54 21 224 282 46 106 251 
+249 62 273 15 13 98 271 15 37 136 269 100 210 285 182 12 47 116 292 87 240 242 
+218 156 120 37 75 158 96 84 39 75 134 58 86 250 198 94 145 174 117 71 93 70 168 
+287 36 24 190 77 134 143 235 252 113 217 105 261 205 234 262 69 93 94 206 285 
+121 197 43 286 46 276 66 253 188 223 231 187 87 5 57 222 95 285 ^
+636 0 251 248 37 233 16 224 220 230 102 123 3 141 98 133 278 56 84 165 235 91 
+229 49 157 278 2 202 295 98 110 217 19 1 203 20 137 108 5 193 42 116 122 270 
+236 7 268 47 242 155 43 115 206 125 238 28 94 6 32 244 207 284 204 50 42 199 
+167 127 153 45 53 93 121 111 79 282 129 151 213 166 97 57 60 188 53 10 182 148 
+162 244 47 105 37 210 61 187 137 268 184 63 285 97 134 194 201 82 250 112 132 
+142 257 290 109 4 277 3 118 37 96 195 94 60 211 114 47 265 110 80 198 168 149 1 
+43 138 267 268 24 287 12 257 153 288 171 117 281 130 67 252 164 76 231 101 101 
+261 143 13 256 237 143 173 32 107 89 154 44 31 245 123 26 202 135 216 240 80 38 
+286 279 55 62 126 237 6 55 8 244 70 166 74 293 23 105 91 92 228 27 118 280 214 
+28 254 79 199 84 188 296 128 15 11 181 232 17 246 259 228 187 150 54 9 266 109 
+164 159 170 64 18 2 225 59 135 193 179 43 252 27 255 101 47 82 273 173 275 225 
+219 17 63 125 24 264 57 220 70 29 253 163 160 86 103 16 87 102 100 48 104 15 
+171 63 102 260 227 271 258 152 266 132 119 196 253 26 42 62 49 103 99 26 65 17 
+86 80 61 50 19 138 24 44 191 127 99 269 183 147 140 99 49 20 54 169 42 276 4 
+140 182 94 280 77 207 124 25 180 96 218 155 203 294 76 71 219 231 124 162 1 226 
+272 174 191 264 217 102 237 166 234 175 190 51 72 104 152 289 87 262 279 215 
+241 293 77 284 67 229 209 39 148 139 183 10 22 75 292 1 66 93 7 54 283 205 72 
+81 197 252 4 3 64 261 120 58 113 154 181 255 78 283 45 190 211 251 271 98 270 
+99 186 138 184 223 61 73 80 175 107 6 215 81 114 207 147 86 26 179 180 73 157 
+118 120 35 158 11 98 293 160 32 221 146 247 121 88 18 139 46 189 189 212 273 13 
+96 58 273 36 51 95 59 295 75 49 180 233 39 285 257 16 64 41 63 262 142 97 111 
+239 58 296 288 194 178 21 213 29 170 224 197 169 65 40 41 223 144 12 234 92 145 
+88 155 66 176 243 208 200 243 48 21 76 208 40 64 178 181 95 196 116 205 209 199 
+30 9 23 288 34 296 151 76 48 264 194 41 200 83 272 151 130 227 134 34 22 212 
+113 131 226 112 292 24 127 236 90 16 10 159 193 19 161 85 187 274 89 17 223 7 
+191 104 38 126 100 185 222 145 225 82 90 230 262 5 276 87 79 39 11 21 53 147 3 
+278 216 263 35 75 72 241 79 122 247 281 267 185 85 27 95 219 71 242 292 161 245 
+69 144 35 295 235 228 50 179 20 287 172 139 23 128 152 129 14 95 36 234 38 72 
+218 18 85 164 22 52 231 261 280 131 89 291 162 161 108 142 14 172 276 91 ^
+635 1 256 9 146 297 61 175 261 50 198 27 25 164 284 115 173 192 282 254 94 23 
+41 273 84 95 180 3 102 227 290 213 187 50 90 139 150 73 64 2 190 122 75 124 181 
+60 263 56 134 109 21 35 38 201 99 10 149 215 102 173 47 226 42 239 133 297 115 
+119 248 195 9 183 166 199 238 130 279 74 121 163 19 265 270 257 66 8 126 204 71 
+294 234 246 89 173 101 170 29 85 44 154 256 154 202 210 115 65 5 108 163 73 209 
+58 103 176 264 267 40 25 10 41 28 28 82 26 113 258 69 26 167 202 156 171 277 
+159 297 7 231 174 104 88 70 83 29 31 67 111 44 46 69 80 111 289 2 82 234 1 33 
+160 246 280 285 27 79 108 72 260 84 149 124 289 247 38 147 55 222 4 105 245 32 
+211 272 226 133 52 59 206 194 6 265 25 201 153 253 236 161 212 30 188 261 195 
+254 239 79 54 28 273 138 39 167 148 212 184 132 49 141 65 196 220 89 281 288 
+244 120 106 57 137 127 62 33 123 78 142 222 58 49 232 177 22 129 68 168 6 74 13 
+275 244 174 50 144 83 237 218 174 158 32 157 29 239 287 241 202 65 59 52 250 19 
+20 214 45 12 218 282 46 106 248 249 53 270 12 10 95 271 15 28 136 269 100 204 
+279 182 9 38 110 286 84 240 236 215 156 117 34 72 152 96 75 33 69 134 55 77 247 
+192 91 142 168 114 62 87 67 165 287 33 15 190 68 131 137 235 249 107 214 99 255 
+205 228 256 63 90 85 206 285 118 191 34 280 40 270 66 253 182 217 225 184 78 5 
+54 219 86 64 247 246 35 229 14 224 218 228 102 119 3 139 96 129 276 56 80 165 
+233 89 227 45 157 274 295 200 295 92 108 217 17 296 203 14 133 106 3 193 40 116 
+122 266 236 7 268 43 242 151 39 113 204 125 238 22 92 30 242 205 282 200 50 36 
+195 163 127 153 45 49 87 121 109 75 278 125 147 209 166 91 51 56 188 53 8 180 
+148 158 240 45 103 31 208 55 185 135 266 182 63 281 97 132 194 197 78 250 110 
+132 140 253 290 105 275 298 118 37 90 193 94 60 209 112 47 263 110 78 196 166 
+145 294 43 134 263 264 22 283 12 255 151 284 169 117 279 128 65 250 164 76 227 
+99 101 261 141 11 252 233 143 171 32 103 85 152 42 31 245 123 24 198 135 212 
+238 76 36 286 275 53 62 124 235 4 51 2 244 66 162 70 291 17 105 91 88 224 27 
+116 276 210 24 252 79 199 84 186 292 128 11 7 177 230 17 242 259 226 187 295 
+146 52 5 262 107 160 155 168 60 18 221 55 131 191 179 37 252 25 255 97 41 82 
+271 169 271 223 215 11 61 121 18 262 53 216 68 23 249 161 158 86 101 16 85 98 
+98 44 100 13 167 57 100 258 223 269 254 148 266 128 119 194 251 22 38 56 43 275 
+^
+642 0 91 26 53 13 78 80 53 42 11 134 24 44 191 123 87 261 175 143 140 99 45 16 
+54 161 42 276 132 174 82 276 65 199 120 17 180 92 210 151 195 290 72 63 219 231 
+116 158 1 222 272 170 187 264 209 90 237 162 226 167 182 43 72 92 152 285 87 
+254 275 211 241 293 77 284 55 229 201 35 140 135 179 2 18 63 284 298 62 93 300 
+42 283 201 64 73 189 244 4 292 52 253 120 46 113 146 181 247 74 279 41 186 203 
+251 263 90 266 95 186 138 184 223 61 61 68 175 107 6 207 81 114 207 139 74 14 
+175 172 73 153 110 112 27 150 11 98 285 152 20 221 146 239 113 88 14 139 38 181 
+189 208 265 5 88 50 273 24 51 91 55 287 67 49 176 233 31 281 257 8 64 37 55 258 
+134 89 111 231 58 292 288 186 174 17 209 25 170 216 197 169 61 32 41 215 136 4 
+234 92 145 84 155 54 168 243 208 200 239 48 21 68 204 40 60 178 177 87 196 108 
+197 205 195 18 5 23 284 26 296 147 64 44 256 190 33 196 79 264 151 130 223 126 
+34 14 204 105 127 218 112 292 16 119 228 82 4 299 159 185 19 153 81 179 274 85 
+9 219 296 183 104 30 126 92 181 218 141 225 70 90 230 262 294 268 75 75 39 300 
+13 49 147 300 278 216 255 35 75 68 233 67 114 243 273 267 185 77 19 95 215 71 
+238 288 157 241 57 144 23 291 227 228 46 171 12 289 283 172 131 19 124 148 125 
+2 83 36 230 26 60 214 10 73 160 10 44 227 257 280 131 77 291 162 161 100 142 14 
+168 272 141 254 3 144 295 57 173 257 44 198 23 19 160 282 111 173 192 278 252 
+88 21 39 271 80 89 176 298 98 227 286 213 185 48 86 135 150 69 58 299 188 118 
+73 124 177 58 263 54 132 109 15 29 36 201 93 6 149 215 100 171 41 222 36 237 
+133 293 113 117 248 193 9 183 162 197 234 128 279 70 119 163 15 265 270 255 64 
+8 122 204 69 294 232 242 89 169 97 166 27 85 38 152 256 154 200 210 115 61 3 
+108 161 71 209 54 103 176 262 265 34 21 10 37 26 24 80 24 109 258 69 22 165 202 
+154 171 277 155 297 1 229 172 102 86 70 83 29 29 67 107 42 40 67 78 109 287 2 
+76 230 298 33 160 246 278 281 21 75 104 66 260 78 145 120 289 247 38 145 55 222 
+103 241 28 211 270 226 131 48 57 202 190 4 263 25 199 149 251 234 157 212 30 
+184 259 195 254 239 77 48 28 269 136 33 167 146 210 180 128 43 137 65 192 220 
+85 281 286 242 118 102 57 137 123 58 27 121 78 138 220 56 47 232 177 22 129 68 
+168 74 7 275 240 174 46 142 79 235 218 170 158 30 155 25 235 283 237 198 59 59 
+52 246 13 20 214 39 6 214 282 46 106 246 249 47 268 10 8 93 271 15 22 136 269 
+100 200 275 42 ^
+644 0 6 29 104 280 81 240 230 212 156 114 31 69 146 96 66 27 63 134 52 68 244 
+186 88 139 162 111 53 81 64 162 287 30 6 190 59 128 131 235 246 101 211 93 249 
+205 222 250 57 87 76 206 285 115 185 25 274 34 264 66 253 176 211 219 181 69 5 
+51 216 77 58 241 243 32 223 11 224 215 225 102 113 3 136 93 123 273 56 74 165 
+230 86 224 39 157 268 289 197 295 83 105 217 14 293 203 5 127 103 193 37 116 
+122 260 236 7 268 37 242 145 33 110 201 125 238 13 89 293 27 239 202 279 194 50 
+27 189 157 127 153 45 43 78 121 106 69 272 119 141 203 166 82 42 50 188 53 5 
+177 148 152 234 42 100 22 205 46 182 132 263 179 63 275 97 129 194 191 72 250 
+107 132 137 247 290 99 296 272 295 118 37 81 190 94 60 206 109 47 260 110 75 
+193 163 139 288 43 128 257 258 19 277 12 252 148 278 166 117 276 125 62 247 164 
+76 221 96 101 261 138 8 246 227 143 168 32 97 79 149 39 31 245 123 21 192 135 
+206 235 70 33 286 269 50 62 121 232 1 45 295 244 60 156 64 288 8 105 91 82 218 
+27 113 270 204 18 249 79 199 84 183 286 128 5 1 171 227 17 236 259 223 187 292 
+140 49 301 256 104 154 149 165 54 18 299 215 49 125 188 179 28 252 22 255 91 32 
+82 268 163 265 220 209 2 58 115 9 259 47 210 65 14 243 158 155 86 98 16 82 92 
+95 38 94 10 161 48 97 255 217 266 248 142 266 122 119 191 248 16 32 47 34 88 89 
+26 50 12 76 80 51 40 9 133 24 44 191 122 84 259 173 142 140 99 44 15 54 159 42 
+276 301 130 172 79 275 62 197 119 15 180 91 208 150 193 289 71 61 219 231 114 
+157 1 221 272 169 186 264 207 87 237 161 224 165 180 41 72 89 152 284 87 252 
+274 210 241 293 77 284 52 229 199 34 138 134 178 17 60 282 298 61 93 299 39 283 
+200 62 71 187 242 4 290 49 251 120 43 113 144 181 245 73 278 40 185 201 251 261 
+88 265 94 186 138 184 223 61 58 65 175 107 6 205 81 114 207 137 71 11 174 170 
+73 152 108 110 25 148 11 98 283 150 17 221 146 237 111 88 13 139 36 179 189 207 
+263 3 86 48 273 21 51 90 54 285 65 49 175 233 29 280 257 6 64 36 53 257 132 87 
+111 229 58 291 288 184 173 16 208 24 170 214 197 169 60 30 41 213 134 2 234 92 
+145 83 155 51 166 243 208 200 238 48 21 66 203 40 59 178 176 85 196 106 195 204 
+194 15 4 23 283 24 296 146 61 43 254 189 31 195 78 262 151 130 222 124 34 12 
+202 103 126 216 112 292 14 117 226 80 1 297 159 183 19 151 80 177 274 84 7 218 
+294 181 104 28 126 90 180 217 140 225 67 90 230 262 292 266 72 74 39 298 11 48 
+147 300 278 216 253 265 ^
+638 1 75 65 227 58 108 240 267 267 185 71 13 95 212 71 235 285 154 238 48 144 
+14 288 221 228 43 165 6 283 280 172 125 16 121 145 122 297 74 36 227 17 51 211 
+4 64 157 1 38 224 254 280 131 68 291 162 161 94 142 14 165 269 141 251 298 141 
+292 51 170 251 35 198 17 10 154 279 105 173 192 272 249 79 18 36 268 74 80 170 
+292 92 227 280 213 182 45 80 129 150 63 49 296 185 112 70 124 171 55 263 51 129 
+109 6 20 33 201 84 149 215 97 168 32 216 27 234 133 287 110 114 248 190 9 183 
+156 194 228 125 279 64 116 163 9 265 270 252 61 8 116 204 66 294 229 236 89 163 
+91 160 24 85 29 149 256 154 197 210 115 55 108 158 68 209 48 103 176 259 262 25 
+15 10 31 23 18 77 21 103 258 69 16 162 202 151 171 277 149 297 296 226 169 99 
+83 70 83 29 26 67 101 39 31 64 75 106 284 2 67 224 295 33 160 246 275 275 12 69 
+98 57 260 69 139 114 289 247 38 142 55 222 298 100 235 22 211 267 226 128 42 54 
+196 184 1 260 25 196 143 248 231 151 212 30 178 256 195 254 239 74 39 28 263 
+133 24 167 143 207 174 122 34 131 65 186 220 79 281 283 239 115 96 57 137 117 
+52 18 118 78 132 217 53 44 232 177 22 129 68 168 295 74 302 275 234 174 40 139 
+73 232 218 164 158 27 152 19 229 277 231 192 50 59 52 240 4 20 214 30 301 208 
+282 46 106 243 249 38 265 7 5 90 271 15 13 136 269 100 194 269 182 4 23 100 276 
+79 240 226 210 156 112 29 67 142 96 60 23 59 134 50 62 242 182 86 137 158 109 
+47 77 62 160 287 28 190 53 126 127 235 244 97 209 89 245 205 218 246 53 85 70 
+206 285 113 181 19 270 30 260 66 253 172 207 215 179 63 5 49 214 71 54 237 241 
+30 219 9 224 213 223 102 109 3 134 91 119 271 56 70 165 228 84 222 35 157 264 
+285 195 295 77 103 217 12 291 203 303 123 101 302 193 35 116 122 256 236 7 268 
+33 242 141 29 108 199 125 238 7 87 289 25 237 200 277 190 50 21 185 153 127 153 
+45 39 72 121 104 65 268 115 137 199 166 76 36 46 188 53 3 175 148 148 230 40 98 
+16 203 40 180 130 261 177 63 271 97 127 194 187 68 250 105 132 135 243 290 95 
+294 270 293 118 37 75 188 94 60 204 107 47 258 110 73 191 161 135 284 43 124 
+253 254 17 273 12 250 146 274 164 117 274 123 60 245 164 76 217 94 101 261 136 
+6 242 223 143 166 32 93 75 147 37 31 245 123 19 188 135 202 233 66 31 286 265 
+48 62 119 230 303 41 291 244 56 152 60 286 2 105 91 78 214 27 111 266 200 14 
+247 79 199 84 181 282 128 1 301 167 225 17 232 259 221 187 290 136 47 299 252 
+102 150 145 163 157 ^
+653 0 18 299 207 41 117 184 179 16 252 18 255 83 20 82 264 155 257 216 201 296 
+54 107 303 255 39 202 61 2 235 154 151 86 94 16 78 84 91 30 86 6 153 36 93 251 
+209 262 240 134 266 114 119 187 244 8 24 35 22 76 81 26 38 8 68 80 43 32 1 129 
+24 44 191 118 72 251 165 138 140 99 40 11 54 151 42 276 301 122 164 67 271 50 
+189 115 7 180 87 200 146 185 285 67 53 219 231 106 153 1 217 272 165 182 264 
+199 75 237 157 216 157 172 33 72 77 152 280 87 244 270 206 241 293 77 284 40 
+229 191 30 130 130 174 298 13 48 274 298 57 93 295 27 283 196 54 63 179 234 4 
+282 37 243 120 31 113 136 181 237 69 274 36 181 193 251 253 80 261 90 186 138 
+184 223 61 46 53 175 107 6 197 81 114 207 129 59 305 170 162 73 148 100 102 17 
+140 11 98 275 142 5 221 146 229 103 88 9 139 28 171 189 203 255 301 78 40 273 9 
+51 86 50 277 57 49 171 233 21 276 257 304 64 32 45 253 124 79 111 221 58 287 
+288 176 169 12 204 20 170 206 197 169 56 22 41 205 126 300 234 92 145 79 155 39 
+158 243 208 200 234 48 21 58 199 40 55 178 172 77 196 98 187 200 190 3 23 279 
+16 296 142 49 39 246 185 23 191 74 254 151 130 218 116 34 4 194 95 122 208 112 
+292 6 109 218 72 295 289 159 175 19 143 76 169 274 80 305 214 286 173 104 20 
+126 82 176 213 136 225 55 90 230 262 284 258 60 70 39 290 3 44 147 300 278 216 
+245 35 75 63 223 52 104 238 263 267 185 67 9 95 210 71 233 283 152 236 42 144 8 
+286 217 228 41 161 2 279 278 172 121 14 119 143 120 293 68 36 225 11 45 209 58 
+155 301 34 222 252 280 131 62 291 162 161 90 142 14 163 267 141 249 294 139 290 
+47 168 247 29 198 13 4 150 277 101 173 192 268 247 73 16 34 266 70 74 166 288 
+88 227 276 213 180 43 76 125 150 59 43 294 183 108 68 124 167 53 263 49 127 109 
+14 31 201 78 302 149 215 95 166 26 212 21 232 133 283 108 112 248 188 9 183 152 
+192 224 123 279 60 114 163 5 265 270 250 59 8 112 204 64 294 227 232 89 159 87 
+156 22 85 23 147 256 154 195 210 115 51 304 108 156 66 209 44 103 176 257 260 
+19 11 10 27 21 14 75 19 99 258 69 12 160 202 149 171 277 145 297 292 224 167 97 
+81 70 83 29 24 67 97 37 25 62 73 104 282 2 61 220 293 33 160 246 273 271 6 65 
+94 51 260 63 135 110 289 247 38 140 55 222 296 98 231 18 211 265 226 126 38 52 
+192 180 305 258 25 194 139 246 229 147 212 30 174 254 195 254 239 72 33 28 259 
+131 18 167 141 205 170 118 28 127 65 182 220 75 281 281 237 113 92 57 137 113 
+48 12 116 78 128 215 51 42 232 177 22 129 68 168 291 161 ^
+653 0 296 275 228 174 34 136 67 229 218 158 158 24 149 13 223 271 225 186 41 59 
+52 234 302 20 214 21 295 202 282 46 106 240 249 29 262 4 2 87 271 15 4 136 269 
+100 188 263 182 1 14 94 270 76 240 220 207 156 109 26 64 136 96 51 17 53 134 47 
+53 239 176 83 134 152 106 38 71 59 157 287 25 298 190 44 123 121 235 241 91 206 
+83 239 205 212 240 47 82 61 206 285 110 175 10 264 24 254 66 253 166 201 209 
+176 54 5 46 211 62 48 231 238 27 213 6 224 210 220 102 103 3 131 88 113 268 56 
+64 165 225 81 219 29 157 258 279 192 295 68 100 217 9 288 203 297 117 98 302 
+193 32 116 122 250 236 7 268 27 242 135 23 105 196 125 238 305 84 283 22 234 
+197 274 184 50 12 179 147 127 153 45 33 63 121 101 59 262 109 131 193 166 67 27 
+40 188 53 172 148 142 224 37 95 7 200 31 177 127 258 174 63 265 97 124 194 181 
+62 250 102 132 132 237 290 89 291 267 290 118 37 66 185 94 60 201 104 47 255 
+110 70 188 158 129 278 43 118 247 248 14 267 12 247 143 268 161 117 271 120 57 
+242 164 76 211 91 101 261 133 3 236 217 143 163 32 87 69 144 34 31 245 123 16 
+182 135 196 230 60 28 286 259 45 62 116 227 303 35 285 244 50 146 54 283 300 
+105 91 72 208 27 108 260 194 8 244 79 199 84 178 276 128 302 298 161 222 17 226 
+259 218 187 287 130 44 296 246 99 144 139 160 44 18 299 205 39 115 183 179 13 
+252 17 255 81 17 82 263 153 255 215 199 294 53 105 301 254 37 200 60 306 233 
+153 150 86 93 16 77 82 90 28 84 5 151 33 92 250 207 261 238 132 266 112 119 186 
+243 6 22 32 19 73 79 26 35 7 66 80 41 30 306 128 24 44 191 117 69 249 163 137 
+140 99 39 10 54 149 42 276 301 120 162 64 270 47 187 114 5 180 86 198 145 183 
+284 66 51 219 231 104 152 1 216 272 164 181 264 197 72 237 156 214 155 170 31 
+72 74 152 279 87 242 269 205 241 293 77 284 37 229 189 29 128 129 173 297 12 45 
+272 298 56 93 294 24 283 195 52 61 177 232 4 280 34 241 120 28 113 134 181 235 
+68 273 35 180 191 251 251 78 260 89 186 138 184 223 61 43 50 175 107 6 195 81 
+114 207 127 56 303 169 160 73 147 98 100 15 138 11 98 273 140 2 221 146 227 101 
+88 8 139 26 169 189 202 253 300 76 38 273 6 51 85 49 275 55 49 170 233 19 275 
+257 303 64 31 43 252 122 77 111 219 58 286 288 174 168 11 203 19 170 204 197 
+169 55 20 41 203 124 299 234 92 145 78 155 36 156 243 208 200 233 48 21 56 198 
+40 54 178 171 75 196 96 185 199 189 306 23 278 14 296 141 46 38 244 184 21 190 
+73 252 151 130 217 114 34 2 192 93 121 206 112 292 4 107 216 70 293 112 ^
+646 1 159 169 19 137 73 163 274 77 302 211 280 167 104 14 126 76 173 210 133 
+225 46 90 230 262 278 252 51 67 39 284 306 41 147 300 278 216 239 35 75 60 217 
+43 98 235 257 267 185 61 3 95 207 71 230 280 149 233 33 144 308 283 211 228 38 
+155 305 273 275 172 115 11 116 140 117 287 59 36 222 2 36 206 303 49 152 295 28 
+219 249 280 131 53 291 162 161 84 142 14 160 264 141 246 288 136 287 41 165 241 
+20 198 7 304 144 274 95 173 192 262 244 64 13 31 263 64 65 160 282 82 227 270 
+213 177 40 70 119 150 53 34 291 180 102 65 124 161 50 263 46 124 109 300 5 28 
+201 69 299 149 215 92 163 17 206 12 229 133 277 105 109 248 185 9 183 146 189 
+218 120 279 54 111 163 308 265 270 247 56 8 106 204 61 294 224 226 89 153 81 
+150 19 85 14 144 256 154 192 210 115 45 304 108 153 63 209 38 103 176 254 257 
+10 5 10 21 18 8 72 16 93 258 69 6 157 202 146 171 277 139 297 286 221 164 94 78 
+70 83 29 21 67 91 34 16 59 70 101 279 2 52 214 290 33 160 246 270 265 306 59 88 
+42 260 54 129 104 289 247 38 137 55 222 293 95 225 12 211 262 226 123 32 49 186 
+174 305 255 25 191 133 243 226 141 212 30 168 251 195 254 239 69 24 28 253 128 
+9 167 138 202 164 112 19 121 65 176 220 69 281 278 234 110 86 57 137 107 42 3 
+113 78 122 212 48 39 232 177 22 129 68 168 285 74 292 275 224 174 30 134 63 227 
+218 154 158 22 147 9 219 267 221 182 35 59 52 230 298 20 214 15 291 198 282 46 
+106 238 249 23 260 2 85 271 15 307 136 269 100 184 259 182 308 8 90 266 74 240 
+216 205 156 107 24 62 132 96 45 13 49 134 45 47 237 172 81 132 148 104 32 67 57 
+155 287 23 294 190 38 121 117 235 239 87 204 79 235 205 208 236 43 80 55 206 
+285 108 171 4 260 20 250 66 253 162 197 205 174 48 5 44 209 56 44 227 236 25 
+209 4 224 208 218 102 99 3 129 86 109 266 56 60 165 223 79 217 25 157 254 275 
+190 295 62 98 217 7 286 203 293 113 96 302 193 30 116 122 246 236 7 268 23 242 
+131 19 103 194 125 238 301 82 279 20 232 195 272 180 50 6 175 143 127 153 45 29 
+57 121 99 55 258 105 127 189 166 61 21 36 188 53 307 170 148 138 220 35 93 1 
+198 25 175 125 256 172 63 261 97 122 194 177 58 250 100 132 130 233 290 85 289 
+265 288 118 37 60 183 94 60 199 102 47 253 110 68 186 156 125 274 43 114 243 
+244 12 263 12 245 141 264 159 117 269 118 55 240 164 76 207 89 101 261 131 1 
+232 213 143 161 32 83 65 142 32 31 245 123 14 178 135 192 228 56 26 286 255 43 
+62 114 225 303 31 281 244 46 142 50 281 296 105 91 238 ^
+647 0 200 27 104 252 186 240 79 199 84 174 268 128 298 294 153 218 17 218 259 
+214 187 283 122 40 292 238 95 136 131 156 36 18 299 197 31 107 179 179 1 252 13 
+255 73 5 82 259 145 247 211 191 286 49 97 293 250 29 192 56 298 225 149 146 86 
+89 16 73 74 86 20 76 1 143 21 88 246 199 257 230 124 266 104 119 182 239 309 14 
+20 7 61 71 26 23 3 58 80 33 22 302 124 24 44 191 113 57 241 155 133 140 99 35 6 
+54 141 42 276 301 112 154 52 266 35 179 110 308 180 82 190 141 175 280 62 43 
+219 231 96 148 1 212 272 160 177 264 189 60 237 152 206 147 162 23 72 62 152 
+275 87 234 265 201 241 293 77 284 25 229 181 25 120 125 169 293 8 33 264 298 52 
+93 290 12 283 191 44 53 169 224 4 272 22 233 120 16 113 126 181 227 64 269 31 
+176 183 251 243 70 256 85 186 138 184 223 61 31 38 175 107 6 187 81 114 207 119 
+44 295 165 152 73 143 90 92 7 130 11 98 265 132 301 221 146 219 93 88 4 139 18 
+161 189 198 245 296 68 30 273 305 51 81 45 267 47 49 166 233 11 271 257 299 64 
+27 35 248 114 69 111 211 58 282 288 166 164 7 199 15 170 196 197 169 51 12 41 
+195 116 295 234 92 145 74 155 24 148 243 208 200 229 48 21 48 194 40 50 178 167 
+67 196 88 177 195 185 299 306 23 274 6 296 137 34 34 236 180 13 186 69 244 151 
+130 213 106 34 305 184 85 117 198 112 292 307 99 208 62 285 279 159 165 19 133 
+71 159 274 75 300 209 276 163 104 10 126 72 171 208 131 225 40 90 230 262 274 
+248 45 65 39 280 304 39 147 300 278 216 235 35 75 58 213 37 94 233 253 267 185 
+57 310 95 205 71 228 278 147 231 27 144 304 281 207 228 36 151 303 269 273 172 
+111 9 114 138 115 283 53 36 220 307 30 204 301 43 150 291 24 217 247 280 131 47 
+291 162 161 80 142 14 158 262 141 244 284 134 285 37 163 237 14 198 3 300 140 
+272 91 173 192 258 242 58 11 29 261 60 59 156 278 78 227 266 213 175 38 66 115 
+150 49 28 289 178 98 63 124 157 48 263 44 122 109 296 310 26 201 63 297 149 215 
+90 161 11 202 6 227 133 273 103 107 248 183 9 183 142 187 214 118 279 50 109 
+163 306 265 270 245 54 8 102 204 59 294 222 222 89 149 77 146 17 85 8 142 256 
+154 190 210 115 41 304 108 151 61 209 34 103 176 252 255 4 1 10 17 16 4 70 14 
+89 258 69 2 155 202 144 171 277 135 297 282 219 162 92 76 70 83 29 19 67 87 32 
+10 57 68 99 277 2 46 210 288 33 160 246 268 261 302 55 84 36 260 48 125 100 289 
+247 38 135 55 222 291 93 221 8 211 260 226 121 28 47 182 170 305 253 25 189 129 
+241 224 137 212 30 164 249 195 254 239 86 ^
+665 0 15 28 247 125 167 135 199 158 106 10 115 65 170 220 63 281 275 231 107 80 
+57 137 101 36 306 110 78 116 209 45 36 232 177 22 129 68 168 279 74 286 275 218 
+174 24 131 57 224 218 148 158 19 144 3 213 261 215 176 26 59 52 224 292 20 214 
+6 285 192 282 46 106 235 249 14 257 311 309 82 271 15 301 136 269 100 178 253 
+182 308 311 84 260 71 240 210 202 156 104 21 59 126 96 36 7 43 134 42 38 234 
+166 78 129 142 101 23 61 54 152 287 20 288 190 29 118 111 235 236 81 201 73 229 
+205 202 230 37 77 46 206 285 105 165 307 254 14 244 66 253 156 191 199 171 39 5 
+41 206 47 38 221 233 22 203 1 224 205 215 102 93 3 126 83 103 263 56 54 165 220 
+76 214 19 157 248 269 187 295 53 95 217 4 283 203 287 107 93 302 193 27 116 122 
+240 236 7 268 17 242 125 13 100 191 125 238 295 79 273 17 229 192 269 174 50 
+309 169 137 127 153 45 23 48 121 96 49 252 99 121 183 166 52 12 30 188 53 307 
+167 148 132 214 32 90 304 195 16 172 122 253 169 63 255 97 119 194 171 52 250 
+97 132 127 227 290 79 286 262 285 118 37 51 180 94 60 196 99 47 250 110 65 183 
+153 119 268 43 108 237 238 9 257 12 242 138 258 156 117 266 115 52 237 164 76 
+201 86 101 261 128 310 226 207 143 158 32 77 59 139 29 31 245 123 11 172 135 
+186 225 50 23 286 249 40 62 111 222 303 25 275 244 40 136 44 278 290 105 91 62 
+198 27 103 250 184 310 239 79 199 84 173 266 128 297 293 151 217 17 216 259 213 
+187 282 120 39 291 236 94 134 129 155 34 18 299 195 29 105 178 179 310 252 12 
+255 71 2 82 258 143 245 210 189 284 48 95 291 249 27 190 55 296 223 148 145 86 
+88 16 72 72 85 18 74 141 18 87 245 197 256 228 122 266 102 119 181 238 308 12 
+17 4 58 69 26 20 2 56 80 31 20 301 123 24 44 191 112 54 239 153 132 140 99 34 5 
+54 139 42 276 301 110 152 49 265 32 177 109 307 180 81 188 140 173 279 61 41 
+219 231 94 147 1 211 272 159 176 264 187 57 237 151 204 145 160 21 72 59 152 
+274 87 232 264 200 241 293 77 284 22 229 179 24 118 124 168 292 7 30 262 298 51 
+93 289 9 283 190 42 51 167 222 4 270 19 231 120 13 113 124 181 225 63 268 30 
+175 181 251 241 68 255 84 186 138 184 223 61 28 35 175 107 6 185 81 114 207 117 
+41 293 164 150 73 142 88 90 5 128 11 98 263 130 299 221 146 217 91 88 3 139 16 
+159 189 197 243 295 66 28 273 303 51 80 44 265 45 49 165 233 9 270 257 298 64 
+26 33 247 112 67 111 209 58 281 288 164 163 6 198 14 170 194 197 169 50 10 41 
+193 114 294 234 92 145 73 155 21 146 243 208 200 228 48 21 46 193 40 49 178 166 
+65 196 86 175 194 184 297 306 23 273 206 ^
+641 0 296 134 25 31 230 177 7 183 66 238 151 130 210 100 34 302 178 79 114 192 
+112 292 304 93 202 56 279 273 159 159 19 127 68 153 274 72 297 206 270 157 104 
+4 126 66 168 205 128 225 31 90 230 262 268 242 36 62 39 274 301 36 147 300 278 
+216 229 35 75 55 207 28 88 230 247 267 185 51 307 95 202 71 225 275 144 228 18 
+144 298 278 201 228 33 145 300 263 270 172 105 6 111 135 112 277 44 36 217 301 
+21 201 298 34 147 285 18 214 244 280 131 38 291 162 161 74 142 14 155 259 141 
+241 278 131 282 31 160 231 5 198 311 294 134 269 85 173 192 252 239 49 8 26 258 
+54 50 150 272 72 227 260 213 172 35 60 109 150 43 19 286 175 92 60 124 151 45 
+263 41 119 109 290 304 23 201 54 294 149 215 87 158 2 196 311 224 133 267 100 
+104 248 180 9 183 136 184 208 115 279 44 106 163 303 265 270 242 51 8 96 204 56 
+294 219 216 89 143 71 140 14 85 313 139 256 154 187 210 115 35 304 108 148 58 
+209 28 103 176 249 252 309 309 10 11 13 312 67 11 83 258 69 310 152 202 141 171 
+277 129 297 276 216 159 89 73 70 83 29 16 67 81 29 1 54 65 96 274 2 37 204 285 
+33 160 246 265 255 296 49 78 27 260 39 119 94 289 247 38 132 55 222 288 90 215 
+2 211 257 226 118 22 44 176 164 305 250 25 186 123 238 221 131 212 30 158 246 
+195 254 239 64 9 28 243 123 308 167 133 197 154 102 4 111 65 166 220 59 281 273 
+229 105 76 57 137 97 32 302 108 78 112 207 43 34 232 177 22 129 68 168 275 74 
+282 275 214 174 20 129 53 222 218 144 158 17 142 313 209 257 211 172 20 59 52 
+220 288 20 214 281 188 282 46 106 233 249 8 255 311 309 80 271 15 297 136 269 
+100 174 249 182 308 307 80 256 69 240 206 200 156 102 19 57 122 96 30 3 39 134 
+40 32 232 162 76 127 138 99 17 57 52 150 287 18 284 190 23 116 107 235 234 77 
+199 69 225 205 198 226 33 75 40 206 285 103 161 303 250 10 240 66 253 152 187 
+195 169 33 5 39 204 41 34 217 231 20 199 313 224 203 213 102 89 3 124 81 99 261 
+56 50 165 218 74 212 15 157 244 265 185 295 47 93 217 2 281 203 283 103 91 302 
+193 25 116 122 236 236 7 268 13 242 121 9 98 189 125 238 291 77 269 15 227 190 
+267 170 50 305 165 133 127 153 45 19 42 121 94 45 248 95 117 179 166 46 6 26 
+188 53 307 165 148 128 210 30 88 300 193 10 170 120 251 167 63 251 97 117 194 
+167 48 250 95 132 125 223 290 75 284 260 283 118 37 45 178 94 60 194 97 47 248 
+110 63 181 151 115 264 43 104 233 234 7 253 12 240 136 254 154 117 264 113 50 
+235 164 76 197 84 101 261 126 310 222 203 143 276 ^
+656 0 32 69 51 135 25 31 245 123 7 164 135 178 221 42 19 286 241 36 62 107 218 
+303 17 267 244 32 128 36 274 282 105 91 54 190 27 99 242 176 306 235 79 199 84 
+169 258 128 293 289 143 213 17 208 259 209 187 278 112 35 287 228 90 126 121 
+151 26 18 299 187 21 97 174 179 302 252 8 255 63 306 82 254 135 237 206 181 276 
+44 87 283 245 19 182 51 288 215 144 141 86 84 16 68 64 81 10 66 312 133 6 83 
+241 189 252 220 114 266 94 119 177 234 304 4 5 308 46 61 26 8 314 48 80 23 12 
+297 119 24 44 191 108 42 231 145 128 140 99 30 1 54 131 42 276 301 102 144 37 
+261 20 169 105 303 180 77 180 136 165 275 57 33 219 231 86 143 1 207 272 155 
+172 264 179 45 237 147 196 137 152 13 72 47 152 270 87 224 260 196 241 293 77 
+284 10 229 171 20 110 120 164 288 3 18 254 298 47 93 285 313 283 186 34 43 159 
+214 4 262 7 223 120 1 113 116 181 217 59 264 26 171 173 251 233 60 251 80 186 
+138 184 223 61 16 23 175 107 6 177 81 114 207 109 29 285 160 142 73 138 80 82 
+313 120 11 98 255 122 291 221 146 209 83 88 315 139 8 151 189 193 235 291 58 20 
+273 295 51 76 40 257 37 49 161 233 1 266 257 294 64 22 25 243 104 59 111 201 58 
+277 288 156 159 2 194 10 170 186 197 169 46 2 41 185 106 290 234 92 145 69 155 
+9 138 243 208 200 224 48 21 38 189 40 45 178 162 57 196 78 167 190 180 289 306 
+23 269 312 296 132 19 29 226 175 3 181 64 234 151 130 208 96 34 300 174 75 112 
+188 112 292 302 89 198 52 275 269 159 155 19 123 66 149 274 70 295 204 266 153 
+104 126 62 166 203 126 225 25 90 230 262 264 238 30 60 39 270 299 34 147 300 
+278 216 225 35 75 53 203 22 84 228 243 267 185 47 305 95 200 71 223 273 142 226 
+12 144 294 276 197 228 31 141 298 259 268 172 101 4 109 133 110 273 38 36 215 
+297 15 199 296 28 145 281 14 212 242 280 131 32 291 162 161 70 142 14 153 257 
+141 239 274 129 280 27 158 227 315 198 309 290 130 267 81 173 192 248 237 43 6 
+24 256 50 44 146 268 68 227 256 213 170 33 56 105 150 39 13 284 173 88 58 124 
+147 43 263 39 117 109 286 300 21 201 48 292 149 215 85 156 312 192 307 222 133 
+263 98 102 248 178 9 183 132 182 204 113 279 40 104 163 301 265 270 240 49 8 92 
+204 54 294 217 212 89 139 67 136 12 85 309 137 256 154 185 210 115 31 304 108 
+146 56 209 24 103 176 247 250 305 307 10 7 11 310 65 9 79 258 69 308 150 202 
+139 171 277 125 297 272 214 157 87 71 70 83 29 14 67 77 27 311 52 63 94 272 2 
+31 200 283 33 160 246 263 251 292 45 74 21 260 33 115 90 289 247 38 130 55 222 
+286 88 211 227 ^
+668 0 211 254 226 115 16 41 170 158 305 247 25 183 117 235 218 125 212 30 152 
+243 195 254 239 61 28 237 120 302 167 130 194 148 96 312 105 65 160 220 53 281 
+270 226 102 70 57 137 91 26 296 105 78 106 204 40 31 232 177 22 129 68 168 269 
+74 276 275 208 174 14 126 47 219 218 138 158 14 139 310 203 251 205 166 11 59 
+52 214 282 20 214 308 275 182 282 46 106 230 249 316 252 311 309 77 271 15 291 
+136 269 100 168 243 182 308 301 74 250 66 240 200 197 156 99 16 54 116 96 21 
+314 33 134 37 23 229 156 73 124 132 96 8 51 49 147 287 15 278 190 14 113 101 
+235 231 71 196 63 219 205 192 220 27 72 31 206 285 100 155 297 244 4 234 66 253 
+146 181 189 166 24 5 36 201 32 28 211 228 17 193 313 224 200 210 102 83 3 121 
+78 93 258 56 44 165 215 71 209 9 157 238 259 182 295 38 90 217 316 278 203 277 
+97 88 302 193 22 116 122 230 236 7 268 7 242 115 3 95 186 125 238 285 74 263 12 
+224 187 264 164 50 299 159 127 127 153 45 13 33 121 91 39 242 89 111 173 166 37 
+314 20 188 53 307 162 148 122 204 27 85 294 190 1 167 117 248 164 63 245 97 114 
+194 161 42 250 92 132 122 217 290 69 281 257 280 118 37 36 175 94 60 191 94 47 
+245 110 60 178 148 109 258 43 98 227 228 4 247 12 237 133 248 151 117 261 110 
+47 232 164 76 191 81 101 261 123 310 216 197 143 153 32 67 49 134 24 31 245 123 
+6 162 135 176 220 40 18 286 239 35 62 106 217 303 15 265 244 30 126 34 273 280 
+105 91 52 188 27 98 240 174 305 234 79 199 84 168 256 128 292 288 141 212 17 
+206 259 208 187 277 110 34 286 226 89 124 119 150 24 18 299 185 19 95 173 179 
+300 252 7 255 61 304 82 253 133 235 205 179 274 43 85 281 244 17 180 50 286 213 
+143 140 86 83 16 67 62 80 8 64 312 131 3 82 240 187 251 218 112 266 92 119 176 
+233 303 2 2 306 43 59 26 5 314 46 80 21 10 296 118 24 44 191 107 39 229 143 127 
+140 99 29 54 129 42 276 301 100 142 34 260 17 167 104 302 180 76 178 135 163 
+274 56 31 219 231 84 142 1 206 272 154 171 264 177 42 237 146 194 135 150 11 72 
+44 152 269 87 222 259 195 241 293 77 284 7 229 169 19 108 119 163 287 2 15 252 
+298 46 93 284 311 283 185 32 41 157 212 4 260 4 221 120 315 113 114 181 215 58 
+263 25 170 171 251 231 58 250 79 186 138 184 223 61 13 20 175 107 6 175 81 114 
+207 107 26 283 159 140 73 137 78 80 312 118 11 98 253 120 289 221 146 207 81 88 
+315 139 6 149 189 192 233 290 56 18 273 293 51 75 39 255 35 49 160 233 316 265 
+257 293 64 21 23 242 102 57 111 199 58 276 288 154 158 1 193 9 170 184 197 169 
+45 41 183 104 289 234 92 145 68 155 6 136 243 208 203 ^
+656 0 221 48 21 32 186 40 42 178 159 51 196 72 161 187 177 283 306 23 266 309 
+296 129 10 26 220 172 316 178 61 228 151 130 205 90 34 297 168 69 109 182 112 
+292 299 83 192 46 269 263 159 149 19 117 63 143 274 67 292 201 260 147 104 313 
+126 56 163 200 123 225 16 90 230 262 258 232 21 57 39 264 296 31 147 300 278 
+216 219 35 75 50 197 13 78 225 237 267 185 41 302 95 197 71 220 270 139 223 3 
+144 288 273 191 228 28 135 295 253 265 172 95 1 106 130 107 267 29 36 212 291 6 
+196 293 19 142 275 8 209 239 280 131 23 291 162 161 64 142 14 150 254 141 236 
+268 126 277 21 155 221 309 198 306 284 124 264 75 173 192 242 234 34 3 21 253 
+44 35 140 262 62 227 250 213 167 30 50 99 150 33 4 281 170 82 55 124 141 40 263 
+36 114 109 280 294 18 201 39 289 149 215 82 153 306 186 301 219 133 257 95 99 
+248 175 9 183 126 179 198 110 279 34 101 163 298 265 270 237 46 8 86 204 51 294 
+214 206 89 133 61 130 9 85 303 134 256 154 182 210 115 25 304 108 143 53 209 18 
+103 176 244 247 299 304 10 1 8 307 62 6 73 258 69 305 147 202 136 171 277 119 
+297 266 211 154 84 68 70 83 29 11 67 71 24 305 49 60 91 269 2 22 194 280 33 160 
+246 260 245 286 39 68 12 260 24 109 84 289 247 38 127 55 222 283 85 205 311 211 
+252 226 113 12 39 166 154 305 245 25 181 113 233 216 121 212 30 148 241 195 254 
+239 59 313 28 233 118 298 167 128 192 144 92 308 101 65 156 220 49 281 268 224 
+100 66 57 137 87 22 292 103 78 102 202 38 29 232 177 22 129 68 168 265 74 272 
+275 204 174 10 124 43 217 218 134 158 12 137 308 199 247 201 162 5 59 52 210 
+278 20 214 304 271 178 282 46 106 228 249 312 250 311 309 75 271 15 287 136 269 
+100 164 239 182 308 297 70 246 64 240 196 195 156 97 14 52 112 96 15 312 29 134 
+35 17 227 152 71 122 128 94 2 47 47 145 287 13 274 190 8 111 97 235 229 67 194 
+59 215 205 188 216 23 70 25 206 285 98 151 293 240 230 66 253 142 177 185 164 
+18 5 34 199 26 24 207 226 15 189 313 224 198 208 102 79 3 119 76 89 256 56 40 
+165 213 69 207 5 157 234 255 180 295 32 88 217 316 276 203 273 93 86 302 193 20 
+116 122 226 236 7 268 3 242 111 318 93 184 125 238 281 72 259 10 222 185 262 
+160 50 295 155 123 127 153 45 9 27 121 89 35 238 85 107 169 166 31 310 16 188 
+53 307 160 148 118 200 25 83 290 188 314 165 115 246 162 63 241 97 112 194 157 
+38 250 90 132 120 213 290 65 279 255 278 118 37 30 173 94 60 189 92 47 243 110 
+58 176 146 105 254 43 94 223 224 2 243 12 235 131 244 149 117 259 108 45 230 
+164 76 187 79 101 261 109 ^
+656 0 310 208 189 143 149 32 59 41 130 20 31 245 123 2 154 135 168 216 32 14 
+286 231 31 62 102 213 303 7 257 244 22 118 26 269 272 105 91 44 180 27 94 232 
+166 301 230 79 199 84 164 248 128 288 284 133 208 17 198 259 204 187 273 102 30 
+282 218 85 116 111 146 16 18 299 177 11 87 169 179 292 252 3 255 53 296 82 249 
+125 227 201 171 266 39 77 273 240 9 172 46 278 205 139 136 86 79 16 63 54 76 56 
+312 123 312 78 236 179 247 210 104 266 84 119 172 229 299 315 311 298 31 51 26 
+314 314 38 80 13 2 292 114 24 44 191 103 27 221 135 123 140 99 25 317 54 121 42 
+276 301 92 134 22 256 5 159 100 298 180 72 170 131 155 270 52 23 219 231 76 138 
+1 202 272 150 167 264 169 30 237 142 186 127 142 3 72 32 152 265 87 214 255 191 
+241 293 77 284 316 229 161 15 100 115 159 283 319 3 244 298 42 93 280 303 283 
+181 24 33 149 204 4 252 313 213 120 307 113 106 181 207 54 259 21 166 163 251 
+223 50 246 75 186 138 184 223 61 1 8 175 107 6 167 81 114 207 99 14 275 155 132 
+73 133 70 72 308 110 11 98 245 112 281 221 146 199 73 88 315 139 319 141 189 
+188 225 286 48 10 273 285 51 71 35 247 27 49 156 233 312 261 257 289 64 17 15 
+238 94 49 111 191 58 272 288 146 154 318 189 5 170 176 197 169 41 313 41 175 96 
+285 234 92 145 64 155 315 128 243 208 200 219 48 21 28 184 40 40 178 157 47 196 
+68 157 185 175 279 306 23 264 307 296 127 4 24 216 170 314 176 59 224 151 130 
+203 86 34 295 164 65 107 178 112 292 297 79 188 42 265 259 159 145 19 113 61 
+139 274 65 290 199 256 143 104 311 126 52 161 198 121 225 10 90 230 262 254 228 
+15 55 39 260 294 29 147 300 278 216 215 35 75 48 193 7 74 223 233 267 185 37 
+300 95 195 71 218 268 137 221 318 144 284 271 187 228 26 131 293 249 263 172 91 
+320 104 128 105 263 23 36 210 287 194 291 13 140 271 4 207 237 280 131 17 291 
+162 161 60 142 14 148 252 141 234 264 124 275 17 153 217 305 198 304 280 120 
+262 71 173 192 238 232 28 1 19 251 40 29 136 258 58 227 246 213 165 28 46 95 
+150 29 319 279 168 78 53 124 137 38 263 34 112 109 276 290 16 201 33 287 149 
+215 80 151 302 182 297 217 133 253 93 97 248 173 9 183 122 177 194 108 279 30 
+99 163 296 265 270 235 44 8 82 204 49 294 212 202 89 129 57 126 7 85 299 132 
+256 154 180 210 115 21 304 108 141 51 209 14 103 176 242 245 295 302 10 318 6 
+305 60 4 69 258 69 303 145 202 134 171 277 115 297 262 209 152 82 66 70 83 29 9 
+67 67 22 301 47 58 89 267 2 16 190 278 33 160 246 258 241 282 35 64 6 260 18 
+105 80 289 247 38 125 55 292 ^
+<D
+
+H>SHS Type 3 Strings<H
+D>
+45 0 14 5 3 1 4 16 12 20 1 6 15 11 18 4 17 16 6 10 3 2 9 9 14 6 2 8 6 7 10 17 
+12 20 6 7 5 16 1 4 2 17 10 15 8 20 1 ^
+<D
diff --git a/src/lib/libssl/test/tcrl b/src/lib/libssl/test/tcrl
new file mode 100644
index 0000000000..3ffed12a03
--- /dev/null
+++ b/src/lib/libssl/test/tcrl
@@ -0,0 +1,85 @@
+#!/bin/sh
+
+if test "$OSTYPE" = msdosdjgpp; then
+    PATH=../apps\;$PATH
+else
+    PATH=../apps:$PATH
+fi
+export PATH
+
+cmd='../util/shlib_wrap.sh ../apps/openssl crl'
+
+if [ "$1"x != "x" ]; then
+        t=$1
+else
+        t=testcrl.pem
+fi
+
+echo testing crl conversions
+cp $t fff.p
+
+echo "p -> d"
+$cmd -in fff.p -inform p -outform d >f.d
+if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in fff.p -inform p -outform t >f.t
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in fff.p -inform p -outform p >f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in f.d -inform d -outform d >ff.d1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> d"
+#$cmd -in f.t -inform t -outform d >ff.d2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in f.p -inform p -outform d >ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+#echo "d -> t"
+#$cmd -in f.d -inform d -outform t >ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#echo "t -> t"
+#$cmd -in f.t -inform t -outform t >ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in f.p -inform p -outform t >ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in f.d -inform d -outform p >ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> p"
+#$cmd -in f.t -inform t -outform p >ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in f.p -inform p -outform p >ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp fff.p f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp fff.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+#cmp f.t ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+cmp f.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp f.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f f.* ff.* fff.*
+exit 0
diff --git a/src/lib/libssl/test/test.cnf b/src/lib/libssl/test/test.cnf
new file mode 100644
index 0000000000..faad3914a8
--- /dev/null
+++ b/src/lib/libssl/test/test.cnf
@@ -0,0 +1,88 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE                = ./.rnd
+
+####################################################################
+[ ca ]
+default_ca      = CA_default            # The default ca section
+
+####################################################################
+[ CA_default ]
+
+dir             = ./demoCA              # Where everything is kept
+certs           = $dir/certs            # Where the issued certs are kept
+crl_dir         = $dir/crl              # Where the issued crl are kept
+database        = $dir/index.txt        # database index file.
+new_certs_dir   = $dir/new_certs        # default place for new certs.
+
+certificate     = $dir/CAcert.pem       # The CA certificate
+serial          = $dir/serial           # The current serial number
+crl             = $dir/crl.pem          # The current CRL
+private_key     = $dir/private/CAkey.pem# The private key
+RANDFILE        = $dir/private/.rand    # private random number file
+
+default_days    = 365                   # how long to certify for
+default_crl_days= 30                    # how long before next CRL
+default_md      = md5                   # which md to use.
+
+# A few difference way of specifying how similar the request should look
+# For type CA, the listed attributes must be the same, and the optional
+# and supplied fields are just that :-)
+policy          = policy_match
+
+# For the CA policy
+[ policy_match ]
+countryName             = match
+stateOrProvinceName     = match
+organizationName        = match
+organizationalUnitName  = optional
+commonName              = supplied
+emailAddress            = optional
+
+# For the 'anything' policy
+# At this point in time, you must list all acceptable 'object'
+# types.
+[ policy_anything ]
+countryName             = optional
+stateOrProvinceName     = optional
+localityName            = optional
+organizationName        = optional
+organizationalUnitName  = optional
+commonName              = supplied
+emailAddress            = optional
+
+####################################################################
+[ req ]
+default_bits            = 512
+default_keyfile         = testkey.pem
+distinguished_name      = req_distinguished_name
+encrypt_rsa_key         = no
+
+[ req_distinguished_name ]
+countryName                     = Country Name (2 letter code)
+countryName_default             = AU
+countryName_value               = AU
+
+stateOrProvinceName             = State or Province Name (full name)
+stateOrProvinceName_default     = Queensland
+stateOrProvinceName_value       =
+
+localityName                    = Locality Name (eg, city)
+localityName_value              = Brisbane
+
+organizationName                = Organization Name (eg, company)
+organizationName_default        = 
+organizationName_value          = CryptSoft Pty Ltd
+
+organizationalUnitName          = Organizational Unit Name (eg, section)
+organizationalUnitName_default  =
+organizationalUnitName_value    = .
+
+commonName                      = Common Name (eg, YOUR name)
+commonName_value                = Eric Young
+
+emailAddress                    = Email Address
+emailAddress_value              = eay@mincom.oz.au
diff --git a/src/lib/libssl/test/testca b/src/lib/libssl/test/testca
new file mode 100644
index 0000000000..5b2faa78f1
--- /dev/null
+++ b/src/lib/libssl/test/testca
@@ -0,0 +1,51 @@
+#!/bin/sh
+
+SH="/bin/sh"
+if test "$OSTYPE" = msdosdjgpp; then
+    PATH=./apps\;../apps\;$PATH
+else
+    PATH=../apps:$PATH
+fi
+export SH PATH
+
+SSLEAY_CONFIG="-config CAss.cnf"
+export SSLEAY_CONFIG
+
+OPENSSL="`pwd`/../util/shlib_wrap.sh openssl"
+export OPENSSL
+
+/bin/rm -fr demoCA
+$SH ../apps/CA.sh -newca <<EOF
+EOF
+
+if [ $? != 0 ]; then
+        exit 1;
+fi
+
+SSLEAY_CONFIG="-config Uss.cnf"
+export SSLEAY_CONFIG
+$SH ../apps/CA.sh -newreq
+if [ $? != 0 ]; then
+        exit 1;
+fi
+
+
+SSLEAY_CONFIG="-config ../apps/openssl.cnf"
+export SSLEAY_CONFIG
+$SH ../apps/CA.sh -sign  <<EOF
+y
+y
+EOF
+if [ $? != 0 ]; then
+        exit 1;
+fi
+
+
+$SH ../apps/CA.sh -verify newcert.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+
+/bin/rm -fr demoCA newcert.pem newreq.pem
+#usage: CA -newcert|-newreq|-newca|-sign|-verify
+
diff --git a/src/lib/libssl/test/testcrl.pem b/src/lib/libssl/test/testcrl.pem
new file mode 100644
index 0000000000..0989788354
--- /dev/null
+++ b/src/lib/libssl/test/testcrl.pem
@@ -0,0 +1,16 @@
+-----BEGIN X509 CRL-----
+MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT
+F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw
+MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw
+MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw
+MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw
+MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw
+MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw
+MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw
+NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw
+NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF
+AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ
+wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt
+JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v
+-----END X509 CRL-----
diff --git a/src/lib/libssl/test/testenc b/src/lib/libssl/test/testenc
new file mode 100644
index 0000000000..4571ea2875
--- /dev/null
+++ b/src/lib/libssl/test/testenc
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+testsrc=Makefile
+test=./p
+cmd="../util/shlib_wrap.sh ../apps/openssl"
+
+cat $testsrc >$test;
+
+echo cat
+$cmd enc -non-fips-allow < $test > $test.cipher
+$cmd enc -non-fips-allow < $test.cipher >$test.clear
+cmp $test $test.clear
+if [ $? != 0 ]
+then
+        exit 1
+else
+        /bin/rm $test.cipher $test.clear
+fi
+echo base64
+$cmd enc -non-fips-allow -a -e < $test > $test.cipher
+$cmd enc -non-fips-allow -a -d < $test.cipher >$test.clear
+cmp $test $test.clear
+if [ $? != 0 ]
+then
+        exit 1
+else
+        /bin/rm $test.cipher $test.clear
+fi
+
+for i in `$cmd list-cipher-commands`
+do
+        echo $i
+        $cmd $i -non-fips-allow -bufsize 113 -e -k test < $test > $test.$i.cipher
+        $cmd $i -non-fips-allow -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
+        cmp $test $test.$i.clear
+        if [ $? != 0 ]
+        then
+                exit 1
+        else
+                /bin/rm $test.$i.cipher $test.$i.clear
+        fi
+
+        echo $i base64
+        $cmd $i -non-fips-allow -bufsize 113 -a -e -k test < $test > $test.$i.cipher
+        $cmd $i -non-fips-allow -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
+        cmp $test $test.$i.clear
+        if [ $? != 0 ]
+        then
+                exit 1
+        else
+                /bin/rm $test.$i.cipher $test.$i.clear
+        fi
+done
+rm -f $test
diff --git a/src/lib/libssl/test/testgen b/src/lib/libssl/test/testgen
new file mode 100644
index 0000000000..524c0d134c
--- /dev/null
+++ b/src/lib/libssl/test/testgen
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+T=testcert
+KEY=512
+CA=../certs/testca.pem
+
+/bin/rm -f $T.1 $T.2 $T.key
+
+if test "$OSTYPE" = msdosdjgpp; then
+    PATH=../apps\;$PATH;
+else
+    PATH=../apps:$PATH;
+fi
+export PATH
+
+echo "generating certificate request"
+
+echo "string to make the random number generator think it has entropy" >> ./.rnd
+
+if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
+  req_new='-newkey dsa:../apps/dsa512.pem'
+else
+  req_new='-new'
+  echo "There should be a 2 sequences of .'s and some +'s."
+  echo "There should not be more that at most 80 per line"
+fi
+
+echo "This could take some time."
+
+rm -f testkey.pem testreq.pem
+
+../util/shlib_wrap.sh ../apps/openssl req -config test.cnf $req_new -out testreq.pem
+if [ $? != 0 ]; then
+echo problems creating request
+exit 1
+fi
+
+../util/shlib_wrap.sh ../apps/openssl req -config test.cnf -verify -in testreq.pem -noout
+if [ $? != 0 ]; then
+echo signature on req is wrong
+exit 1
+fi
+
+exit 0
diff --git a/src/lib/libssl/test/testp7.pem b/src/lib/libssl/test/testp7.pem
new file mode 100644
index 0000000000..e5b7866c31
--- /dev/null
+++ b/src/lib/libssl/test/testp7.pem
@@ -0,0 +1,46 @@
+-----BEGIN PKCS7-----
+MIIIGAYJKoZIhvcNAQcCoIIICTCCCAUCAQExADALBgkqhkiG9w0BBwGgggY8MIIE
+cjCCBBygAwIBAgIQeS+OJfWJUZAx6cX0eAiMjzANBgkqhkiG9w0BAQQFADBiMREw
+DwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNV
+BAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIw
+HhcNOTYwNzE5MDAwMDAwWhcNOTcwMzMwMjM1OTU5WjCB1TERMA8GA1UEBxMISW50
+ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2ln
+biBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMSgwJgYDVQQLEx9E
+aWdpdGFsIElEIENsYXNzIDEgLSBTTUlNRSBUZXN0MUcwRQYDVQQLEz53d3cudmVy
+aXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMCBJbmMuIGJ5IFJlZi4sTElBQi5M
+VEQoYyk5NjBbMA0GCSqGSIb3DQEBAQUAA0oAMEcCQA7LvHEIAiQ5+4gDYvJGnGAq
+UM5GXyG11diEXmIEZTHUZhorooX5sr8IIjSXiPY59YYUFSvAaharFM1xaBN8zNEC
+AwEAAaOCAjkwggI1MAkGA1UdEwQCMAAwggImBgNVHQMEggIdMIICGTCCAhUwggIR
+BgtghkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0
+ZXMgYnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0
+IHRvLCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1l
+bnQgKENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
+L0NQUy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29t
+OyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4s
+IE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04
+ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0
+cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJ
+QUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQEC
+MC8wLRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEu
+AzANBgkqhkiG9w0BAQQFAANBAMCYDuSb/eIlYSxY31nZZTaCZkCSfHjlacMofExr
+cF+A2yHoEuT+eCQkqM0pMNHXddUeoQ9RjV+VuMBNmm63DUYwggHCMIIBbKADAgEC
+AhB8CYTq1bkRFJBYOd67cp9JMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
+MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
+QTAeFw05NjA3MTcwMDAwMDBaFw05NzA3MTcyMzU5NTlaMGIxETAPBgNVBAcTCElu
+dGVybmV0MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNp
+Z24gQ2xhc3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjBcMA0GCSqGSIb3
+DQEBAQUAA0sAMEgCQQDsVzrNgnDhbAJZrWeLd9g1vMZJA2W67D33TTbga6yMt+ES
+TWEywhS6RNP+fzLGg7utinjH4tL60cXa0G27GDsLAgMBAAGjIjAgMAsGA1UdDwQE
+AwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADQQAUp6bRwkaD
+2d1MBs/mjUcgTI2fXVmW8tTm/Ud6OzUwpC3vYgybiOOA4f6mOC5dbyUHrLOsrihU
+47ZQ0Jo1DUfboYIBrTCBwTBtMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
+MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
+QRcNOTYwNzE3MTc0NDA5WhcNOTgwNzE3MDAwMDAwWjANBgkqhkiG9w0BAQIFAANB
+AHitA0/xAukCjHzeh1AMT/l2oC68N+yFb+aJPHBBMxc6gG2MaKjBNwb5hcXUllMl
+ExONA3ju10f7owIq3s3wx10wgeYwgZEwDQYJKoZIhvcNAQECBQAwYjERMA8GA1UE
+BxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytW
+ZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyFw05NjA3
+MTcxNzU5MjlaFw05NzA3MTgwMDAwMDBaMA0GCSqGSIb3DQEBAgUAA0EAubVWYTsW
+sQmste9f+UgMw8BkjDlM25fwQLrCfmmnLxjewey10kSROypUaJLb+r4oRALc0fG9
+XfZsaiiIgotQHjEA
+-----END PKCS7-----
diff --git a/src/lib/libssl/test/testreq2.pem b/src/lib/libssl/test/testreq2.pem
new file mode 100644
index 0000000000..c3cdcffcbc
--- /dev/null
+++ b/src/lib/libssl/test/testreq2.pem
@@ -0,0 +1,7 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIHaMIGFAgEAMA4xDDAKBgNVBAMTA2NuNDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC
+QQCQsnkyUGDY2R3mYoeTprFJKgWuJ3f1jUjlIuW5+wfAUoeMt35c4vcFZ2mIBpEG
+DtzkNQN1kr2O9ldm9zYnYhyhAgMBAAGgEjAQBgorBgEEAYI3AgEOMQIwADANBgkq
+hkiG9w0BAQQFAANBAAb2szZgVIxg3vK6kYLjGSBISyuzcXJ6IvuPW6M+yzi1Qgoi
+gQhazHTJp91T8ItZEzUJGZSZl2e5iXlnffWB+/U=
+-----END CERTIFICATE REQUEST-----
diff --git a/src/lib/libssl/test/testrsa.pem b/src/lib/libssl/test/testrsa.pem
new file mode 100644
index 0000000000..aad21067a8
--- /dev/null
+++ b/src/lib/libssl/test/testrsa.pem
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAKrbeqkuRk8VcRmWFmtP+LviMB3+6dizWW3DwaffznyHGAFwUJ/I
+Tv0XtbsCyl3QoyKGhrOAy3RvPK5M38iuXT0CAwEAAQJAZ3cnzaHXM/bxGaR5CR1R
+rD1qFBAVfoQFiOH9uPJgMaoAuoQEisPHVcZDKcOv4wEg6/TInAIXBnEigtqvRzuy
+oQIhAPcgZzUq3yVooAaoov8UbXPxqHlwo6GBMqnv20xzkf6ZAiEAsP4BnIaQTM8S
+mvcpHZwQJdmdHHkGKAs37Dfxi67HbkUCIQCeZGliHXFa071Fp06ZeWlR2ADonTZz
+rJBhdTe0v5pCeQIhAIZfkiGgGBX4cIuuckzEm43g9WMUjxP/0GlK39vIyihxAiEA
+mymehFRT0MvqW5xAKAx7Pgkt8HVKwVhc2LwGKHE0DZM=
+-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/test/testsid.pem b/src/lib/libssl/test/testsid.pem
new file mode 100644
index 0000000000..7ffd008f66
--- /dev/null
+++ b/src/lib/libssl/test/testsid.pem
@@ -0,0 +1,12 @@
+-----BEGIN SSL SESSION PARAMETERS-----
+MIIB1gIBAQIBAgQDAQCABBCi11xa5qkOP8xrr02K/NQCBBBkIYQZM0Bt95W0EHNV
+bA58oQYCBDIBr7WiBAICASyjggGGMIIBgjCCASwCAQMwDQYJKoZIhvcNAQEEBQAw
+ODELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3Jz
+YSB0ZXN0IENBMB4XDTk1MTAwOTIzMzEzNFoXDTk4MDcwNTIzMzEzNFowYDELMAkG
+A1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRk
+LjELMAkGA1UECxMCQ1MxGzAZBgNVBAMTElNTTGVheSBkZW1vIGNsaWVudDBcMA0G
+CSqGSIb3DQEBAQUAA0sAMEgCQQC4pcXEL1lgVA+B5Q3TcuW/O3LZHoA73IYm8oFD
+TezgCDhL2RTMn+seKWF36UtJKRIOBU9jZHCVVd0Me5ls6BEjAgMBAAEwDQYJKoZI
+hvcNAQEEBQADQQBoIpOcwUY1qlVF7j3ROSGvUsbvByOBFmYWkIBgsCqR+9qo1A7L
+CrWF5i8LWt/vLwAHaxWNx2YuBJMFyuK81fTvpA0EC3Rlc3Rjb250ZXh0
+-----END SSL SESSION PARAMETERS-----
diff --git a/src/lib/libssl/test/testss b/src/lib/libssl/test/testss
new file mode 100644
index 0000000000..1a426857d3
--- /dev/null
+++ b/src/lib/libssl/test/testss
@@ -0,0 +1,163 @@
+#!/bin/sh
+
+digest='-sha1'
+reqcmd="../util/shlib_wrap.sh ../apps/openssl req"
+x509cmd="../util/shlib_wrap.sh ../apps/openssl x509 $digest"
+verifycmd="../util/shlib_wrap.sh ../apps/openssl verify"
+dummycnf="../apps/openssl.cnf"
+
+CAkey="keyCA.ss"
+CAcert="certCA.ss"
+CAreq="reqCA.ss"
+CAconf="CAss.cnf"
+CAreq2="req2CA.ss"      # temp
+
+Uconf="Uss.cnf"
+Ukey="keyU.ss"
+Ureq="reqU.ss"
+Ucert="certU.ss"
+
+P1conf="P1ss.cnf"
+P1key="keyP1.ss"
+P1req="reqP1.ss"
+P1cert="certP1.ss"
+P1intermediate="tmp_intP1.ss"
+
+P2conf="P2ss.cnf"
+P2key="keyP2.ss"
+P2req="reqP2.ss"
+P2cert="certP2.ss"
+P2intermediate="tmp_intP2.ss"
+
+echo
+echo "make a certificate request using 'req'"
+
+echo "string to make the random number generator think it has entropy" >> ./.rnd
+
+if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
+  req_new='-newkey dsa:../apps/dsa512.pem'
+else
+  req_new='-new'
+fi
+
+$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new #>err.ss
+if [ $? != 0 ]; then
+        echo "error using 'req' to generate a certificate request"
+        exit 1
+fi
+echo
+echo "convert the certificate request into a self signed certificate using 'x509'"
+$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca >err.ss
+if [ $? != 0 ]; then
+        echo "error using 'x509' to self sign a certificate request"
+        exit 1
+fi
+
+echo
+echo "convert a certificate into a certificate request using 'x509'"
+$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss
+if [ $? != 0 ]; then
+        echo "error using 'x509' convert a certificate to a certificate request"
+        exit 1
+fi
+
+$reqcmd -config $dummycnf -verify -in $CAreq -noout
+if [ $? != 0 ]; then
+        echo first generated request is invalid
+        exit 1
+fi
+
+$reqcmd -config $dummycnf -verify -in $CAreq2 -noout
+if [ $? != 0 ]; then
+        echo second generated request is invalid
+        exit 1
+fi
+
+$verifycmd -CAfile $CAcert $CAcert
+if [ $? != 0 ]; then
+        echo first generated cert is invalid
+        exit 1
+fi
+
+echo
+echo "make a user certificate request using 'req'"
+$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new >err.ss
+if [ $? != 0 ]; then
+        echo "error using 'req' to generate a user certificate request"
+        exit 1
+fi
+
+echo
+echo "sign user certificate request with the just created CA via 'x509'"
+$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee >err.ss
+if [ $? != 0 ]; then
+        echo "error using 'x509' to sign a user certificate request"
+        exit 1
+fi
+
+$verifycmd -CAfile $CAcert $Ucert
+echo
+echo "Certificate details"
+$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert
+
+echo
+echo "make a proxy certificate request using 'req'"
+$reqcmd -config $P1conf -out $P1req -keyout $P1key $req_new >err.ss
+if [ $? != 0 ]; then
+        echo "error using 'req' to generate a proxy certificate request"
+        exit 1
+fi
+
+echo
+echo "sign proxy certificate request with the just created user certificate via 'x509'"
+$x509cmd -CAcreateserial -in $P1req -days 30 -req -out $P1cert -CA $Ucert -CAkey $Ukey -extfile $P1conf -extensions v3_proxy >err.ss
+if [ $? != 0 ]; then
+        echo "error using 'x509' to sign a proxy certificate request"
+        exit 1
+fi
+
+cat $Ucert > $P1intermediate
+$verifycmd -CAfile $CAcert -untrusted $P1intermediate $P1cert
+echo
+echo "Certificate details"
+$x509cmd -subject -issuer -startdate -enddate -noout -in $P1cert
+
+echo
+echo "make another proxy certificate request using 'req'"
+$reqcmd -config $P2conf -out $P2req -keyout $P2key $req_new >err.ss
+if [ $? != 0 ]; then
+        echo "error using 'req' to generate another proxy certificate request"
+        exit 1
+fi
+
+echo
+echo "sign second proxy certificate request with the first proxy certificate via 'x509'"
+$x509cmd -CAcreateserial -in $P2req -days 30 -req -out $P2cert -CA $P1cert -CAkey $P1key -extfile $P2conf -extensions v3_proxy >err.ss
+if [ $? != 0 ]; then
+        echo "error using 'x509' to sign a second proxy certificate request"
+        exit 1
+fi
+
+cat $Ucert $P1cert > $P2intermediate
+$verifycmd -CAfile $CAcert -untrusted $P2intermediate $P2cert
+echo
+echo "Certificate details"
+$x509cmd -subject -issuer -startdate -enddate -noout -in $P2cert
+
+echo
+echo The generated CA certificate is $CAcert
+echo The generated CA private key is $CAkey
+
+echo The generated user certificate is $Ucert
+echo The generated user private key is $Ukey
+
+echo The first generated proxy certificate is $P1cert
+echo The first generated proxy private key is $P1key
+
+echo The second generated proxy certificate is $P2cert
+echo The second generated proxy private key is $P2key
+
+/bin/rm err.ss
+#/bin/rm $P1intermediate
+#/bin/rm $P2intermediate
+exit 0
diff --git a/src/lib/libssl/test/testssl b/src/lib/libssl/test/testssl
new file mode 100644
index 0000000000..8ac90ae5ee
--- /dev/null
+++ b/src/lib/libssl/test/testssl
@@ -0,0 +1,145 @@
+#!/bin/sh
+
+if [ "$1" = "" ]; then
+  key=../apps/server.pem
+else
+  key="$1"
+fi
+if [ "$2" = "" ]; then
+  cert=../apps/server.pem
+else
+  cert="$2"
+fi
+ssltest="../util/shlib_wrap.sh ./ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
+
+if ../util/shlib_wrap.sh ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
+  dsa_cert=YES
+else
+  dsa_cert=NO
+fi
+
+if [ "$3" = "" ]; then
+  CA="-CApath ../certs"
+else
+  CA="-CAfile $3"
+fi
+
+if [ "$4" = "" ]; then
+  extra=""
+else
+  extra="$4"
+fi
+
+#############################################################################
+
+echo test sslv2
+$ssltest -ssl2 $extra || exit 1
+
+echo test sslv2 with server authentication
+$ssltest -ssl2 -server_auth $CA $extra || exit 1
+
+if [ $dsa_cert = NO ]; then
+  echo test sslv2 with client authentication
+  $ssltest -ssl2 -client_auth $CA $extra || exit 1
+
+  echo test sslv2 with both client and server authentication
+  $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1
+fi
+
+echo test sslv3
+$ssltest -ssl3 $extra || exit 1
+
+echo test sslv3 with server authentication
+$ssltest -ssl3 -server_auth $CA $extra || exit 1
+
+echo test sslv3 with client authentication
+$ssltest -ssl3 -client_auth $CA $extra || exit 1
+
+echo test sslv3 with both client and server authentication
+$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3
+$ssltest $extra || exit 1
+
+echo test sslv2/sslv3 with server authentication
+$ssltest -server_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3 with client authentication
+$ssltest -client_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3 with both client and server authentication
+$ssltest -server_auth -client_auth $CA $extra || exit 1
+
+echo test sslv2 via BIO pair
+$ssltest -bio_pair -ssl2 $extra || exit 1
+
+echo test sslv2 with server authentication via BIO pair
+$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1
+
+if [ $dsa_cert = NO ]; then
+  echo test sslv2 with client authentication via BIO pair
+  $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1
+
+  echo test sslv2 with both client and server authentication via BIO pair
+  $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1
+fi
+
+echo test sslv3 via BIO pair
+$ssltest -bio_pair -ssl3 $extra || exit 1
+
+echo test sslv3 with server authentication via BIO pair
+$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1
+
+echo test sslv3 with client authentication via BIO pair
+$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1
+
+echo test sslv3 with both client and server authentication via BIO pair
+$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3 via BIO pair
+$ssltest $extra || exit 1
+
+if [ $dsa_cert = NO ]; then
+  echo test sslv2/sslv3 w/o DHE via BIO pair
+  $ssltest -bio_pair -no_dhe $extra || exit 1
+fi
+
+echo test sslv2/sslv3 with 1024bit DHE via BIO pair
+$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
+
+echo test sslv2/sslv3 with server authentication
+$ssltest -bio_pair -server_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3 with client authentication via BIO pair
+$ssltest -bio_pair -client_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3 with both client and server authentication via BIO pair
+$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
+$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
+
+#############################################################################
+
+if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
+  echo skipping anonymous DH tests
+else
+  echo test tls1 with 1024bit anonymous DH, multiple handshakes
+  $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
+fi
+
+if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
+  echo skipping RSA tests
+else
+  echo test tls1 with 1024bit RSA, no DHE, multiple handshakes
+  ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1
+
+  if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
+    echo skipping RSA+DHE tests
+  else
+    echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
+    ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
+  fi
+fi
+
+exit 0
diff --git a/src/lib/libssl/test/testsslproxy b/src/lib/libssl/test/testsslproxy
new file mode 100644
index 0000000000..58bbda8ab7
--- /dev/null
+++ b/src/lib/libssl/test/testsslproxy
@@ -0,0 +1,10 @@
+#! /bin/sh
+
+echo 'Testing a lot of proxy conditions.'
+echo 'Some of them may turn out being invalid, which is fine.'
+for auth in A B C BC; do
+    for cond in A B C 'A|B&!C'; do
+        sh ./testssl $1 $2 $3 "-proxy -proxy_auth $auth -proxy_cond $cond"
+        if [ $? = 3 ]; then exit 1; fi
+    done
+done
diff --git a/src/lib/libssl/test/testx509.pem b/src/lib/libssl/test/testx509.pem
new file mode 100644
index 0000000000..8a85d14964
--- /dev/null
+++ b/src/lib/libssl/test/testx509.pem
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
+BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz
+MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
+RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF
+AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO
+/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE
+Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ
+zl9HYIMxATFyqSiD9jsx
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/test/times b/src/lib/libssl/test/times
new file mode 100644
index 0000000000..738d569b8f
--- /dev/null
+++ b/src/lib/libssl/test/times
@@ -0,0 +1,113 @@
+
+More number for the questions about SSL overheads....
+
+The following numbers were generated on a pentium pro 200, running linux.
+They give an indication of the SSL protocol and encryption overheads.
+
+The program that generated them is an unreleased version of ssl/ssltest.c
+which is the SSLeay ssl protocol testing program.  It is a single process that
+talks both sides of the SSL protocol via a non-blocking memory buffer
+interface.
+
+How do I read this?  The protocol and cipher are reasonable obvious.
+The next number is the number of connections being made.  The next is the
+number of bytes exchanged bewteen the client and server side of the protocol.
+This is the number of bytes that the client sends to the server, and then
+the server sends back.  Because this is all happening in one process,
+the data is being encrypted, decrypted, encrypted and then decrypted again.
+It is a round trip of that many bytes.  Because the one process performs
+both the client and server sides of the protocol and it sends this many bytes
+each direction, multiply this number by 4 to generate the number
+of bytes encrypted/decrypted/MACed.  The first time value is how many seconds
+elapsed doing a full SSL handshake, the second is the cost of one
+full handshake and the rest being session-id reuse.
+
+SSLv2 RC4-MD5      1000 x      1   12.83s   0.70s
+SSLv3 NULL-MD5     1000 x      1   14.35s   1.47s
+SSLv3 RC4-MD5      1000 x      1   14.46s   1.56s
+SSLv3 RC4-MD5      1000 x      1   51.93s   1.62s 1024bit RSA
+SSLv3 RC4-SHA      1000 x      1   14.61s   1.83s
+SSLv3 DES-CBC-SHA  1000 x      1   14.70s   1.89s
+SSLv3 DES-CBC3-SHA 1000 x      1   15.16s   2.16s
+
+SSLv2 RC4-MD5      1000 x   1024   13.72s   1.27s
+SSLv3 NULL-MD5     1000 x   1024   14.79s   1.92s
+SSLv3 RC4-MD5      1000 x   1024   52.58s   2.29s 1024bit RSA
+SSLv3 RC4-SHA      1000 x   1024   15.39s   2.67s
+SSLv3 DES-CBC-SHA  1000 x   1024   16.45s   3.55s
+SSLv3 DES-CBC3-SHA 1000 x   1024   18.21s   5.38s
+
+SSLv2 RC4-MD5      1000 x  10240   18.97s   6.52s
+SSLv3 NULL-MD5     1000 x  10240   17.79s   5.11s
+SSLv3 RC4-MD5      1000 x  10240   20.25s   7.90s
+SSLv3 RC4-MD5      1000 x  10240   58.26s   8.08s 1024bit RSA
+SSLv3 RC4-SHA      1000 x  10240   22.96s  11.44s
+SSLv3 DES-CBC-SHA  1000 x  10240   30.65s  18.41s
+SSLv3 DES-CBC3-SHA 1000 x  10240   47.04s  34.53s
+
+SSLv2 RC4-MD5      1000 x 102400   70.22s  57.74s
+SSLv3 NULL-MD5     1000 x 102400   43.73s  31.03s
+SSLv3 RC4-MD5      1000 x 102400   71.32s  58.83s
+SSLv3 RC4-MD5      1000 x 102400  109.66s  59.20s 1024bit RSA
+SSLv3 RC4-SHA      1000 x 102400   95.88s  82.21s
+SSLv3 DES-CBC-SHA  1000 x 102400  173.22s 160.55s
+SSLv3 DES-CBC3-SHA 1000 x 102400  336.61s 323.82s
+
+What does this all mean?  Well for a server, with no session-id reuse, with
+a transfer size of 10240 bytes, using RC4-MD5 and a 512bit server key,
+a pentium pro 200 running linux can handle the SSLv3 protocol overheads of
+about 49 connections a second.  Reality will be quite different :-).
+
+Remeber the first number is 1000 full ssl handshakes, the second is
+1 full and 999 with session-id reuse.  The RSA overheads for each exchange
+would be one public and one private operation, but the protocol/MAC/cipher
+cost would be quite similar in both the client and server.
+
+eric (adding numbers to speculation)
+
+--- Appendix ---
+- The time measured is user time but these number a very rough.
+- Remember this is the cost of both client and server sides of the protocol.
+- The TCP/kernel overhead of connection establishment is normally the
+  killer in SSL.  Often delays in the TCP protocol will make session-id
+  reuse look slower that new sessions, but this would not be the case on
+  a loaded server.
+- The TCP round trip latencies, while slowing indervidual connections,
+  would have minimal impact on throughput.
+- Instead of sending one 102400 byte buffer, one 8k buffer is sent until
+- the required number of bytes are processed.
+- The SSLv3 connections were actually SSLv2 compatable SSLv3 headers.
+- A 512bit server key was being used except where noted.
+- No server key verification was being performed on the client side of the
+  protocol.  This would slow things down very little.
+- The library being used is SSLeay 0.8.x.
+- The normal mesauring system was commands of the form
+  time ./ssltest -num 1000 -bytes 102400 -cipher DES-CBC-SHA -reuse
+  This modified version of ssltest should be in the next public release of
+  SSLeay.
+
+The general cipher performace number for this platform are
+
+SSLeay 0.8.2a 04-Sep-1997
+built on Fri Sep  5 17:37:05 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
+C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized 
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2               131.02k      368.41k      500.57k      549.21k      566.09k
+mdc2              535.60k      589.10k      595.88k      595.97k      594.54k
+md5              1801.53k     9674.77k    17484.03k    21849.43k    23592.96k
+sha              1261.63k     5533.25k     9285.63k    11187.88k    11913.90k
+sha1             1103.13k     4782.53k     7933.78k     9472.34k    10070.70k
+rc4             10722.53k    14443.93k    15215.79k    15299.24k    15219.59k
+des cbc          3286.57k     3827.73k     3913.39k     3931.82k     3926.70k
+des ede3         1443.50k     1549.08k     1561.17k     1566.38k     1564.67k
+idea cbc         2203.64k     2508.16k     2538.33k     2543.62k     2547.71k
+rc2 cbc          1430.94k     1511.59k     1524.82k     1527.13k     1523.33k
+blowfish cbc     4716.07k     5965.82k     6190.17k     6243.67k     6234.11k
+                  sign    verify
+rsa  512 bits   0.0100s   0.0011s
+rsa 1024 bits   0.0451s   0.0012s
+rsa 2048 bits   0.2605s   0.0086s
+rsa 4096 bits   1.6883s   0.0302s
+
diff --git a/src/lib/libssl/test/tpkcs7 b/src/lib/libssl/test/tpkcs7
new file mode 100644
index 0000000000..79bb6e0edf
--- /dev/null
+++ b/src/lib/libssl/test/tpkcs7
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+if test "$OSTYPE" = msdosdjgpp; then
+    PATH=../apps\;$PATH
+else
+    PATH=../apps:$PATH
+fi
+export PATH
+
+cmd='../util/shlib_wrap.sh ../apps/openssl pkcs7'
+
+if [ "$1"x != "x" ]; then
+        t=$1
+else
+        t=testp7.pem
+fi
+
+echo testing pkcs7 conversions
+cp $t fff.p
+
+echo "p -> d"
+$cmd -in fff.p -inform p -outform d >f.d
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in fff.p -inform p -outform p >f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in f.d -inform d -outform d >ff.d1
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in f.p -inform p -outform d >ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in f.d -inform d -outform p >ff.p1
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in f.p -inform p -outform p >ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp fff.p f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp f.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f f.* ff.* fff.*
+exit 0
diff --git a/src/lib/libssl/test/tpkcs7d b/src/lib/libssl/test/tpkcs7d
new file mode 100644
index 0000000000..20394b34c4
--- /dev/null
+++ b/src/lib/libssl/test/tpkcs7d
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+if test "$OSTYPE" = msdosdjgpp; then
+    PATH=../apps\;$PATH
+else
+    PATH=../apps:$PATH
+fi
+export PATH
+
+cmd='../util/shlib_wrap.sh ../apps/openssl pkcs7'
+
+if [ "$1"x != "x" ]; then
+        t=$1
+else
+        t=pkcs7-1.pem
+fi
+
+echo "testing pkcs7 conversions (2)"
+cp $t fff.p
+
+echo "p -> d"
+$cmd -in fff.p -inform p -outform d >f.d
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in fff.p -inform p -outform p >f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in f.d -inform d -outform d >ff.d1
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in f.p -inform p -outform d >ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in f.d -inform d -outform p >ff.p1
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in f.p -inform p -outform p >ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp f.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f f.* ff.* fff.*
+exit 0
diff --git a/src/lib/libssl/test/treq b/src/lib/libssl/test/treq
new file mode 100644
index 0000000000..7e020210a5
--- /dev/null
+++ b/src/lib/libssl/test/treq
@@ -0,0 +1,90 @@
+#!/bin/sh
+
+if test "$OSTYPE" = msdosdjgpp; then
+    PATH=../apps\;$PATH
+else
+    PATH=../apps:$PATH
+fi
+export PATH
+
+cmd='../util/shlib_wrap.sh ../apps/openssl req -config ../apps/openssl.cnf'
+
+if [ "$1"x != "x" ]; then
+        t=$1
+else
+        t=testreq.pem
+fi
+
+if $cmd -in $t -inform p -noout -text | fgrep 'Unknown Public Key'; then
+  echo "skipping req conversion test for $t"
+  exit 0
+fi
+
+echo testing req conversions
+cp $t fff.p
+
+echo "p -> d"
+$cmd -in fff.p -inform p -outform d >f.d
+if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in fff.p -inform p -outform t >f.t
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in fff.p -inform p -outform p >f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -verify -in f.d -inform d -outform d >ff.d1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> d"
+#$cmd -in f.t -inform t -outform d >ff.d2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -verify -in f.p -inform p -outform d >ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+#echo "d -> t"
+#$cmd -in f.d -inform d -outform t >ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#echo "t -> t"
+#$cmd -in f.t -inform t -outform t >ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in f.p -inform p -outform t >ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in f.d -inform d -outform p >ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> p"
+#$cmd -in f.t -inform t -outform p >ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in f.p -inform p -outform p >ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp fff.p f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp fff.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+#cmp f.t ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+cmp f.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp f.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f f.* ff.* fff.*
+exit 0
diff --git a/src/lib/libssl/test/trsa b/src/lib/libssl/test/trsa
new file mode 100644
index 0000000000..67b4a98841
--- /dev/null
+++ b/src/lib/libssl/test/trsa
@@ -0,0 +1,90 @@
+#!/bin/sh
+
+if test "$OSTYPE" = msdosdjgpp; then
+    PATH=../apps\;$PATH
+else
+    PATH=../apps:$PATH
+fi
+export PATH
+
+if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
+  echo skipping rsa conversion test
+  exit 0
+fi
+
+cmd='../util/shlib_wrap.sh ../apps/openssl rsa'
+
+if [ "$1"x != "x" ]; then
+        t=$1
+else
+        t=testrsa.pem
+fi
+
+echo testing rsa conversions
+cp $t fff.p
+
+echo "p -> d"
+$cmd -in fff.p -inform p -outform d >f.d
+if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in fff.p -inform p -outform t >f.t
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in fff.p -inform p -outform p >f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in f.d -inform d -outform d >ff.d1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> d"
+#$cmd -in f.t -inform t -outform d >ff.d2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in f.p -inform p -outform d >ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+#echo "d -> t"
+#$cmd -in f.d -inform d -outform t >ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#echo "t -> t"
+#$cmd -in f.t -inform t -outform t >ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in f.p -inform p -outform t >ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in f.d -inform d -outform p >ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> p"
+#$cmd -in f.t -inform t -outform p >ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in f.p -inform p -outform p >ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp fff.p f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp fff.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+#cmp f.t ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+cmp f.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp f.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f f.* ff.* fff.*
+exit 0
diff --git a/src/lib/libssl/test/tsid b/src/lib/libssl/test/tsid
new file mode 100644
index 0000000000..fb4a7213b9
--- /dev/null
+++ b/src/lib/libssl/test/tsid
@@ -0,0 +1,85 @@
+#!/bin/sh
+
+if test "$OSTYPE" = msdosdjgpp; then
+    PATH=../apps\;$PATH
+else
+    PATH=../apps:$PATH
+fi
+export PATH
+
+cmd='../util/shlib_wrap.sh ../apps/openssl sess_id'
+
+if [ "$1"x != "x" ]; then
+        t=$1
+else
+        t=testsid.pem
+fi
+
+echo testing session-id conversions
+cp $t fff.p
+
+echo "p -> d"
+$cmd -in fff.p -inform p -outform d >f.d
+if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in fff.p -inform p -outform t >f.t
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in fff.p -inform p -outform p >f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in f.d -inform d -outform d >ff.d1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> d"
+#$cmd -in f.t -inform t -outform d >ff.d2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in f.p -inform p -outform d >ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+#echo "d -> t"
+#$cmd -in f.d -inform d -outform t >ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#echo "t -> t"
+#$cmd -in f.t -inform t -outform t >ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in f.p -inform p -outform t >ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in f.d -inform d -outform p >ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> p"
+#$cmd -in f.t -inform t -outform p >ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in f.p -inform p -outform p >ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp fff.p f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp fff.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+#cmp f.t ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+cmp f.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp f.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f f.* ff.* fff.*
+exit 0
diff --git a/src/lib/libssl/test/tverify.com b/src/lib/libssl/test/tverify.com
index 021d701d79..2060184d1e 100644
--- a/src/lib/libssl/test/tverify.com
+++ b/src/lib/libssl/test/tverify.com
@@ -8,22 +8,22 @@ $	copy/concatenate [-.certs]*.pem certs.tmp
 $
 $       old_f :=
 $ loop_certs:
-$       verify := NO
-$       more := YES
+$       c := NO
 $       certs :=
 $ loop_certs2:
 $       f = f$search("[-.certs]*.pem")
 $       if f .nes. "" .and. f .nes. old_f
 $       then
 $           certs = certs + " [-.certs]" + f$parse(f,,,"NAME") + ".pem"
-$           verify := YES
+$           c := YES
 $           if f$length(certs) .lt. 180 then goto loop_certs2
-$       else
-$           more := NO
 $       endif
 $       certs = certs - " "
 $
-$       if verify then mcr 'exe_dir'openssl verify "-CAfile" certs.tmp 'certs'
-$       if more then goto loop_certs
+$       if c
+$       then
+$           mcr 'exe_dir'openssl verify "-CAfile" certs.tmp 'certs'
+$           goto loop_certs
+$       endif
 $
 $       delete certs.tmp;*
diff --git a/src/lib/libssl/test/tx509 b/src/lib/libssl/test/tx509
new file mode 100644
index 0000000000..1b9c8661f3
--- /dev/null
+++ b/src/lib/libssl/test/tx509
@@ -0,0 +1,85 @@
+#!/bin/sh
+
+if test "$OSTYPE" = msdosdjgpp; then
+    PATH=../apps\;$PATH
+else
+    PATH=../apps:$PATH
+fi
+export PATH
+
+cmd='../util/shlib_wrap.sh ../apps/openssl x509'
+
+if [ "$1"x != "x" ]; then
+        t=$1
+else
+        t=testx509.pem
+fi
+
+echo testing X509 conversions
+cp $t fff.p
+
+echo "p -> d"
+$cmd -in fff.p -inform p -outform d >f.d
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> n"
+$cmd -in fff.p -inform p -outform n >f.n
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in fff.p -inform p -outform p >f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in f.d -inform d -outform d >ff.d1
+if [ $? != 0 ]; then exit 1; fi
+echo "n -> d"
+$cmd -in f.n -inform n -outform d >ff.d2
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in f.p -inform p -outform d >ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> n"
+$cmd -in f.d -inform d -outform n >ff.n1
+if [ $? != 0 ]; then exit 1; fi
+echo "n -> n"
+$cmd -in f.n -inform n -outform n >ff.n2
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> n"
+$cmd -in f.p -inform p -outform n >ff.n3
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in f.d -inform d -outform p >ff.p1
+if [ $? != 0 ]; then exit 1; fi
+echo "n -> p"
+$cmd -in f.n -inform n -outform p >ff.p2
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in f.p -inform p -outform p >ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp fff.p f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p2
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp f.n ff.n1
+if [ $? != 0 ]; then exit 1; fi
+cmp f.n ff.n2
+if [ $? != 0 ]; then exit 1; fi
+cmp f.n ff.n3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp f.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p2
+if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f f.* ff.* fff.*
+exit 0
diff --git a/src/lib/libssl/test/v3-cert1.pem b/src/lib/libssl/test/v3-cert1.pem
new file mode 100644
index 0000000000..0da253d5c3
--- /dev/null
+++ b/src/lib/libssl/test/v3-cert1.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx
+NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz
+dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw
+ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
+ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2
+ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp
+miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C
+AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
+Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
+DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR
+MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB
+AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21
+X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3
+WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/test/v3-cert2.pem b/src/lib/libssl/test/v3-cert2.pem
new file mode 100644
index 0000000000..de0723ff8d
--- /dev/null
+++ b/src/lib/libssl/test/v3-cert2.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD
+YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0
+ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu
+dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1
+WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV
+BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx
+FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA
+6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT
+G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ
+YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm
+b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc
+F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz
+lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap
+jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU=
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h
new file mode 100644
index 0000000000..38838ea9a5
--- /dev/null
+++ b/src/lib/libssl/tls1.h
@@ -0,0 +1,195 @@
+/* ssl/tls1.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_TLS1_H 
+#define HEADER_TLS1_H 
+
+#include <openssl/buffer.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES    1
+
+#define TLS1_VERSION                    0x0301
+#define TLS1_VERSION_MAJOR              0x03
+#define TLS1_VERSION_MINOR              0x01
+
+#define TLS1_AD_DECRYPTION_FAILED       21
+#define TLS1_AD_RECORD_OVERFLOW         22
+#define TLS1_AD_UNKNOWN_CA              48      /* fatal */
+#define TLS1_AD_ACCESS_DENIED           49      /* fatal */
+#define TLS1_AD_DECODE_ERROR            50      /* fatal */
+#define TLS1_AD_DECRYPT_ERROR           51
+#define TLS1_AD_EXPORT_RESTRICTION      60      /* fatal */
+#define TLS1_AD_PROTOCOL_VERSION        70      /* fatal */
+#define TLS1_AD_INSUFFICIENT_SECURITY   71      /* fatal */
+#define TLS1_AD_INTERNAL_ERROR          80      /* fatal */
+#define TLS1_AD_USER_CANCELLED          90
+#define TLS1_AD_NO_RENEGOTIATION        100
+
+/* Additional TLS ciphersuites from draft-ietf-tls-56-bit-ciphersuites-00.txt
+ * (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see
+ * s3_lib.c).  We actually treat them like SSL 3.0 ciphers, which we probably
+ * shouldn't. */
+#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5          0x03000060
+#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5      0x03000061
+#define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA         0x03000062
+#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA     0x03000063
+#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA          0x03000064
+#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA      0x03000065
+#define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA                0x03000066
+
+/* AES ciphersuites from RFC3268 */
+
+#define TLS1_CK_RSA_WITH_AES_128_SHA                    0x0300002F
+#define TLS1_CK_DH_DSS_WITH_AES_128_SHA                 0x03000030
+#define TLS1_CK_DH_RSA_WITH_AES_128_SHA                 0x03000031
+#define TLS1_CK_DHE_DSS_WITH_AES_128_SHA                0x03000032
+#define TLS1_CK_DHE_RSA_WITH_AES_128_SHA                0x03000033
+#define TLS1_CK_ADH_WITH_AES_128_SHA                    0x03000034
+
+#define TLS1_CK_RSA_WITH_AES_256_SHA                    0x03000035
+#define TLS1_CK_DH_DSS_WITH_AES_256_SHA                 0x03000036
+#define TLS1_CK_DH_RSA_WITH_AES_256_SHA                 0x03000037
+#define TLS1_CK_DHE_DSS_WITH_AES_256_SHA                0x03000038
+#define TLS1_CK_DHE_RSA_WITH_AES_256_SHA                0x03000039
+#define TLS1_CK_ADH_WITH_AES_256_SHA                    0x0300003A
+
+/* XXX
+ * Inconsistency alert:
+ * The OpenSSL names of ciphers with ephemeral DH here include the string
+ * "DHE", while elsewhere it has always been "EDH".
+ * (The alias for the list of all such ciphers also is "EDH".)
+ * The specifications speak of "EDH"; maybe we should allow both forms
+ * for everything. */
+#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5         "EXP1024-RC4-MD5"
+#define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5     "EXP1024-RC2-CBC-MD5"
+#define TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA        "EXP1024-DES-CBC-SHA"
+#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA    "EXP1024-DHE-DSS-DES-CBC-SHA"
+#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA         "EXP1024-RC4-SHA"
+#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA     "EXP1024-DHE-DSS-RC4-SHA"
+#define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA               "DHE-DSS-RC4-SHA"
+
+/* AES ciphersuites from RFC3268 */
+#define TLS1_TXT_RSA_WITH_AES_128_SHA                   "AES128-SHA"
+#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA                "DH-DSS-AES128-SHA"
+#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA                "DH-RSA-AES128-SHA"
+#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA               "DHE-DSS-AES128-SHA"
+#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA               "DHE-RSA-AES128-SHA"
+#define TLS1_TXT_ADH_WITH_AES_128_SHA                   "ADH-AES128-SHA"
+
+#define TLS1_TXT_RSA_WITH_AES_256_SHA                   "AES256-SHA"
+#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA                "DH-DSS-AES256-SHA"
+#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA                "DH-RSA-AES256-SHA"
+#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA               "DHE-DSS-AES256-SHA"
+#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA               "DHE-RSA-AES256-SHA"
+#define TLS1_TXT_ADH_WITH_AES_256_SHA                   "ADH-AES256-SHA"
+
+
+#define TLS_CT_RSA_SIGN                 1
+#define TLS_CT_DSS_SIGN                 2
+#define TLS_CT_RSA_FIXED_DH             3
+#define TLS_CT_DSS_FIXED_DH             4
+#define TLS_CT_NUMBER                   4
+
+#define TLS1_FINISH_MAC_LENGTH          12
+
+#define TLS_MD_MAX_CONST_SIZE                   20
+#define TLS_MD_CLIENT_FINISH_CONST              "client finished"
+#define TLS_MD_CLIENT_FINISH_CONST_SIZE         15
+#define TLS_MD_SERVER_FINISH_CONST              "server finished"
+#define TLS_MD_SERVER_FINISH_CONST_SIZE         15
+#define TLS_MD_SERVER_WRITE_KEY_CONST           "server write key"
+#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE      16
+#define TLS_MD_KEY_EXPANSION_CONST              "key expansion"
+#define TLS_MD_KEY_EXPANSION_CONST_SIZE         13
+#define TLS_MD_CLIENT_WRITE_KEY_CONST           "client write key"
+#define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE      16
+#define TLS_MD_SERVER_WRITE_KEY_CONST           "server write key"
+#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE      16
+#define TLS_MD_IV_BLOCK_CONST                   "IV block"
+#define TLS_MD_IV_BLOCK_CONST_SIZE              8
+#define TLS_MD_MASTER_SECRET_CONST              "master secret"
+#define TLS_MD_MASTER_SECRET_CONST_SIZE         13
+
+#ifdef CHARSET_EBCDIC
+#undef TLS_MD_CLIENT_FINISH_CONST
+#define TLS_MD_CLIENT_FINISH_CONST    "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64"  /*client finished*/
+#undef TLS_MD_SERVER_FINISH_CONST
+#define TLS_MD_SERVER_FINISH_CONST    "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64"  /*server finished*/
+#undef TLS_MD_SERVER_WRITE_KEY_CONST
+#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"  /*server write key*/
+#undef TLS_MD_KEY_EXPANSION_CONST
+#define TLS_MD_KEY_EXPANSION_CONST    "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e"  /*key expansion*/
+#undef TLS_MD_CLIENT_WRITE_KEY_CONST
+#define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"  /*client write key*/
+#undef TLS_MD_SERVER_WRITE_KEY_CONST
+#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"  /*server write key*/
+#undef TLS_MD_IV_BLOCK_CONST
+#define TLS_MD_IV_BLOCK_CONST         "\x49\x56\x20\x62\x6c\x6f\x63\x6b"  /*IV block*/
+#undef TLS_MD_MASTER_SECRET_CONST
+#define TLS_MD_MASTER_SECRET_CONST    "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"  /*master secret*/
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/x509v3.cnf b/src/lib/libssl/x509v3.cnf
new file mode 100644
index 0000000000..e430088671
--- /dev/null
+++ b/src/lib/libssl/x509v3.cnf
@@ -0,0 +1,26 @@
+# default settings
+CERTPATHLEN             = 1
+CERTUSAGE               = digitalSignature,keyCertSign
+CERTIP                  = 0.0.0.0
+CERTFQDN                = nohost.nodomain
+
+# This section should be referenced when building an x509v3 CA
+# Certificate.
+# The default path length and the key usage can be overriden
+# modified by setting the CERTPATHLEN and CERTUSAGE environment 
+# variables.
+[x509v3_CA]
+basicConstraints=critical,CA:true,pathlen:$ENV::CERTPATHLEN
+keyUsage=$ENV::CERTUSAGE
+
+# This section should be referenced to add an IP Address
+# as an alternate subject name, needed by isakmpd
+# The address must be provided in the CERTIP environment variable
+[x509v3_IPAddr]
+subjectAltName=IP:$ENV::CERTIP
+
+# This section should be referenced to add a FQDN hostname
+# as an alternate subject name, needed by isakmpd
+# The address must be provided in the CERTFQDN environment variable
+[x509v3_FQDN]
+subjectAltName=DNS:$ENV::CERTFQDN